Menu

  • Alerts
  • Incidents
  • News
  • APTs
  • Cyber Decoded
  • Cyber Hygiene
  • Cyber Review
  • Cyber Tips
  • Definitions
  • Malware
  • Threat Actors
  • Tutorials

Useful Tools

  • Password generator
  • Report an incident
  • Report to authorities
No Result
View All Result
CTF Hack Havoc
CyberMaterial
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
Hall of Hacks
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
No Result
View All Result
Hall of Hacks
CyberMaterial
No Result
View All Result
Home Alerts

Used Enterprise Routers May Reveal Secrets

April 25, 2023
Reading Time: 2 mins read
in Alerts

 

 

According to ESET researchers, enterprise network equipment, such as routers, that have been discarded but not properly destroyed, can reveal corporate secrets. The researchers purchased several used routers to set up a test environment and found that, in many cases, the previous configurations had not been wiped.

The data on these devices can be used by threat actors to breach networks and identify previous owners, which could lead to further attacks. The researchers stress the importance of adopting a procedure to correctly dismiss enterprise network equipment, like routers, due to the huge quantity of information they contain.

The ESET research team purchased 18 used routers to determine which kind of information was possible to find on the dismissed network equipment and how threat actors can use them in future attacks against the company that discarded them.

This type of enterprise network equipment is widely adopted by organizations worldwide and is commonly available at bargain basement prices in the secondary market. The researchers discovered that 56.25% of the devices contained trivially accessible and sensitive corporate information such as customer data, data allowing third-party connections to the network, and credentials for connecting to other networks as a trusted party.

The exposed corporate data and sensitive data include the maps of sensitive applications hosted locally or in the cloud. Attackers can use this information to launch attacks against enterprises using exploits for known vulnerabilities.

With this level of detail, impersonating network or internal hosts would be far simpler for an attacker, especially since the devices often contain VPN credentials or other easily cracked authentication tokens.

Only five devices were properly wiped by the organizations that dismissed them.

ESET attempted to notify the former owners of the routers they had purchased, and in some cases, they were responsive, while in others cases they were incredibly difficult or impossible to reach.

The study highlights the need for organizations to properly dispose of their enterprise network equipment, including routers, and to ensure that sensitive data is erased before it is discarded.

Failure to do so could result in a breach of the company’s security and the exposure of confidential data.

Reference:
  • Discarded, not destroyed: Old routers reveal corporate secrets

Tags: April 2023CloudCyber AlertCyber Alerts 2023Cyber AttacksESETVPNVulnerabilities
ADVERTISEMENT

Related Posts

Fake DocuSign Alerts Target Corporate Logins

Fake DocuSign Alerts Target Corporate Logins

May 28, 2025
Fake DocuSign Alerts Target Corporate Logins

Fake Bitdefender Site Spreads Venom Malware

May 28, 2025
Fake DocuSign Alerts Target Corporate Logins

Microsoft Void Blizzard Cyber Threat Alert

May 28, 2025
GhostSpy Android Malware Full Device Control

FBI Warns Luna Moth Targets US Law Firms

May 27, 2025
GhostSpy Android Malware Full Device Control

Winos 4.0 Malware Spread Via Fake Installers

May 27, 2025
GhostSpy Android Malware Full Device Control

GhostSpy Android Malware Full Device Control

May 27, 2025

Latest Alerts

Microsoft Void Blizzard Cyber Threat Alert

Fake DocuSign Alerts Target Corporate Logins

Fake Bitdefender Site Spreads Venom Malware

FBI Warns Luna Moth Targets US Law Firms

Winos 4.0 Malware Spread Via Fake Installers

GhostSpy Android Malware Full Device Control

Subscribe to our newsletter

    Latest Incidents

    Migos IG Hack Blackmails Solana Cofounder

    Tiffany & Co. Faces Data Breach Incident

    MathWorks Crippled by Ransomware Attack

    Everest Ransomware Leaks Coke Staff Data

    Adidas Data Breach Exposes Customer Contacts

    Semiconductor Firm AXT Hit by Data Breach

    CyberMaterial Logo
    • About Us
    • Contact Us
    • Jobs
    • Legal and Privacy Policy
    • Site Map

    © 2025 | CyberMaterial | All rights reserved

    Welcome Back!

    Login to your account below

    Forgotten Password?

    Retrieve your password

    Please enter your username or email address to reset your password.

    Log In

    Add New Playlist

    No Result
    View All Result
    • Alerts
    • Incidents
    • News
    • Cyber Decoded
    • Cyber Hygiene
    • Cyber Review
    • Definitions
    • Malware
    • Cyber Tips
    • Tutorials
    • Advanced Persistent Threats
    • Threat Actors
    • Report an incident
    • Password Generator
    • About Us
    • Contact Us
    • Advertise with us

    Copyright © 2025 CyberMaterial