Encryption, Firmware and Passwords - Cyber Security Informer

Ubiquiti: Change Your Password, Enable 2FA

Krebs on Security

JANUARY 11, 2021

Ubiquiti , a major vendor of cloud-enabled Internet of Things (IoT) devices such as routers, network video recorders, security cameras and access control systems, is urging customers to change their passwords and enable multi-factor authentication. Change your password. Click on ‘Security’ from the left-hand menu.

Passwords

Passwords Authentication Firmware Accountability

Compromising the Secure Boot Process

Schneier on Security

JULY 26, 2024

In a public GitHub repository committed in December of that year, someone working for multiple US-based device manufacturers published what’s known as a platform key, the cryptographic key that forms the root-of-trust anchor between the hardware device and the firmware that runs on it.

Firmware

Firmware Encryption Manufacturing Passwords

Yubico Security Keys with a Crypto Flaw

Schneier on Security

JULY 1, 2019

government due to a firmware flaw. The company issued a security advisory today that warned of an issue in YubiKey FIPS Series devices with firmware versions 4.4.2 The security keys are used by thousands of federal employees on a daily basis, letting them securely log-on to their devices by issuing one-time passwords.

Firmware

Firmware Passwords Government Encryption

MoonBounce: the dark side of UEFI firmware

SecureList

JANUARY 20, 2022

At the end of 2021, we were made aware of a UEFI firmware-level compromise through logs from our Firmware Scanner , which has been integrated into Kaspersky products since the beginning of 2019. This one is made up of implants found in the UEFI firmware within the SPI flash, a non-volatile storage external to the hard drive.

Firmware

Firmware Malware Encryption Passwords

5 Ways to Ensure Home Router Security with a Remote Workforce

Adam Levin

MARCH 19, 2020

Ensure remote workers are more secure by following these five tips: Change the Default Password: Routers should have the manufacturer default password updated the moment it’s turned on and connected. Use a Strong and Unique Password: Discourage employees from reusing passwords that are linked to other accounts.

Wireless

Wireless Firmware Firewall Manufacturing

Flaws in several self-encrypting SSDs allows attackers to decrypt data they contain

Security Affairs

NOVEMBER 6, 2018

The encryption system implemented by popular solid-state drives (SSDs) is affected by critical vulnerabilities that could be exploited by a local attacker to decrypt data. “We have analyzed the hardware full-disk encryption of several SSDs by reverse engineering their firmware.

Encryption

Encryption Firmware Passwords Advertising

IoT Unravelled Part 3: Security

Troy Hunt

NOVEMBER 25, 2020

I also looked at custom firmware and soldering and why, to my mind, that was a path I didn't need to go down at this time. I can't blame this on the teddy bears themselves, rather the fact that the MongoDB holding all the collected data was left publicly facing without a password. IoT firmware should be self-healing.

IoT

IoT Firmware Risk Manufacturing

Industrial Remote Access Tool Ewon Cosy+ Vulnerable to Root Access Attacks

The Hacker News

AUGUST 11, 2024

The elevated access could then be weaponized to decrypt encrypted firmware files and encrypted data such as passwords in configuration files, and even get correctly signed X.509 509 VPN certificates for foreign

Firmware

Firmware VPN Encryption Passwords

Flaws in firmware expose almost any modern PC to Cold Boot Attacks

Security Affairs

SEPTEMBER 13, 2018

New Firmware Flaws Resurrect Cold Boot Attacks. A team of security researchers demonstrated that the firmware running on nearly all modern computers is vulnerable to cold boot attacks. encryption keys, passwords) from a running operating system after using a cold reboot to restart the machine. Pierluigi Paganini.

Firmware

Firmware Encryption Advertising Passwords

FujiFilm printer credentials encryption issue fixed

Pen Test Partners

OCTOBER 31, 2023

With the default configuration of these printers, it’s possible to retrieve these credentials in an encrypted format without authenticating to the printer. A vulnerability in the encryption process of these credentials means that you can decrypt them with responses from the web interface. This is the IV for the encryption algorithm.

Encryption

Encryption Passwords Firmware Engineering

China-linked APT Mustang Panda targets TP-Link routers with a custom firmware implant

Security Affairs

MAY 16, 2023

China-linked APT group Mustang Panda employed a custom firmware implant targeting TP-Link routers in targeted attacks since January 2023. In most recent attacks observed by Check Point, the threat actors employed custom firmware implant designed explicitly for TP-Link routers. ” reads the report published by Check point.

Firmware

Firmware Encryption Government Malware

P2P Weakness Exposes Millions of IoT Devices

Krebs on Security

APRIL 26, 2019

A map showing the distribution of some 2 million iLinkP2P-enabled devices that are vulnerable to eavesdropping, password theft and possibly remote compromise, according to new research. Furthermore, even if software patches were issued, the likelihood of most users updating their device firmware is low.

IoT

IoT Firewall Manufacturing Computers and Electronics

DRAGONBLOOD flaws allow hacking WPA3 protected WiFi passwords

Security Affairs

AUGUST 3, 2019

Dragonblood researchers found two new weaknesses in WPA3 protocol that could be exploited to hack WPA3 protected WiFi passwords. passwords. A group of researchers known as Dragonblood (Mathy Vanhoef and Eyal Ronen ) devised new methods to hack WPA3 protected WiFi passwords by exploiting two new vulnerabilities dubbed Dragonblood flaws.

Passwords

Passwords Hacking Wireless Authentication

Types of Encryption, Methods & Use Cases

eSecurity Planet

DECEMBER 7, 2023

Encryption scrambles data to make it unreadable to those without decryption keys. Proper use of encryption preserves secrecy and radically lowers the potential damage of a successful cybersecurity attack. Encryption algorithm types will provide an overview of the mathematical algorithms used to encrypt data (AES, RSA, etc.),

Encryption

Encryption Passwords Authentication Password Management

Multiple flaws in Netgear Nighthawk R6700v3 router are still unpatched

Security Affairs

DECEMBER 31, 2021

Researchers discovered multiple high-risk vulnerabilities affecting the latest firmware version for the Netgear Nighthawk R6700v3 router. Researchers from Tenable have discovered multiple vulnerabilities in the latest firmware version (version 1.0.4.120) of the popular Netgear Nighthawk R6700v3 WiFi router. ” states Tenable.

Firmware

Firmware Encryption Passwords Authentication

TP-Link Archer routers allow remote takeover without passwords

Security Affairs

DECEMBER 17, 2019

TP-Link has addressed a critical vulnerability impacting some TP-Link Archer routers that could allow attackers to login without passwords. “In such an event, the victim could lose access to the console and even a shell, and thereby would not be able to re-establish a new password.” ” continues the post.

Passwords

Passwords Advertising Firmware Authentication

FBI published a flash alert on Mamba Ransomware attacks

Security Affairs

MARCH 26, 2021

The Federal Bureau of Investigation (FBI) issued an alert to warn that the Mamba ransomware is abusing the DiskCryptor open source tool to encrypt entire drives. Mamba ransomware is one of the first malware that encrypted hard drives rather than files that was detected in public attacks. ” reads the alert published by the FBI.

Ransomware

Ransomware Encryption Passwords Malware

Millions of Arris routers are vulnerable to path traversal attacks

Malwarebytes

AUGUST 1, 2022

This web server is present in Arris firmware which can be found in several router models. Unfortunately the Arris firmware is based on the vulnerable version of muhttpd. The SSID and plaintext password of the 2G and 5G Wi-Fi networks broadcast by the device. muhttpd web server. The muhttpd server 1.1.5 released June 1, 2022).

Firmware

Firmware Internet Internet Passwords

Smart lightbulb and app vulnerability puts your Wi-Fi password at risk

Malwarebytes

AUGUST 25, 2023

New research highlights another potential danger from IoT devices, with a popular make of smart light bulbs placing your Wi-Fi network password at risk. Multiple high severity vulnerabilities exist which allow for password retrieval and device manipulation, with four issues in total. One vulnerability, with a CVSS score of 7.6

Passwords

Passwords Risk IoT Firmware

QR code SQL injection and other vulnerabilities in a popular biometric terminal

SecureList

JUNE 11, 2024

User-friendly: biometric identification does not require subjects to remember passwords or carry access cards. External appearance of the device The device has several physical interfaces, supporting four authentication methods: biometric (facial recognition), password, electronic pass, and QR code.

Firmware

Firmware Authentication Passwords Risk

[Full-Disclosure] HideezKey 2 FAIL: How a good idea turns into a SPF (Security Product Failure)

Security Affairs

MAY 7, 2021

HideezKey- This is a deep-dive into a nice concept for a security token & password manager that turned into a horrible product due to lack of proper R&D and Threat Modeling. This will help me later in the case I will be able to obtain a firmware that eventually is encrypted (i.e. known-plaintext attack). In PLAINTEXT.

Firmware

Firmware Passwords Password Management Encryption

New eCh0raix ransomware variant targets NAS devices from both QNAP and Synology vendors

Security Affairs

AUGUST 10, 2021

The ransomware, tracked by Intezer as “ QNAPCrypt ” and “ eCh0raix ” by Anomali, is written in the Go programming language and uses AES encryption to encrypt files. The malicious code appends.encrypt extension to filenames of encrypted files. Create complex login passwords to make brute-forcing more difficult for attackers.

Ransomware

Ransomware Encryption Firmware Passwords

Samsung offers Mobile Security protection as below

CyberSecurity Insiders

NOVEMBER 25, 2021

From backdoors- As the Korean giant creates, validates and manufactures its computing devices all on its own, its every piece of hardware, wiring and firmware is securely drafted at its high secure R&D plants & factories in the world. So, the question of unauthorized backdoors being present on any of its devices gets eliminated.

Mobile

Mobile Firmware Manufacturing Passwords

Expert managed to crack 70% of a 5,000 WiFi network sample in Tel Aviv

Security Affairs

OCTOBER 26, 2021

The PMK is calculated from the following parameters: Passphrase– The WiFi password — hence, the part that we are really looking for. Hoorvitch used an attack technique devised by Jens “atom” Steube’s (Hashcat’s lead developer) to retrieve the PMKIDs that allowed him to derive the password. SSID – The name of the network.

Passwords

Passwords Small Business Firmware Manufacturing

Expert released PoC exploit code for unpatched backdoor in HiSilicon chips

Security Affairs

FEBRUARY 5, 2020

More recent firmware versions had Telnet access and debug port (9527/ tcp ) disabled by default, but they had open port 9530/ tcp that could be exploited by attackers to send a special command to start telnet daemon and enable shell access with a static password ([ 1 ], [ 2 ], [ 3 ]).

Firmware

Firmware Encryption Advertising Passwords

QSnatch malware infected over 62,000 QNAP NAS Devices

Security Affairs

JULY 28, 2020

CGI password logger This installs a fake version of the device admin login page, logging successful authentications and passing them to the legitimate login page. These are encrypted with the actor’s public key and sent to their infrastructure over HTTPS. The QSnatch malware implements multiple functionalities, such as: .

Malware

Malware Firmware Advertising Manufacturing

5 Signs a Cyberattack Is Under Way and 5 Things You Need to Do Before It Happens

Adam Levin

FEBRUARY 10, 2020

Never buy a device that doesn’t allow you to set a long and strong password. When your phone or computer alerts you to an available software or firmware update, pay attention and do what you’re asked to do immediately (as opposed to clicking “Remind me later”) because many of these patches are security-related.

Passwords

Passwords Phishing Password Management Accountability

A new wave of Qlocker ransomware attacks targets QNAP NAS devices

Security Affairs

JANUARY 16, 2022

Once the ransomware has infected a device, it moves all the files on the NAS into password-protected 7z archives and demands the payment of a $550 ransom. BleepingComputer also reported that dozens of ransom notes and encrypted files have been submitted to the ID-Ransomware service by affected QNAP users.

Ransomware

Ransomware Encryption Backups Firmware

2.9 Billion Records Exposed in NPD Breach: How to Stay Safe

eSecurity Planet

AUGUST 20, 2024

Use Strong, Unique Passwords Weak passwords are easy for hackers to guess or crack, especially if they’re common or reused across multiple sites. When creating passwords, use at least 12 characters, combining uppercase and lowercase letters, numbers, and special symbols. BitLocker for Windows and FileVault for Mac).

Identity Theft

Identity Theft Data breaches Passwords Encryption

From Sensors to Servers: End-to-End Security for IoT in Critical Utility Networks

SecureWorld News

NOVEMBER 7, 2024

Firmware integrity checks: Regularly check that each device's firmware is up to date and verified—especially when outdated firmware is one of the most common entry points for attackers. End-to-end encryption: Encrypt all data from sensors to controller.

IoT

IoT Firmware Encryption Authentication

New Checkmate ransomware target QNAP NAS devices

Security Affairs

JULY 8, 2022

The Taiwanese vendor QNAP is warning of a new family of ransomware targeting its NAS devices using weak passwords. Threat actors are targeting devices exposed online with the SMB service enabled, they perform brute-force attacks against accounts using weak passwords. All your data has been encrypted, backups have been deleted.

Ransomware

Ransomware Encryption Passwords Internet

Hackers infect Linux servers with JungleSec Ransomware via IPMI Remote console

Security Affairs

DECEMBER 27, 2018

The IPMI is a set of computer interface specifications for an autonomous computer subsystem that provides management and monitoring capabilities independently of the host system’s CPU, firmware (BIOS or UEFI) and operating system. “In one case, the IPMI interface was using the default manufacturer passwords. .

Ransomware

Ransomware Passwords Advertising Firmware

Practical coexistence attacks on billions of WiFi chips allow data theft and traffic manipulation

Security Affairs

DECEMBER 13, 2021

Boffins discovered bugs in WiFi chips that can be exploited to extract passwords and manipulate traffic by targeting a device’s Bluetooth component. The WiFi chip encrypts network traffic and holds the current WiFi credentials, thereby providing the attacker with further information.” Pierluigi Paganini.

Wireless

Wireless Firmware Mobile Passwords

A bowl full of security problems: Examining the vulnerabilities of smart pet feeders

SecureList

JUNE 20, 2023

The findings of the study reveal a number of serious security issues, including the use of hard-coded credentials, and an insecure firmware update process. We later managed to extract the firmware from the EEPROM for further static reverse engineering. Further hardware analysis of the circuit board helped us identify chips.

Firmware

Firmware Passwords Manufacturing Mobile

Threat spotlight: Conti, the ransomware used in the HSE healthcare attack

Malwarebytes

MAY 28, 2021

The files are then held for ransom and the victim is threatened by data loss, because of the encryption, and leaking of the exfiltrated data. Files are encrypted with a combination of AES-256 and RSA-4096 via the Microsoft CryptoAPI , as per CrowdStrike. Earlier versions appended the.CONTI extension to encrypted files.

Healthcare

Healthcare Ransomware Encryption Passwords

Router security in 2021

SecureList

JUNE 8, 2022

They make the router much easier to hack, which gives the opportunity to get round password protection features (such as CAPTCHA or a limited number of login attempts), run third-party code, bypass authentication, send remote commands to the router or even disable it. search results for “default password” in June 2021.

DDOS

DDOS Passwords IoT Firmware

FBI warns of ransomware attacks targeting the food and agriculture sector

Security Affairs

SEPTEMBER 3, 2021

“Cyber criminal threat actors exploit network vulnerabilities to exfiltrate data and encrypt systems in a sector that is increasingly reliant on smart technologies, industrial control systems, and internet-based automation systems. Install updates/patch operating systems, software, and firmware as soon as they are released.

Ransomware

Ransomware Passwords Backups Firmware

USBAnywhere BMC flaws expose Supermicro servers to hack

Security Affairs

SEPTEMBER 3, 2019

Researchers at firmware security firm Eclypsium discovered multiple vulnerabilities referred as USBAnywhere that could be exploited to potentially allow an attacker to take over the baseboard management controller (BMC) for three different models of Supermicro server boards: the X9, X10, and X11. ” reads the post published by Eclypsium.

Hacking

Hacking Firmware Media Authentication

Millions of Xiongmai video surveillance devices can be easily hacked via cloud feature

Security Affairs

OCTOBER 10, 2018

If the data connection is not properly encrypted ( spoiler alert: it’s not, we’ve checked! ), anyone who can intercept the connection is able to monitor all data that is exchanged. The experts also discovered an undocumented user with the name “default” and password “tluafed.”. Who controls these servers? Where are they located?

Surveillance

Surveillance Hacking Firmware Manufacturing

New Qlocker ransomware infected hundreds of QNAP NAS devices in a few days

Security Affairs

APRIL 23, 2021

The malware moves all files stored on the device to password-protected 7zip archives and demand the payment of a $550 ransom. The vendor recommends the use of strong passwords and to modify the default network port 8080 for accessing the NAS operating interface. “QNAP® Systems, Inc.

Ransomware

Ransomware Backups Media Malware

Vulnerability Patching: How to Prioritize and Apply Patches

eSecurity Planet

NOVEMBER 18, 2022

firmware (hard drives, drivers, etc.), However, some patches, particularly for infrastructure, firmware, or less common software may not be automatable. While this eliminates many headaches, it does not scan for misconfigurations and may not support other critical updates such as IT infrastructure (routers, firewalls, etc.),

Firmware

Firmware Firewall Passwords Risk

FBI warns of increase in PYSA ransomware attacks targeting education

Malwarebytes

MARCH 17, 2021

PYSA, aka Mespinoza, is a malware capable of exfiltrating data and encrypting users’ critical files and data stored on their systems. All encrypted files in Windows and Linux, the two platforms this ransomware primarily targets, will have the.pysa suffix. After this, PYSA is then deployed and executed.

Education

Education Ransomware Phishing Passwords

IoT Cybersecurity: 5 Major Vulnerabilities and How to Tackle Them

Security Affairs

OCTOBER 13, 2020

Simple or reused passwords are still a problem. While the cybersecurity industry has presented options for every netizen, the recommendation to use original and complex passwords continues to be disregarded. Instead, people come up with passwords that are comfortable. Improper encryption. Poor credentials.

IoT

IoT Cybersecurity Manufacturing Internet

Downfall Intel CPU side-channel attack exposes sensitive data

Security Affairs

AUGUST 9, 2023

Malware can carry out a Downfall attack to steal sensitive information like passwords, encryption keys, and private data such as banking details, personal emails, and messages. ” Intel informed customers that is releasing firmware updates to address the vulnerability.

Firmware

Firmware Encryption Software Banking

Ubiquiti: Change Your Password, Enable 2FA

Compromising the Secure Boot Process

Trending Sources

Yubico Security Keys with a Crypto Flaw

MoonBounce: the dark side of UEFI firmware

5 Ways to Ensure Home Router Security with a Remote Workforce

Flaws in several self-encrypting SSDs allows attackers to decrypt data they contain

IoT Unravelled Part 3: Security

Industrial Remote Access Tool Ewon Cosy+ Vulnerable to Root Access Attacks

Flaws in firmware expose almost any modern PC to Cold Boot Attacks

FujiFilm printer credentials encryption issue fixed

China-linked APT Mustang Panda targets TP-Link routers with a custom firmware implant

P2P Weakness Exposes Millions of IoT Devices

DRAGONBLOOD flaws allow hacking WPA3 protected WiFi passwords

Types of Encryption, Methods & Use Cases

Multiple flaws in Netgear Nighthawk R6700v3 router are still unpatched

TP-Link Archer routers allow remote takeover without passwords

FBI published a flash alert on Mamba Ransomware attacks

Millions of Arris routers are vulnerable to path traversal attacks

Smart lightbulb and app vulnerability puts your Wi-Fi password at risk

QR code SQL injection and other vulnerabilities in a popular biometric terminal

[Full-Disclosure] HideezKey 2 FAIL: How a good idea turns into a SPF (Security Product Failure)

New eCh0raix ransomware variant targets NAS devices from both QNAP and Synology vendors

Samsung offers Mobile Security protection as below

Expert managed to crack 70% of a 5,000 WiFi network sample in Tel Aviv

Expert released PoC exploit code for unpatched backdoor in HiSilicon chips

QSnatch malware infected over 62,000 QNAP NAS Devices

5 Signs a Cyberattack Is Under Way and 5 Things You Need to Do Before It Happens

A new wave of Qlocker ransomware attacks targets QNAP NAS devices

2.9 Billion Records Exposed in NPD Breach: How to Stay Safe

From Sensors to Servers: End-to-End Security for IoT in Critical Utility Networks

New Checkmate ransomware target QNAP NAS devices

Hackers infect Linux servers with JungleSec Ransomware via IPMI Remote console

Practical coexistence attacks on billions of WiFi chips allow data theft and traffic manipulation

A bowl full of security problems: Examining the vulnerabilities of smart pet feeders

Threat spotlight: Conti, the ransomware used in the HSE healthcare attack

Router security in 2021

FBI warns of ransomware attacks targeting the food and agriculture sector

USBAnywhere BMC flaws expose Supermicro servers to hack

Millions of Xiongmai video surveillance devices can be easily hacked via cloud feature

New Qlocker ransomware infected hundreds of QNAP NAS devices in a few days

Vulnerability Patching: How to Prioritize and Apply Patches

FBI warns of increase in PYSA ransomware attacks targeting education

IoT Cybersecurity: 5 Major Vulnerabilities and How to Tackle Them

Downfall Intel CPU side-channel attack exposes sensitive data

Stay Connected