Security Affairs

JUNE 23, 2021

In October last year, experts reported a critical stack-based Buffer Overflow vulnerability, tracked as CVE-2020-5135 , in SonicWall Network Security Appliance (NSA) appliances. The post SonicWall finally fixed a flaw resulting from a partially patched 2020 zero-day appeared first on Security Affairs.

VPN 135

VPN Firewall Firmware Authentication 135

Security Affairs

NOVEMBER 11, 2021

Below is the list of exploits used by the bot: Vulnerability Affected devices CVE-2020-8515 DrayTek Vigor2960 1.3.1_Beta, Vigor3900 1.4.4_Beta, and Vigor300B 1.3.3_Beta, 1.4.2.1_Beta, and 1.4.4_Beta devices CVE-2015-2051 D-Link DIR-645 Wired/Wireless Router Rev. Ax with firmware 1.04b12 and earlier CVE-2016-1555 Netgear WN604 before 3.3.3

IoT 143

IoT Firmware Malware Wireless 143

Security Affairs

MARCH 8, 2021

via the unauthorized remote command execution vulnerability (CVE-2020-2506 & CVE-2020-2507). Threat actors are exploiting two unauthorized remote command execution vulnerabilities, tracked as CVE-2020-2506 & CVE-2020-2507, in the Helpdesk app that have been fixed by the vendor in October 2020.

Cryptocurrency 143

Cryptocurrency Firmware Malware Threat Detection 143

Security Affairs

JULY 25, 2020

The vulnerabilities have been reported by the ACE Team at Loginsoft, below the full list included in the security advisory published by the vendor: CVE-2020-15892 :: Link :: DAP 1520 :: Buffer overflow in the `ssi` binary, leading to arbitrary command execution. B09 (and below) will receive no security updates remaining vulnerable.

Firmware 141

Firmware Advertising Authentication Hacking 141

Security Affairs

DECEMBER 15, 2020

The vulnerabilities ((CVE-2020-25183, CVE-2020-25187, CVE-2020-27252)) could be only exploited by an attacker within the Bluetooth range of the vulnerable product. The third vulnerability, tracked as CVE-2020-27252, is a race condition that could be leveraged to upload and execute unsigned firmware on the Patient Reader.

Firmware 142

Firmware Authentication Mobile IoT 142

Security Affairs

JUNE 22, 2020

AMD is going to release patches for a flaw affecting the System Management Mode (SMM) of the Unified Extensible Firmware Interface (UEFI). The vulnerability was discovered by the security researcher Danny Odler, it resides in the AMD’s Mini PC could allow attackers to manipulate secure firmware and execute arbitrary code.

Firmware 135

Firmware Architecture Advertising Manufacturing 135

Security Affairs

DECEMBER 3, 2020

The infamous TrickBot gets a new improvement, authors added a new feature dubbed “ TrickBoot ” designed to exploit well-known vulnerabilities in the UEFI/BIOS firmware and inject malicious code, such as bootkits. TrickBot, one of the most active botnets, in the world, gets a new improvement by adding a UEFI/BIOS Bootkit Feature.

Firmware 128

Firmware Malware Hacking Manufacturing 128

Security Affairs

OCTOBER 5, 2020

.” When the botnet was first detected in 2019, experts noticed it was exploiting the Tenda zero-day flaw tracked as CVE-2020-10987. The vulnerability was detailed in July 2020 by the security researchers Sanjana Sarda. “We recommend that Tenda router users check their firmware and make necessary update.”

IoT 145

IoT Firmware Advertising DNS 145

Security Affairs

MARCH 28, 2020

The two critical remote command injection vulnerabilities tracked as CVE-2020-8515 affect DrayTek Vigor network devices, including enterprise switches, routers, load-balancers, and VPN gateway. On the 6th Feb, we released an updated firmware to address this issue.” ” reads the security bulletin. firmware or later.

Firmware 130

Firmware VPN Accountability Advertising 130

Security Affairs

JULY 31, 2020

This week, firmware security company Eclypsium reported that billions of Windows and Linux devices are affected by a serious GRUB2 bootloader issue (CVE-2020-10713), dubbed BootHole , that can be exploited to install a stealthy malware. minimal" version from Binary DVD iso downloaded on 7/29/2020 on system running in EFI mode 2.

Firmware 125

Firmware Advertising Malware Hacking 125

Security Affairs

DECEMBER 8, 2020

The high-severity vulnerabilities tracked as CVE-2020-2495, CVE-2020-2496, CVE-2020-2497, and CVE-2020-2498 are cross-side-scripting flaws that could allow remote attackers to inject malicious code in File Station, to inject malicious code in System Connection Logs, and to inject malicious code in certificate configuration.

Firmware 133

Firmware Malware Ransomware Hacking 133

Security Affairs

AUGUST 7, 2021

Threat actors are actively exploiting a critical authentication bypass issue (CVE-2021-20090 ) affecting home routers with Arcadyan firmware. Threat actors actively exploit a critical authentication bypass vulnerability, tracked as CVE-2021-20090 , impacting home routers with Arcadyan firmware to deploy a Mirai bot.

IoT 145

IoT Firmware Authentication Wireless 145

Security Affairs

DECEMBER 12, 2020

Cybersecurity and Infrastructure Security Agency (CISA) published a security advisory to warn organizations about the flaw. The flaw, tracked as CVE-2020-25191, affects driver versions prior to 20.5. ” reads the security advisory published by CISA. Update the firmware on CompactRIO controllers to v8.5

Firmware 125

Firmware Manufacturing Software Authentication 125

Krebs on Security

MAY 22, 2023

pw has been registered and abandoned by several parties since 2014, but the most recent registration data available through DomainTools.com shows it was registered in March 2020 to someone in Krasnodar, Russia with the email address edgard011012@gmail.com. In May 2020, Zipper told another Lolzteam member that quot[.]pw

Scams 284

Scams DDOS Cryptocurrency Accountability 284

Security Affairs

SEPTEMBER 8, 2020

Probably the most interesting vulnerability is an undocumented backdoor, tracked as CVE-2020-15835, that can be exploited by attackers to gain root access to a router. “Several firmware versions have been released, but some of the vulnerabilities have not been fully patched.” ” continues the report.

Firmware 136

Firmware Wireless Authentication Advertising 136

Security Affairs

APRIL 25, 2021

Threat actors are exploiting two vulnerabilities in the popular file-sharing server FileZen , tracked as CVE-2020-5639 and CVE-2021-20655 , to steal sensitive data from businesses and government organizations. Soliton addressed both flaws in FileZen solutions with the release of firmware versions V4.2.8 and V5.0.3.

System Administration 135

System Administration Firmware Government Hacking 135

Security Affairs

NOVEMBER 2, 2024

Between 2020 and 2022, attackers launched multiple campaigns to exploit zero-day vulnerabilities in publicly accessible network appliances, focusing on WAN-facing services. Successful exploitation of these vulnerabilities could allow attackers to steal sensitive data, inject firmware payloads, and even reach LAN-connected devices.

Firmware 129

Firmware Government Firewall Malware 129

Security Affairs

NOVEMBER 29, 2020

Tracked as CVE-2020-25159 , the flaw is rated 9.8 ” reads the security advisory published by Claroty. The flaw, tracked as CVE-2020-25159, has received a CVSS score of 9.8 Brizinov reported the stack overflow issue to the US agency CISA that published a security advisory. ” continues the report.

Hacking 144

Hacking Firmware Internet Internet 144

Security Affairs

FEBRUARY 6, 2020

Security experts from Check Point discovered a high-severity flaw ( CVE-2020-6007 ) in Philips Hue Smart Light Bulbs that can be exploited by hackers to gain entry into a targeted WiFi network. The bridge discovers the hacker-controlled bulb with updated firmware, and the user adds it back onto their network.

Hacking 144

Hacking IoT Wireless Firmware 144

Security Affairs

MARCH 4, 2021

In July 2020, researchers at the cybersecurity firmware Eclypsium disclosed a buffer overflow vulnerability, tracked as CVE-2020-10713 and dubbed BootHole , which can be exploited by attackers to install persistent and stealthy malware. CVE-2020-25647 grub2: Out-of-bound write in grub_usb_device_initialize() CWE-787 (CVSS 6.9).

Firmware 138

Firmware Malware Hacking Cybersecurity 138

Security Affairs

MAY 1, 2021

Threat actors were exploiting two unauthorized remote command execution vulnerabilities, tracked as CVE-2020-2506 & CVE-2020-2507, in the Helpdesk app that have been fixed by the vendor in October 2020. The flaws fixed by the vendor are rated as medium and high severity security.

Ransomware 145

Ransomware Cryptocurrency Malware Internet 145

Security Affairs

DECEMBER 21, 2020

Critical vulnerabilities tracked as CVE-2020-29492 and CVE-2020-29491 affect several Dell Wyse thin client models that could be exploited by a remote attacker to execute malicious code and gain access to arbitrary files. Both CVE-2020-29492 and CVE-2020-29491 reside in the ThinOS operating system that runs on Dell Wyse thin clients.

Hacking 118

Hacking Firmware DNS Healthcare 118

Security Affairs

JANUARY 14, 2024

The vulnerability is an improper error message handling in Zyxel ZyWALL/USG series firmware versions 4.60 through 4.73, VPN series firmware versions 4.60 through 5.35, USG FLEX series firmware versions 4.60 through 5.35, and ATP series firmware versions 4.60 through 5.35. ” concludes the analysis.

Firewall 141

Firewall Firmware Cyber Attacks VPN 141

Security Affairs

JULY 28, 2020

In mid-June 2020, there were approximately 62,000 infected devices worldwide; of these, approximately 7,600 were in the United States and 3,900 were in the United Kingdom.” The experts observed that once a device has been infected, the malicious code can prevent the installation of firmware updates. ” reads the alert.

Malware 143

Malware Firmware Advertising Manufacturing 143

Security Affairs

DECEMBER 17, 2020

According to a private industry notification alert (PIN), sent by the FBI to private organizations, the Bureau is aware of extortion activities that have been happening since February 2020. Patch operating systems, software, firmware, and endpoints. PIN Number 20201210-001.

Ransomware 145

Ransomware Backups Firmware Accountability 145

Security Affairs

JULY 10, 2020

Some of the issues also affected third-party components, including OpenSSL, Intel firmware, Bouncy Castle, Java SE, Apache software, and others. Most of the vulnerabilities impact Junos OS, other issues affect Juniper Secure Analytics, Junos Space and Junos Space Security Director. The flaw affects Junos OS 18.1,

Firmware 132

Firmware Advertising Firewall Internet 132

Security Affairs

NOVEMBER 20, 2020

VMware has released patches for two serious ESXi vulnerabilities that were disclosed during the 2020 Tianfu Cup International PWN Contest. The team named “360 Enterprise Security and Government and (ESG) Vulnerability Research Institute,” which is part of the Chinese tech giant Qihoo 360, won the competition. CVE-2020-4004).”

Hacking 129

Hacking Firmware Government Software 129

Security Affairs

SEPTEMBER 15, 2020

. “CISA has observed these—and other threat actors with varying degrees of skill—routinely using open-source information to plan and execute cyber operations.” Citrix blog post: security updates for Citrix SD-WAN WANOP release 10.2.6 Citrix blog post: firmware updates for Citrix ADC and Citrix Gateway versions 12.1

Government 110

Government VPN Firmware Energy and Utilities 110

Security Affairs

OCTOBER 4, 2020

Apple addresses four vulnerabilities in macOS Google removes 17 Joker -infected apps from the Play Store Microsoft took down 18 Azure AD apps used by Chinese Gadolinium APT Mount Locker ransomware operators demand multi-million dollar ransoms Putin proposes new information security collaboration to US, including no-hack pact for election REvil ransomware (..)

Ransomware 123

Ransomware Advertising Firmware Insurance 123

Security Affairs

MAY 19, 2021

Anyway, the experts didn’t find a way to compromise the T-Box, they only demonstrated how to send arbitrary CAN messages from T-Box and bypass the code signing mechanism to fash a custom SH2A MCU firmware by utilizing a vulnerability in SH2A firmware on a debug version T-Box.

Hacking 140

Hacking Firmware Engineering Software 140

Security Affairs

AUGUST 20, 2021

In the previous report published by the company and related 2H 2020 report, the number of vulnerabilities disclosed was 449, affecting 59 vendors. Vulnerabilities exploitable through local attack vectors rose to 31.55%, in the 2H 2020 the percentage was 18.93%. vulnerabilities with remediation, 59.49% require software fixes.

Firmware 118

Firmware Ransomware Manufacturing Software 118

Security Affairs

MAY 4, 2023

In order to exploit the flaw, an attacker has to upgrade an affected device to a crafted version of the firmware. “This vulnerability is due to a missing authentication process within the firmware upgrade function.” The IT giant has not addressed the issue because SPA112 2-Port phone adapters reached EoL on June 1, 2020.

Firmware 98

Firmware Education Media Authentication 98

Security Affairs

OCTOBER 8, 2020

According to a security advisory published by the company, both flaws, tracked as CVE-2020-2506 and CVE-2020-2507 , are improper access control vulnerabilities. Helpdesk is a built-in app that allows owners of QNAP NAS to directly submit help requests to the vendor from their NAS, to do this, the app has specific permission.

Encryption 132

Encryption Advertising Firmware Ransomware 132

Security Affairs

APRIL 2, 2021

Security researchers at SAM Seamless Network discovered a couple of critical unpatched flawsin QNAP small office/home office (SOHO) network-attached storage (NAS) devices that could allow remote attackers to execute arbitrary code on vulnerable devices. October 23, 2020 – Sent another e-mail to QNAP security team.

Firmware 122

Firmware Internet Internet Authentication 122

Security Affairs

APRIL 25, 2021

Researchers from Eye Security have found thousands of unpatched ABUS Secvest home alarm systems exposed online despite the vendor has addressed a critical bug (CVE-2020-28973) in January. ” states the report published by Eye security.

Firmware 131

Firmware Passwords Authentication Wireless 131

Security Affairs

JANUARY 21, 2021

.” reads the security advisory published by the vendor. ” Since the end of 2020, several users reported infections ([ 1 ], [ 2 ]) to their devices, they noticed the presence of the “dedpma” and “dovecat” processes that were causing a high processor load and saturating the RAM of the NAS. .

Cryptocurrency 132

Cryptocurrency Firmware Malware Passwords 132

Security Affairs

JUNE 14, 2020

Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Firmware 115

Firmware Advertising Ransomware Hacking 115