Security Affairs

MARCH 23, 2020

Netlab shared its findings with LILIN on January 19, 2020, and the vendor addressed the issues with the release of the firmware update (version 2.0b60_20200207). The new firmware released by the vendors validated the hostname passed as input to prevent command execution. ” reads the advisory published by Netlab.

Firmware 139

Firmware Surveillance Manufacturing Advertising 139

Security Affairs

DECEMBER 29, 2018

The vulnerability lies within the design and implementation of Amazon Simple Storage Service (S3) credentials inside the Guardzilla Security Camera firmware.” It has a CVSSv3 base score of 8.6 , since once the password is known, any unauthenticated user can collect the data from any affected system over the internet.”

Firmware 109

Firmware Surveillance IoT Passwords 109

Security Affairs

JULY 28, 2020

CGI password logger This installs a fake version of the device admin login page, logging successful authentications and passing them to the legitimate login page. The first campaign likely began in early 2014 and continued until mid-2017, while the second started in late 2018 and was still active in late 2019.

Malware 142

Malware Firmware Advertising Manufacturing 142

Security Affairs

SEPTEMBER 8, 2020

“The authentication function contains undocumented code which provides the ability to authenticate as root without having to know the actual root password. An adversary with the private key can remotely reboot the device without having to know the root password. ” reads the advisory published by the expert.

Firmware 127

Firmware Wireless Authentication Advertising 127

Security Affairs

APRIL 5, 2020

Experts analyzed more than 150,000 Android applications, including the top 100,000 apps from the official Google Play, the top 20,000 apps from an alternative store, and 30,000 pre-installed apps extracted from Samsung smartphones’ firmware. censorship keywords , cyber-bulling expressions, and weak passwords).”

Mobile 144

Mobile Passwords Advertising Firmware 144

Security Affairs

NOVEMBER 6, 2018

The flaws were discovered by researchers Carlo Meijer and Bernard van Gastel at Radboud University in the Netherlands, the duo discovered that it is possible to bypass password-based authentication to access to encrypted data stored on the drives. Anyway, an attacker can reprogram the firmware to ignore the password and use the DEK.

Encryption 111

Encryption Firmware Passwords Advertising 111

Security Affairs

JULY 16, 2018

A security researcher discovered that the IoT search engine ZoomEye has cached login passwords for tens of thousands of Dahua DVRs. The IoT search engine ZoomEye has cached login passwords for tens of thousands of Dahua DVRs, the discovery was made by security researcher Ankit Anubhav, Principal Researcher at NewSky Security.

IoT 75

IoT Engineering Passwords Firmware 75

Security Affairs

JUNE 13, 2019

The company has already fixed the issues with the release of firmware versions 1.2.2.S0, “The industrial managed switch series 852 from WAGO is affected by multiple vulnerabilities such as old software components embedded in the firmware. The expert also found hardcoded private keys for the SSH daemon in the device’s firmware.

Firmware 97

Firmware Passwords Advertising IoT 97

Security Affairs

JANUARY 27, 2020

“A use of hard-coded cryptographic key vulnerability in FortiSIEM may allow a remote unauthenticated attacker to obtain SSH access to the supervisor as the restricted user “tunneluser” by leveraging knowledge of the private key from another installation or a firmware image.” reads the advisory. Pierluigi Paganini.

Advertising 142

Advertising Firmware Passwords Authentication 142

Security Affairs

JUNE 14, 2019

of the firmware. The weakness impacts PIV smart card applications, Universal 2nd Factor (U2F) authentication, OATH one-time passwords, and OpenPGP. “An issue exists in the YubiKey FIPS Series devices with firmware version 4.4.2 there is no released firmware version 4.4.3) that was certified at the end of April.

Firmware 105

Firmware Advertising Passwords Authentication 105

Security Affairs

DECEMBER 25, 2018

Threat actors are attempting to exploit a flaw in Orange LiveBox ADSL modems to retrieve their SSID and WiFi password in plaintext. “A flaw exists in these modems that allow remote unauthenticated users to obtain the device’s SSID and WiFi password.” Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Passwords 110

Passwords Wireless Advertising Firmware 110

Security Affairs

AUGUST 27, 2020

Example of available open printers on a single IoT search engine (Shodan.io): As we can see, many users and organizations still use internet-connected devices without thinking about security, installing firmware updates, or taking into account the implications of leaving their devices publicly accessible. Change the default password.

Hacking 145

Hacking IoT Firmware Internet 145

Security Affairs

DECEMBER 27, 2018

The IPMI is a set of computer interface specifications for an autonomous computer subsystem that provides management and monitoring capabilities independently of the host system’s CPU, firmware (BIOS or UEFI) and operating system. “In one case, the IPMI interface was using the default manufacturer passwords. .

Ransomware 112

Ransomware Passwords Advertising Firmware 112

Malwarebytes

JULY 15, 2021

The exploitation targets a known vulnerability that has been patched in newer versions of SonicWall firmware. x versions of the firmware. x firmware. x firmware versions. The notice mentions the following products along with recommended actions: SRA 4600/1600 (EOL 2019) disconnect immediately and reset passwords.

Ransomware 100

Ransomware Firmware VPN Passwords 100

Security Affairs

OCTOBER 1, 2018

GhostDNS scans for the IP addresses used by routers that use weak or no password then accesses them and changes the DNS settings to a rogue DNS server operated by the attackers. Js DNSChanger is written in JavaScript and includes 10 attack scripts designed to infect 6 routers or firmware packages. Pierluigi Paganini.

DNS 105

DNS Malware Firmware Phishing 105

Security Affairs

SEPTEMBER 20, 2020

The Mozi botnet was spotted by security experts from 360 Netlab, at the time of its discovered it was actively targeting Netgear, D-Link, and Huawei routers by probing for weak Telnet passwords to compromise them. The sample spreads via Telnet with weak passwords and some known exploits (see the list below). Pierluigi Paganini.

IoT 145

IoT DDOS Architecture Passwords 145

Security Affairs

OCTOBER 10, 2018

Unfortunately, the cloud ID is not sufficiently random and complex to make guessing correct cloud IDs hard because the analysis of the Xiongmai firmware revealed it is derived from the device’s MAC address. The experts also discovered an undocumented user with the name “default” and password “tluafed.”. ” continues the analysis.

Surveillance 108

Surveillance Hacking Firmware Manufacturing 108

Security Affairs

JUNE 25, 2020

In 2014 its global sales reached $55.91 “One of the screenshots seems to consist of LG Electronics official firmware or software update releases that assist their hardware products to work more efficiently.” Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. ” continues Cyble.

Computers and Electronics 130

Computers and Electronics Ransomware Mobile Telecommunications 130

Security Affairs

SEPTEMBER 4, 2019

An attacker could use these credentials to log on to the APs FTP server and steal the configuration file that includes SSIDs and passwords. “An This FTP server can be accessed with hardcoded credentials that are embedded in the firmware of the AP. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

DNS 97

DNS Hacking Firmware Wireless 97

Security Affairs

APRIL 4, 2019

Firmware updates that address this vulnerability are not currently available. Chaining the two flaws it is possible to take over the Cisco RV320 and RV325 routers, the hackers exploit the bugs to obtain hashed passwords for a privileged account and run arbitrary commands as root. through 1.4.2.20.

Small Business 103

Small Business Firmware Advertising VPN 103

Security Affairs

SEPTEMBER 3, 2019

Researchers at firmware security firm Eclypsium discovered multiple vulnerabilities referred as USBAnywhere that could be exploited to potentially allow an attacker to take over the baseboard management controller (BMC) for three different models of Supermicro server boards: the X9, X10, and X11. ” reads the post published by Eclypsium.

Hacking 110

Hacking Firmware Media Authentication 110

Security Affairs

FEBRUARY 5, 2020

More recent firmware versions had Telnet access and debug port (9527/ tcp ) disabled by default, but they had open port 9530/ tcp that could be exploited by attackers to send a special command to start telnet daemon and enable shell access with a static password ([ 1 ], [ 2 ], [ 3 ]). Pierluigi Paganini.

Firmware 106

Firmware Encryption Advertising Passwords 106

Security Affairs

MARCH 30, 2019

Chaining the two flaws it is possible to take over the Cisco RV320 and RV325 routers, the hackers exploit the bugs to obtain hashed passwords for a privileged account and run arbitrary commands as root. Firmware updates that address this vulnerability are not currently available. Pierluigi Paganini.

Small Business 105

Small Business Advertising Firmware Engineering 105

Security Affairs

SEPTEMBER 10, 2019

The hardware of the terminals is equipped with Shenzen technology, while the firmware is based on BusyBox Linux Debian. . The telnetd service is being deactivated and old and weak passwords are as well being removed or changed. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

IoT 109

IoT Hacking Firmware Advertising 109

Security Affairs

SEPTEMBER 7, 2018

Researchers from security firm Eclypsium have discovered a vulnerability in the firmware update mechanism that could be exploited by hackers to deliver persistent malware, completely wipe and reinstall of the operating system. Our research has uncovered vulnerabilities in the way that multiple vendors update their BMC firmware.

Firmware 76

Firmware Malware Advertising Passwords 76

Security Affairs

JULY 13, 2019

“ Malware then guesses routers’ passwords , which new research from Avast shows are often weak. The router attacks involved an exploit kit that attempts to find the router IP on a network, then attempts to guess the password using common login credentials. ” reads a blog post published by Avast. concludes Avast.

DNS 104

DNS Passwords Advertising Banking 104

Security Affairs

MAY 2, 2019

Others issues can be exploited by a remote, unauthenticated attacker to change admin and moderator passwords and view presentations. Tenable started reporting the vulnerabilities to vendors in January, but at the time of the public disclosure, only Extron and Barco have released firmware updates. Pierluigi Paganini.

Wireless 105

Wireless Advertising Firmware Authentication 105

Security Affairs

APRIL 26, 2019

An attacker could chain the issues to steal password theft and possibly remotely compromise the devices, he only needs to know the IP address of the P2P server used by the device. Furthermore, even if software patches were issued, the likelihood of most users updating their device firmware is low. ” reported Brian Krebs.

IoT 110

IoT Hacking Manufacturing Advertising 110

Security Affairs

JULY 25, 2018

EliteLands is using a 2-years old exploit that could be used to trigger tens of well-known vulnerabilities in the AVTech firmware. Many products of the vendor currently run the vulnerable firmware, including DVRs, NVRs, and IP cameras. “So, if I put reboot as password, the AVTech system gets rebooted,” Anubhav explained.

Firmware 69

Firmware Passwords Advertising IoT 69

Security Affairs

MARCH 29, 2019

Version 1 has no auth, version 2 requires the admin password.” Garrett told TP-Link it should “stop shipping debug daemons on production firmware and if you’re going to have a webform to submit security issues then have someone actually respond to it.” ” wrote Garrett on Twitter.

Advertising 106

Advertising Firmware Firewall Passwords 106

Security Affairs

NOVEMBER 4, 2019

“The original infection method remains unknown, but during that phase malicious code is injected to the firmware of the target system, and the code is then run as part of normal operations within the device. Gather all usernames and passwords related to the device and sent them to the C2 server. ” reads the report.

Malware 77

Malware Firmware Advertising Ransomware 77

Security Affairs

DECEMBER 11, 2018

Trend Micro recommends to keep devices’ firmware up to date, change the default usernames and passwords on their routers, and also change the router’s default IP address. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. .

DNS 111

DNS Advertising Firmware Banking 111

Security Affairs

NOVEMBER 1, 2018

The flaw can only be exploited if the device using the chip has the over-the-air firmware download (OAD) feature enabled. Experts pointed out that all Aruba access points share the same OAD password, which can be obtained by intercepting a legitimate update or by reverse engineering the device. ” continues the post.

Firmware 105

Firmware Manufacturing IoT Advertising 105

Security Affairs

OCTOBER 13, 2020

Simple or reused passwords are still a problem. While the cybersecurity industry has presented options for every netizen, the recommendation to use original and complex passwords continues to be disregarded. Instead, people come up with passwords that are comfortable. Poor credentials. What does this mean? Vicious insider.

IoT 142

IoT Cybersecurity Manufacturing Internet 142

Security Affairs

FEBRUARY 3, 2020

“ Attackers can easily obtain default passwords and identify internet-connected target systems. Passwords can be found in p roduct documentation and compiled lists available on the Internet.” Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. 06 and older. ” continues SonicWall.

DDOS 98

DDOS Hacking Internet Internet 98

Security Affairs

FEBRUARY 18, 2020

Successfully dumped the smartlock’s firmware. And after having successfully dumped the firmware we can proceed at extracting some valuable evidences for the forensics case. Artifacts extracted from the FW analysis: Smartlock Passwords & User’s Logs. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

IoT 125

IoT Hacking Firmware Advertising 125

Security Affairs

AUGUST 13, 2018

The affected models are NetComm 4G LTE Light industrial M2M routers running firmware version 2.0.29.11 The cross-site request forgery condition could be triggered by a remote attacker to change passwords of the device. NetComm has released a firmware update that addresses the security vulnerabilities in mid-May 2018.

Wireless 72

Wireless Firmware Manufacturing Advertising 72