Security Affairs

FEBRUARY 12, 2025

CVE-2024-40891 is very similar to CVE-2024-40890 ( observed authentication attempts , observed command injection attempts ), with the main difference being that the former is telnet-based while the latter is HTTP-based. reads the advisory published by GreyNoise. 4)C0_20170615. reads the advisory.

Authentication 71

Authentication Firmware Cybersecurity Hacking 71

The Hacker News

JUNE 26, 2024

Apple has released a firmware update for AirPods that could allow a malicious actor to gain access to the headphones in an unauthorized manner. Tracked as CVE-2024-27867, the authentication issue affects AirPods (2nd generation and later), AirPods Pro (all models), AirPods Max, Powerbeats Pro, and Beats Fit Pro.

Firmware 145

Firmware Authentication 145

Security Affairs

NOVEMBER 25, 2024

Zyxel warns that a ransomware gang has been observed exploiting a recently patched command injection vulnerability, tracked as CVE-2024-42057, in its firewalls for initial compromise. ” The vendor addressed these vulnerabilities with the release of firmware version 5.39 ” reads the advisory published by the vendor.

Firewall 74

Firewall Ransomware VPN Firmware 74

Security Affairs

APRIL 2, 2024

Researchers from the firmware security firm Binarly released a free online scanner to detect the CVE-2024-3094 Backdoor Last week, Microsoft engineer Andres Freund discovered a backdoor issue in the latest versions of the “xz” tools and libraries. The vulnerability was tracked as CVE-2024-3094 and received a CVSS score of 10.

Firmware 133

Firmware Authentication Engineering Hacking 133

Security Affairs

JANUARY 29, 2025

The bot targets the command injection vulnerability CVE-2024-41710 that impacts Mitel models. ” The malware targets the flaw CVE-2024-41710 that affects Mitel 6800, 6900, and 6900w series SIP phones, including the 6970 Conference Unit through R6.4.0.HF1 Named after the Aqua filename, it was first reported in November 2023.

DDOS 67

DDOS Firmware Malware Firewall 67

Security Affairs

JUNE 14, 2024

CVE-2024-26169 is an elevation of privilege issue in the Microsoft Windows Error Reporting Service that can be exploited to could gain SYSTEM privileges. CVE-2024-4358 is an authentication bypass vulnerability that an unauthenticated attacker can exploit to gain access to Telerik Report Server restricted functionality.

Firmware 130

Firmware Authentication Hacking Risk 130

Digital Shadows

JANUARY 14, 2025

Key Findings The last quarter of 2024 proved to be a pivotal period for ransomware activity, marked by emerging threats and unexpected shifts among established groups. In our Q3 2024 ransomware report , we predicted activity would reach its peak in the last quarter of the year.

Ransomware 126

Ransomware Social Engineering Phishing VPN 126

Security Affairs

JUNE 5, 2024

Below is the list impacting the Zyxel NAS devices: CVE-2024-29972 : This command injection vulnerability in the CGI program “remote_help-cgi” in Zyxel NAS326 and NAS542 devices could allow an unauthenticated attacker to execute some operating system (OS) commands by sending a crafted HTTP POST request. 13)C0 and older.

Firmware 126

Firmware Authentication Manufacturing Hacking 126

Penetration Testing

FEBRUARY 6, 2025

Two newly discovered security vulnerabilitiesCVE-2024-9643 and CVE-2024-9644affecting the Four-Faith F3x36 router (firmware v2.0.0) could allow remote attackers to The post CVE-2024-9643 & CVE-2024-9644: Authentication Bypass in Four-Faith F3x36 Routers Puts Networks at Risk appeared first on Cybersecurity News.

Authentication 58

Authentication Risk Firmware Cybersecurity 58

SecureWorld News

FEBRUARY 20, 2025

He urges enterprises to implement Privileged Access Management (PAM) solutions and multi-factor authentication (MFA) and to enforce robust password policies to reduce the risk of account compromise. Stolen credentials remain the top breach factor, responsible for 24% of incidents in 2024.

Ransomware 113

Ransomware IoT Encryption Social Engineering 113

Security Boulevard

JUNE 21, 2024

ASUS announces major Firmware Update ASUS recently issued a firmware update to resolve a critical security vulnerability affecting seven different variants of its router models. Identified as CVE-2024-3080 with a CVSS v3 severity score of 9.8 Identified as CVE-2024-3080 with a CVSS v3 severity score of 9.8

Authentication 59

Authentication Firmware 59

Security Affairs

MAY 17, 2024

CVE-2021-40655 An informtion disclosure issue exists in D-LINK-DIR-605 B2 Firmware Version : 2.01MT. CISA orders federal agencies to fix these vulnerabilities by June 6, 2024. Experts recommend also private organizations review the Catalog and address the vulnerabilities in their infrastructure.

Firmware 128

Firmware Passwords Authentication Hacking 128

Penetration Testing

MARCH 17, 2025

A critical vulnerability, designated CVE-2024-540385, has been uncovered in HPE Cray XD670 servers utilizing the AMI BMC Redfish The post HPE Cray Vulnerability (CVE-2024-540385): Authentication Bypass Threat, CVSS 10 Alert appeared first on Cybersecurity News.

Authentication 64

Authentication Cybersecurity Firmware 64

Security Affairs

JUNE 19, 2024

” The seller states that the files were stolen in June 2024. The allegedly stolen data includes information on future products, datasheets, employee and customer databases, property files, firmware, source code, and financial documentation. It’s unclear if the data is authentic and which it the source.

Data breaches 137

Data breaches Firmware Cybercrime Media 137

Security Affairs

SEPTEMBER 4, 2024

The vulnerabilities CVE-2024-44341 and CVE-2024-44342 (CVSS score of 9.8) “D-Link DIR-846W A1 FW100A43 was discovered to contain a remote command execution (RCE) vulnerability (CVE-2024-44341) via the lan(0)_dhcps_staticlist parameter. are two OS command injection issues. ” reads the advisory. 0)_ssid parameter.”

Firmware 122

Firmware IoT Authentication Hacking 122

eSecurity Planet

JUNE 18, 2024

June 6, 2024 NVIDIA Patches 10 Vulnerabilities in GPU Products Type of vulnerability: Multiple, including code execution and elevation of privilege. June 7, 2024 Ransomware Exploiting PHP Flaw Type of vulnerability: Argument injection vulnerability leading to ransomware exploits. It’s tracked as CVE-2024-29824.

Firmware 114

Firmware Authentication Ransomware Software 114

eSecurity Planet

MAY 2, 2024

Most organizations express confidence in their current status and budgets, but also expect to experience at least one data breach in 2024. Multi-factor authentication : Protects stolen credentials against use by requiring more than a simple username and password combination for access to resources. globally, +19.8%

Cybersecurity 122

Cybersecurity DDOS Penetration Testing Passwords 122

Security Affairs

DECEMBER 3, 2024

Last week, VulnCheck researchers warned that ProjectSend vulnerability CVE-2024-11680 (CVSS score: 9.8) The vulnerability is an improper authentication issue that impacts ProjectSend versions before r1720. The vulnerability CVE-2024-11667 is a directory traversal flaw in Zyxel firmware (V5.00–V5.38)

Firewall 112

Firewall Authentication Accountability Firmware 112

eSecurity Planet

SEPTEMBER 9, 2024

September 2, 2024 RansomHub Exploits Multiple Vulnerabilities to Attack Critical Sectors Type of vulnerability: Multiple security flaws from major organizations. Companies should improve security by deploying endpoint detection and response (EDR), limiting remote access, and utilizing multi-factor authentication.

Firmware 110

Firmware Backups Firewall Risk 110

Security Affairs

AUGUST 22, 2024

The identity authentication bypass vulnerability found in some Dahua products during the login process. “The The identity authentication bypass vulnerability found in some Dahua products during the login process. Attackers can bypass device identity authentication by constructing malicious data packets.”

Authentication 131

Authentication Firmware Hacking Engineering 131

Security Affairs

JUNE 16, 2024

Patch it now!

Data breaches 123

Data breaches Hacking Ransomware Malware 123

SecureList

APRIL 25, 2025

With time, the vulnerabilities were patched, and restrictions were added to the firmware. Attackers are leveraging this by embedding malicious software into Android device firmware. Attackers are now embedding a sophisticated multi-stage loader directly into device firmware. oat ) located in the same directory. db database.

Malware 84

Malware Cryptocurrency Firmware Accountability 84

eSecurity Planet

AUGUST 20, 2024

August 12, 2024 Ivanti Runs Into Snag With Virtual Traffic Manager Type of vulnerability: Authentication bypass. The problem: Ivanti Virtual Traffic Manager has a vulnerability that could lead to authentication bypass and subsequent creation of an administrator when exploited. a critical rating.

Authentication 107

Authentication Firmware Technology Software 107

Security Affairs

AUGUST 29, 2024

Akamai’s Security Intelligence and Response Team (SIRT) has detected a botnet campaign exploiting multiple previously known vulnerabilities and a newly discovered zero-day, tracked as CVE-2024-7029 (CVSS score: 8.7), in AVTECH CCTV cameras. Commands can be injected over the network and executed without authentication.”

Firmware 125

Firmware Malware Security Intelligence Authentication 125

Security Boulevard

JANUARY 4, 2025

This is a news item roundup of privacy or privacy-related news items for 29 DEC 2024 - 4 JAN 2024. Vulnerabilities and Malware Primarily includes severe and exploited vulnerabilities in devices or software used by end users (ex: a major router firmware flaw). Malware campaigns covered generally target/affect the end user.

Data breaches 52

Data breaches Firmware Healthcare Malware 52

Security Affairs

MAY 1, 2025

SonicWall revealed that attackers actively exploited two security vulnerabilities, tracked as CVE-2023-44221 and CVE-2024-38475 , in its SMA100 Secure Mobile Access appliances. CVE-2024-38475 (CVSS score: 9.8) – Improper escaping of output in mod_rewrite in Apache HTTP Server 2.4.59 and earlier.

Firmware 62

Firmware Mobile VPN Authentication 62

eSecurity Planet

JANUARY 16, 2024

January 10, 2024 Thousands of WordPress Sites Vulnerable to Malware Injection Type of vulnerability: Cross-site scripting flaw in Popup Builder that allows a malware injection. This vulnerability is tracked as CVE-2024-21591. Potential results of the exploits include authentication bypass and command injection. Versions 9.x

Firewall 110

Firewall Firmware IoT Authentication 110

Security Affairs

AUGUST 22, 2024

The identity authentication bypass vulnerability found in some Dahua products during the login process. “The The identity authentication bypass vulnerability found in some Dahua products during the login process. Attackers can bypass device identity authentication by constructing malicious data packets.”

Authentication 101

Authentication Firmware Hacking Engineering 101

Security Boulevard

APRIL 17, 2025

In April 2024, Palo Alto Networks PAN-OS suffered a zero-day vulnerability that allowed attackers to install a Python-based backdoor known as UPSTYLE. This attack, dubbed Operation Midnight Eclipse , bypassed firewall defenses and allowed full remote access to internal networks.

Firewall 64

Firewall VPN Encryption Architecture 64

eSecurity Planet

AUGUST 13, 2024

August 5, 2024 Another Apache OfBiz Vulnerability to Watch Type of vulnerability: Remote code execution. It’s tracked as CVE-2024-38856 and allows a threat actor to use a specifically created request to execute code on endpoints without authorization. This new OfBiz flaw is a separate one. The fix: Upgrade to version 18.12.15.

Firmware 110

Firmware Software Wireless Security Defenses 110

eSecurity Planet

JUNE 24, 2024

ASUS fixed authentication bypass and buffer overflow issues in its routers. Cybersecurity researchers discovered a buffer overflow flaw in Intel Core processor firmware causing Phoenix Technology to release patches. The problem: Microsoft patched a critical vulnerability ( CVE-2024-30078 ) with a severity score of 8.8

Firmware 63

Firmware Passwords Software Risk 63

eSecurity Planet

JULY 1, 2024

MOVEit Transfer had an authentication bypass that affected 2,700 instances. Apple issued updates for AirPods’ Bluetooth authentication bypass flaw. To improve security, users should update software on a regular basis, establish strong authentication procedures, and limit access to key resources.

Risk 63

Risk Authentication Firmware Software 63

Security Affairs

JANUARY 7, 2025

Below are the descriptions for both vulnerabilities: CVE-2024-9138 (CVSS 4.0 score: 8.6): This vulnerability involves hard-coded credentials, an authenticated user can trigger the vulnerability to escalate privileges and gain root-level access to the system. CVE-2024-9140 : (CVSS 4.0 CVE-2024-9140 : (CVSS 4.0 score: 9.3)An

Firmware 52

Firmware Risk Authentication Network Security 52

eSecurity Planet

AUGUST 13, 2024

August 5, 2024 Another Apache OfBiz Vulnerability to Watch Type of vulnerability: Remote code execution. It’s tracked as CVE-2024-38856 and allows a threat actor to use a specifically created request to execute code on endpoints without authorization. This new OfBiz flaw is a separate one. The fix: Upgrade to version 18.12.15.

Firmware 105

Firmware Software Wireless Security Defenses 105

eSecurity Planet

JANUARY 22, 2024

January 16, 2024 Open-Source UEFI Implementation Sees 9 Vulnerabilities Type of vulnerability: Weaknesses in the network boot process of UEFI’s network implementation. The problem: The Unified Extensible Firmware Interface (UEFI) specification has an open-source network implementation, EDK II, with nine discovered vulnerabilities.

Authentication 115

Authentication Malware VPN Mobile 115

The Last Watchdog

JANUARY 22, 2024

23, 2024 — Sternum, the pioneer in embedded IoT security and observability, today announced enhanced security for the ChargePoint Home Flex. ChargePoint, with its last firmware update, has disabled the HTTP server and updated the NTP client to address the issues. Tel Aviv, Israel – Jan.

IoT 100

IoT InfoSec Firmware Manufacturing 100

eSecurity Planet

AUGUST 20, 2024

District Court claims that NPD experienced a data breach around April 2024, alleging the following: Sensitive data , such as full names, current and previous addresses (going back at least 30 years), Social Security numbers, and details about family members, including some who have been deceased for nearly two decades, were compromised.

Identity Theft 131

Identity Theft Data breaches Passwords Encryption 131