New botnet called RondoDox was discovered
A new botnet RondoDox has been discovered, exploiting 56 vulnerabilities in over 30 different devices.
The malicious actors are targeting a wide range of internet-accessible devices, including digital video recorders (DVRs), network video recorders (NVRs), video surveillance systems, and web servers.
The following are the vulnerabilities exploited by the RondoDox botnet:
Analysts report that RondoDox exploits 18 command injection vulnerabilities that have not yet been assigned CVE identifiers. These vulnerabilities affect D-Link and NAS devices, TVT and LILIN DVRs, Fiberhome, ASMAX, and Linksys routers, Brickcom cameras, and other unspecified devices.
To protect against RondoDox attacks, researchers recommend installing the latest available firmware updates and promptly replacing hardware that has reached its support deadline. Additionally, it is recommended to segment the network, isolate critical data from internet-facing IoT devices and from guest connections, and replace default credentials and use strong passwords.
Source: bleepingcomputer.com
14 October 2025