Security Affairs

JANUARY 15, 2024

SonicWall next-generation firewall (NGFW) series 6 and 7 devices are affected by two unauthenticated denial-of-service vulnerabilities, tracked as CVE-2022-22274 and CVE-2023-0656 , that could potentially lead to remote code execution. ” concludes the report.

Firewall 145

Firewall Hacking Firmware Internet 145

Security Affairs

OCTOBER 4, 2023

Google Threat Analysis Group and Google Project Zero first reported that the CVE-2023-33106, CVE-2023-33107, CVE-2022-22071 and CVE-2023-33063 are actively exploited in targeted attacks. The details of the remaining CVEs will be shared in our December 2023 public bulletin.”

Firmware 133

Firmware Surveillance Authentication Manufacturing 133

Security Affairs

FEBRUARY 7, 2024

The most severe of these vulnerabilities, tracked as CVE-2023-40547 (CVSS score: 9.8), can lead to remote code execution under specific circumstances. The vulnerability CVE-2023-40547 is an RCE in http boot support that can lead to Secure Boot bypass “A remote code execution vulnerability was found in Shim. .”

Firmware 143

Firmware Hacking Information Security 143

Security Affairs

JULY 3, 2023

Researchers reported that there are 490,000 Fortinet firewalls exposing SSL VPN interfaces on the internet, and roughly 69% of them are still vulnerable to CVE-2023-27997. For this reason, if the customer has SSL-VPN enabled, Fortinet is advising customers to take immediate action to upgrade to the most recent firmware release.

Firewall 98

Firewall VPN Firmware Internet 98

Security Affairs

SEPTEMBER 6, 2023

The three vulnerabilities were reported by the Taiwanese CERT, below are their descriptions: CVE-2023-39238 (CVSS 9.8): ASUS RT-AX55, RT-AX56U_V2 and RT-AC86U iperf-related modules set_iperf3_svr.cgi API has a format string vulnerability. This function does not properly verify the input format string.

Firmware 145

Firmware Hacking Internet Internet 145

Security Affairs

JANUARY 14, 2024

Forescout experts questioned the attribution of cyber attacks that targeted the energy sector in Denmark in 2023 to the Russia-linked Sandworm. Forescout experts shared findings from their analysis of the cyber attacks that targeted the energy sector in Denmark in 2023, attributing them to the Russia-linked Sandworm. through 5.35.

Firewall 141

Firewall Firmware Cyber Attacks VPN 141

Security Affairs

JUNE 7, 2023

June 2023 security update for Android released by Google fixes about fifty flaws, including an Arm Mali GPU bug exploited by surveillance firms in their spyware. The June 2023 Android Security Bulletin provides details about the fix for more than fifty vulnerabilities affecting Android devices.

Spyware 98

Spyware Surveillance Firmware Hacking 98

Security Affairs

DECEMBER 17, 2023

The researchers discovered the botnet in October 2023, but they believe it has been active since at least 2022. The experts reported the two vulnerabilities to the respective vendors, but they plan to release the fixes in December 2023. and earlier. The vulnerability affects VioStor NVR Versions 5.0.0 and earlier (5.0.0

Firmware 142

Firmware Wireless DDOS IoT 142

Security Affairs

APRIL 28, 2023

A vulnerability impacting Zyxel firewalls, tracked as CVE-2023-28771, can be exploited to execute arbitary code on vulnerable devices. Researchers from TRAPA Security have discovered a critical remote code execution vulnerability, tracked as CVE-2023-28771 (CVSS score 9.8), impacting Zyxel Firewall. through 5.35. through 5.35.

Firewall 98

Firewall Firmware VPN Authentication 98

Security Affairs

JUNE 13, 2023

Fortinet addressed a new critical flaw, tracked as CVE-2023-27997, in FortiOS and FortiProxy that is likely exploited in a limited number of attacks. Fortinet has finally published an official advisory about the critical vulnerability, tracked as CVE-2023-27997 (CVSS score: 9.2), impacting FortiOS and FortiProxy.

Firewall 98

Firewall VPN Firmware Manufacturing 98

Security Affairs

OCTOBER 1, 2023

ALPHV/BlackCat ransomware gang hacked the hotel chain Motel One FBI warns of dual ransomware attacks Progress Software fixed two critical severity flaws in WS_FTP Server Child abuse site taken down, organized child exploitation crime suspected – exclusive A still unpatched zero-day RCE impacts more than 3.5M

Artificial Intelligence 135

Artificial Intelligence Firmware Data breaches Hacking 135

Security Affairs

FEBRUARY 6, 2024

“The Ministry of Defence (MOD) of the Netherlands was impacted in 2023 by an intrusion into one of its networks. The malware survives reboots and firmware upgrades. Moreover, the infection survives firmware upgrades.” The effects were limited because of prior network segmentation” reads the report.

Malware 141

Malware Firmware VPN Backups 141

Security Affairs

AUGUST 26, 2024

However SonicWall recommends youinstall the latest firmware. In March 2023, Mandiant researchers reported that alleged China-linked threat actors, tracked as UNC4540, deployed custom malware on a SonicWall SMA appliance. .” Below are the impacted versions: Impacted Platforms Impacted Versions SOHO (Gen 5) 5.9.2.14-12o

Firewall 133

Firewall Firmware Malware Internet 133

Security Affairs

NOVEMBER 14, 2023

On April 25, 2023, Zyxel disclosed a critical vulnerability (CVSS score 9.8), tracked as CVE-2023-28771 , in a number of their firewalls. The vulnerability is an improper error message handling in Zyxel ZyWALL/USG series firmware versions 4.60 through 4.73, VPN series firmware versions 4.60 through 5.35. through 5.35.

Cyber Attacks 142

Cyber Attacks Firmware Firewall VPN 142

Security Affairs

APRIL 5, 2023

HP would take up to 90 days to address a critical flaw, tracked as CVE-2023-1707, that resides in the firmware of some business-grade printers. HP is aware of a critical vulnerability, tracked as CVE-2023-1707 (CVSS v3.1 The vendor has released temporary firmware mitigation for customers currently running FutureSmart 5.6

Firmware 98

Firmware Education Media Hacking 98

Security Affairs

JUNE 4, 2023

Zyxel has published guidance for protecting firewall and VPN devices from ongoing attacks exploiting CVE-2023-28771 , CVE-2023-33009 , and CVE-2023-33010 vulnerabilities. Threat actors are actively attempting to exploit the command injection vulnerability CVE-2023-28771 impacting Zyxel firewalls. Patch 1 ZLD V5.36

Firmware 98

Firmware VPN Firewall Hacking 98

Security Affairs

JUNE 19, 2023

ASUS addressed critical vulnerabilities in multiple router models, urging customers to immediately install firmware updates. ASUS is warning customers to update some router models to the latest firmware to address critical vulnerabilities. “Update your router to the latest firmware.

Firmware 98

Firmware VPN Wireless Passwords 98

Security Affairs

MAY 31, 2023

Researchers from firmware security firm Eclypsium have discovered a suspected backdoor-like behavior within Gigabyte systems. The experts discovered that the firmware in Gigabyte systems drops and executes a Windows native executable during the system startup process. The executable resides in a UEFI firmware volume.

Firmware 98

Firmware Risk Software Passwords 98

Security Affairs

JUNE 5, 2024

CVE-2024-29976 :This improper privilege management vulnerability in the command “show_allsessions” in Zyxel NAS326 and NAS542 devices could allow an authenticated attacker to obtain a logged-in administrator’s session information containing cookies on an affected device. The vulnerabilities affect NAS326 running firmware versions 5.21(AAZF.16)C0

Firmware 134

Firmware Authentication Manufacturing Hacking 134

Security Affairs

JUNE 1, 2023

Threat actors are actively exploiting a command injection flaw, tracked as CVE-2023-28771, in Zyxel firewalls to install malware. Threat actors are actively attempting to exploit a command injection vulnerability, tracked as CVE-2023-28771 , that impacts Zyxel firewalls. through 4.73, VPN series firmware versions 4.60

Firewall 98

Firewall Firmware VPN DDOS 98

Security Boulevard

SEPTEMBER 1, 2023

Many thanks to BSides Cheltenham for publishing their presenter’s outstanding BSides Cheltenham 2023 security content on the organizations’ YouTube channel. Permalink The post BSides Cheltenham 2023 – Stephen – All Your Firmwares Are Belong To Us: A Guide To Successful Acquisition appeared first on Security Boulevard.

Firmware 45

Firmware Architecture CISO Education 45

Security Affairs

JANUARY 9, 2023

Tens of software vulnerabilities affected Qualcomm firmware and impacted the devices of Microsoft, Lenovo, and Samsung. Qualcomm January 2023 security bulletin addressed 22 software vulnerabilities in its Snapdragon suite. Lenovo released updates to address the vulnerabilities impacting the ThinkPad X13s BIOS.

Firmware 98

Firmware Manufacturing Software Hacking 98

Security Affairs

JULY 22, 2023

Researchers warn of several DDoS botnets exploiting a critical flaw tracked as CVE-2023-28771 in Zyxel devices. The flaw, tracked as CVE-2023-28771 (CVSS score: 9.8), is a command injection issue that could potentially allow an unauthorized attacker to execute arbitrary code on vulnerable devices. through 5.35.

DDOS 98

DDOS Firmware VPN Firewall 98

Security Affairs

AUGUST 11, 2023

The vulnerability impacts devices running firmware versions 7.3.15.0 Zyxel addressed the vulnerability in 2017 with the release of new firmware, however, the vendor warned that a Gafgyt variant was exploiting the flaw in 2019. Additionally, the P660HN-T1A running the latest generic firmware, version 3.40(BYF.11), 0)b31 or older.

Firmware 98

Firmware Hacking Cybercrime Information Security 98

Security Affairs

MAY 4, 2023

Cisco is warning of a critical remote code execution (RCE) vulnerability, tracked as CVE-2023-20126 (CVSS score of 9.8), impacting SPA112 2-Port phone adapters. “An attacker could exploit this vulnerability by upgrading an affected device to a crafted version of firmware. The company product has reached end-of-life (EoL).

Firmware 98

Firmware Education Media Authentication 98

Security Affairs

MAY 11, 2023

An attacker could also use these vulnerabilities to access and control networked smart devices (security cameras, thermostats, smart locks), change router settings including credentials or DNS settings, or use a compromised network to launch attacks against other devices or networks.” for the RAX30 router family.

Hacking 98

Hacking Firmware Authentication DNS 98

Security Affairs

DECEMBER 28, 2023

On December 27, 2023, Boris Larin , Leonid Bezvershenko , and Georgy Kucherin delivered a presentation, titled, “Operation Triangulation: What You Get When Attack iPhones of Researchers”, at the 37th Chaos Communication Congress (37C3), held Hamburg. . The attackers also exploited CVE-2023-38606 to bypass the Page Protection Layer (PPL).

Spyware 143

Spyware Firmware Mobile Malware 143

Security Affairs

DECEMBER 3, 2024

Cybersecurity and Infrastructure Security Agency (CISA) adds ProjectSend, North Grid Proself, and Zyxel firewalls bugs to its Known Exploited Vulnerabilities catalog. The vulnerability was published on November 26, the patch has been publicly available since May 16, 2023.

Firewall 120

Firewall Authentication Accountability Firmware 120

SecureWorld News

JUNE 13, 2023

Critical Start today released its biannual Cyber Intelligence Report, featuring the top threats observed in the first half of 2023 and emerging cybersecurity trends impacting the healthcare, financial services, and state and local government industries. After a brief hiatus, Emotet threat actors resumed their operations in early March 2023.

Cyber threats 73

Cyber threats Malware Phishing Penetration Testing 73

Security Affairs

AUGUST 14, 2023

The procedures allow administrators to provide device information such as server addresses, account information, and firmware updates. The server is used to provide configurations and firmware updates to the devices. In this scenario, an attacker can act as a rogue server and distribute malicious firmware.

Firmware 98

Firmware Authentication Passwords Hacking 98

Security Affairs

MAY 25, 2023

The first vulnerability, tracked as CVE-2023-32165 , is a D-View TftpReceiveFileHandler Directory Traversal Remote Code Execution flaw. “Please note that this is a device beta software, beta firmware, or hot-fix release which is still undergoing final testing before its official release. ” We are in the final!

Firmware 98

Firmware Authentication Software Hacking 98

Security Affairs

MARCH 29, 2023

Taiwanese vendor QNAP warns customers to update their network-attached storage (NAS) devices to address a high-severity Sudo privilege escalation vulnerability tracked as CVE-2023-22809. The vulnerability was discovered by security firm Synacktiv, it is a sudoers policy bypass in Sudo version 1.9.12p1 when using sudoedit.

Firmware 98

Firmware Hacking Internet Internet 98

Security Affairs

FEBRUARY 28, 2024

In April 2023, FortiGuard Labs researchers observed a hacking campaign targeting Cacti ( CVE-2022-46169 ) and Realtek ( CVE-2021-35394 ) vulnerabilities to spread ShellBot and Moobot malware. APT28 was also observed exploiting the critical privilege escalation vulnerability CVE-2023-23397 (CVSS score: 9.8)

Energy and Utilities 139

Energy and Utilities Government Firewall Malware 139

Security Affairs

DECEMBER 17, 2023

CISA and ENISA enhance their Cooperation CISA adds Qlik bugs to exploited vulnerabilities catalog Report: 2.6 CISA and ENISA enhance their Cooperation CISA adds Qlik bugs to exploited vulnerabilities catalog Report: 2.6 CISA and ENISA enhance their Cooperation CISA adds Qlik bugs to exploited vulnerabilities catalog Report: 2.6

Data breaches 132

Data breaches Cybercrime Firewall Artificial Intelligence 132

Security Affairs

JULY 14, 2023

Cybersecurity and Infrastructure Security Agency (CISA) is warning of two vulnerabilities affecting Rockwell Automation ControlLogix EtherNet/IP (ENIP) communication module models that could be exploited to achieve remote code execution and trigger a denial-of-service condition. ” reads the advisory published by CISA.

Firmware 98

Firmware CISO Hacking Government 98

Security Affairs

JUNE 28, 2023

The experts focused on achieving code execution on a commercially available drone, supporting significant security features (i.e. the use of signed and encrypted firmware, Trusted Execution Environment (TEE), and Secure Boot), using non-invasive techniques. ” added the company.

Firmware 98

Firmware Encryption Hacking Information Security 98

Security Affairs

AUGUST 13, 2023

The researchers presented their findings at the DEFCON security conference today. The nine vulnerabilities have received CVE between CVE-2023-3259 through CVE-2023-3267. Below is the list of flaws discovered by the researchers: CyberPower PowerPanel Enterprise: CVE-2023-3264: Use of Hard-coded Credentials (CVSS 6.7)

Hacking 98

Hacking Firmware Authentication Software 98