Security Affairs

OCTOBER 5, 2020

Security researchers at Netlab, the network security division Qihoo 360, have published a report that details an IoT botnet dubbed Ttint. The experts are monitoring the Mirai-based botnet since November 2019 and observed it exploiting two Tenda router 0-day vulnerabilities to spread a Remote Access Trojan (RAT).

IoT 145

IoT Firmware Advertising DNS 145

Security Affairs

JULY 18, 2021

“Through the course of collaboration with trusted third parties, SonicWall has been made aware of threat actors actively targeting Secure Mobile Access (SMA) 100 series and Secure Remote Access (SRA) products running unpatched and end-of-life (EOL) 8.x x firmware in an imminent ransomware campaign using stolen credentials.”

Ransomware 138

Ransomware Firmware Mobile InfoSec 138

Security Affairs

JULY 11, 2019

Intel Patch Tuesday updates for July 2019 address a serious flaw in Processor Diagnostic Tool and minor issue in the Solid State Drives (SSD) for Data Centers (DC). The “high severity” vulnerability in the Processor Diagnostic Tool is tracked as CVE-2019-11133, it was rated with a CVSS score of 8.2 and Prior affects all prior versions.

Firmware 108

Firmware Advertising Authentication Hacking 108

Security Affairs

JUNE 22, 2020

AMD is going to release patches for a flaw affecting the System Management Mode (SMM) of the Unified Extensible Firmware Interface (UEFI). The vulnerability was discovered by the security researcher Danny Odler, it resides in the AMD’s Mini PC could allow attackers to manipulate secure firmware and execute arbitrary code.

Firmware 133

Firmware Architecture Advertising Manufacturing 133

Security Affairs

FEBRUARY 15, 2020

These issues usually occur due to some improper synchronization between user code and the SDK firmware distributed by the SoC vendor, Security Bypass : Vulnerabilities that could be exploited by attackers in radio range to bypass the latest secure pairing mode of BLE. 2.60 (CVE-2019-16336) and NXP KW41Z 3.40 or earlier.

IoT 141

IoT Firmware Advertising Hacking 141

Security Affairs

JULY 15, 2021

. “Through the course of collaboration with trusted third parties, SonicWall has been made aware of threat actors actively targeting Secure Mobile Access (SMA) 100 series and Secure Remote Access (SRA) products running unpatched and end-of-life (EOL) 8.x x firmware in an imminent ransomware campaign using stolen credentials.”

Firmware 117

Firmware Ransomware Passwords Mobile 117

Security Affairs

NOVEMBER 11, 2021

Ax with firmware 1.04b12 and earlier CVE-2016-1555 Netgear WN604 before 3.3.3 CVE-2017-6077 NETGEAR DGN2200 devices with firmware through 10.0.0.50 181024 CVE-2019-19824 TOTOLINK Realtek SDK based routers, this affects A3002RU through 2.0.0, Ax with firmware 1.04b12 and earlier CVE-2016-1555 Netgear WN604 before 3.3.3

IoT 140

IoT Firmware Malware Wireless 140

Security Affairs

JULY 25, 2020

Some of the flaws were reported in February 9, 2019, other issues date back to March 2020, but all of them have been publicly disclosed on July 22. The vendor pointed out that DAP-1522 and DIR-816L models that have reached their “end of support” phase, this means that these devices running firmware versions v1.42 (and below) and v12.06.B09

Firmware 139

Firmware Advertising Authentication Hacking 139

Security Affairs

APRIL 7, 2020

xHelper is a piece of malware that was first spotted in October 2019 by experts from security firm Symantec, it is a persistent Android dropper app that is able to reinstall itself even after users attempt to uninstall it. In this case, reflashing is pointless, so it would be worth considering alternative firmwares for your device.

Malware 145

Malware Firmware Manufacturing Advertising 145

Security Affairs

NOVEMBER 7, 2019

Bug hunters have earned a total of $195,000 for finding flaws in TVs, routers and smartphones on the first day of the Pwn2Own Tokyo 2019 contest. Pwn2Own Tokyo 2019 contest offers over $750,000 in rewards for working exploits targeting one of the devices in a list of 17 systems. SecurityAffairs – Pwn2Own Tokyo 2019, hacking).

Hacking 75

Hacking Advertising Firmware Information Security 75

Security Affairs

JANUARY 27, 2020

Fortinet published a security advisory for the issue that is tracked as CVE-2019-17659. Fortinet urges customers to install the patch for CVE-2019-17659 , or restrict the access to FortiSIEM’s “ tunneluser ” port (19999). reads the advisory. “A reads the advisory.

Advertising 142

Advertising Firmware Passwords Authentication 142

Security Affairs

AUGUST 6, 2019

Researchers discovered two serious flaws, QualPwn bugs, in Qualcomm’s Snapdragon SoC WLAN firmware that could be exploited to hack Android device over the air. The first vulnerability, tracked as CVE-2019-10538 is a buffer overflow that impacts the Qualcomm WLAN component and the Android Kernel.

Hacking 101

Hacking Firmware Advertising Mobile 101

Security Affairs

JULY 1, 2020

Netgear is releasing security patches to address ten vulnerabilities affecting nearly 80 of its products. Some of the vulnerabilities were discovered during the Pwn2Own Tokyo 2019 hacking contest and reported through the Zero Day Initiative (ZDI). ZDI reported the flaws to the vendor in November 2019, January and February 2020.

Authentication 145

Authentication Firmware Hacking Mobile 145

Security Affairs

SEPTEMBER 15, 2020

7 ] CVE-2019-19781 : Citrix Virtual Private Network (VPN) Appliances – CISA has observed the threat actors attempting to discover vulnerable Citrix VPN Appliances. CVE-2019-19781 enabled the actors to execute directory traversal attacks.[ CVE-2019-19781 enabled the actors to execute directory traversal attacks.[

Government 105

Government VPN Firmware Energy and Utilities 105

Security Affairs

FEBRUARY 23, 2022

The Cyclops Blink malware has been active since at least June 2019, it targets WatchGuard Firebox and other Small Office/Home Office (SOHO) network devices. ” reads the advisory published by the UK National Cyber Security Centre. The malware leverages the firmware update process to achieve persistence.

Malware 112

Malware Firmware Architecture Firewall 112

Security Affairs

FEBRUARY 23, 2020

CVE-2019-0604 SharePoint Remote code execution (RCE) vulnerability. Unsigned Firmware running on peripherals could expose Windows, Linux systems to hack. 5 Ways artificial intelligence Is Being Used to Keep Sensitive Information Secure. Unsigned Firmware running on peripherals could expose Windows, Linux systems to hack.

Artificial Intelligence 99

Artificial Intelligence eCommerce Hacking Advertising 99

Security Affairs

AUGUST 10, 2019

. “The bug affecting the open source software was reported in 2009, yet its presence in the phone’s firmware remained unnoticed until now. 323 software stack is affected (as opposed to the SIP stack that can also be used with these phones), and the Avaya Security Advisory (ASA) can be found here ASA-2019-128. Only the H.323

Firmware 109

Firmware IoT Advertising Software 109

Security Affairs

MARCH 31, 2022

The three flaws reported by the cybersecurity firm are: An authentication bypass tracked CVE-2019-9564 A stack-based buffer overflow, tracked as CVE-2019-12266 , which could lead to remote control execution. A remote attacker could exploit the CVE-2019-9564 flaw to take over the device, including turning on/off the camera.

IoT 98

IoT Firmware Marketing Authentication 98

Security Affairs

JUNE 13, 2019

The company has already fixed the issues with the release of firmware versions 1.2.2.S0, “The industrial managed switch series 852 from WAGO is affected by multiple vulnerabilities such as old software components embedded in the firmware. ” reads the security advisory. S0 and 1.1.5.S0, S0, respectively.

Firmware 98

Firmware Passwords Advertising IoT 98

Security Affairs

SEPTEMBER 20, 2020

The Mozi botnet accounted for 90% of the IoT network traffic observed between October 2019 and June 2020, IBM reported. Mozi is an IoT botnet that borrows the code from Mirai variants and the Gafgyt malware , it appeared on the threat landscape in late 2019. ” continues the analysis.

IoT 145

IoT DDOS Architecture Passwords 145

Security Affairs

NOVEMBER 17, 2019

The medium-severity flaw was tracked as CVE-2019-13945 and received a CVSS score of 6.8, The Siemens S7 is considered one of the most secure controllers in the industry, it is used in power plants, traffic lights, water pumps, building control, production lines, aviation systems, and many other critical infrastructures. .

Firmware 111

Firmware Advertising Manufacturing Risk 111

Security Affairs

AUGUST 11, 2023

The vulnerability impacts devices running firmware versions 7.3.15.0 Zyxel addressed the vulnerability in 2017 with the release of new firmware, however, the vendor warned that a Gafgyt variant was exploiting the flaw in 2019. Additionally, the P660HN-T1A running the latest generic firmware, version 3.40(BYF.11),

Firmware 98

Firmware Hacking Cybercrime Information Security 98

Security Affairs

AUGUST 10, 2021

The eCh0raix ransomware has been active since at least 2019, when eExperts from security firms Intezer and Anomali separately discovered sample of the ransomware targeting Network Attached Storage (NAS) devices. Independent experts observed a surge in eCh0raix ransomware infection reports between April 19 and April 26.

Ransomware 138

Ransomware Encryption Firmware Passwords 138

Security Affairs

NOVEMBER 1, 2021

The number of infected devices is impressive, on 2019-11-30 a trusted security partner in the US informed Qihoo 360’s Netlab Cybersecurity reported to have observed 1,962,308 unique daily active IPs from the Pink botnet targeting its systems.

Architecture 145

Architecture DDOS Advertising DNS 145

Security Affairs

SEPTEMBER 10, 2019

The security researcher Benjamin Kunz from Vulnerability-Lab disclosed zero-day flaws in Telestar Digital GmbH IoT radio devices that could be exploited by remote attackers to hijack devices without any user interaction. The vulnerabilities have been tracked as CVE-2019-13473 and CVE-2019-13474. .

IoT 109

IoT Hacking Firmware Advertising 109

Security Affairs

FEBRUARY 6, 2020

The bridge discovers the hacker-controlled bulb with updated firmware, and the user adds it back onto their network. In today’s complex fifth-generation attack landscape, we cannot afford to overlook the security of anything that is connected to our networks.”

Hacking 141

Hacking IoT Wireless Firmware 141

Security Affairs

MAY 2, 2021

Adding a privilege escalation exploit such as CVE-2021-3347 to TBONE would allow us to load new Wi-Fi firmware in the Tesla car, turning it into an access point which could be used to exploit other Tesla cars that come into the victim car’s proximity. We did not want to weaponize this exploit into a worm, however.”.

Hacking 126

Hacking Firmware Manufacturing Software 126

Security Affairs

APRIL 2, 2021

The threat actors are actively exploiting the following vulnerabilities in Fortinet FortiOS: CVE-2018-13379 ; CVE-2020-12812 ; CVE-2019-5591. The joint alert also states that attackers scanning also enumerated devices for the CVE-2020-12812 and CVE-2019-5591 flaws. hard drive, storage device, the cloud).

Government 103

Government Passwords Accountability Firmware 103

Security Affairs

SEPTEMBER 9, 2019

In May, the Department of Energy confirmed that on March 5, 2019, between 9 a.m. “ After seeing no adverse effects, the entity deployed the firmware patch at an operational generation site that night.” and 7 p.m., a cyber event disrupted energy grid operations in California, Wyoming, and Utah.

Energy and Utilities 108

Energy and Utilities Firewall Firmware Advertising 108

Security Affairs

JANUARY 16, 2022

Up to date apps and firmware seem not to help either.” The eCh0raix ransomware has been active since at least 2019, when eExperts from security firms Intezer and Anomali separately discovered sample of the ransomware targeting Network Attached Storage (NAS) devices. Follow me on Twitter: @securityaffairs and Facebook.

Ransomware 139

Ransomware Encryption Backups Firmware 139

Security Affairs

AUGUST 7, 2019

Cisco released security updates to address several vulnerabilities in Cisco Small Business 220 Series Smart Switches, including two critical issues. The most important flaw, tracked as CVE-2019-1913, could be exploited by an unauthenticated, remote attacker to execute arbitrary code with root privileges.

Small Business 103

Small Business Advertising Firmware Authentication 103

Security Affairs

JULY 17, 2019

The exposed information included the vehicle’s VIN, speed, temperature, version number, whether it was locked or not, tire pressure, and alerts. The data also included other firmware info such as geofense locations, CAN viewers, and configurations. Curry was awarded $10,000 for reporting the flaw to Tesla.

Advertising 104

Advertising Firmware Mobile Software 104

Security Affairs

DECEMBER 8, 2019

Both, the firmware and hardware of the tools are completely open-source, this means that researchers can extend their functionalities according to their needs. . The black color for the main PCB and the NAND/NOR adapters were chosen because the launch was made during Black Hat Europe 2019 Arsenal.” NAND chips).

Firmware 97

Firmware Advertising Marketing Hacking 97

Security Affairs

AUGUST 20, 2021

Mozi is an IoT botnet that borrows the code from Mirai variants and the Gafgyt malware , it appeared on the threat landscape in late 2019. According to the researchers, in the last months of 2019, the botnet was mainly involved in DDoS attacks. Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini.

IoT 107

IoT DNS Manufacturing Firmware 107

Security Affairs

AUGUST 3, 2019

The first issue, tracked as CVE-2019-13377, is a timing-based side-channel attack against WPA3’s Dragonfly handshake when using Brainpool curves. “During our initial disclosure, the Wi-Fi Alliance privately created security recommendations to mitigate our attacks.

Passwords 111

Passwords Hacking Wireless Authentication 111

Security Affairs

APRIL 7, 2021

“The primary causes of the incident include the use of an outdated and vulnerable firmware version on the Fortigate VPN server (version 6.0.2 “The lack of timely antivirus database updates for the security solution used on attacked systems also played a key role, preventing the solution from detecting and blocking the threat.

VPN 130

VPN Ransomware Antivirus Firmware 130

Security Affairs

JANUARY 3, 2020

The security duo published on Medium the technical details of the vulnerabilities in two posts along with PoC videos for their exploitation. One of the flaws is a remote command execution flaw , tracked as CVE-2019-17621, that resides in the code used to manage UPnP requests. ” reads the post published by the experts. .”

Advertising 95

Advertising Firmware VPN Authentication 95