2014, Firewall and Firmware - Cyber Security Informer

Unsigned Firmware running on peripherals could expose Windows, Linux systems to hack

Security Affairs

FEBRUARY 18, 2020

Peripheral devices with unsigned firmware can expose Windows and Linux machines to hack, warn experts from firmware security firm Eclypsium. An attacker could exploit the lack of checks to execute malicious firmware and perform malicious actions on both Windows and Linux systems, such as the installation of persistent backdoors.

Firmware

Firmware Hacking Authentication Advertising

MyBook Users Urged to Unplug Devices from Internet

Krebs on Security

JUNE 25, 2021

The My Book Live and My Book Live Duo devices received its final firmware update in 2015. “These products have been discontinued since 2014 and are no longer covered under our device software support lifecycle. . “In some cases, this compromise has led to a factory reset that appears to erase all data on the device.

Internet

Internet Internet Backups Small Business

335,923 out of 489,337 Fortinet firewalls vulnerable to CVE-2023-27997

Security Affairs

JULY 3, 2023

Researchers reported that there are 490,000 Fortinet firewalls exposing SSL VPN interfaces on the internet, and roughly 69% of them are still vulnerable to CVE-2023-27997. For this reason, if the customer has SSL-VPN enabled, Fortinet is advising customers to take immediate action to upgrade to the most recent firmware release.

Firewall

Firewall VPN Firmware Internet

New Ttint IoT botnet exploits two zero-days in Tenda routers

Security Affairs

OCTOBER 5, 2020

Unlike other IoT DDoS botnets, Ttint implements 12 remote access functions such as Socket5 proxy for router devices, tampering with router firewall and DNS settings, executing remote custom system commands. According to the experts, Tenda routers running a firmware version between AC9 to AC18 are vulnerable to the attack.

IoT

IoT Firmware Advertising DNS

DoS attack the caused disruption at US power utility exploited a known flaw

Security Affairs

SEPTEMBER 9, 2019

A DoS attack that caused disruptions at a power utility in the United States exploited a flaw in a firewall used in the facility. The incident took place earlier this year, threat actors exploited a known vulnerability in a firewall used by the affected facility to cause disruption. and 7 p.m., power grid ( Energywire , April 30). .

Energy and Utilities

Energy and Utilities Firewall Firmware Advertising

79 Netgear router models affected by a dangerous Zero-day

Security Affairs

JUNE 18, 2020

Nichols discovered that the vulnerability affects 758 different firmware versions that run on 79 Netgear routers. Oldest firmware versions have been released as far back as 2007. The expert discovered the vulnerability in the web server component that is implemented in vulnerable Netgear router firmware. Pierluigi Paganini.

Firmware

Firmware Internet Internet Advertising

Expert found a hardcoded SSH Key in Fortinet SIEM appliances

Security Affairs

JANUARY 20, 2020

. “A use of hard-coded cryptographic key vulnerability in FortiSIEM may allow a remote unauthenticated attacker to obtain SSH access to the supervisor as the restricted user “tunneluser” by leveraging knowledge of the private key from another installation or a firmware image.” ” reads the advisory.

Authentication

Authentication Advertising Firmware Firewall

Juniper Networks addressed many issues in its products

Security Affairs

JULY 10, 2020

Juniper Networks addressed several vulnerabilities in its firewalls, most of them can be exploited by attackers for denial-of-service (DoS) attacks. Some of the issues also affected third-party components, including OpenSSL, Intel firmware, Bouncy Castle, Java SE, Apache software, and others. Pierluigi Paganini.

Advertising

Advertising Firmware Firewall Internet

A daily average of 80,000 printers exposed online via IPP

Security Affairs

JUNE 23, 2020

. “Obviously, these counts only represent devices that are not firewalled and allow direct querying over the IPv4 Internet.” This info includes printer names, locations, models, firmware versions, organization names, and even WiFi network names. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Internet

Internet Internet Firmware Advertising

Millions of Xiongmai video surveillance devices can be easily hacked via cloud feature

Security Affairs

OCTOBER 10, 2018

Additionally, no firewall rules, port forwarding rules, or DDNS setup are required on the router, which makes this option convenient also for non-tech-savvy users.” The “P2P Cloud” feature bypasses firewalls and effectively allows remote connections into private networks. ” reads the report published by SEC Consult. !

Surveillance

Surveillance Hacking Firmware Manufacturing

Some Zyxel devices can be hacked via DNS requests

Security Affairs

SEPTEMBER 4, 2019

“A DNS request can be made by an unauthenticated attacker to either spam a DNS service of a third party with requests that have a spoofed origin or probe whether domain names are present on the internal network behind the firewall,” reads the advisory published by the experts. ” reads the advisory. Pierluigi Paganini.

DNS

DNS Hacking Firmware Wireless

SonicWall warns users of “imminent ransomware campaign”

Malwarebytes

JULY 15, 2021

The exploitation targets a known vulnerability that has been patched in newer versions of SonicWall firmware. x versions of the firmware. x firmware. x firmware versions. SSL-VPN 200/2000/400 (EOL 2013/2014) disconnect immediately and reset passwords. SMA 210/410/500v (Actively Supported) update firmware to 9.0.0.10-28sv

Ransomware

Ransomware Firmware VPN Passwords

Cable Haunt flaw exposes 200M+ Broadcom-based cable modems at remote hijacking

Security Affairs

JANUARY 10, 2020

A flaw, dubbed Cable Haunt, in Broadcom’s cable modem firmware exposed as many as 200 million home broadband gateways in Europe alone, at risk of remote hijackings. With almost no cable modem tested being secure without a firmware update, the number of modems initially vulnerable in Europe is estimated to be close to this number.”

Firmware

Firmware DNS Manufacturing Advertising

Experts hacked 28,000 unsecured printers to raise awareness of printer security issues

Security Affairs

AUGUST 27, 2020

Example of available open printers on a single IoT search engine (Shodan.io): As we can see, many users and organizations still use internet-connected devices without thinking about security, installing firmware updates, or taking into account the implications of leaving their devices publicly accessible. Use a firewall.

Hacking

Hacking IoT Firmware Internet

NCSC warns of a surge in ransomware attacks on education institutions

Security Affairs

SEPTEMBER 20, 2020

Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Education

Education Ransomware Antivirus Backups

A flaw in Rockwell Controller allows attackers to redirect users to malicious Sites

Security Affairs

APRIL 25, 2019

Rockwell has released firmware updates that address the vulnerability for the affected controllers. Below the recommendations published by Rockwell Automation to minimize the risk of exploitation of this vulnerability: Update to the latest available firmware revision that addresses the associated risk. Pierluigi Paganini.

Firmware

Firmware Social Engineering Advertising Malware

Google developer disclosed Zero-Day flaw in TP-Link SR20 Routers

Security Affairs

MARCH 29, 2019

While TDDP listens on all interfaces, the default firewall implemented in the routers prevents network access. Garrett told TP-Link it should “stop shipping debug daemons on production firmware and if you’re going to have a webform to submit security issues then have someone actually respond to it.”

Advertising

Advertising Firmware Firewall Passwords

BLEEDINGBIT Bluetooth flaws in TI chips expose enterprises to remote attacks

Security Affairs

NOVEMBER 1, 2018

The flaw can only be exploited if the device using the chip has the over-the-air firmware download (OAD) feature enabled. “A vulnerability exists in the firmware of embedded BLE radios that are part of some Aruba access points. ” ~ Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Firmware

Firmware Manufacturing IoT Advertising

Silex malware bricks thousands of IoT devices in a few hours

Security Affairs

JUNE 26, 2019

Cashdollar explained that the Silex malware trashes the storage of the infected devices, drops firewall rules and wipe network configurations before halting the system. The only way to recover infected devices is to manually reinstall the device’s firmware. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

IoT

IoT Malware Advertising Firmware

Zyxel addresses Zero-Day vulnerability in NAS devices

Security Affairs

FEBRUARY 25, 2020

A remote code execution vulnerability was identified in the weblogin.cgi program of Zyxel NAS products running firmware version 5.21 If possible, connect it to a security router or firewall for additional protection,” Zyxel recommends. . Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. and earlier.

Authentication

Authentication Advertising Firmware Internet

Too much UPnP-enabled connected devices still vulnerable to cyber attacks

Security Affairs

MARCH 7, 2019

Yang explained that cameras, printers, NAS devices, Smart TVs, and routers which use UPnP for streaming, sharing, and service discovery are exposed to attacks, threat actors could use them to potentially bypass firewalls and attack local network. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Cyber Attacks

Cyber Attacks Advertising Firmware Data collection

Attackers are hacking NSC Linear eMerge E3 building access systems to launch DDoS attacks

Security Affairs

FEBRUARY 3, 2020

“ SonicWall Capture Labs Threat Research team observe huge hits on our firewalls that attempt to exploit the command injection vulnerability with the below HTTP request.” This unauthenticated remote command injection vulnerability affects Linear eMerge E3 access control systems running firmware versions 1.00-06

DDOS

DDOS Hacking Internet Internet

CISA warns of critical flaws in Prima FlexAir access control system

Security Affairs

JULY 31, 2019

“To update to the latest firmware, each user should select the “Check for Upgrade” option in the “Centrals” menu in the GUI. Locate control system networks and remote devices behind firewalls, and isolate them from the business network. ” ~ Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Backups

Backups Authentication Advertising Firmware

Key Reuse opens to attacks on IPsec IKE, Cisco, Huawei, ZyXEL products are affected

Security Affairs

AUGUST 14, 2018

.” According to ZyXEL, the Bleichenbacher attack works against the ZyWALL and USG series network security appliances, the vendor already released firmware updates that address the vulnerability. According to the Huawei’s advisory , its firewall products are affected by the flaw. Pierluigi Paganini.

Encryption

Encryption Authentication Internet Internet

WizCase Report: Vulnerabilities found in WD My Book, NetGear Stora, SeaGate Home, Medion LifeCloud NAS

Security Affairs

OCTOBER 20, 2018

CVE-2018-18472 – XXE and Unauthenticated Remote Command Execution in Axentra Hipserv NAS firmware. . It’s used in different devices from different vendors, the affected devices sharing the firmware are: Netgear Stora. The company provides a firmware with a web interface that mainly uses PHP as a serverside language.

Firmware

Firmware IoT VPN Authentication

AT&T Alien Labs finds new Golang malware (BotenaGo) targeting millions of routers and IoT devices with more than 30 exploits

CyberSecurity Insiders

NOVEMBER 11, 2021

Ax with firmware 1.04b12 and earlier. NETGEAR DGN2200 devices with firmware through 10.0.0.50. Multiple ZyXEL network-attached storage (NAS) devices running firmware version 5.2, Affected products include: NAS326 before firmware V5.21(AAZF.7)C0 7)C0 NAS520 before firmware V5.21(AASZ.3)C0 CVE-2014-2321.

Malware

Malware IoT Firmware Authentication

GUEST ESSAY: The story behind how DataTribe is helping to seed ‘Cybersecurity Valley’ in Maryland

The Last Watchdog

JUNE 4, 2019

million unfilled cybersecurity positions globally by 2021 – up from 1 million in 2014. ReFirm Labs, meanwhile, has developed a radically new approach to securing heretofore insecure connected devices through firmware validation. It’s all part of a national trend – accentuated in Maryland because of its cybersecurity infrastructure.

Cybersecurity

Cybersecurity Computers and Electronics Technology Marketing

Vulnerability Recap 7/8/24 – Intel, Cisco & More Face Risks

eSecurity Planet

JULY 8, 2024

To protect your network devices from potential risks, apply patches on a regular basis and keep their firmware up to date. Issues occurred from unsecure email verification and a defective parcel claim process that dates back to 2014. The fix: Traeger has enabled automated firmware updates for grills using the D2 Wi-Fi Controller.

Risk

Risk Authentication Firmware Surveillance

BotenaGo strikes again – malware source code uploaded to GitHub

CyberSecurity Insiders

JANUARY 26, 2022

Maintain minimal exposure to the Internet on Linux servers and IoT devices and use a properly configured firewall. Install security and firmware upgrades from vendors, as soon as possible. 2032077: ET EXPLOIT ZTE Cable Modem RCE Attempt (CVE-2014-2321). Recommended actions. Conclusion. SURICATA IDS SIGNATURES.

Malware

Malware IoT Authentication Antivirus

Cyber Security Informer

Unsigned Firmware running on peripherals could expose Windows, Linux systems to hack

MyBook Users Urged to Unplug Devices from Internet

Trending Sources

335,923 out of 489,337 Fortinet firewalls vulnerable to CVE-2023-27997

New Ttint IoT botnet exploits two zero-days in Tenda routers

DoS attack the caused disruption at US power utility exploited a known flaw

79 Netgear router models affected by a dangerous Zero-day

Expert found a hardcoded SSH Key in Fortinet SIEM appliances

Juniper Networks addressed many issues in its products

A daily average of 80,000 printers exposed online via IPP

Millions of Xiongmai video surveillance devices can be easily hacked via cloud feature

Some Zyxel devices can be hacked via DNS requests

SonicWall warns users of “imminent ransomware campaign”

Cable Haunt flaw exposes 200M+ Broadcom-based cable modems at remote hijacking

Experts hacked 28,000 unsecured printers to raise awareness of printer security issues

NCSC warns of a surge in ransomware attacks on education institutions

A flaw in Rockwell Controller allows attackers to redirect users to malicious Sites

Google developer disclosed Zero-Day flaw in TP-Link SR20 Routers

BLEEDINGBIT Bluetooth flaws in TI chips expose enterprises to remote attacks

Silex malware bricks thousands of IoT devices in a few hours

Zyxel addresses Zero-Day vulnerability in NAS devices

Too much UPnP-enabled connected devices still vulnerable to cyber attacks

Attackers are hacking NSC Linear eMerge E3 building access systems to launch DDoS attacks

CISA warns of critical flaws in Prima FlexAir access control system

Key Reuse opens to attacks on IPsec IKE, Cisco, Huawei, ZyXEL products are affected

WizCase Report: Vulnerabilities found in WD My Book, NetGear Stora, SeaGate Home, Medion LifeCloud NAS

AT&T Alien Labs finds new Golang malware (BotenaGo) targeting millions of routers and IoT devices with more than 30 exploits

GUEST ESSAY: The story behind how DataTribe is helping to seed ‘Cybersecurity Valley’ in Maryland

Vulnerability Recap 7/8/24 – Intel, Cisco & More Face Risks

BotenaGo strikes again – malware source code uploaded to GitHub

Stay Connected