Security Affairs

JUNE 13, 2024

Google is warning of a security vulnerability impacting its Pixel Firmware that has been actively exploited in the wild as a zero-day. Google warned of an elevation of privilege vulnerability, tracked as CVE-2024-32896, in the Pixel Firmware, which has been exploited in the wild as a zero-day. ” reads the advisory.

Firmware 123

Firmware Spyware Hacking Information Security 123

Security Affairs

DECEMBER 3, 2024

The ‘Bootkitty’ Linux UEFI bootkit exploits the LogoFAIL flaws (CVE-2023-40238) to target systems using vulnerable firmware. A previously unknown UEFI application, named bootkit.efi, was uploaded to VirusTotal in November 2024. reads the advisory published by ESET. Vulnerable models include IdeaPad, Legion, and Yoga series.

Firmware 106

Firmware Manufacturing Malware Authentication 106

Security Affairs

JANUARY 19, 2025

” The firmware analysis performed by the experts revealed vulnerabilities in the dispatcher.cgi interface of WGS-804HPT switches’ web service. CVE-2024-48871 (CVSS score: 9.8) – Stack-based buffer overflow lets unauthenticated attackers execute remote code via malicious HTTP requests. ” concludes the report.

Firmware 69

Firmware IoT Wireless Surveillance 69

Security Affairs

MAY 1, 2025

SonicWall confirmed that threat actors actively exploited two vulnerabilities impacting its SMA100 Secure Mobile Access (SMA) appliances. SonicWall revealed that attackers actively exploited two security vulnerabilities, tracked as CVE-2023-44221 and CVE-2024-38475 , in its SMA100 Secure Mobile Access appliances.

Firmware 67

Firmware Mobile VPN Authentication 67

Security Affairs

SEPTEMBER 4, 2024

Google addressed a security vulnerability in its Android operating system that is actively exploited in attacks in the wild. Google addressed a high-severity vulnerability, tracked as CVE-2024-32896 (CVSS score: 7.8), in its Android operating system that is under active exploitation in the wild. reads the advisory.

Firmware 123

Firmware Mobile Hacking Information Security 123

Security Affairs

FEBRUARY 4, 2025

AMD released security patches to fix a flaw that could bypass SEV protection, letting attackers load malicious microcode. Researchers from Google disclosed an improper signature verification vulnerability, tracked asCVE-2024-56161 (CVSS score of 7.2), in AMD’s Secure Encrypted Virtualization (SEV).

Encryption 98

Encryption Firmware Hacking Information Security 98

Security Affairs

DECEMBER 19, 2024

Juniper Networks warns that a Mirai botnet is targeting SSR devices with default passwords after unusual activity was reported on December 11, 2024. Multiple customers reported anomalous activity on their Session Smart Network (SSN) platforms on December 11, 2024. ” read the report published by Juniper Networks.

DDOS 66

DDOS Firmware Firewall Passwords 66

Security Affairs

FEBRUARY 18, 2025

The vulnerabilities are: CVE-2024-12511: SMB / FTP pass-back vulnerability CVE-2024-12510: LDAP pass-back vulnerability The vulnerabilities impact Xerox Versalink MFPs and Firmware Version: 57.69.91 ” Organizations using Xerox VersaLink C7025 Multifunction printers should update to the latest firmware. and earlier.

Firmware 66

Firmware Authentication Accountability Passwords 66

Security Affairs

MAY 2, 2025

CVE-2024-38475 (CVSS score: 9.8) During further analysis, SonicWall and trusted security partners identified an additional exploitation technique using CVE-2024-38475, through which unauthorized access to certain files could enable session hijacking. SMA100 devices updated with the fixed firmware version 10.2.1.14-75sv

Firmware 67

Firmware Authentication VPN Mobile 67

Security Affairs

JANUARY 14, 2025

The campaign likely began in November 2024, the campaign unfolded in four phases: vulnerability scanning (Nov 1623, 2024), reconnaissance (Nov 2227), SSL VPN setup (Dec 47), and lateral movement (Dec 1627). ” The researchers noticed that the attack targeted firmware versions of devices ranging between 7.0.14

Firewall 82

Firewall VPN Accountability Firmware 82

Security Affairs

DECEMBER 26, 2024

In November 2024, the Akamai Security Intelligence Research Team (SIRT) observed increased activity targeting the URI /cgi-bin/cgi_main.cgi , linked to a Mirai-based malware campaign exploiting an unassigned RCE vulnerability in DVR devices, including DigiEver DS-2105 Pro. ” reads the analysis published by Akamai. in newer ones.

Manufacturing 88

Manufacturing Malware Firmware IoT 88

Security Affairs

JANUARY 29, 2025

The bot targets the command injection vulnerability CVE-2024-41710 that impacts Mitel models. ” The malware targets the flaw CVE-2024-41710 that affects Mitel 6800, 6900, and 6900w series SIP phones, including the 6970 Conference Unit through R6.4.0.HF1 Named after the Aqua filename, it was first reported in November 2023.

DDOS 67

DDOS Firmware Malware Firewall 67

Security Affairs

FEBRUARY 12, 2025

CVE-2024-40891 is very similar to CVE-2024-40890 ( observed authentication attempts , observed command injection attempts ), with the main difference being that the former is telnet-based while the latter is HTTP-based. reads the advisory published by GreyNoise. 4)C0_20170615.

Authentication 71

Authentication Firmware Cybersecurity Hacking 71

Security Affairs

SEPTEMBER 16, 2024

D-Link has addressed three critical vulnerabilities, tracked as CVE-2024-45694 , CVE-2024-45695 , CVE-2024-45697 , impacting three wireless router models. The manufacturer also addressed two high-severity vulnerabilities, tracked as CVE-2024-45696 and CVE-2024-45698. DIR-X4860 A1 firmware version 1.00, 1.04

Wireless 129

Wireless Firmware Manufacturing Hacking 129

Security Affairs

APRIL 2, 2024

Researchers from the firmware security firm Binarly released a free online scanner to detect the CVE-2024-3094 Backdoor Last week, Microsoft engineer Andres Freund discovered a backdoor issue in the latest versions of the “xz” tools and libraries. The vulnerability was tracked as CVE-2024-3094 and received a CVSS score of 10.

Firmware 133

Firmware Authentication Engineering Hacking 133

Security Affairs

JUNE 25, 2024

Researchers at the Shadowserver Foundation warn that a Mirai -based botnet has started exploiting a recently disclosed vulnerability tracked as CVE-2024-29973 (CVSS score 9.8) The flaw is a command injection vulnerability in the “setCookie” parameter in Zyxel NAS326 firmware versions before V5.21(AAZF.17)C0 13)C0 and older.

Firmware 123

Firmware Hacking Cybercrime Information Security 123

Security Affairs

AUGUST 6, 2024

Google addressed an actively exploited high-severity vulnerability, tracked as CVE-2024-36971, impacting the Android kernel. Google fixed a high-severity flaw, tracked as CVE-2024-36971, impacting the Android kernel. “There are indications that CVE-2024-36971 may be under limited, targeted exploitation.”

Firmware 130

Firmware Spyware Hacking Technology 130

Security Affairs

JUNE 5, 2024

Below is the list impacting the Zyxel NAS devices: CVE-2024-29972 : This command injection vulnerability in the CGI program “remote_help-cgi” in Zyxel NAS326 and NAS542 devices could allow an unauthenticated attacker to execute some operating system (OS) commands by sending a crafted HTTP POST request. 13)C0 and older. 13)C0 and older.

Firmware 126

Firmware Authentication Manufacturing Hacking 126

Security Affairs

JUNE 14, 2024

CVE-2024-26169 is an elevation of privilege issue in the Microsoft Windows Error Reporting Service that can be exploited to could gain SYSTEM privileges. CVE-2024-4358 is an authentication bypass vulnerability that an unauthenticated attacker can exploit to gain access to Telerik Report Server restricted functionality.

Firmware 130

Firmware Authentication Hacking Cybersecurity 130

Security Affairs

FEBRUARY 28, 2025

In September 2024, Doctor Web researchers uncovered a malware, tracked as Vo1d , that infected nearly 1.3 In August 2024, several users reported that Dr.Web antivirus detected changes in their TV box system files. In May 2024, an international law enforcement operation led by the U.S.

Antivirus 64

Antivirus Firmware Encryption Manufacturing 64

Security Affairs

JUNE 16, 2024

ASUS addresses a critical remote authentication bypass vulnerability, tracked as CVE-2024-3080 (CVSS v3.1 Some impacted models will not receive the firmware updates because they have reached the end-of-life (EoL). score: 9.8), impacting seven router models. impacting multiple devices. impacting multiple devices.

Authentication 130

Authentication Firmware VPN Manufacturing 130

Security Affairs

APRIL 3, 2024

Two issues fixed by the IT giant, tracked as CVE-2024-29745 and CVE-2024-29748, are actively exploited in the wild. “The most severe of these issues is a high security vulnerability in the System component that could lead to local escalation of privilege with no additional execution privileges needed.”

Spyware 134

Spyware Firmware Hacking Information Security 134

Security Affairs

MAY 17, 2024

Cybersecurity and Infrastructure Security Agency (CISA) added the following D-Link router vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog : CVE-2014-100005 Multiple cross-site request forgery (CSRF) vulnerabilities in D-Link DIR-600 router (rev. CISA orders federal agencies to fix these vulnerabilities by June 6, 2024.

Firmware 128

Firmware Passwords Authentication Hacking 128

Security Affairs

MAY 27, 2024

Researchers at OneKey discovered a a critical remote code execution (RCE) vulnerability, tracked as CVE-2024-5035 (CVSS score 10.0), in TP-Link Archer C5400X gaming router. The issue affects firmware versions, through 1.1.1.6, Below is the timeline for this flaw: 2024-02-16 –Report submitted to TP-Link PSIRT through encrypted email.

Firmware 132

Firmware Encryption Hacking Information Security 132

Security Affairs

JANUARY 14, 2024

Apple addressed a recently disclosed Bluetooth keyboard injection vulnerability with the release of Magic Keyboard firmware. Apple released Magic Keyboard Firmware Update 2.0.6 to address a recently disclosed Bluetooth keyboard injection issue tracked as CVE-2024-0230.

Firmware 138

Firmware Hacking Information Security 138

Security Boulevard

JANUARY 18, 2024

So, let’s explore what 2024 and beyond has in store for all of us in the digital world. I have concluded the increasing involvement of offensive nation-states directly supports most of the 2024 cybersecurity predictions. 2024 Cybersecurity Predictions 1. In 2024: 1. They will suffer disproportionately.

Risk 115

Risk Cybersecurity CISO Technology 115

Security Affairs

AUGUST 26, 2024

SonicWall has released security updates to address a critical vulnerability, tracked as CVE-2024-40766 (CVSS score: 9.3), in its firewalls. However SonicWall recommends youinstall the latest firmware. .” However SonicWall recommends youinstall the latest firmware. ” reads the advisory published by the vendor.

Firewall 125

Firewall Firmware Malware Internet 125

Security Affairs

SEPTEMBER 13, 2024

In August 2024, several users reported that Dr.Web antivirus detected changes in their TV box system files. Users may also mistakenly believe TV boxes are more secure than smartphones and are less likely to install antivirus software, increasing their risk when downloading third-party apps or unofficial firmware.

Malware 140

Malware Firmware Antivirus Manufacturing 140

SecureList

JANUARY 31, 2024

We do not expect rapid changes in the industrial cyberthreat landscape in 2024. 1 scourge of industrial enterprises in 2024. In 2023, ransomware attacks consolidated their hold on the top of the ranking of information security threats to industrial enterprises. Ransomware Ransomware will remain the No.

Ransomware 115

Ransomware Energy and Utilities Marketing Backups 115

Security Affairs

JUNE 16, 2024

Patch it now!

Data breaches 123

Data breaches Hacking Ransomware Malware 123

Security Affairs

AUGUST 29, 2024

Akamai’s Security Intelligence and Response Team (SIRT) has detected a botnet campaign exploiting multiple previously known vulnerabilities and a newly discovered zero-day, tracked as CVE-2024-7029 (CVSS score: 8.7), in AVTECH CCTV cameras. This can be executed remotely with elevated privileges (running process owner.)”

Firmware 125

Firmware Malware Security Intelligence Authentication 125

Security Affairs

DECEMBER 3, 2024

Attackers can use malformed XML requests to access arbitrary server files containing account information. Last week, VulnCheck researchers warned that ProjectSend vulnerability CVE-2024-11680 (CVSS score: 9.8) The vulnerability CVE-2024-11667 is a directory traversal flaw in Zyxel firmware (V5.00–V5.38)

Firewall 112

Firewall Authentication Accountability Firmware 112

Security Affairs

FEBRUARY 7, 2024

shim is a small piece of code used by most Linux distributions in the boot process to support Secure Boot. It is frequently employed when either the bootloader or the operating system kernel lacks a signature recognized by the UEFI firmware. The flaw was discovered by Bill Demirkapi of the Microsoft Security Response Center (MSRC).

Firmware 139

Firmware Hacking Information Security 139

Security Affairs

FEBRUARY 9, 2024

Fortinet warns that the recently discovered critical remote code execution flaw in FortiOS SSL VPN, tracked CVE-2024-21762, is being actively exploited. The security firm did not provide details about the attacks exploiting this vulnerability. The malware survives reboots and firmware upgrades. through 7.4.2 Upgrade to 7.4.3

VPN 132

VPN Firmware Malware Government 132

Security Affairs

SEPTEMBER 14, 2024

CISA adds SonicWall SonicOS, ImageMagick and Linux Kernel bugs to its Known Exploited Vulnerabilities catalog Electronic payment gateway Slim CD disclosed a data breach impacting 1.7M

Data breaches 122

Data breaches Computers and Electronics Spyware Cybercrime 122

Security Affairs

SEPTEMBER 6, 2024

Recently fixed access control SonicOS vulnerability, tracked as CVE-2024-40766, is potentially exploited in attacks in the wild, SonicWall warns. SonicWall warns that a recently fixed access control flaw, tracked as CVE-2024-40766 (CVSS v3 score: 9.3), in SonicOS is now potentially exploited in attacks. 5035 and older versions.

Firewall 126

Firewall Passwords Internet Internet 126

The Last Watchdog

JANUARY 22, 2024

23, 2024 — Sternum, the pioneer in embedded IoT security and observability, today announced enhanced security for the ChargePoint Home Flex. ChargePoint, with its last firmware update, has disabled the HTTP server and updated the NTP client to address the issues. Tel Aviv, Israel – Jan.

IoT 100

IoT InfoSec Firmware Manufacturing 100