Authentication, Information Security and IoT

IoT Cybersecurity: 5 Major Vulnerabilities and How to Tackle Them

Security Affairs

OCTOBER 13, 2020

The number of sensors and smart devices connected to the internet is exponentially rising, which are the 5 Major Vulnerabilities for IoT devices. If you take a look at the global market for IoT, you can easily spot the trend. IoT devices are exposed to cybersecurity vulnerabilities. IoT is a complicated concept.

IoT

IoT Cybersecurity Manufacturing Internet

CVE-2021-20090 actively exploited to target millions of IoT devices worldwide

Security Affairs

AUGUST 7, 2021

Threat actors are actively exploiting a critical authentication bypass issue (CVE-2021-20090 ) affecting home routers with Arcadyan firmware. Threat actors actively exploit a critical authentication bypass vulnerability, tracked as CVE-2021-20090 , impacting home routers with Arcadyan firmware to deploy a Mirai bot.

IoT

IoT Firmware Authentication Wireless

Authentication and access management increasingly perceived as core to Zero Trust Security

Thales Cloud Protection & Licensing

SEPTEMBER 13, 2021

Authentication and access management increasingly perceived as core to Zero Trust Security. While many consider that remote access to corporate resources and data as the key disruption, security teams had to face many more challenges. State of Multi-Factor Authentication. Simplicity is always an ally of security.

Authentication

Authentication Cloud Migration IoT Technology

PTZOptics cameras zero-days actively exploited in the wild

Security Affairs

NOVEMBER 2, 2024

The company discovered the zero-day vulnerabilities in IoT live-streaming cameras, used in industrial operations, healthcare, and other sensitive environments. is an inadequate authentication mechanisms that could allow an attacker to access sensitive information like usernames, MD5 password hashes, and configuration data.

Firmware

Firmware Manufacturing IoT Healthcare

Microsoft warns of BadAlloc flaws in OT, IoT devices

Security Affairs

APRIL 30, 2021

Microsoft researchers are warning of major security vulnerabilities affecting OT and IoT devices and high-risks for businesses using them. Researchers from Microsoft’s Section 52 team recently uncovered several critical memory allocation flaws, collectively tracked as BadAlloc , affecting IoT and OT devices.

IoT

IoT VPN Firewall Risk

Bot list with Telnet credentials for more than 500,000 servers and IoT devices leaked online

Security Affairs

JANUARY 19, 2020

The availability online of a new collection of Telnet credentials for more than 500,000 servers, routers, and IoT devices made the headlines. In August 2017, security researchers Ankit Anubhav found a list of more than 1,700 valid Telnet credentials for IoT devices online. admin:admin, root:root, or no authentication required).

IoT

IoT DDOS InfoSec Internet

7 Top Tips for Accelerating your IoT Projects in 2021

CyberSecurity Insiders

MARCH 25, 2021

billion IoT devices active across the world – a figure that is expected to grow to 75 billion by 2025. This tripling will be a phenomenal feat to achieve in the next four years and relies upon IoT projects that are currently planned or under development to mature quickly. 1 Consider using generic IoT service modules.

IoT

IoT Authentication Passwords Data collection

The FBI warns of HiatusRAT scanning campaigns against Chinese-branded web cameras and DVRs

Security Affairs

DECEMBER 17, 2024

In March 2024, threat actors behind this campaign started targeting Internet of Things (IoT) devices in the US, Australia, Canada, New Zealand, and the United Kingdom. reads the report published by Black Lotus Labs. The FBI recommends limiting or isolating vulnerable devices, monitoring networks, and following cybersecurity best practices.

Architecture

Architecture Internet Internet Malware

Gucci IOT Bot Discovered Targeting European Region

Security Affairs

OCTOBER 1, 2019

Security Labs discovered a new IOT bot named “GUCCI”. It seems like the IOT botnet is named after an Italian luxury brand of fashion and leather goods. The IOT threat detection engine picked the infection IP has shown below hosting number of bins for different architectures. Compromising C&C. Inference.

IoT

IoT Advertising Engineering Architecture

XMR crypto miner switches from arm IoT devices to X86/I686 Intel servers

Security Affairs

SEPTEMBER 2, 2019

Akamai researcher Larry Cashdollar reported that a cryptocurrency miner that previously hit only Arm-powered IoT devices it now targeting Intel systems. The researchers revealed that one of his honeypots was hit by this IoT malware that targets Intel machines running Linux. “This one seems to target enterprise systems.”

IoT

IoT Cryptocurrency Malware Advertising

MikroTik botnet relies on DNS misconfiguration to spread malware

Security Affairs

JANUARY 16, 2025

Over the years, multiple security experts have identified several vulnerabilities in MikroTik routers, such as a remote code execution vulnerability detailed by VulnCheck researchers here. The botnet’s SOCKS proxy setup enables access for hundreds of thousands of compromised machines. ” reads the report published by Infoblox.

DNS

DNS Malware Firmware Authentication

Planet WGS-804HPT Industrial Switch flaws could be chained to achieve remote code execution

Security Affairs

JANUARY 19, 2025

The Planet WGS-804HPT industrial switch is used in building and home automation networks to provide connectivity of Internet of things (IoT) devices, IP surveillance cameras, and wireless LAN network applications. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,IOT)

Firmware

Firmware IoT Wireless Surveillance

Hackers Could Cause ‘Fake Earthquakes’ by Exploiting Vulnerable Seismic Equipment, Researchers Warn

Hot for Security

FEBRUARY 16, 2021

Seismic monitoring equipment is vulnerable to common cybersecurity threats like those faced by IoT devices, a new research paper warns. Non-encrypted data, insecure protocols and poor user authentication mechanisms are among the security issues that leave seismological networks open to breaches, the authors note.

IoT

IoT InfoSec Data collection Encryption

New Mirai variant includes exploit for a flaw in Comtrend Routers

Security Affairs

JULY 14, 2020

Researchers spotted a new version of the Mirai IoT botnet that includes an exploit for a vulnerability affecting Comtrend routers. Malware researchers at Trend Micro have discovered a new version of the Mirai Internet of Things (IoT) botnet that includes an exploit for the CVE-2020-10173 vulnerability impacting Comtrend routers.

IoT

IoT Advertising DDOS Authentication

GUEST ESSAY : Advanced tech to defend API hacking is now readily available to SMBs

The Last Watchdog

APRIL 4, 2022

SMBs and enterprises alike have been struggling with APIs as a mechanism for information security. To protect against these attacks, businesses need to implement a wide range of strong API security measures such as authentication, authorization, encryption, and vulnerability scanning.

Hacking

Hacking Penetration Testing Data breaches Authentication

GUEST ESSAY: As cyber risks rise in 2020, as they surely will, don’t overlook physical security

The Last Watchdog

DECEMBER 31, 2019

Physical security is the protection of personnel and IT infrastructure (such as hardware, software, and data) from physical actions and events that could cause severe damage to an organization. Related: Good to know about IoT Physical security is often a second thought when it comes to information security.

Cyber Risk

Cyber Risk Risk Firewall Surveillance

Realtek SDK flaws exploited to deliver Mirai bot variant

Security Affairs

AUGUST 24, 2021

On August 15, firmware security company IoT Inspector published details about the flaws. “On August 16th, three days ago, multiple vulnerabilities in a software SDK distributed as part of Realtek chipsets were disclosed by IoT Inspector Research Lab [1]. ” reported IoT Inspector.

IoT

IoT Firmware Internet Internet

Security Affairs newsletter Round 515 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

MARCH 16, 2025

Attacks on Middle Eastern countries Ballista New IoT Botnet Targeting Thousands of TP-Link Archer Routers Captain MassJacker Sparrow: Uncovering the Malwares Buried Treasure Enhancing Malware Fingerprinting through Analysis of Evasive Techniques Hacking Tarlogic detects a hidden feature in the mass-market ESP32 chip that could infect millions of IoT (..)

Spyware

Spyware Cybercrime Ransomware IoT

Flaws in Medtronic MyCareLink can allow attackers to take over implanted cardiac devices

Security Affairs

DECEMBER 15, 2020

Experts from IoT security firm Sternum discovered vulnerabilities discovered in Medtronic’s MyCareLink Smart 25000 Patient Reader product that could be exploited to take control of a paired cardiac device.

Firmware

Firmware Authentication Mobile IoT

A 3-Tiered Approach to Securing Your Home Network

Daniel Miessler

MAY 8, 2020

Next come your social media accounts, and then any accounts that control IoT systems in your house. Get their passwords changed (see above), and enable two-factor authentication. This is where you take your higher-risk systems, like your IoT devices, your entertainment systems, gaming systems, etc., Change your DNS to 1.1.1.2,

Passwords

Passwords DNS Accountability IoT

Experts found critical flaws in Realtek Wi-Fi Module

Security Affairs

FEBRUARY 6, 2021

Researchers from Israeli IoT security firm Vdoo found six vulnerabilities in the Realtek RTL8195A Wi-Fi module that could have been exploited to gain root access and take control of a device’s wireless communications. If you want to receive the weekly Security Affairs Newsletter for free subscribe here. Pierluigi Paganini.

IoT

IoT Wireless Passwords Authentication

Access:7 flaws impact +150 device models from over 100 manufacturers

Security Affairs

MARCH 8, 2022

Many IoT and medical devices are affected by seven serious flaws, collectively tracked as Access:7, in widely used Axeda platform. “Access:7 could enable hackers to remotely execute malicious code, access sensitive data or alter configuration on medical and IoT devices running PTC’s Axeda remote code and management agent.”reads

Manufacturing

Manufacturing IoT Authentication Financial Services

Top 5 Attack Vectors to Look Out For in 2022

Security Affairs

OCTOBER 21, 2021

An actionable way to defend against remote access threats is to require multi factor authentication (MFA) for these connections. IoT Devices. IoT devices include wearable devices, coffee makers, sensors, and cameras, all of which connect to the Internet. Many organizations don’t have visibility into all of their IoT devices.

IoT

IoT Phishing Passwords Scams

TheMoon bot infected 40,000 devices in January and February

Security Affairs

MARCH 26, 2024

A new variant of TheMoon malware infected thousands of outdated small office and home office (SOHO) routers and IoT devices worldwide. The Black Lotus Labs team at Lumen Technologies uncovered an updated version of “ TheMoon ” bot targeting end-of-life (EoL) small home/small office (SOHO) routers and IoT devices.

IoT

IoT Cybercrime Internet Internet

New Linux botnet RapperBot brute-forces SSH servers

Security Affairs

AUGUST 5, 2022

Researchers from FortiGuard Labs have discovered a new IoT botnet tracked as RapperBot which is active since mid-June 2022. ssh/authorized_keys, anyone with the corresponding private key can authenticate the SSH server without supplying a password. The bulk of the malware code contains an implementation of an SSH 2.0

IoT

IoT Malware Passwords Authentication

ModiPwn flaw in Modicon PLCs bypasses security mechanisms

Security Affairs

JULY 13, 2021

ModiPwn flaw (CVE-2021-22779) in some of Schneider Electric’s Modicon PLCs can allow attackers to bypass authentication mechanisms and take over the device. The vulnerability can allow attackers to bypass authentication mechanisms which can lead to native remote-code-execution on vulnerable PLCs.”

Authentication

Authentication IoT Engineering Encryption

Ivanti fixed a maximum severity flaw in its Endpoint Management software (EPM)

Security Affairs

SEPTEMBER 11, 2024

The software firm released security updates to address a maximum security vulnerability, tracked as CVE-2024-29847, in its Endpoint Management software (EPM). could allow a remote authenticated attacker with admin privileges to execute arbitrary code on the core server. ” reads the advisory published by the company.

Software

Software Authentication IoT Hacking

News alert: Sternum and ChargePoint collaborate to enhance ChargePoint Home Flex Security

The Last Watchdog

JANUARY 22, 2024

23, 2024 — Sternum, the pioneer in embedded IoT security and observability, today announced enhanced security for the ChargePoint Home Flex. Thanks to the analysis and help of Sternum IoT, ChargePoint was able to correct weaknesses in CPH50, reduce the attack surface and thus improve the security of the product.

IoT

IoT InfoSec Firmware Manufacturing

Story of the Year: global IT outages and supply chain attacks

SecureList

DECEMBER 9, 2024

A previous faulty update had already suggested broader problems with CrowdStrike’s security software at the time, though the problem didn’t receive that much publicity. XZ backdoor to bypass SSH authentication What happened? However, delegating tasks also introduces new information security challenges.

Internet

Internet Internet Risk Social Engineering

Flaws in Wyze cam devices allow their complete takeover

Security Affairs

MARCH 31, 2022

Bitdefender researchers discovered three security vulnerabilities in the popular Wyze Cam devices that can be exploited by threat actors to execute arbitrary code and access camera feeds. An unauthenticated access to contents of the SD card. ” Follow me on Twitter: @securityaffairs and Facebook.

IoT

IoT Firmware Marketing Authentication

New RapperBot Campaign targets game servers with DDoS attacks

Security Affairs

NOVEMBER 16, 2022

Researchers from FortiGuard Labs discovered the previously undetected RapperBot IoT botnet in August, and reported that it is active since mid-June 2022. ssh/authorized_keys, anyone with the corresponding private key can authenticate the SSH server without supplying a password. Once stored public keys stored in ~/.ssh/authorized_keys,

DDOS

DDOS IoT Malware Architecture

Telehealth: A New Frontier in Medicine—and Security

SecureList

FEBRUARY 1, 2022

Let’s see if there are any informational security issues with these wearables. Authentication for data transfer using this port is completely optional, and even when authentication is present, there is no encryption; in other words, the authentication data is sent as readable text.

Phishing

Phishing Healthcare IoT Authentication

Flaws in Realtek RTL8170C Wi-Fi module allow hijacking wireless communications

Security Affairs

JUNE 3, 2021

Researchers from Israeli IoT security firm Vdoo found multiple vulnerabilities in the Realtek RTL8170C Wi-Fi module that could allow to elevate privileges and hijack wireless communications. ” reads a reported published by Vdoo.

Wireless

Wireless IoT Encryption Firmware

Decoding Security 127: We Got Conned

SiteLock

AUGUST 27, 2021

Up next, Black Hat, one of the world’s largest information security conferences, took place in early August 2018 in Sin City. The conference held many briefings on politics, legislation, and Machine Learning (ML) and Artificial Intelligence (AI) in cybersecurity, as well as the challenge of endpoint security for many IoT devices.

Small Business

Small Business Artificial Intelligence Firmware IoT

MY TAKE: Identity ‘access’ and ‘governance’ tech converge to meet data protection challenges

The Last Watchdog

FEBRUARY 25, 2019

The IAM vendors took single sign-on to the next level, adding multi-factor authentication and other functionalities. What’s more, malicious hackers progressed to gaining access via manipulating the log-ons related to millions of sensors, servers and third-party software associated with rising corporate use of cloud services and IoT systems.

Government

Government Authentication Technology Data breaches

Experts found 125 new flaws in SOHO routers and NAS devices from multiple vendors

Security Affairs

SEPTEMBER 17, 2019

Internet-connected embedded devices are often placed into a broader category referred to as IoT devices. According to the experts, the level of security for IoT devices is slightly improved since SOHOpelessly Broken 1.0,

Manufacturing

Manufacturing IoT Advertising Authentication

TLStorm flaws allow to remotely manipulate the power of millions of enterprise UPS devices

Security Affairs

MARCH 9, 2022

Researchers from IoT security company Armis have discovered three high-impact security flaws, collectively tracked as TLStorm, affecting APC Smart-UPS devices. SecurityAffairs – hacking, IoT). Three flaws in APC Smart-UPS devices, tracked as TLStorm, could be exploited by remote attackers to hack and destroy them.

Firmware

Firmware IoT Authentication Backups

TP-Link Tapo L530E smart bulb flaws allow hackers to steal user passwords

Security Affairs

AUGUST 23, 2023

The first vulnerability is an improper authentication issue on Tapo L503E, an attacker can exploit the issue to impersonate the device during the session key exchange step. Lack of authentication of the smart bulb with the Tapo app, 8.8 Lack of authentication of the smart bulb with the Tapo app, 8.8 “Vulnerability 1.

Passwords

Passwords Authentication Mobile IoT

Microsoft Patch Tuesday security updates for September 2024 addressed four actively exploited zero-days

Security Affairs

SEPTEMBER 11, 2024

This file could bypass Mark of the Web (MOTW) defenses, potentially compromising security features like SmartScreen Application Reputation and Windows Attachment Services security prompts. CVE-2024-38226 – Microsoft Publisher Security Feature Bypass Vulnerability.

Social Engineering

Social Engineering IoT Engineering Authentication

Black Hat insights: All-powerful developers begin steering to the promise land of automated security

The Last Watchdog

AUGUST 3, 2021

I’m looking at the client, which could be an IoT device, or a mobile app or a single page web app (SPA) or it could be an API. So now I have this IoT hardware that’s talking to a server over an API running on Lambda – boom I’ve got my full stack attack surface: hardware, software, API and cloud all within a single attack.

IoT

IoT Software Engineering Digital transformation

Sky.com servers exposed via misconfiguration

Security Affairs

OCTOBER 9, 2021

The configuration file, first indexed on an IoT search engine on September 7, appears to be the main configuration file of the application hosted on the ‘upliftmedia’ subdomain of Sky.com, and includes plain text access credentials to databases hosted on the Sky.com domain. What’s the impact?

IoT

IoT Media Engineering Education

IoT Secure Development Guide

Pen Test Partners

OCTOBER 9, 2023

Business decisions will need to be made as to whether extra costs are worthwhile in a secure software development life cycle. IoT Design Frameworks 2.2. Transport Layer Security (TLS) 3.2. Secure Boot 3.5. In essence, it is a view of the application and its environment through the lens of security. Frameworks 2.1.

IoT

IoT Firmware Mobile Manufacturing

Mukashi, the new Mirai variant that targets Zyxel NAS

Security Affairs

MARCH 21, 2020

. “ Mukashi brute forces the logins using different combinations of default credentials, while informing its command and control (C2) server of the successful login attempts. are vulnerable to this pre-authentication command injection vulnerability. Multiple, if not all, Zyxel NAS products running firmware versions up to 5.21

DDOS

DDOS Authentication Advertising Firmware

19 petabytes of data exposed across 29,000+ unprotected databases

Security Affairs

MAY 7, 2021

While performing the search, we made sure that the open databases we found required no authentication whatsoever and were open for anyone to access, as opposed to those that had default credentials enabled. We excluded the latter because it would require us to log in to those databases without authorization, which would be unethical.

Passwords

Passwords Authentication Identity Theft Engineering

IoT Cybersecurity: 5 Major Vulnerabilities and How to Tackle Them

CVE-2021-20090 actively exploited to target millions of IoT devices worldwide

Trending Sources

Authentication and access management increasingly perceived as core to Zero Trust Security

PTZOptics cameras zero-days actively exploited in the wild

Microsoft warns of BadAlloc flaws in OT, IoT devices

Bot list with Telnet credentials for more than 500,000 servers and IoT devices leaked online

7 Top Tips for Accelerating your IoT Projects in 2021

The FBI warns of HiatusRAT scanning campaigns against Chinese-branded web cameras and DVRs

Gucci IOT Bot Discovered Targeting European Region

XMR crypto miner switches from arm IoT devices to X86/I686 Intel servers

MikroTik botnet relies on DNS misconfiguration to spread malware

Planet WGS-804HPT Industrial Switch flaws could be chained to achieve remote code execution

Hackers Could Cause ‘Fake Earthquakes’ by Exploiting Vulnerable Seismic Equipment, Researchers Warn

New Mirai variant includes exploit for a flaw in Comtrend Routers

GUEST ESSAY : Advanced tech to defend API hacking is now readily available to SMBs

GUEST ESSAY: As cyber risks rise in 2020, as they surely will, don’t overlook physical security

Realtek SDK flaws exploited to deliver Mirai bot variant

Security Affairs newsletter Round 515 by Pierluigi Paganini – INTERNATIONAL EDITION

Flaws in Medtronic MyCareLink can allow attackers to take over implanted cardiac devices

A 3-Tiered Approach to Securing Your Home Network

Experts found critical flaws in Realtek Wi-Fi Module

Access:7 flaws impact +150 device models from over 100 manufacturers

Top 5 Attack Vectors to Look Out For in 2022

TheMoon bot infected 40,000 devices in January and February

New Linux botnet RapperBot brute-forces SSH servers

ModiPwn flaw in Modicon PLCs bypasses security mechanisms

Ivanti fixed a maximum severity flaw in its Endpoint Management software (EPM)

News alert: Sternum and ChargePoint collaborate to enhance ChargePoint Home Flex Security

Story of the Year: global IT outages and supply chain attacks

Flaws in Wyze cam devices allow their complete takeover

New RapperBot Campaign targets game servers with DDoS attacks

Telehealth: A New Frontier in Medicine—and Security

Flaws in Realtek RTL8170C Wi-Fi module allow hijacking wireless communications

Decoding Security 127: We Got Conned

MY TAKE: Identity ‘access’ and ‘governance’ tech converge to meet data protection challenges

Experts found 125 new flaws in SOHO routers and NAS devices from multiple vendors

TLStorm flaws allow to remotely manipulate the power of millions of enterprise UPS devices

TP-Link Tapo L530E smart bulb flaws allow hackers to steal user passwords

Microsoft Patch Tuesday security updates for September 2024 addressed four actively exploited zero-days

Black Hat insights: All-powerful developers begin steering to the promise land of automated security

Sky.com servers exposed via misconfiguration

IoT Secure Development Guide

Mukashi, the new Mirai variant that targets Zyxel NAS

19 petabytes of data exposed across 29,000+ unprotected databases

Stay Connected