Firewall, Hacking and IoT - Cyber Security Informer

IoT Unravelled Part 3: Security

Troy Hunt

NOVEMBER 25, 2020

In part 1 of this series, I posited that the IoT landscape is an absolute mess but Home Assistant (HA) does an admirable job of tying it all together. As with the rest of the IoT landscape, there's a lot of scope for improvement here and also just like the other IoT posts, it gets very complex for normal people very quickly.

IoT

IoT Firmware Risk Manufacturing

Chinese national charged for hacking thousands of Sophos firewalls

Security Affairs

DECEMBER 11, 2024

has charged a Chinese national for hacking thousands of Sophos firewall devices worldwide in 2020. has charged the Chinese national Guan Tianfeng (aka gbigmao and gxiaomao) for hacking thousands of Sophos firewall devices worldwide in 2020. Tianfeng worked at Sichuan Silence Information Technology Co., based Sophos Ltd.

Firewall

Firewall Hacking Malware Passwords

Threat Trends: Firewall

Cisco Security

OCTOBER 19, 2021

In any perimeter defense a key component is firewalls—the proverbial guard towers in your fortifications. In this Threat Trends release, we’ll be looking at Cisco Secure Firewall. The goal is to highlight the common threats that organizations encounter and block with Secure Firewall. Secure Firewall version 7.0

Firewall

Firewall Authentication DNS Accountability

Experts devised a technique to bypass web application firewalls (WAF) of several vendors

Security Affairs

DECEMBER 9, 2022

Claroty researchers devised a technique for bypassing the web application firewalls (WAF) of several vendors. Researchers at industrial and IoT cybersecurity firm Claroty devised an attack technique for bypassing the web application firewalls (WAF) of several industry-leading vendors. SecurityAffairs – hacking, WAF).

Firewall

Firewall Wireless IoT Hacking

New Russia Malware targets firewall appliances

CyberSecurity Insiders

FEBRUARY 23, 2022

A new malware developed by Sandworm hacking group has targeted appliances that are fire walled and reports are in that the military intelligence of the Russian Federation developed the malicious software. In the year 2020, over 20 million IoT malware attacks were detected and among them, over three in four affected devices were routers.

Firewall

Firewall Malware IoT Software

New Ttint IoT botnet exploits two zero-days in Tenda routers

Security Affairs

OCTOBER 5, 2020

Security researchers provided technical details about an IoT botnet dubbed Ttint that has been exploiting two zero-days in Tenda routers. Security researchers at Netlab, the network security division Qihoo 360, have published a report that details an IoT botnet dubbed Ttint. SecurityAffairs – hacking, Ttint botnet).

IoT

IoT Firmware Advertising DNS

Sophos blocked attacks exploiting XG Firewall zero-day to deploy Ransomware

Security Affairs

MAY 21, 2020

Hackers attempted to exploit a zero-day flaw in the Sophos XG firewall to distribute ransomware to Windows machines, but the attack was blocked. It was designed to download payloads intended to exfiltrate XG Firewall-resident data. Sophos was informed of the attacks exploiting the zero-day issue by one of its customers on April 22.

Firewall

Firewall Ransomware Passwords VPN

California’s Controversial IoT Security Bill Passes

Adam Levin

SEPTEMBER 17, 2018

The first major piece of cybersecurity legislation to address vulnerabilities in Internet of Things (IoT) devices has passed in California, and is ready to be signed into law by Governor Jerry Brown. The post California’s Controversial IoT Security Bill Passes appeared first on Adam Levin. in a released last week.

IoT

IoT Manufacturing Firewall Marketing

Overview of IoT threats in 2023

SecureList

SEPTEMBER 21, 2023

IoT devices (routers, cameras, NAS boxes, and smart home components) multiply every year. The first-ever large-scale malware attacks on IoT devices were recorded back in 2008, and their number has only been growing ever since. Telnet, the overwhelmingly popular unencrypted IoT text protocol, is the main target of brute-forcing.

IoT

IoT DDOS Passwords Malware

5 IoT Security Predictions for 2019

Security Affairs

DECEMBER 21, 2018

2018 was the year of the Internet of Things (IoT), massive attacks and various botnets hit smart devices, These are 5 IoT Security Predictions for 2019. IoT Attacks in 2018. Do the increased attacks mean the industry is becoming accustomed to IoT cyber attacks? Three IoT Attack Avenues for 2019.

IoT

IoT Manufacturing Internet Internet

Microsoft warns of BadAlloc flaws in OT, IoT devices

Security Affairs

APRIL 30, 2021

Microsoft researchers are warning of major security vulnerabilities affecting OT and IoT devices and high-risks for businesses using them. Researchers from Microsoft’s Section 52 team recently uncovered several critical memory allocation flaws, collectively tracked as BadAlloc , affecting IoT and OT devices. Pierluigi Paganini.

IoT

IoT VPN Firewall Risk

Silex malware bricks thousands of IoT devices in a few hours

Security Affairs

JUNE 26, 2019

Security experts warn of a new piece of the Silex malware that is bricking thousands of IoT devices, and the situation could rapidly go worse. Cashdollar explained that the Silex malware trashes the storage of the infected devices, drops firewall rules and wipe network configurations before halting the system. ” reported ZDnet.

IoT

IoT Malware Advertising Firmware

Security Affairs newsletter Round 515 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

MARCH 16, 2025

SuperBlack Ransomware operators exploit Fortinet Firewall flaws in recent attacks U.S. New MassJacker clipper targets pirated software seekers Cisco IOS XR flaw allows attackers to crash BGP process on routers LockBit ransomware developer Rostislav Panev was extradited from Israel to the U.S.

Spyware

Spyware Cybercrime Ransomware IoT

Experts hacked 28,000 unsecured printers to raise awareness of printer security issues

Security Affairs

AUGUST 27, 2020

To perform the experiment, we used Internet of Things (IoT) search engines to search for open devices that utilized common printer ports and protocols. To find out how many printers were on the menu for our experiment, we searched for IP addresses with open ports on specialized IoT search engines, such as Shodan and Censys.

Hacking

Hacking IoT Firmware Internet

SHARED INTEL: Report details how cyber criminals leverage HTTPS TLS to hide malware

The Last Watchdog

APRIL 21, 2021

This surge in TLS abuse has shifted the security community’s focus back to a venerable network security tool, the firewall. Hacking rings are using TLS to evade detection while delivering botnet commands, embedding malware and exfiltrating data. In short, TLS helps preserve the integrity of legitimate digital connections.

Malware

Malware Firewall Encryption Digital transformation

MY TAKE: Memory hacking arises as a go-to tactic to carry out deep, persistent incursions

The Last Watchdog

MARCH 4, 2019

Related: We’re in the midst of ‘cyber Pearl Harbor’ Peel back the layers of just about any sophisticated, multi-staged network breach and you’ll invariably find memory hacking at the core. Here’s what I took away from our discussion: Transient hacks. This quickly gets intricately technical. Branching attacks.

Hacking

Hacking Energy and Utilities System Administration Accountability

IoT Security: Designing for a Zero Trust World

SecureWorld News

SEPTEMBER 15, 2021

Now George Jetson’s reality is nearly our own, and Rosie the Robot is somewhat interchangeable with any number of IoT devices like Siri, Roomba, or Alexa. Today, organizations are also embracing a record number of Internet of Things (IoT) devices to accomplish objectives. Securing your IoT environment.

IoT

IoT Encryption Internet Internet

ARES ADB IOT Botnet targets Android Set Top Boxes (STB) and TVs

Security Affairs

AUGUST 31, 2019

Researchers from WootCloud Labs have uncovered a new IoT botnet named Ares that is targeting Android-based devices. Experts from WootCloud Labs have spotted a new IoT botnet tracked as Ares that is targeting Android-based devices that have a debug port exposed online. IoT #malware branches seen in ????????

IoT

IoT Passwords Advertising Malware

Millions of Xiongmai video surveillance devices can be easily hacked via cloud feature

Security Affairs

OCTOBER 10, 2018

Millions of Xiongmai video surveillance devices can be easily hacked via cloud feature, a gift for APT groups and cyber crime syndicates. Xiongmai hereinafter) that are open to hack. The “P2P Cloud” feature bypasses firewalls and effectively allows remote connections into private networks. Pierluigi Paganini.

Surveillance

Surveillance Hacking Firmware Manufacturing

MY TAKE: Why new tools, tactics are needed to mitigate risks introduced by widespread encryption

The Last Watchdog

FEBRUARY 18, 2020

TLS is the glue that holds together not just routine website data exchanges, but also each of the billions of machine-to-machine handshakes occurring daily to enable DevOps, cloud computing and IoT systems. Sophos’ new XG Firewall is a good start to the improved technologies that are needed.

Encryption

Encryption Firewall Risk IoT

Ripple20 flaws in Treck TCP/IP stack potentially expose hundreds of millions of devices to hack

Security Affairs

JUNE 16, 2020

Serious security vulnerabilities in the Treck TCP/IP stack dubbed Ripple20 expose millions of IoT devices worldwide to cyber attacks, researchers warn. SecurityAffairs – Ripple20, hacking). The post Ripple20 flaws in Treck TCP/IP stack potentially expose hundreds of millions of devices to hack appeared first on Security Affairs.

Hacking

Hacking Advertising IoT DNS

New 0-Day Attacks Linked to China’s ‘Volt Typhoon’

Krebs on Security

AUGUST 27, 2024

The advisory placed much of the blame on Versa customers who “failed to implement system hardening and firewall guidelines…leaving a management port exposed on the internet that provided the threat actors with initial access.” Versa said the weakness allows attackers to upload a file of their choosing to vulnerable systems.

Internet

Internet Internet Technology Engineering

The Internet of Things Is Everywhere. Are You Secure?

Security Boulevard

MARCH 18, 2021

The internet of things (IoT) describes the network of interconnected devices embedded with sensors, software, or other technology that exchange data with other devices and systems over the Internet. . This means that currently there are three IoT devices for every one human on the planet. The Technical Challenge of IoT Security.

Internet

Internet Internet IoT Software

PRC State Hacking: ‘Chinese Edward Snowden’ Spills I?Soon Secrets in Huge Dump of TTPs

Security Boulevard

FEBRUARY 22, 2024

The post PRC State Hacking: ‘Chinese Edward Snowden’ Spills I‑Soon Secrets in Huge Dump of TTPs appeared first on Security Boulevard. Underpaid, overworked and angry: Whistleblower in hacker contractor firm for Chinese government blows lid off tactics, techniques and procedures.

Hacking

Hacking Government Digital transformation Social Engineering

RSAC insights: Introducing ‘CWPP’ and ‘CSPM,’ new frameworks to secure cloud infrastructure

The Last Watchdog

MAY 17, 2021

In pulling off that milestone hack, Paige Thompson took advantage of CapOne’s lack of focus on cloud security as the banking giant rushed headlong into leveraging Amazon Web Services. A slew of new cloud-security frameworks have gained traction since the Capital One hack. Related: How credential stuffing fuels account takeovers.

Cloud Migration

Cloud Migration Banking Firewall Software

New Mirai variant appears in the threat landscape

Security Affairs

MARCH 16, 2021

“The IoT realm remains an easily accessible target for attackers. SecurityAffairs – hacking, Mirai). “The attacks are still ongoing at the time of this writing. Experts noticed that the malware also downloads more shell scripts that retrieve brute-forcers that could be used to target devices protected with weak passwords.

Wireless

Wireless IoT DNS VPN

New Healthcare Hacks Are Inhibiting Patient Care

SecureWorld News

JUNE 21, 2022

Preparing for hacks and ransomware attacks in healthcare. Successful hacks often target the organizations with the weakest security postures. IT departments benefit from policies that help establish practices, like security update schedules, that can keep devices (and particularly IoT devices ) secure.

Healthcare

Healthcare Hacking Ransomware Digital transformation

Security Affairs newsletter Round 455 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

JANUARY 21, 2024

Admin of the BreachForums hacking forum sentenced to 20 years supervised release Russia-linked Midnight Blizzard APT hacked Microsoft corporate emails VF Corp December data breach impacts 35 million customers China-linked APT UNC3886 exploits VMware zero-day since 2021 Ransomware attacks break records in 2023: the number of victims rose by 128% U.S.

Artificial Intelligence

Artificial Intelligence Hacking VPN Firewall

Cybersecurity Research Topics for Beginners: Exploring the Fundamentals

CyberSecurity Insiders

MAY 28, 2023

Research network security mechanisms, such as firewalls, intrusion detection systems (IDS), and virtual private networks (VPNs). Learn about secure coding practices, web application firewalls (WAFs), and vulnerability scanning tools. Explore IoT security architectures, protocols, and solutions for securing interconnected devices.

Cybersecurity

Cybersecurity Penetration Testing Social Engineering IoT

RSAC insights: Sophos report dissects how improved tools, tactics stop ransomware attack

The Last Watchdog

MAY 12, 2021

Criminal hacking rings have been hammering away at this latest of a long line of zero-day flaws discovered in a globally distributed system. The pattern is all too familiar: they marshal their hacking infrastructure to take advantage of the window of time when there is a maximum number of vulnerable systems just begging to be hacked.

Ransomware

Ransomware Hacking Firewall Digital transformation

IOCONTROL cyberweapon used to target infrastructure in the US and Isreael

Security Affairs

DECEMBER 14, 2024

Iran-linked threat actors target IoT and OT/SCADA systems in US and Israeli infrastructure with IOCONTROL malware. Claroty’s Team82 obtained a sample of a custom-built IoT/OT malware called IOCONTROL used by the Iran-linked threat actors to target devices in infrastructure located in Israel and U.S.

IoT

IoT Malware DNS Antivirus

FBI warns cyber actors abusing protocols as new DDoS attack vectors

Security Affairs

JULY 27, 2020

In December 2018, security experts from Trend Micro discovered that some machine-to-machine (M2M) protocols can be abused to attack IoT and industrial Internet of Things (IIoT) systems. Change the default username and passwords for all network devices, especially IoT devices. SecurityAffairs – hacking, FBI). Pierluigi Paganini.

DDOS

DDOS IoT Internet Internet

Security Affairs newsletter Round 435 by Pierluigi Paganini – International edition

Security Affairs

SEPTEMBER 3, 2023

Hacks QakBot, Quietly Removes Botnet Infections Under Siege: Rapid7-Observed Exploitation of Cisco ASA SSL VPNs Why is.US Being Used to Phish So Many of Us?

Social Engineering

Social Engineering Data breaches Spyware Malware

What Is a DMZ Network? Definition, Architecture & Benefits

eSecurity Planet

APRIL 7, 2023

The DMZ should be set up with at least one gateway device (typically a firewall ) that will filter external network packets through to the DMZ and monitor for unusual traffic or activity. In many cases, a dual firewall layout is implemented for a second round of network packet filtering before the LAN (see image below).

Architecture

Architecture Firewall Network Security Technology

Russia-linked Cyclops Blink botnet targeting ASUS routers

Security Affairs

MARCH 18, 2022

According to WatchGuard , Cyclops Blink may have affected roughly 1% of all active WatchGuard firewall appliances. For every hard-coded TCP port used to communicate with the C2 servers, the bot creates a rule in the Linux kernel firewall Netfilter. SecurityAffairs – hacking, Cyclops Blink). India, Italy, Canada, and Russia.

IoT

IoT Firewall Malware Internet

SHARING INTEL: Here’s why it has become so vital to prioritize the security-proofing of APIs

The Last Watchdog

NOVEMBER 30, 2021

Indeed, APIs have opened new horizons of cloud services, mobile computing and IoT infrastructure, with much more to come. API hacking escapades. Over the past couple of years, good-guy researchers and malicious hackers alike have steadily scaled up their hacking activities to flush them out.

Big data

Big data Digital transformation Accountability Hacking

Microsoft releases open-source tool for checking MikroTik Routers compromise

Security Affairs

MARCH 17, 2022

We published this tool to help customers ensure these IoT devices are not susceptible to these attacks.” It also looks for scheduled tasks, traffic redirection rules (NAT and other rules), DNS cache poisoning, default port changes, non-default users, suspicious files, as well as proxy, SOCKS and firewall rules.

Malware

Malware DNS Ransomware Passwords

Security Affairs newsletter Round 265

Security Affairs

MAY 24, 2020

Every week the best security articles from Security Affairs free for you in your email box. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Data breaches

Data breaches Advertising Spyware Hacking

Black Hat insights: Will Axis Security’s ZTNA solution hasten the sunsetting of VPNs, RDP?

The Last Watchdog

JULY 30, 2021

VPNs and RDP both enable remote access that can put an intruder deep inside the firewall. Many more VPN and RDP hacks today are being carried out in support of ransomware extortion. There’s no inbound traffic, so there’s no inbound hole in your firewall.”. Conversely, Zero Trust has gained some material traction.

VPN

VPN Firewall Encryption Accountability

New law will issue bans, fines for using default passwords on smart devices

Malwarebytes

NOVEMBER 25, 2021

the UK’s leading consumer awareness and review site, say that smart devices could be exposed to over 12,000 hacking and unknown scanning attacks in a single week. —has also opened a wide door for potential cybercriminals. New figures from a recent investigation conducted by Which? ,

Passwords

Passwords Telecommunications Internet Internet

Critical zero-days discovered in VxWorks RTOS, billions of devices at risk

Security Affairs

JULY 30, 2019

It is quite easy to find Wind River VxWorks in IoT devices, including webcam, network appliances, VOIP phones, and printers. “As an example of this scenario, consider how such an attack can take over the SonicWall firewall, which runs on the impacted VxWorks OS.” ” continues the report.

Risk

Risk IoT Firewall DNS

Building a Ransomware Resilient Architecture

eSecurity Planet

DECEMBER 2, 2022

Threat actors cannot hack what they cannot see. All inter-VLAN traffic should go through a firewall. This process goes against typical plans for most network administrators, who use firewalls at the network’s edge (Figure 1 ) and a fast switch on the LAN to route inter-VLAN traffic. Does this add latency?

Architecture

Architecture Ransomware Backups Firewall

What is a Cyberattack? Types and Defenses

eSecurity Planet

JUNE 16, 2022

There are many types of cyberattacks , with top trends for 2022 including mobile attacks, ransomware, COVID-related scams and hacks, zero-click attacks , malicious QR codes , phishing , cryptojacking , and IoT malware attacks, among others. Next-generation firewalls (NGFW). Firewalls have come a long way. Ransomware.

Backups

Backups Ransomware Malware Firewall

Cisco addresses flaws in its products, including Small Business routers and Webex

Security Affairs

JANUARY 24, 2019

Cisco released security updates for several products, including SD-WAN, Webex, Firepower, IoT Field Network Director, Identity Services Engine, and Small Business routers. Cisco also addressed another in the Cisco IoT Field Network Director product.

Small Business

Small Business IoT Authentication Engineering

IoT Unravelled Part 3: Security

Chinese national charged for hacking thousands of Sophos firewalls

Trending Sources

Threat Trends: Firewall

Experts devised a technique to bypass web application firewalls (WAF) of several vendors

New Russia Malware targets firewall appliances

New Ttint IoT botnet exploits two zero-days in Tenda routers

Sophos blocked attacks exploiting XG Firewall zero-day to deploy Ransomware

California’s Controversial IoT Security Bill Passes

Overview of IoT threats in 2023

5 IoT Security Predictions for 2019

Microsoft warns of BadAlloc flaws in OT, IoT devices

Silex malware bricks thousands of IoT devices in a few hours

Security Affairs newsletter Round 515 by Pierluigi Paganini – INTERNATIONAL EDITION

Experts hacked 28,000 unsecured printers to raise awareness of printer security issues

SHARED INTEL: Report details how cyber criminals leverage HTTPS TLS to hide malware

MY TAKE: Memory hacking arises as a go-to tactic to carry out deep, persistent incursions

IoT Security: Designing for a Zero Trust World

ARES ADB IOT Botnet targets Android Set Top Boxes (STB) and TVs

Millions of Xiongmai video surveillance devices can be easily hacked via cloud feature

MY TAKE: Why new tools, tactics are needed to mitigate risks introduced by widespread encryption

Ripple20 flaws in Treck TCP/IP stack potentially expose hundreds of millions of devices to hack

New 0-Day Attacks Linked to China’s ‘Volt Typhoon’

The Internet of Things Is Everywhere. Are You Secure?

PRC State Hacking: ‘Chinese Edward Snowden’ Spills I?Soon Secrets in Huge Dump of TTPs

RSAC insights: Introducing ‘CWPP’ and ‘CSPM,’ new frameworks to secure cloud infrastructure

New Mirai variant appears in the threat landscape

New Healthcare Hacks Are Inhibiting Patient Care

Security Affairs newsletter Round 455 by Pierluigi Paganini – INTERNATIONAL EDITION

Cybersecurity Research Topics for Beginners: Exploring the Fundamentals

RSAC insights: Sophos report dissects how improved tools, tactics stop ransomware attack

IOCONTROL cyberweapon used to target infrastructure in the US and Isreael

FBI warns cyber actors abusing protocols as new DDoS attack vectors

Security Affairs newsletter Round 435 by Pierluigi Paganini – International edition

What Is a DMZ Network? Definition, Architecture & Benefits

Russia-linked Cyclops Blink botnet targeting ASUS routers

SHARING INTEL: Here’s why it has become so vital to prioritize the security-proofing of APIs

Microsoft releases open-source tool for checking MikroTik Routers compromise

Security Affairs newsletter Round 265

Black Hat insights: Will Axis Security’s ZTNA solution hasten the sunsetting of VPNs, RDP?

New law will issue bans, fines for using default passwords on smart devices

Critical zero-days discovered in VxWorks RTOS, billions of devices at risk

Building a Ransomware Resilient Architecture

What is a Cyberattack? Types and Defenses

Cisco addresses flaws in its products, including Small Business routers and Webex

Stay Connected