Security Affairs

JUNE 19, 2023

ASUS addressed critical vulnerabilities in multiple router models, urging customers to immediately install firmware updates. ASUS is warning customers to update some router models to the latest firmware to address critical vulnerabilities. “Update your router to the latest firmware. ” ASUS added.

Firmware 98

Firmware VPN Wireless Passwords 98

Security Affairs

FEBRUARY 6, 2024

The malware survives reboots and firmware upgrades. Moreover, the infection survives firmware upgrades.” ” The attack chain starts with the exploitation of the CVE-2022-42475 vulnerability for FortiGate devices. .” COATHANGER is a stealthy malware that hooks system calls that could reveal its presence.

Malware 134

Malware Firmware VPN Backups 134

SecureList

DECEMBER 14, 2022

At this point, it has become cliché to say that nothing in 2022 turned out the way we expected. Similarly, at the beginning of February 2022, we noticed a huge spike in the amount of activity related to Gamaredon C&C servers. It directly affected satellite modems firmwares , but was still to be understood as of mid-March.

DDOS 145

DDOS Ransomware Government Energy and Utilities 145

Krebs on Security

JULY 25, 2023

.” Lumen’s research team said the purpose of AVrecon appears to be stealing bandwidth – without impacting end-users – in order to create a residential proxy service to help launder malicious activity and avoid attracting the same level of attention from Tor-hidden services or commercially available VPN services.

Malware 237

Malware VPN Internet Internet 237

Malwarebytes

JUNE 19, 2023

ASUS has released firmware updates for several router models fixing two critical and several other security issues. You will find the latest firmware available for download from the ASUS support page or the appropriate product page. The Asuswrt-Merlin New Gen is an open source firmware alternative for Asus routers.

Firmware 98

Firmware VPN Risk Cybersecurity 98

Security Affairs

APRIL 28, 2023

The vulnerability is an improper error message handling in Zyxel ZyWALL/USG series firmware versions 4.60 through 4.73, VPN series firmware versions 4.60 through 5.35, USG FLEX series firmware versions 4.60 through 5.35, and ATP series firmware versions 4.60 through 5.35, USG FLEX series firmware versions 4.50

Firewall 98

Firewall Firmware VPN Authentication 98

Malwarebytes

MAY 26, 2023

The CVEs patched in these updates are: CVE-2023-33009 : A buffer overflow vulnerability in the notification function in Zyxel ATP series firmware versions 4.32 Patch 1, USG FLEX series firmware versions 4.50 Patch 1, USG FLEX 50(W) firmware versions 4.25 Patch 1, USG20(W)-VPN firmware versions 4.25 out of 10.

Firmware 96

Firmware VPN Firewall Accountability 96

Malwarebytes

MARCH 10, 2022

In this February 2022 ransomware review, we go over some the most successful ransomware incidents based on both open source and dark web intelligence. Observed since: February 2022 Ransomware note: read_me.html Ransomware extension: <original file name> [vote2024forjb@protonmail[.]com].encryptedJB SFile (Escal). LockBit 2.0.

Ransomware 89

Ransomware Phishing Accountability Technology 89

Security Affairs

MAY 13, 2022

Zyxel has moved to address a critical security vulnerability (CVE-2022-30525, CVSS score: 9.8) Zyxel silently addressed the flaw by releasing security updates on April 28, 2022, Rapid7 pointed out that this choice leaves defenders in the dark and only advantage the attackers. USG FLEX 50(W) / USG20(W)-VPN ZLD V5.10

Firewall 98

Firewall Firmware VPN Wireless 98

Security Affairs

DECEMBER 11, 2024

A list of the user IDs permitted to use the firewall for SSL VPN and accounts that were permitted to use a clientless VPN connection. Between 2020 and 2022, attackers launched multiple campaigns to exploit zero-day vulnerabilities in publicly accessible network appliances, focusing on WAN-facing services.

Firewall 75

Firewall Hacking Malware Passwords 75

CyberSecurity Insiders

NOVEMBER 1, 2022

Back then, endpoint security focused on computers, which meant the installation of antivirus, malware protection, firewall, and (sometimes) VPN in every computer. These ignored, forgotten, and un-updated (OS/firmware) connected devices can become vulnerabilities exploited by cybercriminals to gain access to networks and cloud resources.

IoT 120

IoT Antivirus Threat Detection Cyber threats 120

DoublePulsar

JANUARY 15, 2025

Each folder then contains an IP address, and each IP address contains config.confa full Fortigate config dumpand vpn-users.txt, a plaintext list of credentials. The data appears to have been assembled in October 2022, as a zero day vuln. The outlier device appears to have a pre-production version of firmware 7.2.2,

Firewall 79

Firewall VPN Passwords Firmware 79

Security Affairs

SEPTEMBER 7, 2022

Zyxel addressed a critical vulnerability, tracked as CVE-2022-34747 , impacting its network-attached storage (NAS) devices. The CVE-2022-34747 (CVSS score: 9.8) flaw is classified as a format string vulnerability that resides in Zyxel NAS326 firmware versions prior to V5.21(AAZF.12)C0. 11)C0 and earlier V5.21(AAZF.12)C0

Firewall 103

Firewall Firmware Authentication VPN 103

Malwarebytes

AUGUST 23, 2022

The flaw is tracked as CVE-2021-36260 and was addressed by Hikvision via a firmware update in September 2021. A Metasploit module based on the vulnerability was published by packet storm in February of 2022. Hikvision says you should download the latest firmware for your device from the global firmware portal.

Firmware 96

Firmware Internet Internet VPN 96

Malwarebytes

APRIL 4, 2022

Zyxel says the vulnerability, listed as CVE-2022-0342 , is an authentication bypass vulnerability caused by the lack of a proper access control mechanism, which has been found in the CGI program of some firewall versions. Affected series Affected firmware version Patch availability USG/ZyWALL ZLD V4.20 Patch 1 VPN ZLD V4.30

Firewall 95

Firewall Firmware VPN Authentication 95

Security Affairs

DECEMBER 22, 2022

The Zerobot botnet first appeared in the wild in November 2022 targeting devices running on Linux operating system. The most recent variant spotted by Microsoft spreads by exploiting vulnerabilities in Apache and Apache Spark ( CVE-2021-42013 and CVE-2022-33891 respectively) and also supports new DDoS attack capabilities.

IoT 125

IoT DDOS Malware Firmware 125

Security Affairs

JANUARY 14, 2024

The vulnerability is an improper error message handling in Zyxel ZyWALL/USG series firmware versions 4.60 through 4.73, VPN series firmware versions 4.60 through 5.35, USG FLEX series firmware versions 4.60 through 5.35, and ATP series firmware versions 4.60 through 5.35. ” concludes the analysis.

Firewall 134

Firewall Firmware Cyber Attacks VPN 134

Krebs on Security

MAY 22, 2023

Very often, this proxy software is installed surreptitiously, such as through a “Free VPN” service or mobile app. Residential proxies also can refer to households protected by compromised home routers running factory-default credentials or outdated firmware. billion last year.

Scams 307

Scams DDOS Cryptocurrency Accountability 307

Security Affairs

JUNE 13, 2023

“A heap-based buffer overflow vulnerability [CWE-122] in FortiOS and FortiProxy SSL-VPN may allow a remote attacker to execute arbitrary code or commands via specifically crafted requests.” If the customer is not operating SSL-VPN the risk of this issue is mitigated – however, Fortinet still recommends upgrading.”

Firewall 98

Firewall VPN Firmware Manufacturing 98

Security Affairs

JUNE 27, 2022

Two of these vulnerabilities, tracked as CVE-2022-31805 and CVE-2022-31806, have been rated critical (CVSS scores: 9.8), 7 as high risk, and 2 as medium risk. Try using secure VPN networks when remote access is required, and perform adequate access control and auditing.

Software 108

Software Manufacturing Firmware Risk 108

Malwarebytes

OCTOBER 19, 2022

In January 2022, news broke that a ransomware group was targeting QNAP Network Attached Storage (NAS) devices. As a countermeasure, QNAP pushed out an automatic, forced, update with firmware containing the latest security updates to protect against the attackers' DeadBolt ransomware, which annoyed part of its userbase.

Ransomware 98

Ransomware Firmware VPN Cybercrime 98

The Last Watchdog

MAY 23, 2022

This was the main topic of discussion recently at DigiCert Security Summit 2022. Long gone are the days when a security team mainly had to be concerned about network connections getting made internally, on company-owned equipment, or externally, across a VPN connection or a public-facing webpage. Here are a few key takeaways.

Cybersecurity 214

Cybersecurity Digital transformation Computers and Electronics Encryption 214

Webroot

OCTOBER 31, 2024

The group, which has been active since 2022, made headlines in early 2024 when they reportedly received a staggering $75 million ransom payment from a Fortune 50 company. The group, which first appeared in 2022, maintained its position as one of the most active ransomware operations, consistently ranking among the top threat actors.

Malware 108

Malware Ransomware Passwords Healthcare 108

Security Affairs

APRIL 25, 2022

The alert includes indicators of compromise (IoCs) associated with BlackCat/ALPHV, as of mid-February 2022. Install updates/patch operating systems, software, and firmware as soon as updates/patches are released. Consider installing and using a virtual private network (VPN). hard drive, storage device, the cloud).

Ransomware 134

Ransomware Antivirus Passwords Malware 134

Security Boulevard

FEBRUARY 17, 2025

Privacy Services Mullvad has partnered with Obscura VPN Mullvad Mullvad announces its partnership with ObscuraVPN; Mullvad WireGuard VPN servers can be used as the exit hop for the two-party VPN service offered by ObscuraVPN. The Cupid Vault Configuration follows a similar approach.

Surveillance 52

Surveillance Data breaches VPN Malware 52

Security Boulevard

MARCH 15, 2022

Tue, 03/15/2022 - 17:20. The ransomware group specified that “they are not looking for data” but rather to buy remote VPN access to the corporate network. Code signing certificates assign a digital signature on executable software and firmware to allow them and mark them as trusted. Lapsus$: The New Name in Ransomware Gangs.

Ransomware 128

Ransomware Telecommunications Firmware Media 128

eSecurity Planet

JANUARY 16, 2024

The problem: Ivanti announced two vulnerabilities that affect Ivanti Connect Secure VPN and Ivanti Policy Secure products. January 11, 2024 Smart Thermostat from Bosch Puts Offices in Danger Type of vulnerability: Malicious commands sent from an attacker to the thermostat, including potentially replacing firmware with rogue code.

Firewall 111

Firewall Firmware IoT Authentication 111

Security Affairs

SEPTEMBER 6, 2022

We recommend users to make use of the myQNAPcloud Link feature provided by QNAP, or enable the VPN service. At the end of January, QNAP forced the firmware update for its Network Attached Storage (NAS) devices to protect its customers against the DeadBolt ransomware. This is to enhance the security of your QNAP NAS.

Ransomware 105

Ransomware Internet Internet Encryption 105

Security Affairs

OCTOBER 22, 2022

The Daixin Team is a ransomware and data extortion group that has been active since at least June 2022. The Daixin Team group gains initial access to victims through virtual private network (VPN) servers. In one successful attack, the attackers likely exploited an unpatched vulnerability in the organization’s VPN server.

Ransomware 79

Ransomware VPN Cybercrime Accountability 79

Security Affairs

AUGUST 4, 2022

Tens of router models from Taiwanese SOHO manufacturer DrayTek are affected by a critical, unauthenticated, remote code execution vulnerability, tracked as CVE-2022-32548, that can be exploited to fully compromise a vulnerable device and gain unauthorized access to the broader network.

Hacking 100

Hacking Internet Internet Passwords 100

SecureList

JUNE 3, 2024

The attackers were able to bypass this hardware-based security protection using another hardware feature of Apple-designed SoCs (System on a Chip): they did this by writing the data, destination address and data hash to unknown hardware registers of the chip that are not used by the firmware.

Banking 115

Banking Malware Computers and Electronics Mobile 115

Digital Shadows

JANUARY 14, 2025

In 2022, there were around 60 active ransomware groups, but by 2024, this had ballooned to almost 100. Take Action To mitigate these threats, organizations should ensure SonicWall and other VPN products are fully patched and up to date. A key factor behind this surge is likely the growth of the ransomware ecosystem itself.

Ransomware 126

Ransomware Social Engineering Phishing VPN 126

Kali Linux

NOVEMBER 27, 2022

In Secure Kali Pi (2022) , the first blog post in the Raspberry Pi series, we set up a Raspberry Pi 4 with full disk encryption. author: Broadcom Corporation firmware: brcm/brcmfmac*-sdio.*.bin bin firmware: brcm/brcmfmac*-sdio.*.txt We mentioned that we can leave it somewhere as a drop box. wireless LAN fullmac driver.

Firmware 52

Firmware Wireless Passwords VPN 52

SecureList

SEPTEMBER 21, 2023

DeadBolt, which affected thousands of QNAP NAS devices in 2022, is a prominent example of IoT ransomware. The attack took advantage of CVE-2022-27593 , a vulnerability that allowed bad actors to modify system files on the box. They can be made to serve as routers (proxies or VPN servers) to anonymize illicit traffic.

IoT 134

IoT DDOS Passwords Malware 134

eSecurity Planet

DECEMBER 7, 2023

Most organizations use one of the AES algorithms for file encryption, full-disk encryption, application encryption, wifi transmission encryption, virtual public network (VPN) encryption, and encrypted protocols such as transport layer security (TLS). This article was originally written by Sam Ingalls and published on May 26, 2022.

Encryption 111

Encryption Passwords Authentication Password Management 111

eSecurity Planet

MAY 19, 2022

Most have a handful of built-in security capabilities to offer foundational network security, including Internet Protocol Security (IPsec) virtual private networks ( VPN ), stateful firewalls , and essential threat detection and response. Read more : Top Cybersecurity Startups to Watch in 2022. Encrypting Data in Transit.

Firewall 59

Firewall Architecture Software Backups 59

eSecurity Planet

MAY 2, 2024

However, also consider deploying specialized tools or tools with expanded capabilities, such as: Basic input output system (BIOS) security: Operates outside of the operating system to guard the firmware and other basic software connecting the operating system to a PC. 20% of employee time is spent on company networks.

Cybersecurity 123

Cybersecurity DDOS Penetration Testing Passwords 123