SecureList

JUNE 8, 2022

A router is a gateway from the internet to a home or office — despite being conceived quite the opposite. During 2020 and 2021, more than 500 router vulnerabilities were found. The nvd.nist.gov website presents different figures, but they too show a significant increase in the number of router vulnerabilities found in 2020 and 2021.

DDOS 135

DDOS Passwords IoT Firmware 135

Security Affairs

DECEMBER 8, 2021

The Mirai -based Moobot botnet is rapidly spreading by exploiting a critical command injection flaw, tracked as CVE-2021-36260 , in the webserver of several Hikvision products. The Moobot was first documented by Palo Alto Unit 42 researchers in February 2021, the recent attacks demonstrated that its authors are enhancing their malware.

Firmware 145

Firmware DDOS Malware IoT 145

Security Affairs

JULY 17, 2021

Network equipment vendor D-Link has released a firmware hotfix to fix multiple vulnerabilities in the DIR-3040 AC3000-based wireless internet router. Network equipment vendor D-Link has released a firmware hotfix to address multiple vulnerabilities affecting the DIR-3040 AC3000-based wireless internet router.

Firmware 137

Firmware Wireless Passwords Internet 137

Security Affairs

SEPTEMBER 22, 2021

CVE-2021-40847 flaw in Netgear SOHO routers could be exploited by a remote attacker to execute arbitrary code as root. The flaw, tracked as CVE-2021-40847, resides in the source of a third-party component included in the firmware of many Netgear devices. R6700v3 – 1.0.4.106 R6900 – 1.0.2.16 R7900 – 1.0.4.38

DNS 144

DNS Firmware VPN Risk 144

Malwarebytes

AUGUST 9, 2021

On August 3, 2021 a vulnerability that was discovered by Tenable was made public. The vulnerability is listed as CVE-2021-20090. Router firmware. Under the description of CVE-2021-20090 you will find: “a path traversal vulnerability in the web interfaces of Buffalo WSR-2533DHPL2 firmware version <= 1.02

Firmware 142

Firmware DDOS Internet Internet 142

Security Boulevard

MARCH 18, 2021

From smart homes that enable you to control your thermostat from a distance to sensors on oil rigs that help predict maintenance to autonomous vehicles to GPS sensors implanted in the horns of endangered black rhinos , the internet of things is all around you. A Safer Internet of Things. The post The Internet of Things Is Everywhere.

Internet 137

Internet Internet IoT Software 137

CyberSecurity Insiders

JULY 16, 2021

Therefore, customers using Secure Mobile Access (SMA) 100 series and Secure Remote Access (SRA) products are being urged to disconnect those devices from internet as they are on the verge of getting cyber attacked and injected with file encrypting malware as its 8.x x firmware is going to reach its EOL aka End of Life.

Ransomware 145

Ransomware Firmware Cyber Attacks Firewall 145

eSecurity Planet

APRIL 28, 2022

cybersecurity agencies joined their counterparts around the globe to urge organizations to address the top 15 vulnerabilities exploited in 2021. The advisory entails the top 15 Common Vulnerabilities and Exposures (CVEs) that were routinely exploited by malicious cyber actors in 2021, plus another 21 frequently exploited CVEs.

Cybersecurity 114

Cybersecurity Software Firmware Internet 114

Security Boulevard

FEBRUARY 28, 2021

A roundup of UK focused Cyber and Information Security News, Blog Posts, Reports and general Threat Intelligence from the previous calendar month, February 2021. The sudo vulnerability aka CVE-2001-3156 , seemed to go under the radar after it was announced and patches were released on 26th January 2021. Serious Linux Vulnerability.

Energy and Utilities 145

Energy and Utilities Ransomware DDOS Accountability 145

Security Affairs

MARCH 14, 2021

Netgear has released security and firmware updates for its JGS516PE Ethernet switch to address 15 vulnerabilities, including a critica remote code execution issue. “The switch internal management web application in firmware versions prior to 2.6.0.43 02 Dec 2020 – Netgear released the new firmware v2.6.0.48

Firmware 144

Firmware Authentication Hacking Software 144

Security Affairs

SEPTEMBER 22, 2021

A critical issue, tracked as CVE-2021-36260, affects more than 70 Hikvision device models and can allow attackers to take over them. A critical vulnerability, tracked as CVE-2021-36260, affects more than 70 Hikvision camera and NVR models and can allow attackers to take over the devices. ” wrote the expert. Pierluigi Paganini.

Hacking 138

Hacking Firmware IoT Internet 138

Security Affairs

AUGUST 24, 2021

On August 15, firmware security company IoT Inspector published details about the flaws. “One of the vulnerabilities disclosed, CVE-2021-35395 [2], affects the web interface that is part of the SDK, and is a collection of 6 different vulnerabilities. ” reported IoT Inspector. ” reported IoT Inspector.

IoT 140

IoT Firmware Internet Internet 140

Malwarebytes

SEPTEMBER 22, 2021

In a detailed post on Github , security researcher Watchful_IP describes how he found that the majority of the recent camera product ranges of Hikvision cameras are susceptible to a critical, unauthenticated, remote code execution (RCE) vulnerability, even with the latest firmware. Hangzhou Hikvision Digital Technology Co.,

Firmware 145

Firmware Surveillance Marketing VPN 145

Security Affairs

JANUARY 1, 2021

Zyxel addressed a critical flaw in its firmware, tracked as CVE-2020-29583 , related to the presence of a hardcoded undocumented secret account. The Taiwanese vendor Zyxel has addressed a critical vulnerability in its firmware related to the presence of a hardcoded undocumented secret account. “Firmware version 4.60

Firewall 145

Firewall VPN Firmware Passwords 145

Security Affairs

AUGUST 23, 2022

Security researchers from CYFIRMA have discovered over 80,000 Hikvision cameras affected by a critical command injection vulnerability tracked as CVE-2021-36260. The Chinese vendor addressed the issue in September 2021, but tens of thousands of devices are yet to be patched. wrote the expert. “.

Hacking 133

Hacking Firmware Internet Internet 133

Security Affairs

DECEMBER 9, 2021

Dark Mirai botnet spreads by exploiting a new vulnerability, tracked as CVE-2021-41653, affecting TP-Link TL-WR840N EU V5 home routers. “The PING function on the TP-Link TL-WR840N EU v5 router with firmware through TL-WR840N(EU)_V5_171211 is vulnerable to remote code execution via a crafted payload in an IP address input field.”

Firmware 145

Firmware Architecture Malware Hacking 145

Security Affairs

SEPTEMBER 18, 2021

The flaws, tracked by the networking device vendor PSV-2021-0140, PSV-2021-0144, and PSV-2021-0145, impact the following models: GC108P GC108PP GS108Tv3 GS110TPP GS110TPv3 GS110TUP GS308T GS310TP GS710TUP GS716TP GS716TPP GS724TPP GS724TPv2 GS728TPPv2 GS728TPv2 GS750E GS752TPP GS752TPv2 MS510TXM MS510TXUP. Pierluigi Paganini.

Firmware 126

Firmware Engineering Passwords Hacking 126

Malwarebytes

AUGUST 24, 2021

Mirai hoovers up vulnerable Internet of Things (IoT) devices and adds them to its network of zombie devices, which can then be used to launch huge Distributed Denial of Service (DDoS) attacks. The vulnerabilities were found and disclosed by IoT Inspector , a platform for automated security analysis of IoT firmware. Vulnerabilities.

Firmware 120

Firmware IoT Internet Internet 120

Security Affairs

DECEMBER 27, 2021

Researchers found multiple backdoors in popular VoIP (voice over Internet protocol) appliance made by the German manufacturer Auerswald. Researchers from RedTeam Pentesting discovered multiple backdoors in a popular VoIP (voice over Internet protocol) appliance made by the German manufacturer Auerswald. “Firmware Update 8.2B

Firmware 122

Firmware Manufacturing Passwords Penetration Testing 122

Security Affairs

JANUARY 6, 2021

The Taiwanese vendor Zyxel has recently addressed a critical vulnerability in its firmware, tracked as CVE-2020-29583 , related to the presence of a hardcoded undocumented secret account. Firmware version 4.60 The password for this account can be found in cleartext in the firmware.” reads the advisory published by NIST.

Firmware 134

Firmware Passwords Accountability VPN 134

Security Affairs

JANUARY 21, 2022

At the end of 2021, researchers discovered a UEFI firmware-level compromise by analyzing logs from its Firmware Scanner. Threat actors compromised a single component within the firmware image to intercept the original execution flow of the machine’s boot sequence and inject the sophisticated implant. Pierluigi Paganini.

Firmware 145

Firmware Malware Spyware Surveillance 145

Malwarebytes

APRIL 5, 2022

On April 4 2022, the Cybersecurity & Infrastructure Security Agency (CISA) added CVE-2021-45382 to its known exploited vulnerabilities catalog. As a general policy, when products reach EOS/EOL, they can no longer be supported, and all firmware development for these products cease. CISA catalog. The vulnerability.

Firmware 145

Firmware Software Risk Authentication 145

Security Affairs

SEPTEMBER 16, 2024

On June 8, 2021, the TWCERT reported the vulnerabilities in D-Link DIR-X5460 to the company. DIR-X4860 A1 firmware version 1.00, 1.04 The issue impacts: DIR-X4860 A1 firmware version 1.00, 1.04 The issue impacts: DIR-X4860 A1 firmware version 1.00, 1.04. COVR-X1870 firmware version v1.02 CVE-2024-45695 (9.8

Wireless 137

Wireless Firmware Manufacturing Hacking 137

Malwarebytes

AUGUST 23, 2022

In September 2021 we told you about insecure Hikvision security cameras that were ready to be taken over remotely. The flaw is tracked as CVE-2021-36260 and was addressed by Hikvision via a firmware update in September 2021. One possible exploit of this vulnerability was published by packet storm in October 2021.

Firmware 98

Firmware Internet Internet VPN 98

Security Affairs

DECEMBER 14, 2022

The number of internet-facing cameras in the world is growing exponentially. Businesses and homeowners increasingly rely on internet protocol (IP) cameras for surveillance. New research by Cybernews shows an exponential rise in the uptake of internet-facing cameras. Surge in internet-facing cameras.

Surveillance 145

Surveillance Manufacturing Passwords Internet 145

Hacker Combat

SEPTEMBER 22, 2022

More than 2,000 PDUs were directly exposed to the internet in 2021, and roughly a third of those were iBoot PDUs, according to a Censys research. The vendor has released firmware version 1.42.06162022 to address the problem.

Firmware 130

Firmware Firewall Manufacturing Internet 130

Krebs on Security

MAY 22, 2023

Chaput said the spammers used more than 1,500 Internet addresses across 400 providers to register new accounts, which then followed popular accounts on Mastodon and sent private mentions to the followers of those accounts. that were created from different Internet addresses in Vienna, Austria. billion last year.

Scams 284

Scams DDOS Cryptocurrency Accountability 284

Adam Shostack

JANUARY 3, 2021

Some lessons learned over the last few days: Apple has disabled single user mode as of Mojave, and many recovery options are not available if you use a firmware password. According to the Internet, Time Machine and Synology NAS servers don’t play well together. Do not forget that availability is a security property.

Backups 100

Backups Firmware Passwords Internet 100

Malwarebytes

DECEMBER 16, 2021

In 2021’s final Patch Tuesday, Microsoft included a total of 67 fixes for security vulnerabilities. CVE-2021-42310 Microsoft Defender for IoT Remote Code Execution vulnerability. CVE-2021-43905 Microsoft Office app Remote Code Execution vulnerability. CVE-2021-43905 Microsoft Office app Remote Code Execution vulnerability.

Wireless 126

Wireless Passwords Firmware Authentication 126

Security Affairs

OCTOBER 7, 2021

Experts warn of the availability of proof of concept (PoC) exploit code for a couple of authentication bypass vulnerabilities in Dahua cameras, tracked as CVE-2021-33044 and CVE-2021-33045. . In order to protect Dahua devices, users have to install the latest firmware version. Pierluigi Paganini.

Authentication 145

Authentication Firmware Hacking Engineering 145

Security Affairs

MARCH 8, 2021

The flaws affect QNAP NAS firmware versions prior to August 2020. All NAS devices with QNAP firmware released before August 2020 are currently vulnerable to these attacks. QNAP NAS users should check and update their firmware as soon as possible. The malware involved in the campaign was dubbed UnityMiner by 360 Netlab experts.

Cryptocurrency 143

Cryptocurrency Firmware Malware Threat Detection 143

Security Affairs

APRIL 2, 2021

The vulnerabilities affect QNAP TS-231 SOHO NAS devices running firmware version 4.3.6.1446 that reached end of life (EOL). The first vulnerability is an RCE issue that affects any QNAP device exposed to the Internet, it resides in the NAS web server (default TCP port 8080). February 12, 2021 – Grace period has elapsed.

Firmware 123

Firmware Internet Internet Authentication 123

Security Affairs

AUGUST 10, 2021

To achieve this, attackers are also leveraging CVE-2021-28799 to deliver the new eCh0raix ransomware variant to QNAP devices.” ” Palo Alto researchers said that some 250,000 QNAP and Synology NAS devices are exposed to Internet, according to data from the Cortex Xpanse platform. .

Ransomware 142

Ransomware Encryption Firmware Passwords 142

CyberSecurity Insiders

AUGUST 13, 2021

Tenable researchers claim hackers are exploiting a security flaw termed authentication-bypass vulnerability that is impact routers and internet of things (IoT) devices. What’s interesting about this attack campaign is the hackers are targeting devices running on the firmware that is being supplied by Arcadyan.

Firmware 136

Firmware Malware DDOS Manufacturing 136

Krebs on Security

JULY 25, 2023

Researchers this month uncovered a two-year-old Linux-based remote access trojan dubbed AVrecon that enslaves Internet routers into botnet that bilks online advertisers and performs password-spraying attacks. SocksEscort[.]com com , is what’s known as a “SOCKS Proxy” service. WHO’S BEHIND SOCKSESCORT?

Malware 211

Malware VPN Internet Internet 211

Security Affairs

FEBRUARY 4, 2021

SonicWall this week released firmware updates (version 10.2.0.5-29sv) The vulnerability, tracked as CVE-2021-20016 , has been rated as critical and received a CVSS score of 9.8. “SonicWall is announcing the availability of an SMA 100 series firmware 10.2.0.5-29sv ” reads the advisory published by the company.

Firmware 122

Firmware Mobile Media Internet 122

Security Affairs

DECEMBER 22, 2022

Microsoft Threat Intelligence Center (MSTIC) researchers discovered a new variant of the Zerobot botnet (aka ZeroStresser) that was improved with the capabilities to target more Internet of Things (IoT) devices. Maintain device health with updates: Make sure devices are up to date with the latest firmware and patches.

IoT 135

IoT DDOS Malware Firmware 135