Remove 2013 Remove Firmware Remove Internet
article thumbnail

MoonBounce: the dark side of UEFI firmware

SecureList

At the end of 2021, we were made aware of a UEFI firmware-level compromise through logs from our Firmware Scanner , which has been integrated into Kaspersky products since the beginning of 2019. This one is made up of implants found in the UEFI firmware within the SPI flash, a non-volatile storage external to the hard drive.

Firmware 145
article thumbnail

BotenaGo botnet targets millions of IoT devices using 33 exploits

Security Affairs

Ax with firmware 1.04b12 and earlier CVE-2016-1555 Netgear WN604 before 3.3.3 CVE-2017-6077 NETGEAR DGN2200 devices with firmware through 10.0.0.50 Beta, D6220, D6400, D7000 CVE-2018-10561, CVE-2018-10562 GPON home routers CVE-2013-3307 Linksys X3000 1.0.03 CVE-2017-6077 NETGEAR DGN2200 devices with firmware through 10.0.0.50

IoT 140
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Sounding the Alarm on Emergency Alert System Flaws

Krebs on Security

That may be because the patches were included in version 4 of the firmware for the EAS devices, and many older models apparently do not support the new software. According to the EAS wiki, in February 2013, hackers broke into the EAS networks in Great Falls, Mt. and Marquette, Mich.

Firmware 209
article thumbnail

SonicWall warns users of “imminent ransomware campaign”

Malwarebytes

The exploitation targets a known vulnerability that has been patched in newer versions of SonicWall firmware. x versions of the firmware. x firmware. x firmware versions. SSL-VPN 200/2000/400 (EOL 2013/2014) disconnect immediately and reset passwords. SMA 210/410/500v (Actively Supported) update firmware to 9.0.0.10-28sv

article thumbnail

ZoomEye IoT search engine cached login passwords for tens of thousands of Dahua DVRs

Security Affairs

Anubhav explained that the passwords are related to Dahua DVRs running very old firmware that is known to be affected by a five-year-old vulnerability tracked as CVE-2013-6117. Even if the vulnerability has been patched, many Dahua devices are still running ancient firmware.

IoT 75
article thumbnail

Hundreds of thousands of routers exposed to Eternal Silence campaign via UPnP?

Security Affairs

In early 2013, researchers at Rapid7 published an interesting whitepaper entitled “Security Flaws in Universal Plug and Play” that evaluated the global exposure of UPnP-enabled network devices. Experts recommend users installing routers update and patched firmware to mitigate the threat. ” continues Akamai.

article thumbnail

AT&T Alien Labs finds new Golang malware (BotenaGo) targeting millions of routers and IoT devices with more than 30 exploits

CyberSecurity Insiders

Ax with firmware 1.04b12 and earlier. NETGEAR DGN2200 devices with firmware through 10.0.0.50. CVE-2013-3307. CVE-2013-5223. Multiple ZyXEL network-attached storage (NAS) devices running firmware version 5.2, Affected products include: NAS326 before firmware V5.21(AAZF.7)C0 7)C0 NAS520 before firmware V5.21(AASZ.3)C0

Malware 85