Security Affairs

JUNE 25, 2024

Researchers at the Shadowserver Foundation warn that a Mirai -based botnet has started exploiting a recently disclosed vulnerability tracked as CVE-2024-29973 (CVSS score 9.8) The flaw is a command injection vulnerability in the “setCookie” parameter in Zyxel NAS326 firmware versions before V5.21(AAZF.17)C0 13)C0 and older.

Firmware 123

Firmware Hacking Cybercrime Information Security 123

Security Affairs

NOVEMBER 9, 2024

As of the publication, no publicly known vulnerabilities have been identified in the latest firmware version. Below are the vulnerabilities reported by ZDI: CVE-2024-8355 : SQL injection in DeviceManager, enabling database manipulation or code execution via spoofed Apple device connections.

Hacking 128

Hacking Firmware Software Manufacturing 128

Security Affairs

AUGUST 6, 2024

Google addressed an actively exploited high-severity vulnerability, tracked as CVE-2024-36971, impacting the Android kernel. Google fixed a high-severity flaw, tracked as CVE-2024-36971, impacting the Android kernel. “There are indications that CVE-2024-36971 may be under limited, targeted exploitation.”

Firmware 130

Firmware Spyware Hacking Technology 130

Security Affairs

APRIL 3, 2024

Two issues fixed by the IT giant, tracked as CVE-2024-29745 and CVE-2024-29748, are actively exploited in the wild. “The most severe of these issues is a high security vulnerability in the System component that could lead to local escalation of privilege with no additional execution privileges needed.”

Spyware 134

Spyware Firmware Hacking Information Security 134

Security Affairs

JUNE 5, 2024

Below is the list impacting the Zyxel NAS devices: CVE-2024-29972 : This command injection vulnerability in the CGI program “remote_help-cgi” in Zyxel NAS326 and NAS542 devices could allow an unauthenticated attacker to execute some operating system (OS) commands by sending a crafted HTTP POST request. 13)C0 and older. 13)C0 and older.

Firmware 126

Firmware Authentication Manufacturing Hacking 126

Security Affairs

JUNE 14, 2024

CVE-2024-26169 is an elevation of privilege issue in the Microsoft Windows Error Reporting Service that can be exploited to could gain SYSTEM privileges. CVE-2024-4358 is an authentication bypass vulnerability that an unauthenticated attacker can exploit to gain access to Telerik Report Server restricted functionality.

Firmware 130

Firmware Authentication Hacking Cybersecurity 130

Security Affairs

NOVEMBER 6, 2024

Taiwanese vendor Synology has addressed a critical security vulnerability, tracked as CVE-2024-10443, that impacts DiskStation and BeePhotos. Security researcher Rick de Jager demonstrated the vulner ability, called RISK:STATION by cybersecurity firm Midnight Blue, at the Pwn2Own Ireland 2024 hacking contest.

Firmware 123

Firmware Manufacturing Hacking Media 123

Security Affairs

NOVEMBER 5, 2024

Affected devices use VHD PTZ camera firmware < 6.3.40 These cameras, which feature an embedded web server allowing for direct access by web browser, are reportedly deployed in environments where reliability and privacy are crucial” CVE-2024-8956 (CVSS score of 9.1) CVE-2024-8957 (CVSS score of CVSS 7.2) concludes the report.

Firmware 125

Firmware Manufacturing Authentication Healthcare 125

Security Affairs

JANUARY 14, 2024

Apple addressed a recently disclosed Bluetooth keyboard injection vulnerability with the release of Magic Keyboard firmware. Apple released Magic Keyboard Firmware Update 2.0.6 to address a recently disclosed Bluetooth keyboard injection issue tracked as CVE-2024-0230.

Firmware 138

Firmware Hacking Information Security 138

Security Affairs

JUNE 16, 2024

ASUS addresses a critical remote authentication bypass vulnerability, tracked as CVE-2024-3080 (CVSS v3.1 Some impacted models will not receive the firmware updates because they have reached the end-of-life (EoL). score: 9.8), impacting seven router models. impacting multiple devices. impacting multiple devices.

Authentication 130

Authentication Firmware VPN Manufacturing 130

Security Boulevard

JANUARY 18, 2024

So, let’s explore what 2024 and beyond has in store for all of us in the digital world. I have concluded the increasing involvement of offensive nation-states directly supports most of the 2024 cybersecurity predictions. 2024 Cybersecurity Predictions 1. In 2024: 1. They will suffer disproportionately.

Risk 115

Risk Cybersecurity CISO Technology 115

Security Affairs

MAY 17, 2024

Cybersecurity and Infrastructure Security Agency (CISA) added the following D-Link router vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog : CVE-2014-100005 Multiple cross-site request forgery (CSRF) vulnerabilities in D-Link DIR-600 router (rev. CISA orders federal agencies to fix these vulnerabilities by June 6, 2024.

Firmware 128

Firmware Authentication Passwords Hacking 128

Security Affairs

MAY 27, 2024

Researchers at OneKey discovered a a critical remote code execution (RCE) vulnerability, tracked as CVE-2024-5035 (CVSS score 10.0), in TP-Link Archer C5400X gaming router. The issue affects firmware versions, through 1.1.1.6, Below is the timeline for this flaw: 2024-02-16 –Report submitted to TP-Link PSIRT through encrypted email.

Firmware 132

Firmware Encryption Hacking Information Security 132

Security Affairs

AUGUST 26, 2024

SonicWall has released security updates to address a critical vulnerability, tracked as CVE-2024-40766 (CVSS score: 9.3), in its firewalls. However SonicWall recommends youinstall the latest firmware. .” However SonicWall recommends youinstall the latest firmware. ” reads the advisory published by the vendor.

Firewall 125

Firewall Firmware Malware Internet 125

Security Affairs

DECEMBER 3, 2024

The ‘Bootkitty’ Linux UEFI bootkit exploits the LogoFAIL flaws (CVE-2023-40238) to target systems using vulnerable firmware. A previously unknown UEFI application, named bootkit.efi, was uploaded to VirusTotal in November 2024. reads the advisory published by ESET. Vulnerable models include IdeaPad, Legion, and Yoga series.

Firmware 106

Firmware Manufacturing Malware Authentication 106

Security Affairs

SEPTEMBER 13, 2024

In August 2024, several users reported that Dr.Web antivirus detected changes in their TV box system files. Users may also mistakenly believe TV boxes are more secure than smartphones and are less likely to install antivirus software, increasing their risk when downloading third-party apps or unofficial firmware.

Malware 140

Malware Firmware Antivirus Manufacturing 140

Security Affairs

AUGUST 2, 2024

Cybersecurity and Infrastructure Security Agency (CISA) published an advisory to warn of a vulnerability, tracked as CVE-2024-7029 (CVSS base score of 8.8), in Avtech camera that has been exploited in the wild. ” The vulnerability impacts Avtech AVM1203 IP cameras running firmware versions FullImg-1023-1007-1011-1009 and prior.

Firmware 128

Firmware Firewall Risk Authentication 128

Security Affairs

JUNE 16, 2024

Patch it now!

Data breaches 123

Data breaches Hacking Ransomware Malware 123

Security Affairs

DECEMBER 19, 2024

Juniper Networks warns that a Mirai botnet is targeting SSR devices with default passwords after unusual activity was reported on December 11, 2024. Multiple customers reported anomalous activity on their Session Smart Network (SSN) platforms on December 11, 2024. ” read the report published by Juniper Networks.

DDOS 66

DDOS Firmware Firewall Passwords 66

Security Affairs

FEBRUARY 7, 2024

shim is a small piece of code used by most Linux distributions in the boot process to support Secure Boot. It is frequently employed when either the bootloader or the operating system kernel lacks a signature recognized by the UEFI firmware. The flaw was discovered by Bill Demirkapi of the Microsoft Security Response Center (MSRC).

Firmware 139

Firmware Hacking Information Security 139

SecureList

JANUARY 31, 2024

We do not expect rapid changes in the industrial cyberthreat landscape in 2024. 1 scourge of industrial enterprises in 2024. In 2023, ransomware attacks consolidated their hold on the top of the ranking of information security threats to industrial enterprises. Ransomware Ransomware will remain the No.

Ransomware 96

Ransomware Energy and Utilities Marketing Backups 96

Security Affairs

AUGUST 29, 2024

Akamai’s Security Intelligence and Response Team (SIRT) has detected a botnet campaign exploiting multiple previously known vulnerabilities and a newly discovered zero-day, tracked as CVE-2024-7029 (CVSS score: 8.7), in AVTECH CCTV cameras. This can be executed remotely with elevated privileges (running process owner.)”

Firmware 125

Firmware Malware Security Intelligence Authentication 125

Security Affairs

DECEMBER 3, 2024

Attackers can use malformed XML requests to access arbitrary server files containing account information. Last week, VulnCheck researchers warned that ProjectSend vulnerability CVE-2024-11680 (CVSS score: 9.8) The vulnerability CVE-2024-11667 is a directory traversal flaw in Zyxel firmware (V5.00–V5.38)

Firewall 112

Firewall Authentication Accountability Firmware 112

Security Affairs

FEBRUARY 9, 2024

Fortinet warns that the recently discovered critical remote code execution flaw in FortiOS SSL VPN, tracked CVE-2024-21762, is being actively exploited. The security firm did not provide details about the attacks exploiting this vulnerability. The malware survives reboots and firmware upgrades. through 7.4.2 Upgrade to 7.4.3

VPN 132

VPN Firmware Malware Government 132

Security Affairs

DECEMBER 30, 2024

Cybersecurity firm VulnCheck warns that a high-severity flaw, tracked as CVE-2024-12856 (CVSS score: 7.2), in Four-Faith routers is actively exploited in the wild. “At least firmware version 2.0 “At least firmware version 2.0 ” reads the advisory. ” reads the report published by VulnCheck.

Firmware 64

Firmware Authentication Cybersecurity Hacking 64

Security Affairs

DECEMBER 26, 2024

In November 2024, the Akamai Security Intelligence Research Team (SIRT) observed increased activity targeting the URI /cgi-bin/cgi_main.cgi , linked to a Mirai-based malware campaign exploiting an unassigned RCE vulnerability in DVR devices, including DigiEver DS-2105 Pro. ” reads the analysis published by Akamai. in newer ones.

Manufacturing 88

Manufacturing Malware Firmware IoT 88

Security Affairs

SEPTEMBER 14, 2024

CISA adds SonicWall SonicOS, ImageMagick and Linux Kernel bugs to its Known Exploited Vulnerabilities catalog Electronic payment gateway Slim CD disclosed a data breach impacting 1.7M

Data breaches 122

Data breaches Computers and Electronics Spyware Cybercrime 122

Security Affairs

SEPTEMBER 6, 2024

Recently fixed access control SonicOS vulnerability, tracked as CVE-2024-40766, is potentially exploited in attacks in the wild, SonicWall warns. SonicWall warns that a recently fixed access control flaw, tracked as CVE-2024-40766 (CVSS v3 score: 9.3), in SonicOS is now potentially exploited in attacks. 5035 and older versions.

Firewall 126

Firewall Passwords Internet Internet 126

Krebs on Security

MAY 22, 2023

Residential proxies also can refer to households protected by compromised home routers running factory-default credentials or outdated firmware. Proshutinskiy’s LinkedIn profile says he is a Class of 2024 student at TGM , which is a Christian mission school in Austria. “On Twitter, more spam and crypto scam.”

Scams 283

Scams DDOS Cryptocurrency Accountability 283

The Last Watchdog

JANUARY 22, 2024

23, 2024 — Sternum, the pioneer in embedded IoT security and observability, today announced enhanced security for the ChargePoint Home Flex. ChargePoint, with its last firmware update, has disabled the HTTP server and updated the NTP client to address the issues. Tel Aviv, Israel – Jan.

IoT 100

IoT InfoSec Firmware Manufacturing 100

Security Affairs

FEBRUARY 28, 2024

” In February 2024, a court order allowed US authorities to neutralize the Moobot botnet, a network of hundreds of small office/home office (SOHO) routers under the control of the Russia-linked group APT28. Upgrade to the latest firmware version. Additionally, the actors have strategically targeted many individuals in Ukraine.”

Energy and Utilities 132

Energy and Utilities Government Firewall Malware 132

Security Affairs

AUGUST 22, 2024

In order to protect Dahua devices, users have to install the latest firmware version. CISA orders federal agencies to fix this vulnerability by September 11, 2024. The vulnerability CVE-2022-0185 is a Linux kernel issue that China-linked threat actors have exploited in attacks in the wild.

Authentication 101

Authentication Firmware Hacking Engineering 101

Security Affairs

NOVEMBER 27, 2024

ESET discovered the first Unified Extensible Firmware Interface (UEFI) bootkit specifically designed for Linux systems, named Bootkitty. A previously unknown UEFI application, named bootkit.efi, was uploaded to VirusTotal in November 2024. ” reads the advisory published by ESET. ” concludes the report.

Firmware 62

Firmware Authentication Malware Hacking 62

eSecurity Planet

MAY 20, 2024

This doubles as your weekly reminder to check your IT vendors’ security bulletins regularly and patch every vulnerability as soon as you learn about it. Always prioritize creating a patch plan if your security teams haven’t developed a methodology already. This vulnerability affects natural language processing applications.

VPN 63

VPN Firmware Malware Software 63

SecureList

FEBRUARY 27, 2024

However, we decided not to update the toy immediately in order to explore what could be extracted from the older firmware version. ADB Activation We analyzed the configuration files contained in the firmware memory chip and found a setting called “ENABLE_ADB=N.” The ADB service is disabled.

Education 118

Education Manufacturing Internet Internet 118

Pen Test Partners

OCTOBER 9, 2023

There is no concrete method to follow as it will rely on contents of the decomposed design from Step 2, but typical examples might include the following: Intellectual property in the device firmware. Deploy malicious firmware. link] [link] Have a software/firmware update mechanism. Cryptographic keys on the device or pod.

IoT 52

IoT Firmware Mobile Manufacturing 52

Security Affairs

JUNE 23, 2024

US government sanctions twelve Kaspersky Lab executives Experts found a bug in the Linux version of RansomHub ransomware UEFICANHAZBUFFEROVERFLOW flaw in Phoenix SecureCore UEFI firmware potentially impacts hundreds of PC and server models Russia-linked APT Nobelium targets French diplomatic entities US bans sale of Kaspersky products due to risks (..)

Firmware 114

Firmware Data breaches Banking Hacking 114