2010, Firmware and Internet - Cyber Security Informer

MyBook Users Urged to Unplug Devices from Internet

Krebs on Security

JUNE 25, 2021

Hard drive giant Western Digital is urging users of its MyBook Live brand of network storage drives to disconnect them from the Internet, warning that malicious hackers are remotely wiping the drives using a critical flaw that can be triggered by anyone who knows the Internet address of an affected device.

Internet

Internet Internet Backups Small Business

Router Security

Schneier on Security

FEBRUARY 19, 2021

Nonetheless, all but one vendor spread several private keys in almost all firmware images. was released in October 2010. There’s often no one around to write patches, and most of the time router firmware isn’t even patchable. Anyhow, they are used quite rarely by most vendors except the NX feature.

Firmware

Firmware Software Engineering Internet

Ghost Ransomware a Persistent Global Threat to Critical Infrastructure

SecureWorld News

FEBRUARY 20, 2025

Patching and vulnerability management Apply timely security updates to operating systems, software, and firmware. Report ransomware incidents to the FBI Internet Crime Complaint Center (IC3) , CISA, or MS-ISAC. Prioritize fixing vulnerabilities exploited by Ghost, such as ProxyShell (CVE-2021-34473, CVE-2021-34523, CVE-2021-31207).

Ransomware

Ransomware IoT Encryption Social Engineering

Millions of Arris routers are vulnerable to path traversal attacks

Malwarebytes

AUGUST 1, 2022

This web server is present in Arris firmware which can be found in several router models. ISP customer premise equipment (CPE) often uses this web server, and ISP subscribers will typically get these routers in loan for telephony and Internet access. last official release 2010) has a path traversal vulnerability.

Firmware

Firmware Internet Internet Passwords

Router security in 2021

SecureList

JUNE 8, 2022

A router is a gateway from the internet to a home or office — despite being conceived quite the opposite. Number of router vulnerabilities according to cve.mitre.org, 2010–2022 ( download ). Number of router vulnerabilities according to nvd.nist.gov, 2010–2022 ( download ). Make sure to update the firmware. Conclusion.

DDOS

DDOS Passwords IoT Firmware

SweynTooth Bluetooth flaws affect devices from major system-on-a-chip (SoC) vendors

Security Affairs

FEBRUARY 15, 2020

The protocol Bluetooth Low Energy (BLE) was released in 2010 and it is designed to implement a new generation of services for mobile applications. The issue initially causes denial of service ( DoS ), but “attackers could reverse engineer products firmware to possibly leverage remote execution,” the researchers say.

IoT

IoT Firmware Advertising Hacking

WizCase Report: Vulnerabilities found in WD My Book, NetGear Stora, SeaGate Home, Medion LifeCloud NAS

Security Affairs

OCTOBER 20, 2018

CVE-2018-18472 – XXE and Unauthenticated Remote Command Execution in Axentra Hipserv NAS firmware. . It’s used in different devices from different vendors, the affected devices sharing the firmware are: Netgear Stora. The company provides a firmware with a web interface that mainly uses PHP as a serverside language.

Firmware

Firmware IoT VPN Authentication

How to Protect Operational Technology (OT) from Cyber Threats

CyberSecurity Insiders

JUNE 2, 2023

OT systems often come as closed systems with firmware and software installed by a supplier. It also does not require an internet connection, updates to date telemetry, or modern OS versions. Sometimes this is due to cultural reasons (management’s fear of even the slightest chance of disruption); other times, it is technological.

Cyber threats

Cyber threats Technology Firewall Ransomware

Millions of Arris routers are vulnerable to path traversal attacks

Malwarebytes

AUGUST 1, 2022

This web server is present in Arris firmware which can be found in several router models. ISP customer premise equipment (CPE) often uses this web server, and ISP subscribers will typically get these routers in loan for telephony and Internet access. last official release 2010) has a path traversal vulnerability.

Firmware

Firmware Internet Internet Passwords

California Passes First Of Its Kind IoT Cybersecurity Law

Privacy and Cybersecurity Law

NOVEMBER 6, 2018

California recently became the first state in the union to pass a cybersecurity law addressing “smart” devices and Internet of Things (IoT) technology. The term IoT generally refers to anything connected to the internet, including smart home devices (e.g., Amazon’s Alexa, NEST thermostats, etc.). Code § 1798.91.06(a))

IoT

IoT Cybersecurity Manufacturing Technology

California Passes First Of Its Kind IoT Cybersecurity Law

Privacy and Cybersecurity Law

NOVEMBER 5, 2018

California recently became the first state in the union to pass a cybersecurity law addressing “smart” devices and Internet of Things (IoT) technology. The term IoT generally refers to anything connected to the internet, including smart home devices (e.g., Amazon’s Alexa, NEST thermostats, etc.). Code § 1798.91.06(a))

IoT

IoT Cybersecurity Manufacturing Technology

The Hacker Mind Podcast: Hacking Voting Systems

ForAllSecure

OCTOBER 29, 2020

In 2010, she was interviewed by O'Reilly Media. Halderman : In 2010, Washington D.C. held a pilot of a new Internet voting system. More individual states’ voting systems were exposed and also addressable from the internet. Remember the six million voter records from Georgia just hanging out there on the internet?

Hacking

Hacking Mobile Software Technology

The Hacker Mind Podcast: Hacking Voting Systems

ForAllSecure

OCTOBER 29, 2020

In 2010, she was interviewed by O'Reilly Media. Halderman : In 2010, Washington D.C. held a pilot of a new Internet voting system. More individual states’ voting systems were exposed and also addressable from the internet. Remember the six million voter records from Georgia just hanging out there on the internet?

Hacking

Hacking Mobile Software Technology

The Hacker Mind Podcast: Hacking Voting Systems

ForAllSecure

OCTOBER 20, 2020

In 2010, she was interviewed by O'Reilly Media. Halderman : In 2010, Washington D.C. held a pilot of a new Internet voting system. More individual states’ voting systems were exposed and also addressable from the internet. Remember the six million voter records from Georgia just hanging out there on the internet?

Hacking

Hacking Mobile Software Technology

APT trends report Q3 2021

SecureList

OCTOBER 26, 2021

The malicious payload was then used to upload additional malware, usually the Quarian backdoor that has been seen in use by Chinese-speaking actors since around 2010. Scanning the internet with available clues from our previous research, we are able to discover newly deployed hosts, in some cases even before they become active.

Malware

Malware Government Surveillance Spyware

VulnRecap 3/4/24 – Ivanti, Ubiquiti, AppLocker Under Attack

eSecurity Planet

MARCH 4, 2024

All sites incorporated the archaic FCKeditor plug-in, which stopped receiving support in 2010. The fix: To eliminate malware infections, perform a factory reset, upgrade to the latest firmware, change all default usernames and passwords, and adjust firewall rules to block exposure to unwanted remote management services.

IoT

IoT Internet Internet Ransomware

Cyber Security Informer

MyBook Users Urged to Unplug Devices from Internet

Router Security

Trending Sources

Ghost Ransomware a Persistent Global Threat to Critical Infrastructure

Millions of Arris routers are vulnerable to path traversal attacks

Router security in 2021

SweynTooth Bluetooth flaws affect devices from major system-on-a-chip (SoC) vendors

WizCase Report: Vulnerabilities found in WD My Book, NetGear Stora, SeaGate Home, Medion LifeCloud NAS

How to Protect Operational Technology (OT) from Cyber Threats

Millions of Arris routers are vulnerable to path traversal attacks

California Passes First Of Its Kind IoT Cybersecurity Law

California Passes First Of Its Kind IoT Cybersecurity Law

The Hacker Mind Podcast: Hacking Voting Systems

The Hacker Mind Podcast: Hacking Voting Systems

The Hacker Mind Podcast: Hacking Voting Systems

APT trends report Q3 2021

VulnRecap 3/4/24 – Ivanti, Ubiquiti, AppLocker Under Attack

Stay Connected