Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Vulnerabilities / Threats

8/24/2011
06:19 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

New ICSA Labs Certification For Broadband Home Routers Launched

Certified broadband home routers (BHRs) can offer consumers a higher level of security assurance

MECHANICSBURG, Pa. – Hackers are increasingly viewing home routers as a means of gaining access to sensitive personal data. To help combat this threat, ICSA Labs, an independent division of Verizon, is offering a new program under which manufacturers can have their broadband home routers certified.

The program, Managed Broadband Home Router Certification, evaluates a router’s effectiveness in identifying safe versus harmful data, and then in denying access to malicious data. Certified broadband home routers (BHRs), which are generally used to connect computers on a home network to the Internet, can offer consumers a higher level of security assurance. ICSA Labs awarded the first Managed Broadband Home Router Certification to Actiontec’s M1424WR family of wireless home routers, which includes MI424-WR Rev.E and MI424-WR Rev.F.

“While attacks targeted at routers are not a new threat, we are seeing an increase in attacks against broadband home routers,” said Brian Monkman, technology programs manager, ICSA Labs. “This threat is exacerbated by the fact that all too often, consumers assume that these products, which are designed to be configured quickly and easily, have the appropriate safeguards in place. Unfortunately, that is not always the case.”

“It is important that a broadband home router is secure – right out of its box,” said Brian Henrichs, chief business development officer at Actiontec. “Consumers receiving a router—such as an Actiontec managed router—from their service provider that has been tested and certified by ICSA Labs can be confident in the security of their router.” As BHRs are considered a type of firewall appliance, the router certification program will launch as part of ICSA Labs’ Network Firewall Program, which was established in 1995 and evaluates the effectiveness and security measures of network firewalls.

The certification program was developed under ICSA Labs’ ISO 9001/IEC 17025 accredited framework, which verifies the organization’s quality-management systems and technical competence.

Visit ICSA Labs’ Managed Broadband Home Router Certification page for more information or to submit a product for testing. Consumers interested in purchasing a certified BHR can visit ICSA Labs’ certified product page to determine whether the BHR is certified. About ICSA Labs

ICSA Labs, an independent division of Verizon, offers third-party testing and certification of security products and network-connected devices, such as printers and faxes, to measure product compliance, reliability and performance to many of the world’s top security vendors. Visit http://www.icsalabs.com and http://www.icsalabs.com/blogs for more information

About Verizon Verizon Communications Inc. (NYSE, NASDAQ:VZ), headquartered in New York, is a global leader in delivering broadband and other wireless and wireline communications services to consumer, business, government and wholesale customers. Verizon Wireless operates America's most reliable wireless network, with more than 106 million total connections nationwide. Verizon also provides converged communications, information and entertainment services over America's most advanced fiber-optic network, and delivers integrated business solutions to customers in more than 150 countries, including all of the Fortune 500. A Dow 30 company, Verizon employs a diverse workforce of nearly 196,000 and last year generated consolidated revenues of $106.6 billion. For more information, visit www.verizon.com.

About Actiontec Electronics Actiontec Electronics develops broadband-powered solutions that connect people to the Internet, applications, and content they care about. Our products -- including gigabit Ethernet fiber routers, high-speed VDSL gateways, DSL modems, and home networking solutions -- are deployed by some of the largest telecom carriers in North America. We listen to our customers, delivering future-proof solutions that help them stay competitive today, and tomorrow, with faster access rates, advanced performance, and exciting applications. Our innovation has been recognized throughout the industry, with numerous awards. As a minority owned company, we're committed to the world we live in by promoting diversity among our employees and partners, and actively pushing a variety of green programs designed to reduce the carbon footprint of our company, and customers. Founded in 1993, Actiontec is headquartered in Sunnyvale, CA, and maintains branch offices in Colorado Springs, CO; Shanghai, China; and Taipei, Taiwan.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Why Cyber-Risk Is a C-Suite Issue
Marc Wilczek, Digital Strategist & CIO Advisor,  11/12/2019
DevSecOps: The Answer to the Cloud Security Skills Gap
Lamont Orange, Chief Information Security Officer at Netskope,  11/15/2019
Unreasonable Security Best Practices vs. Good Risk Management
Jack Freund, Director, Risk Science at RiskLens,  11/13/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
Navigating the Deluge of Security Data
In this Tech Digest, Dark Reading shares the experiences of some top security practitioners as they navigate volumes of security data. We examine some examples of how enterprises can cull this data to find the clues they need.
Flash Poll
Rethinking Enterprise Data Defense
Rethinking Enterprise Data Defense
Frustrated with recurring intrusions and breaches, cybersecurity professionals are questioning some of the industrys conventional wisdom. Heres a look at what theyre thinking about.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-19012
PUBLISHED: 2019-11-17
An integer overflow in the search_in_range function in regexec.c in Oniguruma 6.x before 6.9.4_rc2 leads to an out-of-bounds read, in which the offset of this read is under the control of an attacker. (This only affects the 32-bit compiled version). Remote attackers can cause a denial-of-service or ...
CVE-2019-19022
PUBLISHED: 2019-11-17
iTerm2 through 3.3.6 has potentially insufficient documentation about the presence of search history in com.googlecode.iterm2.plist, which might allow remote attackers to obtain sensitive information, as demonstrated by searching for the NoSyncSearchHistory string in .plist files within public Git r...
CVE-2019-19035
PUBLISHED: 2019-11-17
jhead 3.03 is affected by: heap-based buffer over-read. The impact is: Denial of service. The component is: ReadJpegSections and process_SOFn in jpgfile.c. The attack vector is: Open a specially crafted JPEG file.
CVE-2019-19011
PUBLISHED: 2019-11-17
MiniUPnP ngiflib 0.4 has a NULL pointer dereference in GifIndexToTrueColor in ngiflib.c via a file that lacks a palette.
CVE-2019-19010
PUBLISHED: 2019-11-16
Eval injection in the Math plugin of Limnoria (before 2019.11.09) and Supybot (through 2018-05-09) allows remote unprivileged attackers to disclose information or possibly have unspecified other impact via the calc and icalc IRC commands.