Security Affairs

MAY 16, 2023

China-linked APT group Mustang Panda employed a custom firmware implant targeting TP-Link routers in targeted attacks since January 2023. MustangPanda has been active since at least 2012, it targeted American and European entities such as government organizations, think tanks, NGOs , and even Catholic organizations at the Vatican.

Firmware 98

Firmware Encryption Government Malware 98

Security Affairs

DECEMBER 25, 2018

Threat actors are attempting to exploit a flaw in Orange LiveBox ADSL modems to retrieve their SSID and WiFi password in plaintext. The flaw tracked as CVE-2018-20377 is known at least since 2012 when Rick Murray described it in a blog post. . . Mursch also reported that many exposed devices use default credentials (i.e.

Passwords 110

Passwords Wireless Advertising Firmware 110

Malwarebytes

JANUARY 12, 2022

Patches that can cause problems include the following: KB5009624 for Server 2012 R2 KB5009595 for Server 2012 R2 KB5009546 for Server 2016 KB5009557 for Server 2019. The Windows Platform Binary Table is a fixed firmware ACPI (Advanced Configuration and Power Interface) table. You can use any email and password here.

Authentication 128

Authentication Firmware Passwords Technology 128

Security Affairs

OCTOBER 20, 2018

CVE-2018-18472 – XXE and Unauthenticated Remote Command Execution in Axentra Hipserv NAS firmware. . It’s used in different devices from different vendors, the affected devices sharing the firmware are: Netgear Stora. The company provides a firmware with a web interface that mainly uses PHP as a serverside language.

Firmware 94

Firmware IoT VPN Authentication 94

SecureList

NOVEMBER 14, 2022

In both cases, we described new UEFI firmware bootkits that managed to propagate malicious components from the deepest layers of the machine up to Windows’ user-land. CobaltStrike, released in 2012, is a threat emulation tool designed to help red teams understand the methods an attacker can use to penetrate a network.

Firmware 129

Firmware Surveillance Mobile Telecommunications 129

eSecurity Planet

FEBRUARY 15, 2022

The agencies offered some sound cybersecurity advice for BlackByte that applies pretty generally: Conduct regular backups and store them as air-gapped, password-protected copies offline. Update and patch operating systems, software, and firmware as soon as updates and patches are released. 7 SP1, 8, 8.1)

Ransomware 128

Ransomware Encryption Backups Accountability 128

SecureList

OCTOBER 25, 2023

This archive is discreetly hosted on legitimate websites, cleverly disguised as firmware binaries for enigmatic devices labeled “m100” The Bitbucket repository was created on June 21, 2018, under the account of Julie Heilman, and it remains the sole repository associated with this profile. 8, 15.0.0.0/8, 8, 16.0.0.0/8,

Malware 145

Malware DNS Encryption Ransomware 145