DNS, Firewall and Firmware - Cyber Security Informer

Some Zyxel devices can be hacked via DNS requests

Security Affairs

SEPTEMBER 4, 2019

Experts at SEC Consult discovered several security issues in various Zyxel devices that allow to hack them via unauthenticated DNS requests. The first issue is an information disclosure flaw via unauthenticated external DNS requests that affect Zyxel devices from the USG, UAG, ATP, VPN and NXC series. ” reads the advisory.

DNS

DNS Hacking Firmware Wireless

New Ttint IoT botnet exploits two zero-days in Tenda routers

Security Affairs

OCTOBER 5, 2020

Unlike other IoT DDoS botnets, Ttint implements 12 remote access functions such as Socket5 proxy for router devices, tampering with router firewall and DNS settings, executing remote custom system commands. According to the experts, Tenda routers running a firmware version between AC9 to AC18 are vulnerable to the attack.

IoT

IoT Firmware Advertising DNS

Cable Haunt flaw exposes 200M+ Broadcom-based cable modems at remote hijacking

Security Affairs

JANUARY 10, 2020

A flaw, dubbed Cable Haunt, in Broadcom’s cable modem firmware exposed as many as 200 million home broadband gateways in Europe alone, at risk of remote hijackings. With almost no cable modem tested being secure without a firmware update, the number of modems initially vulnerable in Europe is estimated to be close to this number.”

Firmware

Firmware DNS Manufacturing Advertising

NAME:WRECK, a potential IoT trainwreck

Malwarebytes

APRIL 13, 2021

A set of vulnerabilities has been found in the way a number of popular TCP/IP stacks handle DNS requests. Yes, the researchers found 9 DNS-related vulnerabilities that have the potential to allow attackers to take targeted devices offline or to gain control over them. Basically, you could say DNS is the phonebook of the internet.

IoT

IoT DNS Internet Internet

IoT Unravelled Part 3: Security

Troy Hunt

NOVEMBER 25, 2020

I also looked at custom firmware and soldering and why, to my mind, that was a path I didn't need to go down at this time. Let's got through the options: Firmware Patching I'll start with the devices themselves and pose a question to you: can you remember the last time you patched the firmware in your light globes? Or vibrator.

IoT

IoT Firmware Risk Manufacturing

Multiple flaws in Teltonika industrial cellular router expose OT networks to hack

Security Affairs

MAY 16, 2023

The platform provides real-time monitoring and control, it also supports advanced features such as device management, software and firmware updates, GPS tracking, and data visualization. The compromised industrial devices may also be used to launch attacks against other devices or networks.” ” reads the advisory from CISA.

Hacking

Hacking Internet Internet Manufacturing

How to Secure DNS

eSecurity Planet

JULY 25, 2022

The domain name system (DNS) is basically a directory of addresses for the internet. Your browser uses DNS to find the IP for a specific service. For example, when you enter esecurityplanet.com, the browser queries a DNS service to reach the matching servers, but it’s also used when you send an email. DNS spoofing or poisoning.

DNS

DNS Encryption Penetration Testing Architecture

Remotely Accessing Secure Kali Pi

Kali Linux

NOVEMBER 27, 2022

To enable wireless support, we need to find: The kernel Wi-Fi modules that need to be in the initramfs (Depends on hardware) The Wi-Fi firmware files that need to be in the initramfs (Depends on hardware) The Wireless interface name (Kali defaults to: wlan0 ) Additional packages to increase functionally. bin firmware: brcm/brcmfmac*-sdio.*.txt

Firmware

Firmware Wireless Passwords VPN

IT threat evolution Q1 2024

SecureList

JUNE 3, 2024

The attackers were able to bypass this hardware-based security protection using another hardware feature of Apple-designed SoCs (System on a Chip): they did this by writing the data, destination address and data hash to unknown hardware registers of the chip that are not used by the firmware.

Banking

Banking Malware Computers and Electronics Mobile

What is a Managed Security Service Provider? MSSPs Explained

eSecurity Planet

AUGUST 22, 2023

History of MSSPs As internet service providers (ISPs) and telecommunications companies (telecoms) began offering commercial access to the internet in the late 1990s, they began to also offer firewall appliances and associated managed services. and installed software (operating systems, applications, firmware, etc.).

Telecommunications

Telecommunications Firewall Penetration Testing Cybersecurity

Overview of IoT threats in 2023

SecureList

SEPTEMBER 21, 2023

DNS changer Malicious actors may use IoT devices to target users who connect to them. A 2022 campaign known as Roaming Mantis, or Shaoye, spread an Android app whose capabilities included modifying DNS settings on Wi-Fi routers through the administration interface. The practice has not become widespread due to relative inefficiency.

IoT

IoT DDOS Passwords Malware

Network Protection: How to Secure a Network

eSecurity Planet

MARCH 22, 2023

The tools also depend upon physical controls that should also be implemented against malicious physical access to destroy or compromise networking equipment such as routers, cables, switches, firewalls, and other networking appliances. These physical controls do not rely upon IT technology and will be assumed to be in place.

Firewall

Firewall Network Security Penetration Testing Encryption

10 Network Security Threats Everyone Should Know

eSecurity Planet

MARCH 16, 2023

DNS attacks : DNS cache poisoning, or hijacking, redirects a legitimate site’s DNS address and takes users to a malicious site when they attempt to navigate to that webpage. It’s critical for network administrators to patch firmware vulnerabilities immediately after learning of them.

Network Security

Network Security Firewall Internet Internet

The Biggest Lessons about Vulnerabilities at RSAC 2021

eSecurity Planet

MAY 28, 2021

From BIOS and firmware to UEFI code, VBOS is an attack vector that requires more attention. While the design of a unified extensible firmware interface (UEFI) overcame BIOS limitations, both components critical to computer operation are an increasing target. Also Read: How to Prevent DNS Attacks. Current Target: VBOS.

Software

Software DNS Firmware VPN

Types of Malware & Best Malware Protection Practices

eSecurity Planet

FEBRUARY 16, 2021

Experts say the best defense is a multi-pronged network security strategy that includes a firewall, anti-malware software, network monitoring, intrusion detection and prevention (IDPS), and data protection. You should also use a network firewall and an anti-malware solution. How to Defend Against a Backdoor. RAM Scraper.

Malware

Malware Adware Spyware Antivirus

DDoS attacks in Q4 2020

SecureList

FEBRUARY 16, 2021

The DTLS (Datagram Transport Layer Security) protocol is used to establish secure connections over UDP, through which most DNS queries, as well as audio and video traffic, are sent. After the attacks came to light, the manufacturer promptly released a firmware update for configuring verification of incoming requests.

DDOS

DDOS Cryptocurrency Marketing Internet

2024 State of Cybersecurity: Reports of More Threats & Prioritization Issues

eSecurity Planet

MAY 2, 2024

50,000 DDoS attacks on public domain name service (DNS) resolvers. 553% increase in DNS Flood attacks from 1H 2020 to 2H 2023. DDoS attacks on single networks or websites render them unavailable, but DDoS attacks on DNS resolvers bring down all networks and websites using that DNS resource.

Cybersecurity

Cybersecurity DDOS Penetration Testing Passwords

Cyber Security Informer

Some Zyxel devices can be hacked via DNS requests

New Ttint IoT botnet exploits two zero-days in Tenda routers

Trending Sources

Cable Haunt flaw exposes 200M+ Broadcom-based cable modems at remote hijacking

NAME:WRECK, a potential IoT trainwreck

IoT Unravelled Part 3: Security

Multiple flaws in Teltonika industrial cellular router expose OT networks to hack

How to Secure DNS

Remotely Accessing Secure Kali Pi

IT threat evolution Q1 2024

What is a Managed Security Service Provider? MSSPs Explained

Overview of IoT threats in 2023

Network Protection: How to Secure a Network

10 Network Security Threats Everyone Should Know

The Biggest Lessons about Vulnerabilities at RSAC 2021

Types of Malware & Best Malware Protection Practices

DDoS attacks in Q4 2020

2024 State of Cybersecurity: Reports of More Threats & Prioritization Issues

Top SD-WAN Solutions for Enterprise Security

Stay Connected