2014, Firewall and Passwords - Cyber Security Informer

Hackers exploit SQL injection zero-day issue in Sophos firewall

Security Affairs

APRIL 26, 2020

Cybersecurity firm Sophos releases an emergency patch to address an SQL injection flaw in its XG Firewall product that has been exploited in the wild. Cybersecurity firm Sophos has released an emergency patch to address an SQL injection zero-day vulnerability affecting its XG Firewall product that has been exploited in the wild.

Firewall

Firewall Passwords Accountability Advertising

Retail giant Home Depot agrees to a $17.5 million settlement over 2014 data breach

Security Affairs

NOVEMBER 25, 2020

million settlement in a multi-state investigation of the data breach that the company suffered in 2014. million settlement over the 2014 data breach. In 2014, Home Depot revealed that the data breach impacted 56 million customers across the US and Canada. Retail giant Home Depot has agreed to a $17.5 ” . .

Retail

Retail Data breaches Penetration Testing Information Security

Sophos fixed a critical vulnerability in Cyberoam firewalls

Security Affairs

OCTOBER 10, 2019

A vulnerability in Sophos Cyberoam firewalls could be exploited by an attacker to gain access to a target’s internal network without authentication. Sophos addressed a vulnerability in its Cyberoam firewalls that could be exploited by an attacker to gain access to a company’s internal network without providing a password.

Firewall

Firewall VPN Passwords Internet

Imperva data Breach: WAF customers’ data exposed

Security Affairs

AUGUST 27, 2019

Security firm Imperva revealed it has suffered a data breach that affecting some customers of its Cloud Web Application Firewall (WAF) product. Cybersecurity firm Imperva disclosed a data breach that has exposed sensitive information for some customers of its Cloud Web Application Firewall (WAF) product, formerly known as Incapsula.

Data breaches

Data breaches Firewall Passwords Advertising

Threat actors target WordPress sites using vulnerable File Manager install

Security Affairs

SEPTEMBER 11, 2020

The security firm confirmed the ongoing attack, its Web Application Firewall blocked over 450,000 exploit attempts during the last several days. The Wordfence firewall has blocked over 450,000 exploit attempts targeting this vulnerability over the past several days. This threat actor is using a consistent password across infections.

Firewall

Firewall Passwords Advertising Malware

US Govt agencies detail North Korea-linked HIDDEN COBRA malware

Security Affairs

FEBRUARY 14, 2020

If these services are required, use strong passwords or Active Directory authentication. Enforce a strong password policy and implement regular password changes. Enable a personal firewall on agency workstations, configured to deny unsolicited connection requests. the extension matches the file header).

Malware

Malware Passwords Advertising Antivirus

HP Device Manager flaws expose Windows systems to hack

Security Affairs

OCTOBER 4, 2020

I strongly advise you, firstly, to log on to all servers running HP Device Manager and set a strong password for the "dm_postgres" user of the "hpdmdb" Postgres database on TCP port 40006 1/4 — Nicky Bloor (@nickstadb) September 29, 2020. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Hacking

Hacking Accountability Passwords Advertising

French Firms Rocked by Kasbah Hacker?

Krebs on Security

MARCH 2, 2020

“It is possible that an infected computer is beaconing, but is unable to egress to the command and control due to outbound firewall restrictions.” In this two-hour Arabic language YouTube tutorial from 2014 , Fatal.001 to for a user named “ fatal.001.” Throughout multiple posts, Fatal.001

DNS

DNS Penetration Testing Malware Hacking

Experts saw 100k+ daily brute-force attacks on RDP during COVID-19 lockdown

Security Affairs

JUNE 29, 2020

” Unfortunately, most organizations often neglect the protection of RDP accesses and workers use easy-to-guess passwords and with no additional layers of authentication or protection. Require strong and complex passwords for all accounts that can be logged into via RDP. Use an additional layer of authentication ( MFA/2FA ).

Passwords

Passwords Internet Internet Advertising

US CISA report shares details on web shells used by Iranian hackers

Security Affairs

SEPTEMBER 16, 2020

The report also analyzed a PowerShell shell script that is part of the KeeThief open-source project, which allows the adversary to access encrypted password credentials stored by the Microsoft “KeePass” password management software. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

VPN

VPN Passwords Advertising Password Management

Imperva explains how hackers stole AWS API Key and accessed to customer data

Security Affairs

OCTOBER 14, 2019

Imperva shared details on the incident it has recently suffered and how hackers obtain data on Cloud Web Application Firewall (WAF) customers. In August, cybersecurity firm Imperva disclosed a data breach that exposed sensitive information for some customers of its Cloud Web Application Firewall (WAF) product, formerly known as Incapsula.

Firewall

Firewall Passwords Accountability Data breaches

Convert Plus WordPress plugin flaw allows hackers to create Admin accounts

Security Affairs

MAY 30, 2019

” The hack allows to create a new admin account with a randomized password, but it is not a problem because the attacker can use a classic password reset procedure to change the password too. Firewall rule released for Premium users. June 27 – Planned date for firewall rule’s release to Free users.

Accountability

Accountability Firewall Passwords Advertising

FBI warns cyber actors abusing protocols as new DDoS attack vectors

Security Affairs

JULY 27, 2020

Change the default username and passwords for all network devices, especially IoT devices. If the device’s default username or password cannot be changed, ensure the device(s) providing Internet access to that device has a strong password and a second layer of security, such as multi-factor authentication or end-to-end encryption.

DDOS

DDOS IoT Internet Internet

Visa warns of new sophisticated credit card skimmer dubbed Baka

Security Affairs

SEPTEMBER 6, 2020

Set up a Web Application Firewall to block suspicious and malicious requests from reaching the website. Require strong administrative passwords(use a password manager for best results) and enable two-factor authentication. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

eCommerce

eCommerce Malware Encryption Advertising

Hackers target Docker servers to deploy the new Kinsing cryptocurrency miner

Security Affairs

APRIL 6, 2020

Cloud security firm Aqua Security uncovered a hacking campaign carried out during the past months, hackers are scanning the Internet for Docker servers running API ports exposed without a password. Experts also recommend to access admin endpoints only through firewall or VPN gateway. ” concludes the experts. Pierluigi Paganini.

Cryptocurrency

Cryptocurrency Malware Advertising VPN

Experts disclose tens of flaws in Zyxel Cloud CNM SecuManager, includes dangerous backdoors

Security Affairs

MARCH 12, 2020

Also, there is no firewall by default.” ” Experts also reported the use of predefined passwords for admin accounts. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. It only listens to the loopback interface.”

Accountability

Accountability Advertising Software Passwords

API Security and Hackers: What?s the Need?

Security Affairs

MAY 30, 2020

To increase the complexity of hacking your device, always get to know who is calling your APIs, by using a simple access authentication (user/password) or an API key (asymmetric key). OAuth is a magical mechanism which prevents you from having to remember 10,000 passwords. API Firewalling. Don’t communicate with strangers.

Authentication

Authentication Firewall Encryption Passwords

CISA’s advisory warns of notable increase in LokiBot malware

Security Affairs

SEPTEMBER 22, 2020

The malware is able to steal sensitive information (a variety of credentials, including FTP credentials, stored email passwords, passwords stored in the browser, as well as a whole host of other credentials) . If these services are required, use strong passwords or Active Directory authentication. Pierluigi Paganini.

Malware

Malware Passwords Advertising Antivirus

Massive increase in XorDDoS Linux malware in last six months

Malwarebytes

MAY 25, 2022

XorDDoS, a Linux Trojan known for its modularity and stealth, was first discovered in 2014 by the white hat research group, MalwareMustDie (MMD). Microsoft says it’s recorded a massive increase in XorDDoS activity (254 percent) in the last six months. MMD believed the Linux Trojan originated in China.

Malware

Malware IoT DDOS DNS

MY TAKE: How ‘CASBs’ are evolving to close the security gaps arising from digital transformation

The Last Watchdog

APRIL 5, 2019

Caz-bees first took shape as a cottage industry circa 2013 to 2014 in response to a cry for help from companies reeling from new Shadow IT exposures : the risk created by early-adopter employees, quite often the CEO, insisting on using the latest smartphone and Software-as-a-Services tools, without any shred of security vetting.

Digital transformation

Digital transformation CSO Firewall Risk

Microsoft issues targeted notification to hospitals vulnerable to Ransomware attacks

Security Affairs

APRIL 2, 2020

Below some mitigations recommended by the Microsoft Defender Advanced Threat Protection (ATP) Research Team to reduce risk from threats that exploit gateways and VPN vulnerabilities: Apply all available security updates for VPN and firewall configurations. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Ransomware

Ransomware VPN Healthcare Cyber Attacks

ARES ADB IOT Botnet targets Android Set Top Boxes (STB) and TVs

Security Affairs

AUGUST 31, 2019

Ares bot also scans for both other Android systems running Telnet services and attempt to crack passwords protecting them. Companies are advised to implement firewalls or other security solutions, or segment local networks, so any infected device doesn’t have access to critical systems. ” continues the analysis.

IoT

IoT Passwords Advertising Malware

Millions of Xiongmai video surveillance devices can be easily hacked via cloud feature

Security Affairs

OCTOBER 10, 2018

Additionally, no firewall rules, port forwarding rules, or DDNS setup are required on the router, which makes this option convenient also for non-tech-savvy users.” The “P2P Cloud” feature bypasses firewalls and effectively allows remote connections into private networks. ” reads the report published by SEC Consult. !

Surveillance

Surveillance Hacking Firmware Manufacturing

Dozens of Linksys router models leak data useful for hackers

Security Affairs

MAY 18, 2019

The devices continue to leak the information even when their firewall is turned on. The issue discovered by the expert, in fact, could be used by attackers to discover if the vulnerable routers are still using default administrative passwords. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Wireless

Wireless Advertising IoT DNS

5 Ways to Protect Yourself from IP Address Hacking

Security Affairs

AUGUST 20, 2019

It is essential to install firewall and antivirus software on your routers and keep them up-to-date. Use Strong Passwords. Most people are comfortable with the default password of their internet connecting device and assume it to be secure. It is recommended to keep changing your device password every now and then.

Hacking

Hacking VPN Internet Internet

Security firm accidentally exposed an unprotected database with 5 Billion previously leaked records

Security Affairs

MARCH 22, 2020

Exposed data include hashtype , leak year, password (hashed, encrypted or plaintext, depending on the leak), email, email domain, and source of the leak (i.e. The firewall was temporarily disabled for roughly 10 minutes during the migration, which allowed the search engine to index the database. Adobe, Last. Pierluigi Paganini.

Data breaches

Data breaches Advertising DNS Engineering

Critical auth bypass issues affect InfiniteWP Client and WP Time Capsule WordPress plugins

Security Affairs

JANUARY 16, 2020

. “ we found that the InfiniteWP Client and WP Time Capsule plugins also contain logical issues in the code that allows you to login into an administrator account without a password.” The plugins are affected by logical issues that could allow attackers to log in as administrators without providing any password.

Passwords

Passwords Advertising Authentication Backups

Malware campaign uses multiple propagation methods, including EternalBlue

Security Affairs

APRIL 12, 2019

. “Instead of directly sending itself into all the systems connected, the remote command changes the firewall and port forwarding settings of the infected machines, setting up a scheduled task to download and execute an updated copy of the malware.” Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Malware

Malware Cryptocurrency Passwords Advertising

ZoneAlarm forum site hack exposed data of thousands of users

Security Affairs

NOVEMBER 11, 2019

The ZoneAlarm suite includes antivirus software and firewall solutions to and users and small organizations, it has nearly 100 million downloads. The company sent a data breach notification mail to forum users urging them to change their forum account passwords. You will be requested to reset your password once joining the forum.”

Hacking

Hacking Data breaches Passwords Advertising

Experts hacked 28,000 unsecured printers to raise awareness of printer security issues

Security Affairs

AUGUST 27, 2020

Use a firewall. Change the default password. Most printers have default administrator usernames and passwords. Change it to a strong, unique password in the utility settings of your printer and make sure print functions require log on credentials. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Hacking

Hacking IoT Firmware Internet

GDPR Data Security Checklist in the Age of COVID-19 and the Remote Workforce

Security Affairs

MAY 11, 2020

To maximize your network security, always protect your router with a unique password and use an encrypted network. The firewall should also be enabled on all devices in the loop. The employees must use either face recognition or fingerprint recognition, along with their passwords, to get access to their accounts.

Encryption

Encryption Data breaches Advertising Passwords

Did you win at online casinos? Watch out, your data might have had exposed online

Security Affairs

JANUARY 22, 2019

According to ZDNet, that first reported the news, data was stored in an ElasticSearch server exposed online without a password. Unclear if the customer took it down or if OVH firewalled it off for them,” Paine told ZDNet. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Source ZDNet.

Advertising

Advertising Data breaches Firewall Scams

Some Zyxel devices can be hacked via DNS requests

Security Affairs

SEPTEMBER 4, 2019

“A DNS request can be made by an unauthenticated attacker to either spam a DNS service of a third party with requests that have a spoofed origin or probe whether domain names are present on the internal network behind the firewall,” reads the advisory published by the experts. Pierluigi Paganini. SecurityAffairs – Zyxel, hacking).

DNS

DNS Hacking Firmware Wireless

A new variant of HawkEye stealer emerges in the threat landscape

Security Affairs

APRIL 17, 2019

The malware attempts to gather as much possible information from infected systems, including machine name, username, privileges, country, IP, MAC address, BIOS, operating system, hardware data, installed browsers, antivirus, and firewalls. ” ~ Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Malware

Malware Antivirus Advertising Passwords

DanaBot banking Trojan evolves and now targets European countries

Security Affairs

SEPTEMBER 22, 2018

Stealer plug-in – harvests passwords from a wide variety of applications (browsers, FTP clients, VPN clients, chat and email programs, poker programs etc.). Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. onion web sites.

Banking

Banking Advertising VPN Architecture

Google developer disclosed Zero-Day flaw in TP-Link SR20 Routers

Security Affairs

MARCH 29, 2019

Version 1 has no auth, version 2 requires the admin password.” While TDDP listens on all interfaces, the default firewall implemented in the routers prevents network access. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Advertising

Advertising Firmware Firewall Passwords

EnemyBot malware adds new exploits to target CMS servers and Android devices

Security Affairs

MAY 30, 2022

Gafgyt is a popular choice for launching large-scale DDoS attacks, it first appeared in the threat landscape in 2014. It uses a list of hardcoded username/password combinations to login into devices in the attempt to access systems using weak or default credentials. “We have also listed the current vulnerabilities EnemyBot uses.

Malware

Malware DDOS IoT Cybercrime

SonicWall warns users of “imminent ransomware campaign”

Malwarebytes

JULY 15, 2021

It sells a range of Internet appliances primarily directed at content control and network security, including devices providing services for network firewalls, unified threat management (UTM), virtual private networks (VPNs), and anti-spam for email. SRA 4200/1200 (EOL 2016) disconnect immediately and reset passwords. Devices at risk.

Ransomware

Ransomware Firmware VPN Passwords

Iran-linked APT group Charming Kitten targets journalists, political and human rights activists

Security Affairs

FEBRUARY 7, 2020

Iran-linked Charming Kitten group, (aka APT35 , Phosphorus , Newscaster , and Ajax Security Team) made the headlines in 2014 when experts at iSight issued a report describing the most elaborate net-based spying campaign organized by Iranian hackers using social media. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Phishing

Phishing Advertising Malware Media

Keepnet Labs accidentally exposed an unprotected database with 5 Billion previously leaked records

Security Affairs

MARCH 22, 2020

Exposed data include hashtype , leak year, password (hashed, encrypted or plaintext, depending on the leak), email, email domain, and source of the leak (i.e. The firewall was temporarily disabled for roughly 10 minutes during the migration, which allowed the search engine to index the database. Adobe, Last. Pierluigi Paganini.

Advertising

Advertising Data breaches DNS Engineering

Attackers are hacking NSC Linear eMerge E3 building access systems to launch DDoS attacks

Security Affairs

FEBRUARY 3, 2020

“ Attackers can easily obtain default passwords and identify internet-connected target systems. Passwords can be found in p roduct documentation and compiled lists available on the Internet.” Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

DDOS

DDOS Hacking Internet Internet

CISA says federal agency compromised by malicious cyber actor

Security Affairs

SEPTEMBER 25, 2020

. “By leveraging compromised credentials, the cyber threat actor implanted sophisticated malware—including multi-stage malware that evaded the affected agency’s anti-malware protection—and gained persistent access through two reverse Socket Secure (SOCKS) proxies that exploited weaknesses in the agency’s firewall.”

VPN

VPN Malware Cyber threats Accountability

How to defend your website against card skimmers

Malwarebytes

NOVEMBER 22, 2021

Cybercriminals don’t break into websites one by one, using their best guess to figure out your password like they do in the movies. If your computer has malware on it, it doesn’t matter how secure your website is, because criminals can just steal your password or login in to your website from your computer, pretending to be you.

Passwords

Passwords Software Internet Internet

Trend Micro Apps removed from Mac App Store after being caught exfiltrating user data

Security Affairs

SEPTEMBER 11, 2018

Former NSA white hat hacker Patrick Wardle reported last week that Trend Micro apps were also collecting users’ personal data including their browsing history and then uploaded that data in a password-protected archive to a server. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. ” wrote Wardle.

Adware

Adware Data collection Advertising Antivirus

Hackers exploit SQL injection zero-day issue in Sophos firewall

Retail giant Home Depot agrees to a $17.5 million settlement over 2014 data breach

Trending Sources

Sophos fixed a critical vulnerability in Cyberoam firewalls

Imperva data Breach: WAF customers’ data exposed

Threat actors target WordPress sites using vulnerable File Manager install

US Govt agencies detail North Korea-linked HIDDEN COBRA malware

HP Device Manager flaws expose Windows systems to hack

French Firms Rocked by Kasbah Hacker?

Experts saw 100k+ daily brute-force attacks on RDP during COVID-19 lockdown

US CISA report shares details on web shells used by Iranian hackers

Imperva explains how hackers stole AWS API Key and accessed to customer data

Convert Plus WordPress plugin flaw allows hackers to create Admin accounts

FBI warns cyber actors abusing protocols as new DDoS attack vectors

Visa warns of new sophisticated credit card skimmer dubbed Baka

Hackers target Docker servers to deploy the new Kinsing cryptocurrency miner

Experts disclose tens of flaws in Zyxel Cloud CNM SecuManager, includes dangerous backdoors

API Security and Hackers: What?s the Need?

CISA’s advisory warns of notable increase in LokiBot malware

Massive increase in XorDDoS Linux malware in last six months

MY TAKE: How ‘CASBs’ are evolving to close the security gaps arising from digital transformation

Microsoft issues targeted notification to hospitals vulnerable to Ransomware attacks

ARES ADB IOT Botnet targets Android Set Top Boxes (STB) and TVs

Millions of Xiongmai video surveillance devices can be easily hacked via cloud feature

Dozens of Linksys router models leak data useful for hackers

5 Ways to Protect Yourself from IP Address Hacking

Security firm accidentally exposed an unprotected database with 5 Billion previously leaked records

Critical auth bypass issues affect InfiniteWP Client and WP Time Capsule WordPress plugins

Malware campaign uses multiple propagation methods, including EternalBlue

ZoneAlarm forum site hack exposed data of thousands of users

Experts hacked 28,000 unsecured printers to raise awareness of printer security issues

GDPR Data Security Checklist in the Age of COVID-19 and the Remote Workforce

Did you win at online casinos? Watch out, your data might have had exposed online

Some Zyxel devices can be hacked via DNS requests

A new variant of HawkEye stealer emerges in the threat landscape

DanaBot banking Trojan evolves and now targets European countries

Google developer disclosed Zero-Day flaw in TP-Link SR20 Routers

EnemyBot malware adds new exploits to target CMS servers and Android devices

SonicWall warns users of “imminent ransomware campaign”

Iran-linked APT group Charming Kitten targets journalists, political and human rights activists

Keepnet Labs accidentally exposed an unprotected database with 5 Billion previously leaked records

Attackers are hacking NSC Linear eMerge E3 building access systems to launch DDoS attacks

CISA says federal agency compromised by malicious cyber actor

How to defend your website against card skimmers

Trend Micro Apps removed from Mac App Store after being caught exfiltrating user data

Stay Connected