Security Affairs

JANUARY 21, 2022

At the end of 2021, researchers discovered a UEFI firmware-level compromise by analyzing logs from its Firmware Scanner. Threat actors compromised a single component within the firmware image to intercept the original execution flow of the machine’s boot sequence and inject the sophisticated implant. Pierluigi Paganini.

Firmware 145

Firmware Malware Spyware Surveillance 145

Security Boulevard

MARCH 24, 2025

Surveillance Tech in the News This section covers surveillance technology and methods in the news. Vulnerabilities and Malware Primarily includes severe and exploited vulnerabilities in devices or software used by end users (ex: a major router firmware flaw). They also have appeared to partner with Proton.

Surveillance 75

Surveillance Telecommunications Malware Data breaches 75

Security Boulevard

MARCH 3, 2025

Surveillance Tech in the News This section covers surveillance technology and methods in the news. The surveillance tech waiting for workers as they return to the office ArsTechnica RTO continues to pick up steam. In pursuit of "more productivity," some employers are leaning heavily into surveillance tech.

Surveillance 52

Surveillance Data breaches Firmware Encryption 52

Security Boulevard

MARCH 31, 2025

Surveillance Tech in the News This section covers surveillance technology and methods in the news. Vulnerabilities and Malware Primarily includes severe and exploited vulnerabilities in devices or software used by end users (ex: a major router firmware flaw). Malware campaigns covered generally target/affect the end user.

VPN 59

VPN Surveillance Malware Data breaches 59

Security Boulevard

APRIL 17, 2025

Final Thoughts In cybersecurity, visibility is vulnerability. One that did not contend with persistent threats, state-sponsored campaigns, and AI-powered surveillance. In contrast, an invisible, disaggregated, constantly shifting stealth network like Dispersives would offer no such target.

Firewall 64

Firewall VPN Encryption Architecture 64

CyberSecurity Insiders

JUNE 29, 2021

Security researchers say that the flaw is related to software component used in cloud surveillance platform ThroughTek that is used by OEMs while manufacturing IP Cameras, baby monitoring cams and pet monitoring solutions along with robotic and battery devices. score to the newly discovered P2P SDK vulnerability.

Firmware 85

Firmware IoT Surveillance Manufacturing 85

Security Affairs

JUNE 12, 2022

access control, video surveillance and mobile credentialing) owned by HVAC giant Carrier. Below is the list of flaws discovered by the researchers: CVE Detail Summary Mercury Firmware Version CVSS Score CVE-2022-31479 Unauthenticated command injection <=1.291 Base 9.0, The vulnerabilities were disclosed during the Hardwear.io

Firmware 109

Firmware Penetration Testing Manufacturing Authentication 109

Security Boulevard

MARCH 17, 2025

Surveillance Tech in the News This section covers surveillance technology and methods in the news. Vulnerabilities and Malware Primarily includes severe and exploited vulnerabilities in devices or software used by end users (ex: a major router firmware flaw). Malware campaigns covered generally target/affect the end user.

Surveillance 59

Surveillance Data breaches Spyware Malware 59

Security Boulevard

FEBRUARY 17, 2025

Surveillance Tech in the News This section covers surveillance technology and methods in the news. Vulnerabilities and Malware Primarily includes severe and exploited vulnerabilities in devices or software used by end users (ex: a major router firmware flaw). Tips for finding old accounts.

Surveillance 52

Surveillance Data breaches VPN Malware 52

Security Affairs

JUNE 7, 2023

June 2023 security update for Android released by Google fixes about fifty flaws, including an Arm Mali GPU bug exploited by surveillance firms in their spyware. The flaw made headlines because it was exploited by surveillance firms for their spyware. This vulnerability grants the attacker system access. In early April, U.S.

Spyware 98

Spyware Surveillance Firmware Hacking 98

Security Affairs

MARCH 21, 2021

Hackers also posted images captured from the hacked surveillance video on Twitter with an #OperationPanopticon hashtag, published images show that they have gained root shell access to the surveillance cameras used by Telsa and Cloudflare.

Identity Theft 106

Identity Theft Computers and Electronics Surveillance Hacking 106

SecureWorld News

SEPTEMBER 30, 2021

Cybersecurity and Infrastructure Security Agency (CISA) recently warned administrators about a vulnerability that would allow threat actors to take control of devices produced by Hikvision, a Chinese state-owned video surveillance company. A remote attacker could exploit this vulnerability to take control of an affected device.

Firmware 96

Firmware Surveillance Government Technology 96

Hacker Combat

JUNE 3, 2021

Industrial switches are made using universal firmware developed by Korenix Technology, a leading provider for industrial networking solutions based in Taiwan. Korenix has developed another firmware that the organization incorporates in its JetNet industrial switches. Malicious firmware and bootloader uploads are possible too.

Firmware 85

Firmware Energy and Utilities Cyber Attacks Surveillance 85

SecureList

NOVEMBER 14, 2022

No matter where they are, people around the world should be prepared for cybersecurity incidents. From a different angle, reporting from The Intercept revealed mobile surveillance capabilities available to Iran for the purposes of domestic investigations that leverage direct access to (and cooperation of) local telecommunication companies.

Firmware 128

Firmware Surveillance Mobile Telecommunications 128

Security Affairs

APRIL 13, 2022

An attacker can hijack the robots to crash them into people and objects, use them to harass patients and staff, for surveillance purposes, to interfere with the delivery of critical patient medication, access patient medical records in violation of HIPAA, and more.

Mobile 111

Mobile Hacking Firmware Surveillance 111

Security Affairs

MAY 20, 2022

At the end of January, QNAP forced the firmware update for its Network Attached Storage (NAS) devices to protect its customers against the DeadBolt ransomware. QNAP QVR is a video surveillance solution of the Taiwanese vendor which is hosted on its NAS devices and doesn’t require any extra software.

Ransomware 111

Ransomware Internet Internet Firmware 111

eSecurity Planet

SEPTEMBER 9, 2024

Let’s dive into what ICS cybersecurity entails, why it’s vital, and the best practices to secure your systems against increasingly prevalent cyberthreats. What is the Importance of Cybersecurity in an Industrial Control System (ICS)? What is the Importance of Cybersecurity in an Industrial Control System (ICS)?

Firmware 109

Firmware Encryption Manufacturing Risk 109

SecureWorld News

AUGUST 8, 2022

Cybersecurity and Infrastructure Security Agency (CISA) and the Australian Cyber Security Centre (ACSC) released a joint Cybersecurity Advisory (CSA) providing details on the top malware strains of 2021. CISA and ACSC recommend that all organizations take the time to review and improve their cybersecurity posture.

Malware 98

Malware Banking Penetration Testing Healthcare 98

Security Affairs

MAY 14, 2023

Please vote for Security Affairs ( [link] ) as the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS Vote for me in the sections where is reported Securityaffairs or my name Pierluigi Paganini Please nominate Security Affairs as your favorite blog. We are in the final !

Data breaches 98

Data breaches DDOS Ransomware Artificial Intelligence 98

Security Boulevard

MAY 1, 2022

Elon Musk buys Twitter for $44 billion so what does this mean for the privacy and cybersecurity of the platform? More than 100 different Lenovo laptop computers contain firmware-level vulnerabilities which is a great reminder about making sure you update the BIOS on your computer.

Firmware 52

Firmware Cybersecurity Surveillance InfoSec 52

eSecurity Planet

MARCH 4, 2024

The fix: To eliminate malware infections, perform a factory reset, upgrade to the latest firmware, change all default usernames and passwords, and adjust firewall rules to block exposure to unwanted remote management services. and a medium (CVSS 4.3) level vulnerability.

IoT 117

IoT Internet Internet Ransomware 117

Pen Test

OCTOBER 12, 2023

About the Author: Larbi OUIYZME Cybersecurity Consultant and Licensed Ham Radio Operator since 1988 with prefix CN8FF, deeply passionate about RF measurement, antennas, satellites, Software-defined radio, Digital Mobile Radio and RF Pentesting. Criminals may use hijacked drones for illegal surveillance, smuggling, or even as weapons.

Encryption 52

Encryption Firmware Surveillance Technology 52

SecureList

SEPTEMBER 21, 2023

Paul has discovered critical vulnerabilities in the firmware and protocols of certain webcam models, and one of the vendors he contacted never even got back to him to discuss remediation. Security researcher Paul Marrapese who has studied the consumer webcam segment says security holes are not uncommon.

IoT 137

IoT DDOS Passwords Malware 137

eSecurity Planet

JULY 8, 2024

To protect your network devices from potential risks, apply patches on a regular basis and keep their firmware up to date. July 3, 2024 Threat Actors Exploit MSHTML Flaw to Deploy MerkSpy Surveillance Tool Type of vulnerability: Remote code execution. Update your routers to the most recent versions ( 5.6.15, 6.1.9-lts,

Risk 62

Risk Authentication Firmware Surveillance 62

Security Boulevard

FEBRUARY 10, 2025

Surveillance Tech in the News This section covers surveillance technology and methods in the news. The biggest breach of US government data is under way TechCrunch This is included for the privacy and cybersecurity ramifications of departing from basic information security principles.

Spyware 52

Spyware Surveillance Government Data breaches 52

Security Boulevard

JANUARY 27, 2025

Surveillance Tech in the News This section covers surveillance technology and methods in the news. Vulnerabilities and Malware Primarily includes severe and exploited vulnerabilities in devices or software used by end users (ex: a major router firmware flaw). Malware campaigns covered generally target/affect the end user.

Surveillance 52

Surveillance Data breaches Malware Backups 52

SecureList

NOVEMBER 14, 2023

The US Cybersecurity and Infrastructure Security Agency (CISA) provided additional IoCs associated with exploitation of CVE-2023-2868. A creative avenue for threat actors is to expand their surveillance efforts to include devices such as smart home cameras, connected car systems and beyond. Verdict: prediction fulfilled ✅ 3.

Hacking 141

Hacking Energy and Utilities Media Malware 141

SecureWorld News

JANUARY 9, 2025

military fiscal year 2025 dedicates approximately $30 billion to cybersecurity , marking it as a crucial focus in the broader $895.2 Richard Staynings , Chief Security Strategist for IoT security company Cylera and teaching professor for cybersecurity at the University of Denver, provides comments throughout. billion military budget.

Cybersecurity 109

Cybersecurity Manufacturing Surveillance Ransomware 109

SecureList

OCTOBER 26, 2021

On June 3, Check Point published a report about an ongoing surveillance operation targeting a Southeast Asian government, and attributed the malicious activities to a Chinese-speaking threat actor named SharpPanda. In this quarter we focused on researching and dismantling surveillance frameworks following malicious activities we detected.

Malware 145

Malware Government Surveillance Spyware 145

eSecurity Planet

OCTOBER 21, 2022

Since 2008, antivirus and cybersecurity software testers AV-TEST have kept track of the number of newly-developed malware worldwide, totaling at nearly 1 billion as of September 2022. Firmware rootkits are also known as “hardware rootkits.”. Today, malware is a common threat to the devices and data of anyone who uses the Internet.

Malware 75

Malware Adware Spyware Antivirus 75

Security Affairs

DECEMBER 22, 2024

million individuals The FBI warns of HiatusRAT scanning campaigns against Chinese-branded web cameras and DVRs Russia FSB relies on Ukrainian minors for criminal activities disguised as “quest games” U.S.

Data breaches 60

Data breaches Cybercrime Spyware Firmware 60

CyberSecurity Insiders

SEPTEMBER 24, 2021

China-based video surveillance related product offering company Hikvision has issued a security advisory saying that all those using their security cameras and NVRs must know a critical vulnerability on its devices that could allow hackers to take control of the cameras and use them as bots to launch DDoS or other related attacks.

Surveillance 96

Surveillance Firmware DDOS IoT 96