SecureWorld News

FEBRUARY 20, 2025

He urges enterprises to implement Privileged Access Management (PAM) solutions and multi-factor authentication (MFA) and to enforce robust password policies to reduce the risk of account compromise. Patching and vulnerability management Apply timely security updates to operating systems, software, and firmware.

Ransomware 109

Ransomware IoT Encryption Social Engineering 109

Malwarebytes

AUGUST 1, 2022

This web server is present in Arris firmware which can be found in several router models. last official release 2010) has a path traversal vulnerability. Unfortunately the Arris firmware is based on the vulnerable version of muhttpd. The SSID and plaintext password of the 2G and 5G Wi-Fi networks broadcast by the device.

Firmware 145

Firmware Internet Internet Passwords 145

SecureList

JUNE 8, 2022

Number of router vulnerabilities according to cve.mitre.org, 2010–2022 ( download ). Number of router vulnerabilities according to nvd.nist.gov, 2010–2022 ( download ). search for smart devices with the default password in the summer of last year revealed more than 27,000 hits, a similar search in April 2022 returned only 851.

DDOS 133

DDOS Passwords IoT Firmware 133

SecureList

MAY 23, 2022

The following potential vectors of attacks on ISaGRAF-based devices have been identified: A remote unauthenticated attacker could execute privileged commands of the IXL service on devices with ISaGRAF Runtime versions released before 2010. A remote attacker could easily implement a password brute force attack in ISaGRAF Runtime.

Passwords 110

Passwords Authentication Architecture Encryption 110

Security Affairs

OCTOBER 20, 2018

CVE-2018-18472 – XXE and Unauthenticated Remote Command Execution in Axentra Hipserv NAS firmware. . It’s used in different devices from different vendors, the affected devices sharing the firmware are: Netgear Stora. The company provides a firmware with a web interface that mainly uses PHP as a serverside language.

Firmware 93

Firmware IoT VPN Authentication 93

Malwarebytes

AUGUST 1, 2022

This web server is present in Arris firmware which can be found in several router models. last official release 2010) has a path traversal vulnerability. Unfortunately the Arris firmware is based on the vulnerable version of muhttpd. The SSID and plaintext password of the 2G and 5G Wi-Fi networks broadcast by the device.

Firmware 60

Firmware Internet Internet Passwords 60

Privacy and Cybersecurity Law

NOVEMBER 6, 2018

If the device is equipped with a “means for authentication outside a local area network, it shall be deemed a reasonable security feature” if either of the following security requirements are met: The reprogrammed password is unique to each device manufactured[;] or. Code § 1798.91.06(a)) Code § 1798.91.06(c))

IoT 45

IoT Cybersecurity Manufacturing Technology 45