2018, Firmware and Hacking - Cyber Security Informer

MY TAKE: Why locking down ‘firmware’ has now become the next big cybersecurity challenge

The Last Watchdog

JUNE 10, 2019

Locking down firmware. Starks Federal Communications Commission member Geoffrey Starks recently alluded to the possibility that China may have secretly coded the firmware in Huawei’s equipment to support cyber espionage and cyber infrastructure attacks. telecoms by Chinese tech giant Huawei.

Firmware

Firmware Cybersecurity Technology Engineering

SHARED INTEL: How ‘memory attacks’ and ‘firmware spoilage’ circumvent perimeter defenses

The Last Watchdog

NOVEMBER 20, 2019

What does Chinese tech giant Huawei have in common with the precocious kid next door who knows how to hack his favorite video game? Related: Ransomware remains a scourge The former has been accused of placing hidden backdoors in the firmware of equipment distributed to smaller telecom companies all across the U.S. percent from 2018.

Firmware

Firmware Hacking Software Surveillance

Sophos details five years of China-linked threat actors’ activity targeting network devices worldwide

Security Affairs

NOVEMBER 2, 2024

Since 2018, Sophos has faced increasingly aggressive campaigns, including the India-based Sophos subsidiary Cyberoam, where attackers exploited a wall-mounted display for initial access. The first documented attack against a Sophos facility is the one that targeted Cyberoam in 2018.

Firmware

Firmware Government Firewall Malware

Webinars

How to Avoid Pitfalls In Automation: Keep Humans In the Loop

MORE WEBINARS

New Triada Trojan comes preinstalled on Android devices

Security Affairs

APRIL 2, 2025

The researchers speculate that threat actors behind this variant have compromised the supply chain, so stores may not even suspect that they are selling smartphones infected with Triada “The new version of the malware is distributed in the firmware of infected Android devices. It is located in the system framework. 231 banking malware.

Malware

Malware Cryptocurrency Mobile Firmware

Android devices shipped with backdoored firmware as part of the BADBOX network

Security Affairs

OCTOBER 8, 2023

Researchers warn that more than 70,000 Android smartphones, CTV boxes, and tablets were shipped with backdoored firmware as part of BADBOX network. Cybersecurity researchers at Human Security discovered a global network of consumer products, dubbed BADBOX, with firmware backdoors installed and sold through a compromised hardware supply chain.

Firmware

Firmware Mobile Malware Retail

How to hack Wincor Cineo ATMs to bypass black-box attack protections and withdraw cash

Security Affairs

NOVEMBER 1, 2021

Researchers demonstrated how crooks could hack Diebold Nixdorf’s Wincor Cineo ATMs to bypass black-box attack protections and withdraw cash. An attacker with access to the dispenser controller’s USB port can install an outdated or modified firmware version to bypass the encryption and make cash withdrawals. score of 6.8.

Hacking

Hacking Firmware Encryption Manufacturing

Netgear fixes a critical RCE that could allow to takeover Flagship Nighthawk routers

Security Affairs

MARCH 8, 2020

Netgear has addressed a critical remote code execution vulnerability that could be exploited by an unauthenticated attacker to take over AC Router Nighthawk (R7800) hardware running firmware versions prior to 1.0.2.68. NETGEAR strongly recommends that you download the latest firmware as soon as possible.” Pierluigi Paganini.

Firmware

Firmware Wireless Advertising Authentication

A new Mirai botnet variant targets DigiEver DS-2105 Pro DVRs

Security Affairs

DECEMBER 26, 2024

The new Mirai malware variant also targetsthe TP-Link flaw CVE-2023-1389 and the vulnerability CVE-2018-17532 affecting Teltonika RUT9XX routers. “One of the easiest methods for threat actors to compromise new hosts is to target outdated firmware or retired hardware.” in newer ones. ” concludes the report.

Manufacturing

Manufacturing Malware Firmware IoT

Experts found 9 NAS flaws that expose LenovoEMC, Iomega Devices to hack

Security Affairs

OCTOBER 3, 2018

The vulnerabilities are traked as CVE-2018-9074 , CVE-2018-9075 , CVE-2018-9076 , CVE-2018-9077 , CVE-2018-9078 , CVE-2018-9079 , CVE-2018-9080 , CVE-2018-9081 and CVE-2018-9082. 20 and publicly disclosed the vulnerabilities on September 30. Pierluigi Paganini.

Hacking

Hacking Firmware Advertising Backups

Hacking the infotainment system used in Mercedes-Benz cars

Security Affairs

MAY 19, 2021

The experts focused their analysis on the Mercedes-Benz User Experience (MBUX) infotainment system, which was first presented by the carmaker in 2018. SecurityAffairs – hacking, Mercedes). The post Hacking the infotainment system used in Mercedes-Benz cars appeared first on Security Affairs. Pierluigi Paganini.

Hacking

Hacking Firmware Engineering Software

Experts hacked 28,000 unsecured printers to raise awareness of printer security issues

Security Affairs

AUGUST 27, 2020

Example of available open printers on a single IoT search engine (Shodan.io): As we can see, many users and organizations still use internet-connected devices without thinking about security, installing firmware updates, or taking into account the implications of leaving their devices publicly accessible. Change the default password. .

Hacking

Hacking IoT Firmware Internet

Toyota presented PASTA (Portable Automotive Security Testbed) Car-Hacking Tool

Security Affairs

DECEMBER 6, 2018

PASTA is an open-source testing platform specifically designed for car hacking, it was developed to help experts to test cyber security features of modern vehicles. — Black Hat (@BlackHatEvents) October 10, 2018. “It’s small and portable so users can study, research, and hack with it anywhere.”

Hacking

Hacking Advertising Firmware Engineering

BotenaGo botnet targets millions of IoT devices using 33 exploits

Security Affairs

NOVEMBER 11, 2021

Ax with firmware 1.04b12 and earlier CVE-2016-1555 Netgear WN604 before 3.3.3 CVE-2017-6077 NETGEAR DGN2200 devices with firmware through 10.0.0.50 Beta, D6220, D6400, D7000 CVE-2018-10561, CVE-2018-10562 GPON home routers CVE-2013-3307 Linksys X3000 1.0.03 CVE-2018-10088 XiongMai uc-httpd 1.0.0 A2pvI042j1.d26m

IoT

IoT Firmware Malware Wireless

Millions of Xiongmai video surveillance devices can be easily hacked via cloud feature

Security Affairs

OCTOBER 10, 2018

Millions of Xiongmai video surveillance devices can be easily hacked via cloud feature, a gift for APT groups and cyber crime syndicates. Xiongmai hereinafter) that are open to hack. ” Experts also discovered that it is possible to execute arbitrary code on the device through a firmware update.

Surveillance

Surveillance Hacking Firmware Manufacturing

HP releases firmware updates for two critical RCE flaws in Inkjet Printers

Security Affairs

AUGUST 6, 2018

HP has released firmware updates that address two critical remote code execution vulnerabilities in some models of inkjet printers. HP has released firmware updates to address two critical RCE flaws affecting some Inkjet printers. Go to the Upgrading Printer Firmware page and follow the instructions provided to install the firmware.

Firmware

Firmware Advertising Software Hacking

DRAGONBLOOD flaws allow hacking WPA3 protected WiFi passwords

Security Affairs

AUGUST 3, 2019

Dragonblood researchers found two new weaknesses in WPA3 protocol that could be exploited to hack WPA3 protected WiFi passwords. A group of researchers known as Dragonblood (Mathy Vanhoef and Eyal Ronen ) devised new methods to hack WPA3 protected WiFi passwords by exploiting two new vulnerabilities dubbed Dragonblood flaws.

Passwords

Passwords Hacking Wireless Authentication

CVE-2018-5383 Bluetooth flaw allows attackers to monitor and manipulate traffic

Security Affairs

JULY 24, 2018

Security researchers have found a high severity flaw (CVE-2018-5383) affecting some Bluetooth implementations that allow attackers to manipulate traffic. According to the Bluetooth SIG, there is no evidence that the CVE-2018-5383 flaw has been exploited attacks in the wild. Securi ty Affairs – CVE-2018-5383, hacking).

Wireless

Wireless Firmware Advertising Encryption

New Cring ransomware deployed targeting unpatched Fortinet VPN devices

Security Affairs

APRIL 7, 2021

Attackers are actively exploiting the CVE-2018-13379 flaw in Fortinet VPN to deploy the Cring ransomware to organizations in the industrial sector. “The primary causes of the incident include the use of an outdated and vulnerable firmware version on the Fortigate VPN server (version 6.0.2 ” continues Kaspersky.

VPN

VPN Ransomware Antivirus Firmware

ASUS addressed critical flaws in some router models

Security Affairs

JUNE 19, 2023

ASUS addressed critical vulnerabilities in multiple router models, urging customers to immediately install firmware updates. ASUS is warning customers to update some router models to the latest firmware to address critical vulnerabilities. CVE-2018-1160 is an out-of-bounds write issue that resides in dsi_opensess.c.

Firmware

Firmware VPN Wireless Passwords

Group-IB presented latest cybercrime and nation-state hacking trends in Asia

Security Affairs

NOVEMBER 16, 2018

Hong Kong, 16.11.2018 – Group-IB, an international company that specializes in preventing cyber attacks, presented the findings of its latest Hi-Tech Crime Trends 2018 report at the FinTech Security Conference in Hong Kong organized by Binary Solutions Limited in partnership with Group-IB. Attacks on Crypto. Group-IB in Asia.

Cybercrime

Cybercrime Hacking Banking Phishing

Severe vulnerabilities allow hacking older GE anesthesia machines

Security Affairs

JULY 10, 2019

The experts at the healthcare cybersecurity firm CyberMDX have found some flaws in the firmware of the anesthesia machines, the issues could expose patients to serious risks. CyberMDX reported the vulnerability to GE in October 2018, at the time of writing the company only plans to share suggestions to mitigate the problems.

Hacking

Hacking Healthcare Advertising Firmware

Devices from Dell, HP, and Lenovo used outdated OpenSSL versions

Security Affairs

NOVEMBER 25, 2022

The researchers discovered the issue by analyzing firmware images used devices from the above manufacturers. The experts analyzed one of the core frameworks EDKII used as a part of any UEFI firmware which has its own submodule and wrapper over the OpenSSL library ( OpensslLib ) in the CryptoPkg component. that dates back to 2009.

Firmware

Firmware Manufacturing Hacking Software

QSnatch malware infected over 62,000 QNAP NAS Devices

Security Affairs

JULY 28, 2020

The first campaign likely began in early 2014 and continued until mid-2017, while the second started in late 2018 and was still active in late 2019. The experts observed that once a device has been infected, the malicious code can prevent the installation of firmware updates. SecurityAffairs – hacking, QSnatch).

Malware

Malware Firmware Advertising Manufacturing

Cisco says its RV routers will no longer receive updates

Security Affairs

JANUARY 15, 2021

Cisco announced it will no longer release firmware updates to fix 74 vulnerabilities affecting its RV routers, which reached end-of-life (EOL). Cisco will no longer release firmware updates to address 74 vulnerabilities affecting some of its RV routers that reached end-of-life (EOL). SecurityAffairs – hacking, Cisco RV routers).

Small Business

Small Business Firmware Hacking Software

US and UK link new Cyclops Blink malware to Russian state hackers?

Security Affairs

FEBRUARY 23, 2022

Cyclops Blink is believed to be a replacement for the VPNFilter botnet, which was first exposed in 2018 and at the time was composed of more than 500,000 compromised routers and network-attached storage (NAS) devices. The malware leverages the firmware update process to achieve persistence. SecurityAffairs – hacking, CISA).

Malware

Malware Firmware Architecture Firewall

A daily average of 80,000 printers exposed online via IPP

Security Affairs

JUNE 23, 2020

This info includes printer names, locations, models, firmware versions, organization names, and even WiFi network names. It is quite easy for hackers to use tools specifically designed to hack printers such as PRET (Printer Exploitation Toolkit). SecurityAffairs – hacking, printers). ” continues the report. .

Internet

Internet Internet Firmware Advertising

HP bug bounty programs now covers flaws in cartridges

Security Affairs

OCTOBER 3, 2020

“The program underscores HP’s commitment to delivering defense-in-depth across all aspects of printing—including supply chain, cartridge chip, cartridge packaging, firmware and printer hardware.” HP covered printers in its bug bounty program since 2018 paying rewards that range between $500 and $10,000 per flaw.

Firmware

Firmware Advertising Hacking Cybersecurity

Researchers show how to steal a Tesla Model X in a few minutes

Security Affairs

NOVEMBER 23, 2020

Then, they exploited the insecure update mechanism to deliver a tainted firmware to the fob. The researchers used cheap components for their hack, just $300 worth of equipment that includes the ECU, a Raspberry Pi, a secondhand Model X BCM, a key fob, a power converter, and a battery. SecurityAffairs – hacking, Tesla Model X).

Computers and Electronics

Computers and Electronics Firmware Hacking Advertising

Sony Bravia Smart TVs affected by a critical vulnerability

Security Affairs

OCTOBER 6, 2018

The most severe vulnerability tracked as CVE-2018-16593 is a command-injection flaw that resides in the Sony application Photo Sharing Plus that allows users to share multimedia content from their mobile devices via Sony Smart TVs. . Click the Firmware update link for details about how to check the software version.

Advertising

Advertising IoT Wireless Firmware

BLEEDINGBIT Bluetooth flaws in TI chips expose enterprises to remote attacks

Security Affairs

NOVEMBER 1, 2018

The BLEEDINGBIT vulnerabilities affect several Texas Instruments chips, the CVE-2018-16986 flaw affects CC2640 and CC2650 chips running BLE-STACK 2.2.1 “The security vulnerability for CVE-2018-16986 is present in these TI chips when scanning is used (e.g. to address the CVE-2018-16986 flaw. or earlier.

Firmware

Firmware Manufacturing IoT Advertising

A new Zerobot variant spreads by exploiting Apache flaws

Security Affairs

DECEMBER 22, 2022

the malware operators have removed CVE-2018-12613, a phpMyAdmin vulnerability that could allow threat actors to view or execute files. Maintain device health with updates: Make sure devices are up to date with the latest firmware and patches. SecurityAffairs – hacking, botnet). . “Since the release of Zerobot 1.1,

IoT

IoT DDOS Malware Firmware

Guardzilla Security Video System Footage exposed online

Security Affairs

DECEMBER 29, 2018

. “During the 0DAYALLDAY Research Event a vulnerability was discovered ( CVE-2018-5560 ) in the Guardzilla Security Video System Model #: GZ521W. The vulnerability lies within the design and implementation of Amazon Simple Storage Service (S3) credentials inside the Guardzilla Security Camera firmware.”

Firmware

Firmware Surveillance IoT Passwords

Cisco ASA is affacted by a privilege escalation flaw. Patch it now!

Security Affairs

DECEMBER 23, 2018

A privilege escalation vulnerability tracked as CVE-2018-15465 affects the Cisco Adaptive Security Appliance (ASA) software. The flaw was discovered by experts at Tenable that explained that an authenticated remote unprivileged user can change or download the running configuration or replace the appliance firmware where they shouldn’t.

Firmware

Firmware Authentication Software Advertising

Security Affairs newsletter Round 180 – News of the week

Security Affairs

SEPTEMBER 16, 2018

Advertising

Advertising Firmware Surveillance Data breaches

ESET warns of three flaws that affect over 100 Lenovo notebook models

Security Affairs

APRIL 19, 2022

Lenovo warns of vulnerabilities in its Unified Extensible Firmware Interface (UEFI) shipped with at least 100 notebook models. The vulnerabilities affecting the Lenovo UEFI result from the use of two UEFI firmware drivers, named SecureBackDoor and SecureBackDoorPeim respectively. ” reads the advisory published by Lenovo.

Firmware

Firmware Manufacturing Hacking Cybersecurity

TP-Link fixes 2 Remote Code Execution flaws in TL-R600VPN SOHO Router and other issues

Security Affairs

NOVEMBER 20, 2018

The vulnerabilities are two remote code execution (RCE) flaws(CVE-2018-3950, CVE-2018-3951), a denial-of-service issue (CVE-2018-3948), and a server information disclosure bug (CVE-2018-394). The CVE-2018-3948 DoS flaw affects the URI-parsing function of the TL-R600VPN HTTP server. Pierluigi Paganini.

Authentication

Authentication Advertising Firmware Hacking

Over 19,000 Orange Livebox ADSL modems leak WiFi credentials

Security Affairs

DECEMBER 25, 2018

The flaw tracked as CVE-2018-20377 is known at least since 2012 when Rick Murray described it in a blog post. . “On Friday, December 21, 2018, our honeypots observed an interesting scan consisting of a GET request for /get_getnetworkconf.cgi. SecurityAffairs – Orange Livebox ADSL modems, hacking). admin/admin).

Passwords

Passwords Wireless Advertising Firmware

After 3 years, Google partially fixes a bug in Android Google Chrome

Security Affairs

JANUARY 3, 2019

The issue exposes devices information, including device model and firmware version, an attacker could exploit this info to remotely identify unpatched devices and target them. device name, installed firmware build). SecurityAffairs – Android Google Chrome, hacking). ” For example: Mozilla/5.0 Linux; Android 5.1.1;

Firmware

Firmware Advertising Mobile Hacking

Decoding Security 127: We Got Conned

SiteLock

AUGUST 27, 2021

Up next, Black Hat, one of the world’s largest information security conferences, took place in early August 2018 in Sin City. A topic of importance came from Kryptowire, a mobile security research firm that found firmware vulnerabilities in as many as 10 million Android devices in the United States that have remote escalation privileges.

Small Business

Small Business Artificial Intelligence Firmware IoT

Beastmode Mirai botnet now includes exploits for Totolink routers

Security Affairs

APRIL 2, 2022

The threat actors added TOTOLINK exploits just a week after the exploit codes were publicly released on GitHub in the attempt to compromise the largest number of devices as possible before the owners upgrade to the latest firmware releases. TOTOLINK has already addressed these flaws with the release of new firmware for vulnerable devices.

DDOS

DDOS Firmware Surveillance IoT

SweynTooth Bluetooth flaws affect devices from major system-on-a-chip (SoC) vendors

Security Affairs

FEBRUARY 15, 2020

Now experts found 12 vulnerabilities in the BLE software development kits (SDKs) of seven SoC vendors (Texas Instruments, NXP, Cypress, Dialog Semiconductors, Microchip, STMicroelectronics and Telink Semiconductor) that could be exploited to hack into various smart devices, including devices and environmental tracking or sensing systems.

IoT

IoT Firmware Advertising Hacking

Tens of flaws in Samsung SmartThings Hub expose smart home to attack

Security Affairs

JULY 29, 2018

“Cisco Talos recently discovered several vulnerabilities present within the firmware of the Samsung SmartThings Hub.” Samsung SmartThings Hub runs a Linux-based firmware and allows for communications with various IoT devices using various wireless standards Zigbee, Z-Wave, and Bluetooth. RCE Chain – CVE-2018-3911.

Firmware

Firmware IoT Advertising Wireless

Mozi Botnet is responsible for most of the IoT Traffic

Security Affairs

SEPTEMBER 20, 2020

“Once the attacker gains full access to the device through the botnet, the firmware level can be changed and additional malware can be planted on the device.” SecurityAffairs – hacking, Mozi botnet). ” continues the analysis. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

IoT

IoT DDOS Architecture Passwords

Hackers exploit 3-years old flaw to wipe Western Digital devices

Security Affairs

JUNE 25, 2021

WD is investigating the mysterious wave of attacks launched and speculates that attackers have been exploiting a known vulnerability, tracked as CVE-2018-18472 , to wipe the devices. The vendor pointed out that both My Book Live and My Book Live Duo devices received the last firmware update back in 2015 and are no longer supported.

Firmware

Firmware Internet Internet Hacking

MY TAKE: Why locking down ‘firmware’ has now become the next big cybersecurity challenge

SHARED INTEL: How ‘memory attacks’ and ‘firmware spoilage’ circumvent perimeter defenses

Webinars

Trending Sources

Sophos details five years of China-linked threat actors’ activity targeting network devices worldwide

Webinars

New Triada Trojan comes preinstalled on Android devices

Android devices shipped with backdoored firmware as part of the BADBOX network

How to hack Wincor Cineo ATMs to bypass black-box attack protections and withdraw cash

Netgear fixes a critical RCE that could allow to takeover Flagship Nighthawk routers

A new Mirai botnet variant targets DigiEver DS-2105 Pro DVRs

Experts found 9 NAS flaws that expose LenovoEMC, Iomega Devices to hack

Hacking the infotainment system used in Mercedes-Benz cars

Experts hacked 28,000 unsecured printers to raise awareness of printer security issues

Toyota presented PASTA (Portable Automotive Security Testbed) Car-Hacking Tool

BotenaGo botnet targets millions of IoT devices using 33 exploits

Millions of Xiongmai video surveillance devices can be easily hacked via cloud feature

HP releases firmware updates for two critical RCE flaws in Inkjet Printers

DRAGONBLOOD flaws allow hacking WPA3 protected WiFi passwords

CVE-2018-5383 Bluetooth flaw allows attackers to monitor and manipulate traffic

New Cring ransomware deployed targeting unpatched Fortinet VPN devices

ASUS addressed critical flaws in some router models

Group-IB presented latest cybercrime and nation-state hacking trends in Asia

Severe vulnerabilities allow hacking older GE anesthesia machines

Devices from Dell, HP, and Lenovo used outdated OpenSSL versions

QSnatch malware infected over 62,000 QNAP NAS Devices

Cisco says its RV routers will no longer receive updates

US and UK link new Cyclops Blink malware to Russian state hackers?

A daily average of 80,000 printers exposed online via IPP

HP bug bounty programs now covers flaws in cartridges

Researchers show how to steal a Tesla Model X in a few minutes

Sony Bravia Smart TVs affected by a critical vulnerability

BLEEDINGBIT Bluetooth flaws in TI chips expose enterprises to remote attacks

A new Zerobot variant spreads by exploiting Apache flaws

Guardzilla Security Video System Footage exposed online

Cisco ASA is affacted by a privilege escalation flaw. Patch it now!

Security Affairs newsletter Round 180 – News of the week

ESET warns of three flaws that affect over 100 Lenovo notebook models

TP-Link fixes 2 Remote Code Execution flaws in TL-R600VPN SOHO Router and other issues

Over 19,000 Orange Livebox ADSL modems leak WiFi credentials

After 3 years, Google partially fixes a bug in Android Google Chrome

Decoding Security 127: We Got Conned

Beastmode Mirai botnet now includes exploits for Totolink routers

SweynTooth Bluetooth flaws affect devices from major system-on-a-chip (SoC) vendors

Tens of flaws in Samsung SmartThings Hub expose smart home to attack

Mozi Botnet is responsible for most of the IoT Traffic

Hackers exploit 3-years old flaw to wipe Western Digital devices

Stay Connected