Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Vulnerabilities / Threats

8/24/2011
06:19 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

New ICSA Labs Certification For Broadband Home Routers Launched

Certified broadband home routers (BHRs) can offer consumers a higher level of security assurance

MECHANICSBURG, Pa. – Hackers are increasingly viewing home routers as a means of gaining access to sensitive personal data. To help combat this threat, ICSA Labs, an independent division of Verizon, is offering a new program under which manufacturers can have their broadband home routers certified.

The program, Managed Broadband Home Router Certification, evaluates a router’s effectiveness in identifying safe versus harmful data, and then in denying access to malicious data. Certified broadband home routers (BHRs), which are generally used to connect computers on a home network to the Internet, can offer consumers a higher level of security assurance. ICSA Labs awarded the first Managed Broadband Home Router Certification to Actiontec’s M1424WR family of wireless home routers, which includes MI424-WR Rev.E and MI424-WR Rev.F.

“While attacks targeted at routers are not a new threat, we are seeing an increase in attacks against broadband home routers,” said Brian Monkman, technology programs manager, ICSA Labs. “This threat is exacerbated by the fact that all too often, consumers assume that these products, which are designed to be configured quickly and easily, have the appropriate safeguards in place. Unfortunately, that is not always the case.”

“It is important that a broadband home router is secure – right out of its box,” said Brian Henrichs, chief business development officer at Actiontec. “Consumers receiving a router—such as an Actiontec managed router—from their service provider that has been tested and certified by ICSA Labs can be confident in the security of their router.” As BHRs are considered a type of firewall appliance, the router certification program will launch as part of ICSA Labs’ Network Firewall Program, which was established in 1995 and evaluates the effectiveness and security measures of network firewalls.

The certification program was developed under ICSA Labs’ ISO 9001/IEC 17025 accredited framework, which verifies the organization’s quality-management systems and technical competence.

Visit ICSA Labs’ Managed Broadband Home Router Certification page for more information or to submit a product for testing. Consumers interested in purchasing a certified BHR can visit ICSA Labs’ certified product page to determine whether the BHR is certified. About ICSA Labs

ICSA Labs, an independent division of Verizon, offers third-party testing and certification of security products and network-connected devices, such as printers and faxes, to measure product compliance, reliability and performance to many of the world’s top security vendors. Visit http://www.icsalabs.com and http://www.icsalabs.com/blogs for more information

About Verizon Verizon Communications Inc. (NYSE, NASDAQ:VZ), headquartered in New York, is a global leader in delivering broadband and other wireless and wireline communications services to consumer, business, government and wholesale customers. Verizon Wireless operates America's most reliable wireless network, with more than 106 million total connections nationwide. Verizon also provides converged communications, information and entertainment services over America's most advanced fiber-optic network, and delivers integrated business solutions to customers in more than 150 countries, including all of the Fortune 500. A Dow 30 company, Verizon employs a diverse workforce of nearly 196,000 and last year generated consolidated revenues of $106.6 billion. For more information, visit www.verizon.com.

About Actiontec Electronics Actiontec Electronics develops broadband-powered solutions that connect people to the Internet, applications, and content they care about. Our products -- including gigabit Ethernet fiber routers, high-speed VDSL gateways, DSL modems, and home networking solutions -- are deployed by some of the largest telecom carriers in North America. We listen to our customers, delivering future-proof solutions that help them stay competitive today, and tomorrow, with faster access rates, advanced performance, and exciting applications. Our innovation has been recognized throughout the industry, with numerous awards. As a minority owned company, we're committed to the world we live in by promoting diversity among our employees and partners, and actively pushing a variety of green programs designed to reduce the carbon footprint of our company, and customers. Founded in 1993, Actiontec is headquartered in Sunnyvale, CA, and maintains branch offices in Colorado Springs, CO; Shanghai, China; and Taipei, Taiwan.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
COVID-19: Latest Security News & Commentary
Dark Reading Staff 6/5/2020
How AI and Automation Can Help Bridge the Cybersecurity Talent Gap
Peter Barker, Chief Product Officer at ForgeRock,  6/1/2020
Cybersecurity Spending Hits 'Temporary Pause' Amid Pandemic
Kelly Jackson Higgins, Executive Editor at Dark Reading,  6/2/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: What? IT said I needed virus protection!
Current Issue
How Cybersecurity Incident Response Programs Work (and Why Some Don't)
This Tech Digest takes a look at the vital role cybersecurity incident response (IR) plays in managing cyber-risk within organizations. Download the Tech Digest today to find out how well-planned IR programs can detect intrusions, contain breaches, and help an organization restore normal operations.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-13864
PUBLISHED: 2020-06-05
The Elementor Page Builder plugin before 2.9.9 for WordPress suffers from a stored XSS vulnerability. An author user can create posts that result in a stored XSS by using a crafted payload in custom links.
CVE-2020-13865
PUBLISHED: 2020-06-05
The Elementor Page Builder plugin before 2.9.9 for WordPress suffers from multiple stored XSS vulnerabilities. An author user can create posts that result in stored XSS vulnerabilities, by using a crafted link in the custom URL or by applying custom attributes.
CVE-2020-11696
PUBLISHED: 2020-06-05
In Combodo iTop a menu shortcut name can be exploited with a stored XSS payload. This is fixed in all iTop packages (community, essential, professional) in version 2.7.0 and iTop essential and iTop professional in version 2.6.4.
CVE-2020-11697
PUBLISHED: 2020-06-05
In Combodo iTop, dashboard ids can be exploited with a reflective XSS payload. This is fixed in all iTop packages (community, essential, professional) for version 2.7.0 and in iTop essential and iTop professional packages for version 2.6.4.
CVE-2020-13646
PUBLISHED: 2020-06-05
In the cheetah free wifi 5.1 driver file liebaonat.sys, local users are allowed to cause a denial of service (BSOD) or other unknown impact due to failure to verify the value of a specific IOCTL.