Download, Firmware and Internet - Cyber Security Informer

IoT Unravelled Part 2: IP Addresses, Network, Zigbee, Custom Firmware and Soldering

Troy Hunt

NOVEMBER 23, 2020

Let's drill into all that and then go deeper into custom firmware and soldering too. I can easily block a device from talking to the internet, throttle its connection, see which online services it's communicating with and access a whole host of other information about it. Why is this so hard?!

Firmware

Firmware IoT Wireless Manufacturing

PTZOptics cameras zero-days actively exploited in the wild

Security Affairs

NOVEMBER 2, 2024

Affected devices use VHD PTZ camera firmware < 6.3.40 GreyNoise also observed an instance of an attack using wget to download a shell script for reverse shell access. “Organizations using VHD PTZ camera firmware < 6.3.40 “Organizations using VHD PTZ camera firmware < 6.3.40

Firmware

Firmware Manufacturing IoT Healthcare

MoonBounce: the dark side of UEFI firmware

SecureList

JANUARY 20, 2022

At the end of 2021, we were made aware of a UEFI firmware-level compromise through logs from our Firmware Scanner , which has been integrated into Kaspersky products since the beginning of 2019. This one is made up of implants found in the UEFI firmware within the SPI flash, a non-volatile storage external to the hard drive.

Firmware

Firmware Malware Encryption Passwords

CosmicStrand: the discovery of a sophisticated UEFI firmware rootkit

SecureList

JULY 25, 2022

One of the main draws towards malware nested in such low levels of the operating system is that it is extremely difficult to detect and, in the case of firmware rootkits, will ensure a computer remains in an infected state even if the operating system is reinstalled or the user replaces the machine’s hard drive entirely.

Firmware

Firmware DNS Malware Technology

Dynamic analysis of firmware components in IoT devices

SecureList

JULY 6, 2022

As a rule, this means that the source code of the device’s firmware is unavailable and all the researcher can use is the user manual and a few threads on some user forum discussing the device’s operation. The vulnerability assessment of IoT/IIoT devices is based on analyzing their firmware.

Firmware

Firmware IoT Architecture Manufacturing

A new Mirai botnet variant targets DigiEver DS-2105 Pro DVRs

Security Affairs

DECEMBER 26, 2024

. “Using a Mirai malware variant that incorporates ChaCha20 and XOR decryption algorithms, it has been seen compromising vulnerable Internet of Things (IoT) devices in the wild, such as the DigiEver DVR, and TP-Link devices through CVE-2023-1389.” dyn” for C2 communication. in newer ones. ” concludes the report.

Manufacturing

Manufacturing Malware Firmware IoT

The Internet of Things Is Everywhere. Are You Secure?

Security Boulevard

MARCH 18, 2021

From smart homes that enable you to control your thermostat from a distance to sensors on oil rigs that help predict maintenance to autonomous vehicles to GPS sensors implanted in the horns of endangered black rhinos , the internet of things is all around you. A Safer Internet of Things. The post The Internet of Things Is Everywhere.

Internet

Internet Internet IoT Software

China-linked APT Mustang Panda targets TP-Link routers with a custom firmware implant

Security Affairs

MAY 16, 2023

China-linked APT group Mustang Panda employed a custom firmware implant targeting TP-Link routers in targeted attacks since January 2023. In most recent attacks observed by Check Point, the threat actors employed custom firmware implant designed explicitly for TP-Link routers. ” reads the report published by Check point.

Firmware

Firmware Encryption Government Malware

Internet safety tips for kids and teens: A comprehensive guide for the modern parent

Malwarebytes

SEPTEMBER 21, 2021

Today’s generation of kids and teens consider their devices and the Internet as extensions of their lives. So without further ado, let’s dive into what we should be teaching our kids about Internet safety and what we can do to enforce these teachings. 7 Internet safety tips. Update your child’s device’s firmware.

Internet

Internet Internet Passwords Password Management

P2P Weakness Exposes Millions of IoT Devices

Krebs on Security

APRIL 26, 2019

iLnkP2p is bundled with millions of Internet of Things (IoT) devices, including security cameras and Webcams, baby monitors, smart doorbells, and digital video recorders. Furthermore, even if software patches were issued, the likelihood of most users updating their device firmware is low.

IoT

IoT Firewall Manufacturing Computers and Electronics

Researchers warn of QNAP NAS attacks in the wild

Security Affairs

AUGUST 31, 2020

Hackers target QNAP NAS devices running multiple firmware versions vulnerable to a remote code execution (RCE) flaw addressed by the vendor 3 years ago. QNAP addressed the vulnerability with the release of firmware version 4.3.3 The researchers discovered that the issue resides in the CGI program. /httpd/cgi-bin/authLogout.cgi.

Firmware

Firmware Advertising Malware Internet

D-Link issues beta hotfix for multiple flaws in DIR-3040 routers

Security Affairs

JULY 17, 2021

Network equipment vendor D-Link has released a firmware hotfix to fix multiple vulnerabilities in the DIR-3040 AC3000-based wireless internet router. Network equipment vendor D-Link has released a firmware hotfix to address multiple vulnerabilities affecting the DIR-3040 AC3000-based wireless internet router.

Firmware

Firmware Wireless Passwords Internet

MoonBounce UEFI implant spotted in a targeted APT41 attack

Security Affairs

JANUARY 21, 2022

At the end of 2021, researchers discovered a UEFI firmware-level compromise by analyzing logs from its Firmware Scanner. Threat actors compromised a single component within the firmware image to intercept the original execution flow of the machine’s boot sequence and inject the sophisticated implant. Pierluigi Paganini.

Firmware

Firmware Malware Spyware Surveillance

Moobot botnet spreads by exploiting CVE-2021-36260 flaw in Hikvision products

Security Affairs

DECEMBER 8, 2021

The vulnerability is an unauthenticated Remote Code Execution (RCE) vulnerability in Hikvision IP camera/NVR firmware, it was discovered by a security researcher that goes online with the moniker “Watchful IP.”. The expert pointed out that every firmware developed since 2016 has been tested and found to be vulnerable.

Firmware

Firmware DDOS Malware IoT

Experts found 15 flaws in Netgear JGS516PE switch, including a critical RCE

Security Affairs

MARCH 14, 2021

Netgear has released security and firmware updates for its JGS516PE Ethernet switch to address 15 vulnerabilities, including a critica remote code execution issue. “The switch internal management web application in firmware versions prior to 2.6.0.43 02 Dec 2020 – Netgear released the new firmware v2.6.0.48

Firmware

Firmware Authentication Hacking Software

Patch now! Insecure Hikvision security cameras can be taken over remotely

Malwarebytes

SEPTEMBER 22, 2021

In a detailed post on Github , security researcher Watchful_IP describes how he found that the majority of the recent camera product ranges of Hikvision cameras are susceptible to a critical, unauthenticated, remote code execution (RCE) vulnerability, even with the latest firmware. Hangzhou Hikvision Digital Technology Co.,

Firmware

Firmware Surveillance Marketing VPN

Zyxel patches two critical vulnerabilities

Malwarebytes

MAY 26, 2023

Affected users should patch as a matter of urgency, and we urge you not to expose the management interfaces of network edge devices to the Internet, in order to reduce their attack surface. Patch 1, USG FLEX series firmware versions 4.50 Patch 1, USG FLEX 50(W) firmware versions 4.25 Patch 1, USG20(W)-VPN firmware versions 4.25

Firmware

Firmware VPN Firewall Accountability

NETGEAR fixes a severe bug in its routers. Patch it asap!

Security Affairs

DECEMBER 30, 2022

The vendor only said that the flaw is a pre-authentication buffer overflow vulnerability and urged customers to address the firmware of their devices as soon as possible. “NETGEAR strongly recommends that you download the latest firmware as soon as possible.” RAX35 fixed in firmware version 1.0.2.60.

Firmware

Firmware Wireless Authentication Hacking

Vo1d malware infected 1.3 Million Android-based TV Boxes in 197 countries

Security Affairs

SEPTEMBER 13, 2024

The malicious code acts as a backdoor and allows attackers to download and install third-party software secretly. Users may also mistakenly believe TV boxes are more secure than smartphones and are less likely to install antivirus software, increasing their risk when downloading third-party apps or unofficial firmware.

Malware

Malware Firmware Antivirus Manufacturing

Expert discloses details and PoC code for Netgear Seventh Inferno bug

Security Affairs

SEPTEMBER 18, 2021

NETGEAR urge its customers using the following products to download the latest firmware: GC108P fixed in firmware version 1.0.8.2 GC108PP fixed in firmware version 1.0.8.2 GS108Tv3 fixed in firmware version 7.0.7.2 GS110TPP fixed in firmware version 7.0.7.2 GS110TPv3 fixed in firmware version 7.0.7.2

Firmware

Firmware Engineering Passwords Hacking

10 Behaviors That Will Reduce Your Risk Online

Daniel Miessler

MAY 14, 2020

In that piece I wanted to link to some safe internet practices—which some used to call Safe Hex—but I couldn’t find anything newer than nine years old. Keep your firmware and software updated. Don’t install things like plugins, toolbars, extensions, or download managers when prompted online.

Risk

Risk Password Management Passwords Accountability

NI CompactRIO controller flaw could allow disrupting production

Security Affairs

DECEMBER 12, 2020

The National Instruments CompactRIO product , a rugged, real-time controller that provides high-performance processing capabilities, sensor-specific conditioned I/O, and a closely integrated software toolchain that makes them ideal for Industrial Internet of Things (IIoT), monitoring, and control applications.

Firmware

Firmware Manufacturing Software Authentication

Over 80,000 Hikvision cameras can be easily hacked

Security Affairs

AUGUST 23, 2022

The vulnerability is an unauthenticated Remote Code Execution (RCE) vulnerability in Hikvision IP camera/NVR firmware, it was discovered by a security researcher that goes online with the moniker “Watchful IP.”. The expert confirmed that every firmware developed since 2016 has been tested and found to be vulnerable.

Hacking

Hacking Firmware Internet Internet

UnityMiner targets unpatched QNAP NAS in cryptocurrency mining campaign

Security Affairs

MARCH 8, 2021

The flaws affect QNAP NAS firmware versions prior to August 2020. downloads, set up and execute cryptocurrency miner and hijack the manaRequest.cgi program of the NAS. All NAS devices with QNAP firmware released before August 2020 are currently vulnerable to these attacks. ” reads the analysis published by 360 Netlab.

Cryptocurrency

Cryptocurrency Firmware Malware Threat Detection

Update now! NetGear routers’ default configuration allows remote attacks

Malwarebytes

DECEMBER 8, 2022

NetGear has made a hotfix available for its Nighthawk routers after researchers found a network misconfiguration in the firmware allowed unrestricted communication with the internet facing ports of the device listening through IPv6. It needs to be downloaded manually and applied following the instructions. No auto-update.

Firmware

Firmware Small Business Internet Internet

It's 2021: Have you checked your backups?

Adam Shostack

JANUARY 2, 2025

Some lessons learned over the last few days: Apple has disabled single user mode as of Mojave, and many recovery options are not available if you use a firmware password. According to the Internet, Time Machine and Synology NAS servers don't play well together. Do not forget that availability is a security property.

Backups

Backups Firmware Passwords Internet

SonicWall warns that SonicOS bug exploited in attacks

Security Affairs

SEPTEMBER 6, 2024

The latest patch builds are available for download on mysonicwall.com “ “This vulnerability is potentially being exploited in the wild. The latest patch builds are available for download on mysonicwall.com ,” warns the updated SonicWall advisory. However SonicWall recommends youinstall the latest firmware.

Firewall

Firewall Passwords Internet Internet

Experts found backdoors in a popular Auerswald VoIP appliance

Security Affairs

DECEMBER 27, 2021

Researchers found multiple backdoors in popular VoIP (voice over Internet protocol) appliance made by the German manufacturer Auerswald. Researchers from RedTeam Pentesting discovered multiple backdoors in a popular VoIP (voice over Internet protocol) appliance made by the German manufacturer Auerswald. “Firmware Update 8.2B

Firmware

Firmware Manufacturing Passwords Penetration Testing

QNAP fixed Sudo privilege escalation bug in NAS devices

Security Affairs

MARCH 29, 2023

Go to Control Panel > System > Firmware Update. The system downloads and installs the latest available update. Tip: You can also download the update from the QNAP website. Go to Support > Download Center and then perform a manual update for your specific device. Select the Firmware Update tab.

Firmware

Firmware Hacking Internet Internet

QNAP addresses a critical flaw impacting its NAS devices

Security Affairs

JANUARY 30, 2023

Taiwanese vendor QNAP is warning customers to install QTS and QuTS firmware updates to address a critical flaw impacting its NAS devices. QNAP released QTS and QuTS firmware updates to address a critical vulnerability, tracked as CVE-2022-27596 (CVSS v3 score: 9.8), that affects QNAP NAS devices.

Firmware

Firmware Hacking Internet Internet

Router security in 2021

SecureList

JUNE 8, 2022

A router is a gateway from the internet to a home or office — despite being conceived quite the opposite. Number of router vulnerabilities according to cve.mitre.org, 2010–2022 ( download ). Number of router vulnerabilities according to nvd.nist.gov, 2010–2022 ( download ).

DDOS

DDOS Passwords IoT Firmware

CVE-2021-40847 flaw in Netgear SOHO routers could allow remote code execution

Security Affairs

SEPTEMBER 22, 2021

The flaw, tracked as CVE-2021-40847, resides in the source of a third-party component included in the firmware of many Netgear devices. Experts noticed that database updates from Netgear are unsigned and downloaded via Hypertext Transfer Protocol (HTTP), allowing the attacker to carry out a MitM attack on the device.

DNS

DNS Firmware VPN Risk

Cyclops Blink malware: US and UK authorities issue alert

Malwarebytes

FEBRUARY 24, 2022

But the NCSC warns that it is likely that Sandworm is capable of compiling the same or very similar malware for other architectures and firmware. Internet access to the management interface of any device is a security risk. Mitigation and detection. All WatchGuard appliances should be updated to the latest version of Fireware OS.

Malware

Malware Firewall Firmware DDOS

Thousands of Hikvision video cameras remain unpatched and vulnerable to takeover

Malwarebytes

AUGUST 23, 2022

The flaw is tracked as CVE-2021-36260 and was addressed by Hikvision via a firmware update in September 2021. Of an analyzed sample of 285,000 internet-facing Hikvision web servers, CYFIRMA found roughly 80,000 of them were still vulnerable to exploitation. The critical bug received a 9.8

Firmware

Firmware Internet Internet VPN

10,000+ unpatched ABUS Secvest home alarms can be deactivated remotely

Security Affairs

APRIL 25, 2021

Unfortunately, experts noticed that more than 90% of the installs are still using flawed firmware versions and have yet to install the security updates (V3.01.21) provided by the vendor. The Secvest FUAA50000 controller costs about EUR400, it is used to control motion sensors, sirens door/window sensors.

Firmware

Firmware Passwords Authentication Wireless

Multiple DDoS botnets were observed targeting Zyxel devices

Security Affairs

JULY 22, 2023

The cause of the vulnerability is the improper error message handling in Zyxel ZyWALL/USG series firmware versions 4.60 through 4.73, VPN series firmware versions 4.60 through 5.35, USG FLEX series firmware versions 4.60 through 5.35, and ATP series firmware versions 4.60 through 5.35. reads the alert published by Rapid7.

DDOS

DDOS Firmware VPN Firewall

A bowl full of security problems: Examining the vulnerabilities of smart pet feeders

SecureList

JUNE 20, 2023

Introduction In today’s interconnected world, more and more devices are being connected to the internet, including everyday household items like pet feeders that are becoming smart by virtue of this simple fact. We later managed to extract the firmware from the EEPROM for further static reverse engineering.

Firmware

Firmware Passwords Manufacturing Mobile

Update now! Netgear vulnerability patched

Malwarebytes

NOVEMBER 18, 2021

Universal Plug and Play (UPnP) is a set of networking protocols that permits networked devices, such as personal computers, printers, Internet gateways, Wi-Fi access points, and mobile devices to seamlessly discover each other’s presence on the network and establish functional network services. Click Downloads.

Firmware

Firmware Internet Internet Mobile

A flaw in Rockwell Controller allows attackers to redirect users to malicious Sites

Security Affairs

APRIL 25, 2019

. “An open redirect vulnerability could allow a remote unauthenticated attacker to input a malicious link to redirect users to a malicious site that could run or download arbitrary malware on the user’s machine.” This malicious website could potentially run or download arbitrary malware on the user’s machine.

Firmware

Firmware Social Engineering Advertising Malware

New Checkmate ransomware target QNAP NAS devices

Security Affairs

JULY 8, 2022

Preliminary investigation indicates that Checkmate attacks via SMB services exposed to the internet, and employs a dictionary attack to break accounts with weak passwords.” For this: 1) Download and install Telegram Messenger [link]. Go to Control Panel > System > Firmware Update. 2) Find us [link].

Ransomware

Ransomware Encryption Passwords Internet

Experts share details of five flaws that can be chained to hack Netgear RAX30 Routers

Security Affairs

MAY 11, 2023

“Successful exploits could allow attackers to monitor users’ internet activity, highjack internet connections and redirect traffic to malicious websites or inject malware into network traffic. “NETGEAR strongly recommends that you download the latest firmware as soon as possible.”

Hacking

Hacking Firmware Authentication DNS

Sony Bravia Smart TVs affected by a critical vulnerability

Security Affairs

OCTOBER 6, 2018

. “If your television is set to automatically receive updates when connected to the internet, it should have already been updated. “To verify that your television has been updated, please visit the Downloads section of your model’s product page. This is the default setting for the affected models.”

Advertising

Advertising Wireless IoT Firmware

MY TAKE: Why COVID-19 ‘digital distancing’ is every bit as vital as ‘social distancing’

The Last Watchdog

APRIL 28, 2020

Researchers at Seattle-based forensics tools vendor DomainTools found one domain enticing Android smartphone users to download an Android App displaying a spiffy Coronavirus heat map , updating key stats about the unfolding pandemic. Backup your data frequently on hard drives that aren’t connected 24/7 to the internet.

Social Engineering

Social Engineering Cyber Attacks Scams Engineering

Pink Botnet infected over 1.6 Million Devices, it is one of the largest botnet ever seen

Security Affairs

NOVEMBER 1, 2021

Every time a vendor made some attempts to address the problem, the botmaster pushed out multiple firmware updates on the fiber routers to maintain their control. This architecture was implemented to make the botnet resilient to takedowns by law enforcement and security firms with the support of the vendors of the infected devices.

Architecture

Architecture DDOS Advertising DNS

IoT Unravelled Part 2: IP Addresses, Network, Zigbee, Custom Firmware and Soldering

PTZOptics cameras zero-days actively exploited in the wild

Trending Sources

MoonBounce: the dark side of UEFI firmware

CosmicStrand: the discovery of a sophisticated UEFI firmware rootkit

Dynamic analysis of firmware components in IoT devices

A new Mirai botnet variant targets DigiEver DS-2105 Pro DVRs

The Internet of Things Is Everywhere. Are You Secure?

China-linked APT Mustang Panda targets TP-Link routers with a custom firmware implant

Internet safety tips for kids and teens: A comprehensive guide for the modern parent

P2P Weakness Exposes Millions of IoT Devices

Researchers warn of QNAP NAS attacks in the wild

D-Link issues beta hotfix for multiple flaws in DIR-3040 routers

MoonBounce UEFI implant spotted in a targeted APT41 attack

Moobot botnet spreads by exploiting CVE-2021-36260 flaw in Hikvision products

Experts found 15 flaws in Netgear JGS516PE switch, including a critical RCE

Patch now! Insecure Hikvision security cameras can be taken over remotely

Zyxel patches two critical vulnerabilities

NETGEAR fixes a severe bug in its routers. Patch it asap!

Vo1d malware infected 1.3 Million Android-based TV Boxes in 197 countries

Expert discloses details and PoC code for Netgear Seventh Inferno bug

10 Behaviors That Will Reduce Your Risk Online

NI CompactRIO controller flaw could allow disrupting production

Over 80,000 Hikvision cameras can be easily hacked

UnityMiner targets unpatched QNAP NAS in cryptocurrency mining campaign

Update now! NetGear routers’ default configuration allows remote attacks

It's 2021: Have you checked your backups?

SonicWall warns that SonicOS bug exploited in attacks

Experts found backdoors in a popular Auerswald VoIP appliance

QNAP fixed Sudo privilege escalation bug in NAS devices

QNAP addresses a critical flaw impacting its NAS devices

Router security in 2021

CVE-2021-40847 flaw in Netgear SOHO routers could allow remote code execution

Cyclops Blink malware: US and UK authorities issue alert

Thousands of Hikvision video cameras remain unpatched and vulnerable to takeover

10,000+ unpatched ABUS Secvest home alarms can be deactivated remotely

Multiple DDoS botnets were observed targeting Zyxel devices

A bowl full of security problems: Examining the vulnerabilities of smart pet feeders

Update now! Netgear vulnerability patched

A flaw in Rockwell Controller allows attackers to redirect users to malicious Sites

New Checkmate ransomware target QNAP NAS devices

Experts share details of five flaws that can be chained to hack Netgear RAX30 Routers

Sony Bravia Smart TVs affected by a critical vulnerability

MY TAKE: Why COVID-19 ‘digital distancing’ is every bit as vital as ‘social distancing’

Pink Botnet infected over 1.6 Million Devices, it is one of the largest botnet ever seen

Stay Connected