2014, Encryption and Firmware - Cyber Security Informer

QNAP urges users to update NAS firmware and app to prevent infections

Security Affairs

SEPTEMBER 29, 2020

While the AgeLocker ransomware continues to target QNAP NAS systems, the Taiwanese vendor urges customers to update the firmware and apps. Taiwanese vendor QNAP is urging its customers to update the firmware and apps installed on their network-attached storage (NAS) devices to prevent AgeLocker ransomware infections.

Firmware

Firmware Ransomware Encryption Advertising

Flaws in several self-encrypting SSDs allows attackers to decrypt data they contain

Security Affairs

NOVEMBER 6, 2018

The encryption system implemented by popular solid-state drives (SSDs) is affected by critical vulnerabilities that could be exploited by a local attacker to decrypt data. “We have analyzed the hardware full-disk encryption of several SSDs by reverse engineering their firmware.

Encryption

Encryption Firmware Passwords Advertising

Flaws in firmware expose almost any modern PC to Cold Boot Attacks

Security Affairs

SEPTEMBER 13, 2018

New Firmware Flaws Resurrect Cold Boot Attacks. A team of security researchers demonstrated that the firmware running on nearly all modern computers is vulnerable to cold boot attacks. encryption keys, passwords) from a running operating system after using a cold reboot to restart the machine. concludes the experts.

Firmware

Firmware Encryption Advertising Passwords

D-Link releases a security firmware update that only fixes 3 out 6 issues in DIR-865L home routers

Security Affairs

JUNE 13, 2020

D-Link has released a firmware update to address three security flaws impacting the DIR-865L home router model, but left some issue unpatched. D-Link has recently released a firmware update to address three out of six security flaws impacting the DIR-865L wireless home router. Pierluigi Paganini.

Firmware

Firmware Wireless Advertising Risk

CVE-2019-0090 flaw affects Intel Chips released in the last 5 years

Security Affairs

MARCH 7, 2020

The CVE-2019-0090 vulnerability affects the firmware running on the ROM of the Intel’s Converged Security and Management Engine (CSME). Intel CSME is responsible for initial authentication of Intel-based systems by loading and verifying all other firmware for modern platforms.” x, SPS_E3_05.00.04.027.0. .

Firmware

Firmware Technology Advertising Authentication

New Ttint IoT botnet exploits two zero-days in Tenda routers

Security Affairs

OCTOBER 5, 2020

The botnet uses the WSS (WebSocket over TLS) protocol for C2 communication to circumvent the typical Mirai traffic detection and provide secure encrypted communication for command and control. “Two zero days, 12 remote access functions for the router, encrypted traffic protocol, and infrastructure IP that that moves around.

IoT

IoT Firmware Advertising DNS

Tails OS version 4.5 supports the Secure Boot

Security Affairs

APRIL 10, 2020

The Tails OS allows to use the Internet anonymously and circumvent censorship by using the Tor Network, it leaves no trace on the computer users are using and uses the state-of-the-art cryptographic tools to encrypt files, emails and instant messaging. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Firmware

Firmware Advertising Encryption Internet

xHelper, the Unkillable Android malware that re-Installs after factory reset

Security Affairs

APRIL 7, 2020

Upon the installation, the malicious app registers itself as a foreground service and extracts an encrypted payload that gathers information about the victim’s device (android_id, manufacturer, model, firmware version, etc.) In this case, reflashing is pointless, so it would be worth considering alternative firmwares for your device.

Malware

Malware Firmware Manufacturing Advertising

QSnatch malware infected over 62,000 QNAP NAS Devices

Security Affairs

JULY 28, 2020

These are encrypted with the actor’s public key and sent to their infrastructure over HTTPS. The first campaign likely began in early 2014 and continued until mid-2017, while the second started in late 2018 and was still active in late 2019. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Malware

Malware Firmware Advertising Manufacturing

Researchers found allegedly intentional backdoors in FTTH devices from Chinese vendor C-Data

Security Affairs

JULY 10, 2020

The backdoor accounts in the firmware of 29 FTTH Optical Line Termination (OLT) devices from popular vendor C-Data. The security duo, composed of Pierre Kim and Alexandre Torres, disclosed seven vulnerabilities in the firmware of FTTH OLT devices manufactured by C-Data. ” reads the analysis published by the experts.

Firmware

Firmware Accountability Advertising Manufacturing

QNAP addresses 2 critical flaws that can allow hackers to take over NASs

Security Affairs

OCTOBER 8, 2020

Recently QNAP published a security advisory urging its customers to update the firmware and apps installed on their network-attached storage (NAS) devices to prevent AgeLocker ransomware infections. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini. SecurityAffairs – hacking, QNAP).

Encryption

Encryption Advertising Firmware Ransomware

Infecting Canon EOS DSLR camera with ransomware over the air

Security Affairs

AUGUST 12, 2019

Searching online the expert first found an encrypted firmware, he found on a forum a Portable ROM Dumper , (a custom firmware update file that once loaded, dumps the memory of the camera into the SD Card) that allowed him to dump the camera’s firmware and load it into his disassembler (IDA Pro). Pierluigi Paganini.

Ransomware

Ransomware Firmware Wireless Encryption

Cr1ptT0r Ransomware targets D-Link NAS Devices and embedded systems

Security Affairs

FEBRUARY 23, 2019

The D-Link DNS-320 model is no more available for sale, one of the members of the forum explained that the firmware of its NAS was never updated and its device was exposed to WAN through ports 8080, FTP port 21, and a range of ports for port forwarding. Gillespie says that it matches the encryption algorithm he noted above.”

Ransomware

Ransomware DNS Firmware Encryption

Maze Ransomware operators published data from LG and Xerox

Security Affairs

AUGUST 4, 2020

At the time, the Maze ransomware operators only released three screenshots as proof of the data breaches on the Maze ransomware leak site: Researchers from ZDNet who analyzed the leaked data confirmed that it included source code for the firmware of various LG products, including phones and laptops. Pierluigi Paganini.

Ransomware

Ransomware Encryption Advertising Hacking

A daily average of 80,000 printers exposed online via IPP

Security Affairs

JUNE 23, 2020

Unlike other printer management protocols, the IPP protocol supports multiple security features, including authentication and encryption, but evidently organizations don’t use them. This info includes printer names, locations, models, firmware versions, organization names, and even WiFi network names. Pierluigi Paganini.

Internet

Internet Internet Firmware Advertising

Expert released PoC exploit code for unpatched backdoor in HiSilicon chips

Security Affairs

FEBRUARY 5, 2020

More recent firmware versions had Telnet access and debug port (9527/ tcp ) disabled by default, but they had open port 9530/ tcp that could be exploited by attackers to send a special command to start telnet daemon and enable shell access with a static password ([ 1 ], [ 2 ], [ 3 ]). Pierluigi Paganini.

Firmware

Firmware Encryption Advertising Passwords

Security Affairs newsletter Round 268

Security Affairs

JUNE 14, 2020

Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. . Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Firmware

Firmware Advertising Ransomware Hacking

Hackers infect Linux servers with JungleSec Ransomware via IPMI Remote console

Security Affairs

DECEMBER 27, 2018

The IPMI is a set of computer interface specifications for an autonomous computer subsystem that provides management and monitoring capabilities independently of the host system’s CPU, firmware (BIOS or UEFI) and operating system. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Ransomware

Ransomware Passwords Advertising Firmware

NCSC warns of a surge in ransomware attacks on education institutions

Security Affairs

SEPTEMBER 20, 2020

Once gained the foothold in the target network, the attackers will attempt lateral movements to elevate the privileges and search for high-value machines to encrypt (i.e. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Education

Education Ransomware Antivirus Backups

USBAnywhere BMC flaws expose Supermicro servers to hack

Security Affairs

SEPTEMBER 3, 2019

Researchers at firmware security firm Eclypsium discovered multiple vulnerabilities referred as USBAnywhere that could be exploited to potentially allow an attacker to take over the baseboard management controller (BMC) for three different models of Supermicro server boards: the X9, X10, and X11. ” reads the post published by Eclypsium.

Hacking

Hacking Firmware Media Authentication

Intel investigates security breach after the leak of 20GB of internal documents

Security Affairs

AUGUST 7, 2020

Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. . Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Firmware

Firmware Advertising Hacking Engineering

Millions of Xiongmai video surveillance devices can be easily hacked via cloud feature

Security Affairs

OCTOBER 10, 2018

If the data connection is not properly encrypted ( spoiler alert: it’s not, we’ve checked! ), anyone who can intercept the connection is able to monitor all data that is exchanged. ” Experts also discovered that it is possible to execute arbitrary code on the device through a firmware update. Who controls these servers?

Surveillance

Surveillance Hacking Firmware Manufacturing

FBI warns about high-impact Ransomware attacks on U.S. Organizations

Security Affairs

OCTOBER 3, 2019

Sometimes crooks don’t decrypt them after the payment, in other cases security issues in the encryption process, or in the malware development, make it impossible to decrypt the data. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. gov to receive the necessary support. Pierluigi Paganini.

Ransomware

Ransomware Advertising Firmware Internet

DRAGONBLOOD flaws allow hacking WPA3 protected WiFi passwords

Security Affairs

AUGUST 3, 2019

The WPA Wireless security standard was designed to authenticate wireless devices using the Advanced Encryption Standard (AES) protocol and to establish secure connections that hackers cannot spy on. The Enterprise mode implements 192-bit encryption for networks that require extra security. ” the experts added. Pierluigi Paganini.

Passwords

Passwords Hacking Wireless Authentication

USBsamurai for Dummies: How To Make a Malicious USB Implant & Bypass Air-Gapped Environments for 10$. The Dumb-Proof Guide.

Security Affairs

SEPTEMBER 26, 2019

With this article I wanna bring more light regarding: Which are the differences between C-U0007 & C-U0012 How to Build USBsamurai with a C-U0012 How to flash the C-U0012 with the LIGHTSPEED Firmware How to Flash the C-U0007 with the G700 firmware to achieve better performances and get the Air-Gap Bypass feature How to setup LOGITacker.

Firmware

Firmware Encryption Advertising InfoSec

QSnatch malware already infected thousands of QNAP NAS devices

Security Affairs

NOVEMBER 4, 2019

“The original infection method remains unknown, but during that phase malicious code is injected to the firmware of the target system, and the code is then run as part of normal operations within the device. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. ” reads the report.

Malware

Malware Firmware Advertising Ransomware

Hacking the Twinkly IoT Christmas lights

Security Affairs

DECEMBER 24, 2018

The communications are not encrypted, however the WiFi password is sent encrypted during set up (albeit trivial to decrypt).” “As the communications are not encrypted, it is simple to Man-in-the-Middle the traffic and analyse the API.” Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

IoT

IoT Hacking DNS Authentication

Key Reuse opens to attacks on IPsec IKE, Cisco, Huawei, ZyXEL products are affected

Security Affairs

AUGUST 14, 2018

Security researchers from the University of Opole in Poland and the Ruhr-University Bochum in Germany have devised a new attack technique that allows cracking encrypted communications. We exploit a Bleichenbacher oracle in an IKEv1 mode, where RSA encrypted nonces are used for authentication.” Many vendors are affected.

Encryption

Encryption Authentication Internet Internet

IoT Cybersecurity: 5 Major Vulnerabilities and How to Tackle Them

Security Affairs

OCTOBER 13, 2020

As an example, we could use communications between systems that are not properly encrypted. Improper encryption. Hackers or other malicious sources can intercept poorly encrypted communications on the web. IoT devices on public Wi-Fi and encrypted networks are especially vulnerable to this type of attack. Vicious insider.

IoT

IoT Cybersecurity Manufacturing Internet

TP-Link Archer routers allow remote takeover without passwords

Security Affairs

DECEMBER 17, 2019

” The experts also pointed out that the RSA encryption key would fail since it is not designed to work with an empty password. TP-Link has already addressed the flaw with the release of the following security patches for Archer C5 V4, Archer MR200v4, Archer MR6400v4, and Archer MR400v3 routers: Firmware for Archer C5 V4: [link].

Passwords

Passwords Advertising Firmware Authentication

Privacy-oriented Linux OS Tails 3.9 is out, what’s new?

Security Affairs

SEPTEMBER 8, 2018

that includes security patches for the Foreshadow attacks as well as updated Intel and AMD microcode firmware to address the latest Spectre and Meltdown security flaws. Integrating VeraCrypt or TrueCrypt users can easily manage encrypted disk drives directly from the GNOME desktop environment. relies on Linux kernel 4.17 Tails 3.10

Encryption

Encryption Advertising Firmware Software

CVE-2018-5383 Bluetooth flaw allows attackers to monitor and manipulate traffic

Security Affairs

JULY 24, 2018

The issue tracked as CVE-2018-5383 affects the Secure Simple Pairing and LE Secure Connections features, it affects firmware or drivers from some major vendors including Apple, Broadcom, Intel, and Qualcomm. The vendor has already rolled out both software and firmware updates to fix the issue.

Wireless

Wireless Firmware Advertising Encryption

Feds Warn About Critical Infrastructure Ransomware Attacks, Vulnerabilities

eSecurity Planet

FEBRUARY 15, 2022

The ransomware encrypts files on compromised Windows host systems, including physical and virtual servers, the advisory noted, and the executable leaves a ransom note in all directories where encryption occurs, including ransom payment instructions for obtaining a decryption key. 7 SP1, 8, 8.1)

Ransomware

Ransomware Encryption Backups Accountability

Security Affairs newsletter Round 228

Security Affairs

AUGUST 25, 2019

Intel addresses High-Severity flaws in NUC Firmware and other tools. million to allow towns to access encrypted data. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. 5 Common Phishing Attacks and How to Avoid Them?

Small Business

Small Business Data breaches Advertising Spyware

WizCase Report: Vulnerabilities found in WD My Book, NetGear Stora, SeaGate Home, Medion LifeCloud NAS

Security Affairs

OCTOBER 20, 2018

CVE-2018-18472 – XXE and Unauthenticated Remote Command Execution in Axentra Hipserv NAS firmware. . It’s used in different devices from different vendors, the affected devices sharing the firmware are: Netgear Stora. The company provides a firmware with a web interface that mainly uses PHP as a serverside language.

Firmware

Firmware IoT VPN Authentication

VISA warns of cyber attacks on PoS systems of fuel dispenser merchants

Security Affairs

DECEMBER 13, 2019

EMV Chip, Pointto -Point Encryption, Tokenization, etc.) Maintain a patch management program and update all software and hardware firmware to most current release to limit the attack surface for zero-day vulnerabilities. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Cyber Attacks

Cyber Attacks Malware Cybercrime Advertising

IT threat evolution Q3 2022

SecureList

NOVEMBER 18, 2022

In July, we reported a rootkit that we found in modified Unified Extensible Firmware Interface (UEFI) firmware, the code that loads and initiates the boot process when the computer is turned on. The attackers compress stolen files into encrypted and password-protected ZIP archives. Mobile statistics. Targeted attacks.

Malware

Malware Computers and Electronics Adware Cryptocurrency

Vulnerability Recap 7/8/24 – Intel, Cisco & More Face Risks

eSecurity Planet

JULY 8, 2024

To protect your network devices from potential risks, apply patches on a regular basis and keep their firmware up to date. Issues occurred from unsecure email verification and a defective parcel claim process that dates back to 2014. The fix: Traeger has enabled automated firmware updates for grills using the D2 Wi-Fi Controller.

Risk

Risk Authentication Firmware Surveillance

IT threat evolution Q3 2021

SecureList

NOVEMBER 26, 2021

Apart from Trojanized installers, we also observed infections involving use of a UEFI (Unified Extensible Firmware Interface) and MBR (Master Boot Record) bootkit. While the MBR infection has been known since at least 2014, details on the UEFI bootkit were publicly revealed for the first time in our private report on FinSpy.

Malware

Malware Banking Energy and Utilities Accountability

Do cyber regulations actually make K–12 schools safer? Navigating compliance while securing school and student data

Malwarebytes

APRIL 5, 2023

According to the Data Quality Campaign , 45 states and Washington, DC, enacted new student privacy laws between 2014 and 2020. Most states require strong data privacy controls, which typically include encrypting any sensitive personal information of staff and students. Keep all operating systems, software, and firmware up to date.

Education

Education Ransomware Cybersecurity Risk

Growing Cyber Threats to the Energy and Industrial Sectors

NopSec

DECEMBER 7, 2016

Modern variants of ransomware, called crypto ransomware, entomb the files stored on a hard drive using strong encryption. Perhaps most troubling, attackers occasionally target the device firmware of industrial control systems. If the victim wishes them back, they will have to pay a ransom.

Cyber threats

Cyber threats Ransomware Cyber Attacks Government

The Hacker Mind Podcast: Reverse Engineering Smart Meters

ForAllSecure

MAY 13, 2022

I moved here at the end of 2014. And so, what I didn't want to do is is make it that I'm just completely rogue, and I dumped the firmware and I posted on for everybody to see and you do these things that you're not that legally, you know, as kind of a society we say we don't want to do, but we still need to look at these things.

Engineering

Engineering Energy and Utilities Computers and Electronics Firmware

Security Affairs newsletter Round 252

Security Affairs

FEBRUARY 23, 2020

Russian govn blocked Tutanota service in Russia to stop encrypted communication. Russian govn blocked Tutanova service in Russia to stop encrypted communication. Unsigned Firmware running on peripherals could expose Windows, Linux systems to hack. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Artificial Intelligence

Artificial Intelligence eCommerce Hacking Advertising

The Hacker Mind Podcast: DEF CON Villages

ForAllSecure

AUGUST 2, 2022

Gosh, there must be 20 or more villages at DEFCON if you want to learn radio if you want to learn tampering with seals if you want to learn encryption, if you want to learn you name it. That was DEF CON 22 back in 2014. There was a cannabis village recently at DEF CON. is or what it controls. I got to go to DEF CON.

Hacking

Hacking Computers and Electronics InfoSec Software

QNAP urges users to update NAS firmware and app to prevent infections

Flaws in several self-encrypting SSDs allows attackers to decrypt data they contain

Trending Sources

Flaws in firmware expose almost any modern PC to Cold Boot Attacks

D-Link releases a security firmware update that only fixes 3 out 6 issues in DIR-865L home routers

CVE-2019-0090 flaw affects Intel Chips released in the last 5 years

New Ttint IoT botnet exploits two zero-days in Tenda routers

Tails OS version 4.5 supports the Secure Boot

xHelper, the Unkillable Android malware that re-Installs after factory reset

QSnatch malware infected over 62,000 QNAP NAS Devices

Researchers found allegedly intentional backdoors in FTTH devices from Chinese vendor C-Data

QNAP addresses 2 critical flaws that can allow hackers to take over NASs

Infecting Canon EOS DSLR camera with ransomware over the air

Cr1ptT0r Ransomware targets D-Link NAS Devices and embedded systems

Maze Ransomware operators published data from LG and Xerox

A daily average of 80,000 printers exposed online via IPP

Expert released PoC exploit code for unpatched backdoor in HiSilicon chips

Security Affairs newsletter Round 268

Hackers infect Linux servers with JungleSec Ransomware via IPMI Remote console

NCSC warns of a surge in ransomware attacks on education institutions

USBAnywhere BMC flaws expose Supermicro servers to hack

Intel investigates security breach after the leak of 20GB of internal documents

Millions of Xiongmai video surveillance devices can be easily hacked via cloud feature

FBI warns about high-impact Ransomware attacks on U.S. Organizations

DRAGONBLOOD flaws allow hacking WPA3 protected WiFi passwords

USBsamurai for Dummies: How To Make a Malicious USB Implant & Bypass Air-Gapped Environments for 10$. The Dumb-Proof Guide.

QSnatch malware already infected thousands of QNAP NAS devices

Hacking the Twinkly IoT Christmas lights

Key Reuse opens to attacks on IPsec IKE, Cisco, Huawei, ZyXEL products are affected

IoT Cybersecurity: 5 Major Vulnerabilities and How to Tackle Them

TP-Link Archer routers allow remote takeover without passwords

Privacy-oriented Linux OS Tails 3.9 is out, what’s new?

CVE-2018-5383 Bluetooth flaw allows attackers to monitor and manipulate traffic

Feds Warn About Critical Infrastructure Ransomware Attacks, Vulnerabilities

Security Affairs newsletter Round 228

WizCase Report: Vulnerabilities found in WD My Book, NetGear Stora, SeaGate Home, Medion LifeCloud NAS

VISA warns of cyber attacks on PoS systems of fuel dispenser merchants

IT threat evolution Q3 2022

Vulnerability Recap 7/8/24 – Intel, Cisco & More Face Risks

IT threat evolution Q3 2021

Do cyber regulations actually make K–12 schools safer? Navigating compliance while securing school and student data

Growing Cyber Threats to the Energy and Industrial Sectors

The Hacker Mind Podcast: Reverse Engineering Smart Meters

Security Affairs newsletter Round 252

The Hacker Mind Podcast: DEF CON Villages

Stay Connected