2014, IoT and Passwords - Cyber Security Informer

Mozi Botnet is responsible for most of the IoT Traffic

Security Affairs

SEPTEMBER 20, 2020

The Mozi botnet accounted for 90% of the IoT network traffic observed between October 2019 and June 2020, IBM reported. Mozi is an IoT botnet that borrows the code from Mirai variants and the Gafgyt malware , it appeared on the threat landscape in late 2019. reads the analysis published by the experts.

IoT

IoT DDOS Architecture Passwords

IoT Cybersecurity: 5 Major Vulnerabilities and How to Tackle Them

Security Affairs

OCTOBER 13, 2020

The number of sensors and smart devices connected to the internet is exponentially rising, which are the 5 Major Vulnerabilities for IoT devices. If you take a look at the global market for IoT, you can easily spot the trend. IoT devices are exposed to cybersecurity vulnerabilities. The Threat is Definitely Real.

IoT

IoT Cybersecurity Manufacturing Internet

Bot list with Telnet credentials for more than 500,000 servers and IoT devices leaked online

Security Affairs

JANUARY 19, 2020

The availability online of a new collection of Telnet credentials for more than 500,000 servers, routers, and IoT devices made the headlines. This is the biggest leak of Telnet passwords even reported. The list includes the IP address, username and password for the Telnet service for each device. ” reported ZDNet.

IoT

IoT DDOS InfoSec Internet

Evolution of threat landscape for IoT devices – H1 2018

Security Affairs

SEPTEMBER 19, 2018

Security experts from Kaspersky have published an interesting report on the new trends in the IoT threat landscape. What is infecting IoT devices and how? The researchers set up a honeypot to collect data on infected IoT devices, the way threat actors infect IoT devices and what families of malware are involved.

IoT

IoT Passwords Malware Advertising

Giving a Face to the Malware Proxy Service ‘Faceless’

Krebs on Security

APRIL 18, 2023

Kilmer said when Spur first started looking into Faceless, they noticed almost every Internet address that Faceless advertised for rent also showed up in the IoT search engine Shodan.io Those with IoT zero-days could expect payment if their exploit involved at least 5,000 systems that could be identified through Shodan.

Malware

Malware Passwords Accountability Advertising

A hacker has taken over at least 29 IoT botnets

Security Affairs

MAY 5, 2019

Hacker “Subby” brute-forces the backends of 29 IoT botnets that were using weak or default credentials. A hacker that goes online with the moniker ‘Subby’ took over 29 IoT botnets in the past few week s with brute-force attacks. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

IoT

IoT Advertising Hacking Passwords

ARES ADB IOT Botnet targets Android Set Top Boxes (STB) and TVs

Security Affairs

AUGUST 31, 2019

Researchers from WootCloud Labs have uncovered a new IoT botnet named Ares that is targeting Android-based devices. Experts from WootCloud Labs have spotted a new IoT botnet tracked as Ares that is targeting Android-based devices that have a debug port exposed online. IoT #malware branches seen in ????????

IoT

IoT Passwords Advertising Malware

Millions of IoT Devices exposed to remote hacks due to iLnkP2P flaws

Security Affairs

APRIL 26, 2019

Experts discovered security flaws in the iLnkP2P peer-to-peer (P2P) system that exposes millions of IoT devices to remote attacks. The iLnkP2P system allows users to remotely connect to their IoT devices using a mobile phone or a PC. Potentially affected IoT devices include cameras and smart doorbells. Pierluigi Paganini.

IoT

IoT Hacking Manufacturing Advertising

ZoomEye IoT search engine cached login passwords for tens of thousands of Dahua DVRs

Security Affairs

JULY 16, 2018

A security researcher discovered that the IoT search engine ZoomEye has cached login passwords for tens of thousands of Dahua DVRs. The IoT search engine ZoomEye has cached login passwords for tens of thousands of Dahua DVRs, the discovery was made by security researcher Ankit Anubhav, Principal Researcher at NewSky Security.

IoT

IoT Engineering Passwords Firmware

Million of Telestar Digital GmbH IoT radio devices can be remotely hacked

Security Affairs

SEPTEMBER 10, 2019

A security researcher disclosed zero-day flaws in Telestar Digital GmbH IoT radio devices that could be exploited by remote attackers to hijack systems without any user interaction. Kunz and his colleagues were able to brute-force the IoT radio in just 10 minutes and achieve root access with full privileges. . Pierluigi Paganini.

IoT

IoT Hacking Firmware Advertising

Chalubo, a new IoT botnet emerges in the threat landscape

Security Affairs

OCTOBER 23, 2018

Security experts from Sophos Labs have spotted a new piece of IoT malware tracked as Chalubo that is attempting to recruit devices into a botnet used to launch DDoS attacks. The IoT malware ran only on systems with an x86 architecture. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

IoT

IoT DDOS Malware Architecture

XMR crypto miner switches from arm IoT devices to X86/I686 Intel servers

Security Affairs

SEPTEMBER 2, 2019

Akamai researcher Larry Cashdollar reported that a cryptocurrency miner that previously hit only Arm-powered IoT devices it now targeting Intel systems. The researchers revealed that one of his honeypots was hit by this IoT malware that targets Intel machines running Linux. “This one seems to target enterprise systems.”

IoT

IoT Cryptocurrency Malware Advertising

Hacking the Twinkly IoT Christmas lights

Security Affairs

DECEMBER 24, 2018

Security researchers discovered some flaws in the Twinkly IoT lights that could be exploited display custom lighting effects and to remotely turn off them. The communications are not encrypted, however the WiFi password is sent encrypted during set up (albeit trivial to decrypt).” Pierluigi Paganini.

IoT

IoT Hacking DNS Authentication

Creator of multiple IoT botnets, including Satori, pleaded guilty

Security Affairs

SEPTEMBER 4, 2019

Kenneth Currin Schuchman (21) from Vancouver, Washington pleaded guilty to creating and operating multiple DDoS IoT botnet , including Satori. Kenneth Currin Schuchman (21) from Vancouver, Washington, aka Nexus Zeta, pleaded guilty to creating and operating multiple DDoS IoT botnets. Pierluigi Paganini.

IoT

IoT DDOS Internet Internet

Russia-linked STRONTIUM APT targets IoT devices to hack corporate networks

Security Affairs

AUGUST 6, 2019

The STRONTIUM Russia-linked APT group is compromising common IoT devices to gain access to several corporate networks. Researchers at Microsoft observed the Russia-linked APT group STRONTIUM abusing IoT devices to gain access to several corporate networks. ” IoT risk must be taken seriously. ” continues Microsoft.

IoT

IoT Hacking Advertising Government

EU to Force IoT, Wireless Device Makers to Improve Security

eSecurity Planet

NOVEMBER 1, 2021

The European Union is poised to place more demands on manufacturers to design greater security into their wireless and Internet of Things (IoT) devices. has made some strides on IoT security at the federal level; it remains to be seen if the EU initiative will spur the U.S. IoT market growth. IoT Security Neglected.

Wireless

Wireless IoT Manufacturing Mobile

Over 600k GPS trackers left exposed online with a default password of ‘123456’

Security Affairs

SEPTEMBER 6, 2019

600,000 GPS trackers left exposed online with a default password of ‘123456’ Avast researchers found at least 600,000 GPS trackers manufactured by a Chinese vendor that were exposed online with a default password of “123456.” The use of default passwords represents a serious problem also for the Chinese vendor.

Passwords

Passwords Manufacturing Advertising Firmware

Hacking IoT devices with Focaccia-Board: A Multipurpose Breakout Board to hack hardware in a clean and easy way!

Security Affairs

FEBRUARY 18, 2020

Even before the appearance of the word (I)IoT, I was breaking hardware devices, as many of you, with a multitude of debuggers (i.e. Artifacts extracted from the FW analysis: Smartlock Passwords & User’s Logs. But it saves my time while hacking (I)IoT targets. SecurityAffairs – hacking IoT, Focaccia board).

IoT

IoT Hacking Firmware Advertising

Massive increase in XorDDoS Linux malware in last six months

Malwarebytes

MAY 25, 2022

XorDDoS, a Linux Trojan known for its modularity and stealth, was first discovered in 2014 by the white hat research group, MalwareMustDie (MMD). Security IoT devices. If you have an IoT device at home, know there are ways to secure it. If you plan to get an IoT device soon, buy from a well-known brand.

Malware

Malware IoT DDOS DNS

TP-Link Archer routers allow remote takeover without passwords

Security Affairs

DECEMBER 17, 2019

TP-Link has addressed a critical vulnerability impacting some TP-Link Archer routers that could allow attackers to login without passwords. “In such an event, the victim could lose access to the console and even a shell, and thereby would not be able to re-establish a new password.” ” continues the post.

Passwords

Passwords Advertising Firmware Authentication

The Link Between AWM Proxy & the Glupteba Botnet

Krebs on Security

JUNE 28, 2022

In a typical PPI network, clients will submit their malware—a spambot or password-stealing Trojan, for example —to the service, which in turn charges per thousand successful installations, with the price depending on the requested geographic location of the desired victims. AWM Proxy’s online storefront disappeared that same day.

Passwords

Passwords Malware Internet Internet

FBI warns cyber actors abusing protocols as new DDoS attack vectors

Security Affairs

JULY 27, 2020

In December 2018, security experts from Trend Micro discovered that some machine-to-machine (M2M) protocols can be abused to attack IoT and industrial Internet of Things (IIoT) systems. Change the default username and passwords for all network devices, especially IoT devices. Pierluigi Paganini. SecurityAffairs – hacking, FBI).

DDOS

DDOS IoT Internet Internet

Hackers claim to have compromised 50,000 home cameras and posted footage online

Security Affairs

OCTOBER 19, 2020

The news is not surprising, unfortunately in many cases IoT devices, including IP cameras, are deployed without proper security measures. In 2017, thousands of IP cameras have been hijacked by the Persirai IoT botnet that targeted more than 1,000 IP camera models. Pierluigi Paganini. SecurityAffairs – hacking, IP cameras).

IoT

IoT Internet Internet Hacking

Experts hacked 28,000 unsecured printers to raise awareness of printer security issues

Security Affairs

AUGUST 27, 2020

To perform the experiment, we used Internet of Things (IoT) search engines to search for open devices that utilized common printer ports and protocols. To find out how many printers were on the menu for our experiment, we searched for IP addresses with open ports on specialized IoT search engines, such as Shodan and Censys.

Hacking

Hacking IoT Firmware Internet

Cisco discovered several flaws in Sierra Wireless AirLink ES450 devices

Security Affairs

APRIL 27, 2019

Some of the flaws could be exploited to execute arbitrary code, modify passwords, and change system settings, Sierra Wireless AirLink gateways and routers are widely used in enterprise environments to connect industrial equipment, smart devices, sensors, point-of-sale (PoS) systems, and Industrial Control systems (ICSs). Pierluigi Paganini.

Wireless

Wireless Passwords IoT Advertising

Guardzilla Security Video System Footage exposed online

Security Affairs

DECEMBER 29, 2018

“The Guardzilla IoT-enabled home video surveillance system contains a shared Amazon S3 credential used for storing saved video data. It has a CVSSv3 base score of 8.6 , since once the password is known, any unauthenticated user can collect the data from any affected system over the internet.” Pierluigi Paganini.

Firmware

Firmware Surveillance IoT Passwords

Information Disclosure flaw allows attackers to find Huawei routers with default credentials

Security Affairs

DECEMBER 23, 2018

An attacker could use IoT search engines such as ZoomEye or Shodan to scan the internet for devices having default passwords. “Hence the attacker can craft a ZoomEye / Shodan dork to implicitly get a list of the devices having default password. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

IoT

IoT Internet Internet Passwords

IT threat evolution in Q3 2024. Non-mobile statistics

SecureList

NOVEMBER 29, 2024

According to the UK’s National Crime Agency (NCA), this individual also was behind the infamous Reveton ransomware Trojan spread in 2012 — 2014. Attacks on macOS Password stealers were the third quarter’s most noteworthy findings associated with attacks on macOS users. Reveton was among the most notorious PC screen lockers.

Mobile

Mobile Adware Ransomware Malware

Experts found first Mirai bot targeting Linux servers via Hadoop YARN flaw

Security Affairs

NOVEMBER 21, 2018

These versions of Mirai behave much like the original but are tailored to run on Linux servers and not underpowered IoT devices.” Other IoT Mirai variants first examine the victim device in order to deliver the proper executable (x86, x64, ARM, MIPS, ARC, etc.=. ” reads the analysis published by the experts.

IoT

IoT Advertising Malware Architecture

Sophos blocked attacks exploiting XG Firewall zero-day to deploy Ransomware

Security Affairs

MAY 21, 2020

The data for any specific firewall depends upon the specific configuration and may include usernames and hashed passwords for the local device admin(s), portal admins, and user accounts used for remote access.” Passwords associated with external authentication systems such as AD or LDAP are unaffected. Pierluigi Paganini.

Firewall

Firewall Ransomware Passwords VPN

Over 100 irrigation systems left exposed online without protection

Security Affairs

OCTOBER 27, 2020

Researchers found more than 100 smart irrigation systems running ICC PRO that were left exposed online without a password last month. The ICC PRO systems were deployed with default factory settings, which don’t have a password for the default user’s account. Pierluigi Paganini.

Cyber Attacks

Cyber Attacks IoT Advertising Passwords

OT attacks increased by over 2000 percent in 2019, IBM reports

Security Affairs

FEBRUARY 11, 2020

According to IBM, OT attacks increased by over 2000 percent in 2019, most of them involved the Echobot IoT malware. In the OT attacks observed by IBM researchers, hackers attempted to exploit a combination of known ICS/SCADA vulnerabilities, as well as password-spraying attacks. ” concludes IBM. Pierluigi Paganini.

Advertising

Advertising Malware IoT Technology

Developer of DDoS Mirai based botnets sentenced to prison

Security Affairs

JUNE 26, 2020

. “According to court documents, the botnets were initially based largely on the source code previously developed by other individuals to create the Mirai botnet;” In September 2019, Schuchman pleaded guilty to creating and operating multiple DDoS IoT botnets. ” the DoJ concludes. Pierluigi Paganini.

DDOS

DDOS IoT Advertising Internet

The 7 Biggest Cybersecurity Scoops from February 2015

SiteLock

AUGUST 27, 2021

One year ago in February, the major eBay hack was in progress, eventually resulting in over 233 million passwords being stolen. 10 Million Passwords Leaked Online. Security consultant Mark Burnett leaked 10 million usernames and passwords online through his personal blog last week, in a very risky move. Worst Passwords of 2014.

Passwords

Passwords Cybersecurity Internet Internet

Security Affairs newsletter Round 230

Security Affairs

SEPTEMBER 8, 2019

XMR crypto miner switches from arm IoT devices to X86/I686 Intel servers. Creator of multiple IoT botnets, including Satori, pleaded guilty. Over 600k GPS trackers left exposed online with a default password of ‘123456. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Crooks stole €1.5

IoT

IoT Data breaches Advertising DNS

WAGO Industrial Switches affected by multiple flaws

Security Affairs

JUNE 13, 2019

Furthermore, hardcoded password hashes and credentials were also found by doing an automated scan with IoT Inspector.” The validity of the password hashes and the embedded keys were also verified by emulating the device. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Firmware

Firmware Passwords Advertising IoT

The hacker behind Matrix.org hack offers advice to improve security

Security Affairs

APRIL 12, 2019

Matrix is an open network for secure, decentralized real-time communication that is also used for instant messaging, IoT communications, and VoIP or WebRTC signaling. The intruder had access to the production databases, potentially giving them access to unencrypted message data, password hashes and access tokens. Pierluigi Paganini.

Hacking

Hacking DNS Passwords Data breaches

Dozens of Linksys router models leak data useful for hackers

Security Affairs

MAY 18, 2019

The expert used the Binary Edge IoT search engine to find vulnerable devices, earlier this week he discovered 25,617 routers that were leaking a total of 756,565 unique MAC addresses. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Wireless

Wireless Advertising IoT DNS

EnemyBot malware adds new exploits to target CMS servers and Android devices

Security Affairs

MAY 30, 2022

Gafgyt is a popular choice for launching large-scale DDoS attacks, it first appeared in the threat landscape in 2014. The Enemybot botnet employs several methods to spread and targets other IoT devices. The botnet implements multiple obfuscation techniques to avoid detection and hides C2 on the Tor network.

Malware

Malware DDOS IoT Cybercrime

Botnet operators target multiple zero-day flaws in LILIN DVRs

Security Affairs

MARCH 23, 2020

Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. “The relevant malicious IPs, URLs and domains should be blocked and investigated on users’network.” Pierluigi Paganini. SecurityAffairs – hacking, LILIN).

Firmware

Firmware Surveillance Manufacturing Advertising

Enemybot, a new DDoS botnet appears in the threat landscape

Security Affairs

APRIL 17, 2022

Gafgyt is a popular choice for launching large-scale DDoS attacks, it first appeared in the threat landscape in 2014. The Enemybot botnet employs several methods to spread and targets other IoT devices. The Enemybot botnet borrows the code from the Gafgyt bot and re-used some codes from the infamous Mirai botnet.

DDOS

DDOS Architecture Malware Cybercrime

Over 19,000 Orange Livebox ADSL modems leak WiFi credentials

Security Affairs

DECEMBER 25, 2018

Threat actors are attempting to exploit a flaw in Orange LiveBox ADSL modems to retrieve their SSID and WiFi password in plaintext. “A flaw exists in these modems that allow remote unauthenticated users to obtain the device’s SSID and WiFi password.” Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Passwords

Passwords Wireless Advertising Firmware

Korean Davolink routers are easy exploitable due to poor cyber hygene

Security Affairs

JULY 25, 2018

Davolink dvw 3200 routers have their login portal up on port 88, the access is password protected, but the password is hardcoded in the HTLM of login page. These Davolink dvw 3200 routers have their login portal up on port 88, the access is password protected. function clickApply(sel). {. function clickApply(sel). {.

Passwords

Passwords Advertising IoT Internet

Hackers are targeting Cisco RV320/RV325, over 9K routers exposed online

Security Affairs

JANUARY 28, 2019

Chaining the two flaws it is possible to take over the Cisco RV320 and RV325 routers, the hackers exploit the bugs to obtain hashed passwords for a privileged account and run arbitrary commands as root. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. SecurityAffairs – Cisco RV320/RV325 routers, IoT).

Small Business

Small Business Advertising IoT Internet

Mozi Botnet is responsible for most of the IoT Traffic

IoT Cybersecurity: 5 Major Vulnerabilities and How to Tackle Them

Trending Sources

Bot list with Telnet credentials for more than 500,000 servers and IoT devices leaked online

Evolution of threat landscape for IoT devices – H1 2018

Giving a Face to the Malware Proxy Service ‘Faceless’

A hacker has taken over at least 29 IoT botnets

ARES ADB IOT Botnet targets Android Set Top Boxes (STB) and TVs

Millions of IoT Devices exposed to remote hacks due to iLnkP2P flaws

ZoomEye IoT search engine cached login passwords for tens of thousands of Dahua DVRs

Million of Telestar Digital GmbH IoT radio devices can be remotely hacked

Chalubo, a new IoT botnet emerges in the threat landscape

XMR crypto miner switches from arm IoT devices to X86/I686 Intel servers

Hacking the Twinkly IoT Christmas lights

Creator of multiple IoT botnets, including Satori, pleaded guilty

Russia-linked STRONTIUM APT targets IoT devices to hack corporate networks

EU to Force IoT, Wireless Device Makers to Improve Security

Over 600k GPS trackers left exposed online with a default password of ‘123456’

Hacking IoT devices with Focaccia-Board: A Multipurpose Breakout Board to hack hardware in a clean and easy way!

Massive increase in XorDDoS Linux malware in last six months

TP-Link Archer routers allow remote takeover without passwords

The Link Between AWM Proxy & the Glupteba Botnet

FBI warns cyber actors abusing protocols as new DDoS attack vectors

Hackers claim to have compromised 50,000 home cameras and posted footage online

Experts hacked 28,000 unsecured printers to raise awareness of printer security issues

Cisco discovered several flaws in Sierra Wireless AirLink ES450 devices

Guardzilla Security Video System Footage exposed online

Information Disclosure flaw allows attackers to find Huawei routers with default credentials

IT threat evolution in Q3 2024. Non-mobile statistics

Experts found first Mirai bot targeting Linux servers via Hadoop YARN flaw

Sophos blocked attacks exploiting XG Firewall zero-day to deploy Ransomware

Over 100 irrigation systems left exposed online without protection

OT attacks increased by over 2000 percent in 2019, IBM reports

Developer of DDoS Mirai based botnets sentenced to prison

The 7 Biggest Cybersecurity Scoops from February 2015

Security Affairs newsletter Round 230

WAGO Industrial Switches affected by multiple flaws

The hacker behind Matrix.org hack offers advice to improve security

Dozens of Linksys router models leak data useful for hackers

EnemyBot malware adds new exploits to target CMS servers and Android devices

Botnet operators target multiple zero-day flaws in LILIN DVRs

Enemybot, a new DDoS botnet appears in the threat landscape

Over 19,000 Orange Livebox ADSL modems leak WiFi credentials

Korean Davolink routers are easy exploitable due to poor cyber hygene

Hackers are targeting Cisco RV320/RV325, over 9K routers exposed online

Stay Connected