Troy Hunt

MARCH 23, 2019

I'm pretty damn frustrated with those Instamics right now between the flakey firmware upgrade process and the unexpected loss of recording today. Here's this week's which has a bunch of different things in it I found interesting including the usual raft of data breaches and other industry bits and pieces. Gotta fly, enjoy!

Data breaches 159

Data breaches Spyware Firmware Passwords 159

Krebs on Security

JANUARY 11, 2021

The warning from Ubiquiti carries particular significance because the company has made it fairly difficult for customers using the latest Ubiquiti firmware to interact with their devices without first authenticating through the company’s cloud-based systems.

Passwords 363

Passwords Authentication Firmware Accountability 363

The Last Watchdog

MAY 16, 2022

You and your cybersecurity team do everything correctly to safeguard your infrastructure, yet the frightening alert still arrives that you’ve suffered a data breach. These measures, enabled by security at the root and AI, protect users, devices, and network data. Related: Third-party audits can hold valuable intel.

Cyber Attacks 273

Cyber Attacks Firmware Artificial Intelligence Manufacturing 273

Security Boulevard

JANUARY 20, 2025

Specifically, stories and news items where public and/or private organizations have leveraged their capabilities to encroach on user privacy; for example, data brokers using underhanded means to harvest user location data without user knowledge or public organizations using technology without regard for user privacy.

Surveillance 97

Surveillance Malware Data breaches Scams 97

Naked Security

APRIL 11, 2023

Stealing private keys is like getting hold of a medieval monarch's personal signet ring. you get to put an official seal on treasonous material.

Firmware 143

Firmware Data breaches Ransomware Malware 143

Security Affairs

SEPTEMBER 16, 2020

The US National Security Agency (NSA) published guidance on the Unified Extensible Firmware Interface (UEFI) Secure Boot customization. The United States National Security Agency (NSA) has published guidance on how the Unified Extensible Firmware Interface (UEFI) Secure Boot feature that can be customized organizations.

Firmware 138

Firmware Advertising Manufacturing Malware 138

Security Affairs

JUNE 16, 2024

London hospitals canceled over 800 operations in the week after Synnovis ransomware attack DORA Compliance Strategy for Business Leaders City of Cleveland still working to fully restore systems impacted by a cyber attack Two Ukrainians accused of spreading Russian propaganda and hack soldiers’ phones Google fixed an actively exploited zero-day (..)

Data breaches 123

Data breaches Hacking Ransomware Malware 123

Security Boulevard

MARCH 24, 2025

Vulnerabilities and Malware Primarily includes severe and exploited vulnerabilities in devices or software used by end users (ex: a major router firmware flaw). Items presented here are typically curated with the end user and small groups (such as families and small/micro businesses) in mind. They also have appeared to partner with Proton.

Surveillance 75

Surveillance Telecommunications Data breaches Malware 75

Security Affairs

OCTOBER 1, 2023

ALPHV/BlackCat ransomware gang hacked the hotel chain Motel One FBI warns of dual ransomware attacks Progress Software fixed two critical severity flaws in WS_FTP Server Child abuse site taken down, organized child exploitation crime suspected – exclusive A still unpatched zero-day RCE impacts more than 3.5M

Artificial Intelligence 127

Artificial Intelligence Firmware Data breaches Hacking 127

Security Boulevard

JANUARY 4, 2025

Vulnerabilities and Malware Primarily includes severe and exploited vulnerabilities in devices or software used by end users (ex: a major router firmware flaw). They then execute their payloads, which can steal data and/or recruit the device into the botnet. Malware campaigns covered generally target/affect the end user.

Data breaches 52

Data breaches Firmware Healthcare Malware 52

eSecurity Planet

AUGUST 20, 2024

A cataclysmic data breach has cast a long shadow over the privacy of billions of individuals. billion records, including Social Security numbers, have been compromised in a cyberattack targeting National Public Data (NPD), a company specializing in background checks. Who Is Behind the NPD Breach? With an estimated 2.9

Identity Theft 131

Identity Theft Data breaches Passwords Encryption 131

Security Affairs

SEPTEMBER 14, 2024

CISA adds SonicWall SonicOS, ImageMagick and Linux Kernel bugs to its Known Exploited Vulnerabilities catalog Electronic payment gateway Slim CD disclosed a data breach impacting 1.7M

Data breaches 122

Data breaches Computers and Electronics Spyware Cybercrime 122

Security Boulevard

MARCH 17, 2025

Vulnerabilities and Malware Primarily includes severe and exploited vulnerabilities in devices or software used by end users (ex: a major router firmware flaw). Items presented here are typically curated with the end user and small groups (such as families and small/micro businesses) in mind. and 71% of apps leak at least one secret."

Surveillance 59

Surveillance Data breaches Spyware Malware 59

Security Affairs

AUGUST 16, 2024

Threat actors could exploit this flaw to inject malicious code, execute commands with system privileges, and take over devices, potentially leading to serious cybercrimes and data breaches. The app is preinstalled in Pixel firmware and included in Google’s OTA updates for Pixel devices.

Hacking 143

Hacking Firmware Mobile Penetration Testing 143

eSecurity Planet

APRIL 14, 2023

But depending on what code and data the hackers got access to, the worst-case scenario is that cyber criminals could create malicious firmware — and signed certificates to vouch for its authenticity. As one Slashdot commenter put it , “Everyone should assume that firmware on WD drives cannot be trusted at this point.”

Cyber Attacks 128

Cyber Attacks Firmware Marketing Authentication 128

Security Affairs

MARCH 13, 2022

LockBit ransomware group claims to have hacked Bridgestone Americas Attackers use website contact forms to spread BazarLoader malware Russian Internet watchdog Roskomnadzor is going to ban Instagram Ubisoft suffered a cyber security incident that caused a temporary disruption Anonymous hacked Roskomnadzor agency revealing Russian disinformation Open (..)

Data breaches 98

Data breaches Firmware Hacking Ransomware 98

Security Affairs

OCTOBER 9, 2022

BlackByte Ransomware abuses vulnerable driver to bypass security solutions Unpatched remote code execution flaw in Zimbra Collaboration Suite actively exploited VMware fixed a high-severity bug in vCenter Server Fortinet urges customers to immediately fix a critical authentication bypass flaw in FortiGate and FortiProxy Hacker stole $566 million worth (..)

Data breaches 98

Data breaches Firmware Ransomware Hacking 98

Security Boulevard

MARCH 31, 2025

Vulnerabilities and Malware Primarily includes severe and exploited vulnerabilities in devices or software used by end users (ex: a major router firmware flaw). Items presented here are typically curated with the end user and small groups (such as families and small/micro businesses) in mind.

VPN 59

VPN Surveillance Malware Data breaches 59

Krebs on Security

MARCH 30, 2021

It might also be a good idea to just delete any profiles you had on these devices, make sure they’re up to date on the latest firmware, and then re-create those profiles with new [and preferably unique] credentials. Ubiquiti’s stock price has grown remarkably since the company’s breach disclosure Jan.

Accountability 280

Accountability IoT Passwords Firmware 280

Security Boulevard

FEBRUARY 17, 2025

The more accounts you have, the bigger your attack surface and potential exposure to data breaches. Vulnerabilities and Malware Primarily includes severe and exploited vulnerabilities in devices or software used by end users (ex: a major router firmware flaw). Tips for finding old accounts.

Surveillance 52

Surveillance Data breaches VPN Malware 52

Security Affairs

FEBRUARY 21, 2021

If you want to receive the weekly Security Affairs Newsletter for free subscribe here.

Data breaches 101

Data breaches DNS Firmware Antivirus 101

Security Boulevard

MARCH 3, 2025

Vulnerabilities and Malware Primarily includes severe and exploited vulnerabilities in devices or software used by end users (ex: a major router firmware flaw). For this reason, users are encouraged to stay on top of security updates for their software/firmware. Malware campaigns covered generally target/affect the end user.

Surveillance 52

Surveillance Data breaches Firmware Encryption 52

Security Affairs

JANUARY 2, 2022

Y2k22 bug in Microsoft Exchange causes failure in email delivery Security Affairs most-read cyber stories of 2021 PulseTV discloses potential credit card breach The Have I Been Pwned service now includes 441K accounts stolen by RedLine malware Multiple flaws in Netgear Nighthawk R6700v3 router are still unpatched How to implant a malware in hidden (..)

Banking 116

Banking Firmware Malware Ransomware 116

CyberSecurity Insiders

APRIL 12, 2023

With threat actors refining their strategies and incorporating DDoS attacks into multi-vector incidents, organizations must contend with not only outages caused by overwhelmed servers but also data breaches, ransomware, and other associated threats.

DDOS 129

DDOS Telecommunications Data breaches DNS 129

Security Affairs

MAY 14, 2023

Nominate Pierluigi Paganini and Security Affairs here here: [link] Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. ransom Dragon Breath APT uses double-dip DLL sideloading strategy International Press Cybercrime San Bernardino County pays $1.1-million

Data breaches 98

Data breaches DDOS Ransomware Artificial Intelligence 98

Security Affairs

JUNE 25, 2020

A few days ago the group released a press release in which they warned the companies to not try to recover their files from their backup, it also announced the forthcoming LG Electronics data leak. At the time of publishing this article, the Maze ransomware operators have released three screenshots as proof of the data breach.

Computers and Electronics 128

Computers and Electronics Ransomware Mobile Telecommunications 128

eSecurity Planet

NOVEMBER 18, 2022

firmware (hard drives, drivers, etc.), While a large number of PCs can be affected in any number of ways, physical access risks detection and the initial damage might be a data breach for quick financial gain. However, some patches, particularly for infrastructure, firmware, or less common software may not be automatable.

Firmware 145

Firmware Firewall Passwords Risk 145

Security Affairs

AUGUST 4, 2020

A few days ago the group released a press release in which they warned the companies to not try to recover their files from their backup, it also announced the forthcoming LG Electronics data leak. ” read a Maze’s statement reported by ZDNet.

Ransomware 143

Ransomware Encryption Advertising Hacking 143

SecureWorld News

NOVEMBER 2, 2023

The exploitation involves injecting malicious code into a login page, stealing user credentials, and potentially leading to unauthorized access, data breaches, or even ransomware attacks. This could lead to unauthorized access, data breaches, ransomware attacks, or other malicious activities.

Authentication 107

Authentication Data breaches Passwords Firmware 107

CSO Magazine

MARCH 4, 2022

Nvidia confirmed it was the target of an intrusion and that the hackers took "employee passwords and some Nvidia proprietary information," but did not confirm the size of the data breach. What happened with the Nvidia data breach?

Malware 66

Malware Data breaches Firmware Passwords 66

eSecurity Planet

FEBRUARY 26, 2021

Prevent data breaches. The combination of machine learning, advanced behavior analytics, big data and human expertise from the ESET R&D centers located around the world ensure that the solution is prepared to take on the newest and most advanced threats. The multiple layers are able to: Protect against ransomware.

Antivirus 85

Antivirus Firmware Encryption Spyware 85

Security Affairs

MAY 21, 2023

Please vote for Security Affairs ( [link] ) as the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS Vote for me in the sections where is reported Securityaffairs or my name Pierluigi Paganini Please nominate Security Affairs as your favorite blog.

Data breaches 98

Data breaches Cybercrime Ransomware Passwords 98

Security Affairs

MARCH 22, 2022

HP already addressed the flaw with the release of firmware security updates for the majority of the affected devices. HP has addressed all the above issues with the release of printer firmware for some of the impacted models. ” concludes the advisory. Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini.

Firmware 98

Firmware Hacking Data breaches Information Security 98

Security Affairs

DECEMBER 21, 2020

The researchers also discovered the update process for the firmware and packages doesn’t rely on digital signature of the code. “Dell advises creating an FTP server using Microsoft IIS (no specific guidance), then giving access to firmware, packages, and INI files accessible through the FTP server.

Hacking 111

Hacking Firmware DNS Healthcare 111

Security Affairs

JUNE 14, 2020

Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Firmware 106

Firmware Advertising Ransomware Hacking 106

The Last Watchdog

SEPTEMBER 4, 2018

Spirent refers to this as “data breach emulation,’’ something David DeSanto, Spirent’s threat research director, told me is designed to give companyies a great advantage; it makes it possible to see precisely how the latest ransomware or crypto mining malware would impact a specific network, with all of its quirky complexity.

Penetration Testing 133

Penetration Testing Firewall Data breaches Malware 133

SecureWorld News

FEBRUARY 7, 2024

Patch management in a modern cyber defense ecosystem Patch management is a vital process that allows IT and operations specialists to identify, prioritize, test, and deploy relevant patches and updates for software, firmware, drivers, and APIs across an organization's entire infrastructure. Breaches cost organizations nearly $4.45

Firmware 106

Firmware Risk Penetration Testing Digital transformation 106