Security Affairs

JUNE 13, 2020

D-Link has released a firmware update to address three security flaws impacting the DIR-865L home router model, but left some issue unpatched. D-Link has recently released a firmware update to address three out of six security flaws impacting the DIR-865L wireless home router. SecurityAffairs – D-Link DIR-865L, hacking).

Firmware 114

Firmware Wireless Advertising Risk 114

Security Affairs

JANUARY 1, 2021

Zyxel addressed a critical flaw in its firmware, tracked as CVE-2020-29583 , related to the presence of a hardcoded undocumented secret account. The Taiwanese vendor Zyxel has addressed a critical vulnerability in its firmware related to the presence of a hardcoded undocumented secret account. “Firmware version 4.60

Firewall 145

Firewall VPN Firmware Passwords 145

Security Affairs

NOVEMBER 29, 2020

Experts found a critical flaw in Real-Time Automation’s (RTA) 499ES EtherNet/IP stack that could allow hacking industrial control systems. Tracked as CVE-2020-25159 , the flaw is rated 9.8 The flaw, tracked as CVE-2020-25159, has received a CVSS score of 9.8 SecurityAffairs – hacking, industrial automation systems).

Hacking 143

Hacking Firmware Internet Internet 143

Security Affairs

MAY 19, 2021

Anyway, the experts didn’t find a way to compromise the T-Box, they only demonstrated how to send arbitrary CAN messages from T-Box and bypass the code signing mechanism to fash a custom SH2A MCU firmware by utilizing a vulnerability in SH2A firmware on a debug version T-Box. SecurityAffairs – hacking, Mercedes).

Hacking 139

Hacking Firmware Engineering Software 139

Security Affairs

MARCH 14, 2021

Netgear has released security and firmware updates for its JGS516PE Ethernet switch to address 15 vulnerabilities, including a critica remote code execution issue. The most severe flaw is a critical RCE tracked as CVE-2020-26919 and rated with a CVSS v3 score of 9.8, ” reads the advisory published by NCC Group.”

Firmware 144

Firmware Authentication Hacking Software 144

Security Affairs

FEBRUARY 6, 2020

Security experts from Check Point discovered a high-severity flaw ( CVE-2020-6007 ) in Philips Hue Smart Light Bulbs that can be exploited by hackers to gain entry into a targeted WiFi network. The bridge discovers the hacker-controlled bulb with updated firmware, and the user adds it back onto their network. Pierluigi Paganini.

Hacking 144

Hacking IoT Wireless Firmware 144

Security Affairs

DECEMBER 8, 2020

The experts initially discovered the flaws in DSR-250 router family running firmware version 3.17, further investigation allowed the experts to determine that these vulnerabilities also affect other devices, including D-Link DSR-150, DSR-250, DSR-500, and DSR-1000AC VPN routers running firmware versions 3.17 and earlier.

VPN 137

VPN Hacking Firmware Authentication 137

Troy Hunt

JULY 13, 2021

Almost - there's still that cloud dependency and there's really only 2 ways around that: Control the existing device locally with the original firmware Flash the device with 3rd party firmware that supports local control Let's explore these more starting with the first option because it feels like the most low-friction path.

Internet 357

Internet Internet IoT Firmware 357

Security Affairs

JUNE 23, 2021

In October last year, experts reported a critical stack-based Buffer Overflow vulnerability, tracked as CVE-2020-5135 , in SonicWall Network Security Appliance (NSA) appliances. SecurityAffairs – hacking, ransomware). ” Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini.

VPN 134

VPN Firewall Firmware Authentication 134

Security Affairs

DECEMBER 21, 2020

Critical vulnerabilities tracked as CVE-2020-29492 and CVE-2020-29491 affect several Dell Wyse thin client models that could be exploited by a remote attacker to execute malicious code and gain access to arbitrary files. Both CVE-2020-29492 and CVE-2020-29491 reside in the ThinOS operating system that runs on Dell Wyse thin clients.

Hacking 116

Hacking Firmware DNS Healthcare 116

Security Affairs

MARCH 8, 2021

via the unauthorized remote command execution vulnerability (CVE-2020-2506 & CVE-2020-2507). Threat actors are exploiting two unauthorized remote command execution vulnerabilities, tracked as CVE-2020-2506 & CVE-2020-2507, in the Helpdesk app that have been fixed by the vendor in October 2020.

Cryptocurrency 142

Cryptocurrency Firmware Malware Threat Detection 142

Security Affairs

NOVEMBER 11, 2021

Below is the list of exploits used by the bot: Vulnerability Affected devices CVE-2020-8515 DrayTek Vigor2960 1.3.1_Beta, Vigor3900 1.4.4_Beta, and Vigor300B 1.3.3_Beta, 1.4.2.1_Beta, and 1.4.4_Beta devices CVE-2015-2051 D-Link DIR-645 Wired/Wireless Router Rev. Ax with firmware 1.04b12 and earlier CVE-2016-1555 Netgear WN604 before 3.3.3

IoT 143

IoT Firmware Malware Wireless 143

Security Affairs

JULY 25, 2020

The vulnerabilities have been reported by the ACE Team at Loginsoft, below the full list included in the security advisory published by the vendor: CVE-2020-15892 :: Link :: DAP 1520 :: Buffer overflow in the `ssi` binary, leading to arbitrary command execution. SecurityAffairs – hacking, D-Link). Pierluigi Paganini.

Firmware 141

Firmware Advertising Authentication Hacking 141

Security Affairs

JANUARY 22, 2021

Realmode Labs reported the flaws to Amazon on October 17 and the company released security updates to address them on December 10, 2020. Experts also published a video PoC of the KindleDRIP exploit chain on a new Kindle 10 running firmware version 5.13.2. SecurityAffairs – hacking, KindleDRIP). Pierluigi Paganini.

Hacking 145

Hacking Authentication Firmware Phishing 145

Security Affairs

MAY 2, 2021

A security duo has demonstrated how to hack a Tesla Model X’s and open the doors using a DJI Mavic 2 drone equipped with a WIFI dongle. The duo was planning to present the attack at the PWN2OWN 2020 hacking contest, but since it was moved online due to the COVID19 pandemic they opted to privately report the issues to the carmaker.

Hacking 133

Hacking Firmware Manufacturing Software 133

Security Affairs

JUNE 22, 2020

AMD is going to release patches for a flaw affecting the System Management Mode (SMM) of the Unified Extensible Firmware Interface (UEFI). The vulnerability was discovered by the security researcher Danny Odler, it resides in the AMD’s Mini PC could allow attackers to manipulate secure firmware and execute arbitrary code.

Firmware 134

Firmware Architecture Advertising Manufacturing 134

Security Affairs

DECEMBER 15, 2020

The vulnerabilities ((CVE-2020-25183, CVE-2020-25187, CVE-2020-27252)) could be only exploited by an attacker within the Bluetooth range of the vulnerable product. The third vulnerability, tracked as CVE-2020-27252, is a race condition that could be leveraged to upload and execute unsigned firmware on the Patient Reader.

Firmware 142

Firmware Authentication Mobile IoT 142

Security Affairs

DECEMBER 11, 2024

has charged a Chinese national for hacking thousands of Sophos firewall devices worldwide in 2020. has charged the Chinese national Guan Tianfeng (aka gbigmao and gxiaomao) for hacking thousands of Sophos firewall devices worldwide in 2020. and its employee Guan Tianfeng for hacking U.S. ” The U.S.

Firewall 82

Firewall Hacking Malware Passwords 82

Security Affairs

OCTOBER 5, 2020

.” When the botnet was first detected in 2019, experts noticed it was exploiting the Tenda zero-day flaw tracked as CVE-2020-10987. The vulnerability was detailed in July 2020 by the security researchers Sanjana Sarda. “We recommend that Tenda router users check their firmware and make necessary update.”

IoT 145

IoT Firmware Advertising DNS 145

Security Affairs

DECEMBER 3, 2020

The infamous TrickBot gets a new improvement, authors added a new feature dubbed “ TrickBoot ” designed to exploit well-known vulnerabilities in the UEFI/BIOS firmware and inject malicious code, such as bootkits. TrickBot, one of the most active botnets, in the world, gets a new improvement by adding a UEFI/BIOS Bootkit Feature.

Firmware 126

Firmware Malware Hacking Manufacturing 126

Security Affairs

SEPTEMBER 8, 2020

Researchers found multiple vulnerabilities in MoFi Network routers, including critical flaws that can be exploited to remotely hack a device. Probably the most interesting vulnerability is an undocumented backdoor, tracked as CVE-2020-15835, that can be exploited by attackers to gain root access to a router. Pierluigi Paganini.

Firmware 134

Firmware Wireless Authentication Advertising 134

Security Affairs

DECEMBER 8, 2020

The high-severity vulnerabilities tracked as CVE-2020-2495, CVE-2020-2496, CVE-2020-2497, and CVE-2020-2498 are cross-side-scripting flaws that could allow remote attackers to inject malicious code in File Station, to inject malicious code in System Connection Logs, and to inject malicious code in certificate configuration.

Firmware 132

Firmware Malware Ransomware Hacking 132

Security Affairs

JULY 31, 2020

This week, firmware security company Eclypsium reported that billions of Windows and Linux devices are affected by a serious GRUB2 bootloader issue (CVE-2020-10713), dubbed BootHole , that can be exploited to install a stealthy malware. minimal" version from Binary DVD iso downloaded on 7/29/2020 on system running in EFI mode 2.

Firmware 125

Firmware Advertising Malware Hacking 125

CyberSecurity Insiders

MAY 14, 2021

Apple AirTags can be hacked says a security expert from Germany and that too within a week of the sale of the very first device launched prestigiously in the first week of May’2021. Stack claimed that his study found that the device can be infiltrated and the firmware can be altered in such a way that it starts favoring the hackers.

Hacking 84

Hacking Firmware DDOS Scams 84

Security Affairs

AUGUST 7, 2021

Threat actors are actively exploiting a critical authentication bypass issue (CVE-2021-20090 ) affecting home routers with Arcadyan firmware. Threat actors actively exploit a critical authentication bypass vulnerability, tracked as CVE-2021-20090 , impacting home routers with Arcadyan firmware to deploy a Mirai bot.

IoT 145

IoT Firmware Authentication Wireless 145

Security Affairs

MARCH 28, 2020

The two critical remote command injection vulnerabilities tracked as CVE-2020-8515 affect DrayTek Vigor network devices, including enterprise switches, routers, load-balancers, and VPN gateway. On the 6th Feb, we released an updated firmware to address this issue.” firmware or later. SecurityAffairs – DrayTek, hacking).

Firmware 129

Firmware VPN Accountability Advertising 129

Security Affairs

DECEMBER 12, 2020

The flaw, tracked as CVE-2020-25191, affects driver versions prior to 20.5. Update the firmware on CompactRIO controllers to v8.5 Refer to Upgrading Firmware on my NI Linux Real-Time Device for directions on how to update the firmware on current controllers. SecurityAffairs – hacking, BISMUTH).

Firmware 122

Firmware Manufacturing Software Authentication 122

Security Affairs

AUGUST 3, 2019

Dragonblood researchers found two new weaknesses in WPA3 protocol that could be exploited to hack WPA3 protected WiFi passwords. A group of researchers known as Dragonblood (Mathy Vanhoef and Eyal Ronen ) devised new methods to hack WPA3 protected WiFi passwords by exploiting two new vulnerabilities dubbed Dragonblood flaws.

Passwords 111

Passwords Hacking Wireless Authentication 111

Security Affairs

NOVEMBER 20, 2020

VMware has released patches for two serious ESXi vulnerabilities that were disclosed during the 2020 Tianfu Cup International PWN Contest. The Tianfu Cup is the most important hacking contest held in China, the total bonus of the contest this year was up to 1 million US dollars. CVE-2020-4004).” Pierluigi Paganini.

Hacking 127

Hacking Firmware Government Software 127

Security Affairs

APRIL 25, 2021

Threat actors are exploiting two vulnerabilities in the popular file-sharing server FileZen , tracked as CVE-2020-5639 and CVE-2021-20655 , to steal sensitive data from businesses and government organizations. Soliton addressed both flaws in FileZen solutions with the release of firmware versions V4.2.8 and V5.0.3.

System Administration 134

System Administration Firmware Government Hacking 134

Krebs on Security

MAY 22, 2023

pw has been registered and abandoned by several parties since 2014, but the most recent registration data available through DomainTools.com shows it was registered in March 2020 to someone in Krasnodar, Russia with the email address edgard011012@gmail.com. In May 2020, Zipper told another Lolzteam member that quot[.]pw

Scams 278

Scams DDOS Cryptocurrency Accountability 278

Security Affairs

MARCH 23, 2020

Netlab shared its findings with LILIN on January 19, 2020, and the vendor addressed the issues with the release of the firmware update (version 2.0b60_20200207). The new firmware released by the vendors validated the hostname passed as input to prevent command execution. SecurityAffairs – hacking, LILIN).

Firmware 139

Firmware Surveillance Manufacturing Advertising 139

Security Affairs

JUNE 23, 2020

We started regular scanning of all 4 billion routable IPv4 addresses on the 5th of June 2020 and added Open IPP reporting as part of our daily public benefit remediation network reports on the 8th of June 2020. This info includes printer names, locations, models, firmware versions, organization names, and even WiFi network names.

Internet 140

Internet Internet Firmware Advertising 140

Security Affairs

MAY 1, 2021

Threat actors were exploiting two unauthorized remote command execution vulnerabilities, tracked as CVE-2020-2506 & CVE-2020-2507, in the Helpdesk app that have been fixed by the vendor in October 2020. SecurityAffairs – hacking, QNAP). The flaws fixed by the vendor are rated as medium and high severity security.

Ransomware 145

Ransomware Cryptocurrency Malware Internet 145

Security Affairs

JULY 10, 2020

Some of the issues also affected third-party components, including OpenSSL, Intel firmware, Bouncy Castle, Java SE, Apache software, and others. Another critical vulnerability addressed by the company is CVE-2020-1654 , it could be exploited to trigger a DoS condition or to execute arbitrary code remotely. Pierluigi Paganini.

Firmware 131

Firmware Advertising Firewall Internet 131

Security Affairs

NOVEMBER 2, 2024

Between 2020 and 2022, attackers launched multiple campaigns to exploit zero-day vulnerabilities in publicly accessible network appliances, focusing on WAN-facing services. Successful exploitation of these vulnerabilities could allow attackers to steal sensitive data, inject firmware payloads, and even reach LAN-connected devices.

Firmware 127

Firmware Government Firewall Malware 127

Security Affairs

DECEMBER 17, 2020

According to a private industry notification alert (PIN), sent by the FBI to private organizations, the Bureau is aware of extortion activities that have been happening since February 2020. Patch operating systems, software, firmware, and endpoints. SecurityAffairs – hacking, FBI). PIN Number 20201210-001. Pierluigi Paganini.

Ransomware 145

Ransomware Backups Firmware Accountability 145