eSecurity Planet

APRIL 28, 2022

cybersecurity agencies joined their counterparts around the globe to urge organizations to address the top 15 vulnerabilities exploited in 2021. The advisory entails the top 15 Common Vulnerabilities and Exposures (CVEs) that were routinely exploited by malicious cyber actors in 2021, plus another 21 frequently exploited CVEs.

Cybersecurity 113

Cybersecurity Software Firmware Internet 113

Krebs on Security

JULY 2, 2021

That update effectively nullified their chances at competing in Pwn2Own, which requires exploits to work against the latest firmware or software supported by the targeted device. A statement published on its support site March 12, 2021 says the company will no longer provide further security updates to the MyCloud OS 3 firmware.

Firmware 357

Firmware Passwords Internet Internet 357

Security Affairs

JULY 17, 2021

Network equipment vendor D-Link has released a firmware hotfix to fix multiple vulnerabilities in the DIR-3040 AC3000-based wireless internet router. Network equipment vendor D-Link has released a firmware hotfix to address multiple vulnerabilities affecting the DIR-3040 AC3000-based wireless internet router.

Firmware 129

Firmware Wireless Passwords Internet 129

Security Affairs

SEPTEMBER 22, 2021

CVE-2021-40847 flaw in Netgear SOHO routers could be exploited by a remote attacker to execute arbitrary code as root. The flaw, tracked as CVE-2021-40847, resides in the source of a third-party component included in the firmware of many Netgear devices. R6700v3 – 1.0.4.106 R6900 – 1.0.2.16 R7900 – 1.0.4.38

DNS 142

DNS Firmware VPN Risk 142

Malwarebytes

AUGUST 9, 2021

On August 3, 2021 a vulnerability that was discovered by Tenable was made public. The vulnerability is listed as CVE-2021-20090. Router firmware. Under the description of CVE-2021-20090 you will find: “a path traversal vulnerability in the web interfaces of Buffalo WSR-2533DHPL2 firmware version <= 1.02

Firmware 131

Firmware DDOS Internet Internet 131

Security Affairs

SEPTEMBER 16, 2024

On June 8, 2021, the TWCERT reported the vulnerabilities in D-Link DIR-X5460 to the company. DIR-X4860 A1 firmware version 1.00, 1.04 The issue impacts: DIR-X4860 A1 firmware version 1.00, 1.04 The issue impacts: DIR-X4860 A1 firmware version 1.00, 1.04. COVR-X1870 firmware version v1.02 CVE-2024-45695 (9.8

Wireless 130

Wireless Firmware Manufacturing Hacking 130

Security Boulevard

MARCH 18, 2021

From smart homes that enable you to control your thermostat from a distance to sensors on oil rigs that help predict maintenance to autonomous vehicles to GPS sensors implanted in the horns of endangered black rhinos , the internet of things is all around you. A Safer Internet of Things. The post The Internet of Things Is Everywhere.

Internet 137

Internet Internet IoT Software 137

Security Affairs

AUGUST 23, 2022

Security researchers from CYFIRMA have discovered over 80,000 Hikvision cameras affected by a critical command injection vulnerability tracked as CVE-2021-36260. The Chinese vendor addressed the issue in September 2021, but tens of thousands of devices are yet to be patched. wrote the expert. “.

Hacking 124

Hacking Firmware Internet Internet 124

CyberSecurity Insiders

JULY 16, 2021

Therefore, customers using Secure Mobile Access (SMA) 100 series and Secure Remote Access (SRA) products are being urged to disconnect those devices from internet as they are on the verge of getting cyber attacked and injected with file encrypting malware as its 8.x x firmware is going to reach its EOL aka End of Life.

Ransomware 145

Ransomware Firmware Cyber Attacks Firewall 145

Malwarebytes

AUGUST 23, 2022

In September 2021 we told you about insecure Hikvision security cameras that were ready to be taken over remotely. The flaw is tracked as CVE-2021-36260 and was addressed by Hikvision via a firmware update in September 2021. One possible exploit of this vulnerability was published by packet storm in October 2021.

Firmware 80

Firmware Internet Internet VPN 80

Security Affairs

SEPTEMBER 22, 2021

A critical issue, tracked as CVE-2021-36260, affects more than 70 Hikvision device models and can allow attackers to take over them. A critical vulnerability, tracked as CVE-2021-36260, affects more than 70 Hikvision camera and NVR models and can allow attackers to take over the devices. ” wrote the expert. Pierluigi Paganini.

Hacking 131

Hacking Firmware IoT Internet 131

Security Affairs

SEPTEMBER 18, 2021

The flaws, tracked by the networking device vendor PSV-2021-0140, PSV-2021-0144, and PSV-2021-0145, impact the following models: GC108P GC108PP GS108Tv3 GS110TPP GS110TPv3 GS110TUP GS308T GS310TP GS710TUP GS716TP GS716TPP GS724TPP GS724TPv2 GS728TPPv2 GS728TPv2 GS750E GS752TPP GS752TPv2 MS510TXM MS510TXUP. Pierluigi Paganini.

Firmware 116

Firmware Engineering Passwords Hacking 116

Security Affairs

AUGUST 24, 2021

On August 15, firmware security company IoT Inspector published details about the flaws. “One of the vulnerabilities disclosed, CVE-2021-35395 [2], affects the web interface that is part of the SDK, and is a collection of 6 different vulnerabilities. ” reported IoT Inspector. ” reported IoT Inspector.

IoT 133

IoT Firmware Internet Internet 133

Security Boulevard

FEBRUARY 28, 2021

A roundup of UK focused Cyber and Information Security News, Blog Posts, Reports and general Threat Intelligence from the previous calendar month, February 2021. The sudo vulnerability aka CVE-2001-3156 , seemed to go under the radar after it was announced and patches were released on 26th January 2021. Serious Linux Vulnerability.

Energy and Utilities 145

Energy and Utilities Ransomware DDOS Accountability 145

Krebs on Security

SEPTEMBER 10, 2021

The assault came from “ Meris ,” the same new “Internet of Things” (IoT) botnet behind record-shattering attacks against Russian search giant Yandex this week and internet infrastructure firm Cloudflare earlier this summer. Cloudflare recently wrote about its attack , which clocked in at 17.2 Image: Qrator.

IoT 309

IoT DDOS Internet Internet 309

Security Affairs

DECEMBER 9, 2021

Dark Mirai botnet spreads by exploiting a new vulnerability, tracked as CVE-2021-41653, affecting TP-Link TL-WR840N EU V5 home routers. “The PING function on the TP-Link TL-WR840N EU v5 router with firmware through TL-WR840N(EU)_V5_171211 is vulnerable to remote code execution via a crafted payload in an IP address input field.”

Firmware 145

Firmware Architecture Malware Hacking 145

Security Affairs

MARCH 14, 2021

Netgear has released security and firmware updates for its JGS516PE Ethernet switch to address 15 vulnerabilities, including a critica remote code execution issue. “The switch internal management web application in firmware versions prior to 2.6.0.43 02 Dec 2020 – Netgear released the new firmware v2.6.0.48

Firmware 143

Firmware Authentication Hacking Software 143

Adam Shostack

JANUARY 3, 2021

Some lessons learned over the last few days: Apple has disabled single user mode as of Mojave, and many recovery options are not available if you use a firmware password. According to the Internet, Time Machine and Synology NAS servers don’t play well together. Do not forget that availability is a security property.

Backups 100

Backups Firmware Passwords Internet 100

Security Affairs

DECEMBER 27, 2021

Researchers found multiple backdoors in popular VoIP (voice over Internet protocol) appliance made by the German manufacturer Auerswald. Researchers from RedTeam Pentesting discovered multiple backdoors in a popular VoIP (voice over Internet protocol) appliance made by the German manufacturer Auerswald. “Firmware Update 8.2B

Firmware 113

Firmware Manufacturing Passwords Penetration Testing 113

Malwarebytes

AUGUST 24, 2021

Mirai hoovers up vulnerable Internet of Things (IoT) devices and adds them to its network of zombie devices, which can then be used to launch huge Distributed Denial of Service (DDoS) attacks. The vulnerabilities were found and disclosed by IoT Inspector , a platform for automated security analysis of IoT firmware. Vulnerabilities.

Firmware 99

Firmware IoT Internet Internet 99

Malwarebytes

SEPTEMBER 22, 2021

In a detailed post on Github , security researcher Watchful_IP describes how he found that the majority of the recent camera product ranges of Hikvision cameras are susceptible to a critical, unauthenticated, remote code execution (RCE) vulnerability, even with the latest firmware. Hangzhou Hikvision Digital Technology Co.,

Firmware 135

Firmware Surveillance Marketing VPN 135

Security Affairs

JANUARY 1, 2021

Zyxel addressed a critical flaw in its firmware, tracked as CVE-2020-29583 , related to the presence of a hardcoded undocumented secret account. The Taiwanese vendor Zyxel has addressed a critical vulnerability in its firmware related to the presence of a hardcoded undocumented secret account. “Firmware version 4.60

Firewall 145

Firewall VPN Firmware Passwords 145

Hacker Combat

SEPTEMBER 22, 2022

More than 2,000 PDUs were directly exposed to the internet in 2021, and roughly a third of those were iBoot PDUs, according to a Censys research. The vendor has released firmware version 1.42.06162022 to address the problem.

Firmware 130

Firmware Firewall Manufacturing Internet 130

Security Affairs

DECEMBER 14, 2022

The number of internet-facing cameras in the world is growing exponentially. Businesses and homeowners increasingly rely on internet protocol (IP) cameras for surveillance. New research by Cybernews shows an exponential rise in the uptake of internet-facing cameras. Surge in internet-facing cameras.

Surveillance 145

Surveillance Manufacturing Passwords Internet 145

Security Affairs

JANUARY 21, 2022

At the end of 2021, researchers discovered a UEFI firmware-level compromise by analyzing logs from its Firmware Scanner. Threat actors compromised a single component within the firmware image to intercept the original execution flow of the machine’s boot sequence and inject the sophisticated implant. Pierluigi Paganini.

Firmware 145

Firmware Malware Spyware Surveillance 145

Malwarebytes

APRIL 5, 2022

On April 4 2022, the Cybersecurity & Infrastructure Security Agency (CISA) added CVE-2021-45382 to its known exploited vulnerabilities catalog. As a general policy, when products reach EOS/EOL, they can no longer be supported, and all firmware development for these products cease. CISA catalog. The vulnerability.

Firmware 145

Firmware Software Risk Authentication 145

Security Affairs

JULY 3, 2023

Researchers reported that there are 490,000 Fortinet firewalls exposing SSL VPN interfaces on the internet, and roughly 69% of them are still vulnerable to CVE-2023-27997. For this reason, if the customer has SSL-VPN enabled, Fortinet is advising customers to take immediate action to upgrade to the most recent firmware release.

Firewall 98

Firewall VPN Firmware Internet 98

Security Boulevard

AUGUST 14, 2024

To backtrack a little , it's important to understand that a lot of threat actors target routers - which can include modems and gateways - alongside internet-of-things (IoT devices). Security vulnerabilities in router firmware is too large of a topic to cover in just a section of this post.

Firmware 64

Firmware Manufacturing Malware Passwords 64

Security Affairs

JANUARY 6, 2021

The Taiwanese vendor Zyxel has recently addressed a critical vulnerability in its firmware, tracked as CVE-2020-29583 , related to the presence of a hardcoded undocumented secret account. Firmware version 4.60 The password for this account can be found in cleartext in the firmware.” reads the advisory published by NIST.

Firmware 126

Firmware Passwords Accountability VPN 126

Security Affairs

MARCH 9, 2022

Two of the TLStorm vulnerabilities reside in the TLS implementation used by Cloud-connected Smart-UPS devices, while the third one is a design flaw in the firmware upgrade process of Smart-UPS devices. The researchers discovered that the firmware upgrades are not properly signed and validated. ” continues Armis.

Firmware 100

Firmware IoT Authentication Backups 100

Security Affairs

OCTOBER 7, 2021

Experts warn of the availability of proof of concept (PoC) exploit code for a couple of authentication bypass vulnerabilities in Dahua cameras, tracked as CVE-2021-33044 and CVE-2021-33045. . In order to protect Dahua devices, users have to install the latest firmware version. Pierluigi Paganini.

Authentication 145

Authentication Firmware Hacking Engineering 145

Security Affairs

DECEMBER 22, 2022

Microsoft Threat Intelligence Center (MSTIC) researchers discovered a new variant of the Zerobot botnet (aka ZeroStresser) that was improved with the capabilities to target more Internet of Things (IoT) devices. Maintain device health with updates: Make sure devices are up to date with the latest firmware and patches.

IoT 127

IoT DDOS Malware Firmware 127

CyberSecurity Insiders

AUGUST 13, 2021

Tenable researchers claim hackers are exploiting a security flaw termed authentication-bypass vulnerability that is impact routers and internet of things (IoT) devices. What’s interesting about this attack campaign is the hackers are targeting devices running on the firmware that is being supplied by Arcadyan.

Firmware 136

Firmware DDOS Malware Manufacturing 136

Security Affairs

APRIL 2, 2021

The vulnerabilities affect QNAP TS-231 SOHO NAS devices running firmware version 4.3.6.1446 that reached end of life (EOL). The first vulnerability is an RCE issue that affects any QNAP device exposed to the Internet, it resides in the NAS web server (default TCP port 8080). February 12, 2021 – Grace period has elapsed.

Firmware 113

Firmware Internet Internet Authentication 113

Krebs on Security

JULY 25, 2023

Researchers this month uncovered a two-year-old Linux-based remote access trojan dubbed AVrecon that enslaves Internet routers into botnet that bilks online advertisers and performs password-spraying attacks. SocksEscort[.]com com , is what’s known as a “SOCKS Proxy” service. WHO’S BEHIND SOCKSESCORT?

Malware 208

Malware VPN Internet Internet 208

Security Affairs

AUGUST 27, 2021

The vulnerability, tracked as CVE-2021-32941 can be exploited by an attacker to hack a video surveillance product made by Annke, a provider of home and business security solutions. The experts performed reverse engineering of the firmware to fully unrestricted SSH access. The CVE-2021-32941 received a CVSS v3 base score of 9.4.

Surveillance 102

Surveillance Hacking Firmware Manufacturing 102

Malwarebytes

DECEMBER 16, 2021

In 2021’s final Patch Tuesday, Microsoft included a total of 67 fixes for security vulnerabilities. CVE-2021-42310 Microsoft Defender for IoT Remote Code Execution vulnerability. CVE-2021-43905 Microsoft Office app Remote Code Execution vulnerability. CVE-2021-43905 Microsoft Office app Remote Code Execution vulnerability.

Wireless 87

Wireless Passwords Firmware Authentication 87