Firmware, Passwords and Security Defenses

2.9 Billion Records Exposed in NPD Breach: How to Stay Safe

eSecurity Planet

AUGUST 20, 2024

Use Strong, Unique Passwords Weak passwords are easy for hackers to guess or crack, especially if they’re common or reused across multiple sites. When creating passwords, use at least 12 characters, combining uppercase and lowercase letters, numbers, and special symbols.

Identity Theft

Identity Theft Data breaches Passwords Encryption

Vulnerability Recap 6/18/24 – Patch Tuesday, Plus More Ivanti Issues

eSecurity Planet

JUNE 18, 2024

This could allow them to make changes within the device’s firmware. The fix: Upgrade your Pixel device to the most recent security update. The problem: Hardware vendor ASUS released a security notice and firmware update for seven of its routers.

Firmware

Firmware Authentication Ransomware Software

Vulnerability Recap 6/24/24 – Patch Highlights Across Platforms

eSecurity Planet

JUNE 24, 2024

Fortra remedied a hard-coded password issue in the FileCatalyst software. Cybersecurity researchers discovered a buffer overflow flaw in Intel Core processor firmware causing Phoenix Technology to release patches. The problem: Security researchers reported a buffer overflow vulnerability ( CVE-2024-0762 , CVSS 7.5)

Firmware

Firmware Passwords Software Risk

How to Prevent Malware: 15 Best Practices for Malware Prevention

eSecurity Planet

OCTOBER 24, 2023

Control Inbound and Outbound Traffic: Configuring firewall rules to manage both incoming and outgoing traffic is an important defense against cyber threats, preventing unauthorized access and malicious software from stealing data. Strengthen Router Security: Enhance your router’s security by changing default login credentials.

Malware

Malware Antivirus Software Passwords

2024 State of Cybersecurity: Reports of More Threats & Prioritization Issues

eSecurity Planet

MAY 2, 2024

Compromised Credentials Compromised identities from phishing, info stealers, keyloggers, and bad password habits provide the entry point for most ransomware attacks and data breaches. 583% increase in Kerberoasting [password hash cracking] attacks. 64% of managers and higher admit to poor password practices.

Cybersecurity

Cybersecurity DDOS Penetration Testing Passwords

Weekly Vulnerability Recap – Sept. 11, 2023 – Android Update Fixes 33 Vulnerabilities

eSecurity Planet

SEPTEMBER 11, 2023

The fix: ASUS released firmware updates to address the vulnerabilities. Users are also urged to carefully inspect the default setups and passwords, especially while installing software. Attackers target certain administrative API functions on these devices using specially crafted input. version of Superset.

VPN

VPN Authentication Firmware Phishing

What Is Industrial Control System (ICS) Cyber Security?

eSecurity Planet

SEPTEMBER 9, 2024

Encryption and secure communication protocols: Protecting data in transit between ICS components. Patch management: Keeping software and firmware up to date to close security gaps. Firmware manipulation is particularly dangerous because it often remains undetected until significant damage occurs.

Firmware

Firmware Encryption Manufacturing Risk

Vulnerability Recap 8/20/24 – Microsoft Has the Spotlight This Week

eSecurity Planet

AUGUST 20, 2024

Third-Party Application Package Installed on Pixel Devices Type of vulnerability: Third-party application package installed on Pixel device firmware, with insufficient security controls. The problem: Mobile security vendor iVerify’s EDR product discovered an unsecured Android device at data analytics firm Palantir Technologies.

Authentication

Authentication Firmware Technology Software

Vulnerability Recap 8/12/24 – Old Vulnerabilities Unexpectedly Emerge

eSecurity Planet

AUGUST 13, 2024

If exploited, the vulnerability would allow a threat actor to execute their own code within the processor’s firmware using System Management Mode (SMM). If your business uses Windows, restrict administrative privileges as much as you can and require password resets as soon as possible. This can happen even when SMM is locked.

Firmware

Firmware Software Wireless Security Defenses

Vulnerability Recap 8/13/24 – Old Vulnerabilities Unexpectedly Emerge

eSecurity Planet

AUGUST 13, 2024

If exploited, the vulnerability would allow a threat actor to execute their own code within the processor’s firmware using System Management Mode (SMM). If your business uses Windows, restrict administrative privileges as much as you can and require password resets as soon as possible. This can happen even when SMM is locked.

Firmware

Firmware Software Wireless Security Defenses

Vulnerability Recap 9/2/24 – Big Companies Upgrade vs Risks

eSecurity Planet

SEPTEMBER 2, 2024

The fix: Upgrade to SonicWall’s firmware updates for Gen 5 (to version 5.9.2.14-13o), The vulnerability stems from a static password used for the HSQL database, which allows remote attackers to acquire administrative privileges. This default credential vulnerability jeopardizes program security, integrity, and availability.

Risk

Risk Firewall Firmware Engineering

How to Perform a Firewall Audit in 11 Steps (+Free Checklist)

eSecurity Planet

FEBRUARY 21, 2024

Check the Firewall Hardware & Operating System After you’ve prepared all the documentation and know everyone’s roles, one of the early steps in a firewall audit process is a hardware and firmware check. Look at the hardware to see whether it fits your company’s standards and security requirements.

Firewall

Firewall Firmware Software Risk

Vulnerability Recap 6/10/24 – RCE Attacks in Major Platforms

eSecurity Planet

JUNE 10, 2024

This lets threat actors change setups and access sensitive personal information of millions of Cox customers, such as MAC addresses and Wi-Fi passwords. They performed a follow-up security review to ensure that the vulnerability had not been exploited previously. The fix: Zyxel issued firmware patches 5.21(AAZF.17)C0

Malware

Malware Authentication Software Telecommunications

Types of Encryption, Methods & Use Cases

eSecurity Planet

DECEMBER 7, 2023

Users can establish a symmetric key to share private messages through a secure channel, like a password manager. Unfortunately, while symmetric encryption is a faster method, it is also less secure because sharing the key exposes it to theft.

Encryption

Encryption Passwords Authentication Password Management

How To Set Up a Firewall in 8 Easy Steps + Best Practices

eSecurity Planet

APRIL 30, 2024

Set Secure Firewall Rules & ACLs To prevent unwanted access and ensure effective traffic management, secure your firewall through updating firmware to resolve vulnerabilities and adopting proper configurations prior to installing firewalls in production. Regular updates are required for firewall maintenance.

Firewall

Firewall Architecture Firmware Risk

Advanced threat predictions for 2025

SecureList

NOVEMBER 25, 2024

One of these botnets was Quad7 , which was installed on compromised routers by the Storm-0940 actor to conduct password spraying. Many IoT devices rely on remote servers for control, but the security practices of the companies managing these servers are often unclear, resulting in new potential attack vectors on their infrastructure.

IoT

IoT Energy and Utilities Phishing Cryptocurrency

VulnRecap 3/4/24 – Ivanti, Ubiquiti, AppLocker Under Attack

eSecurity Planet

MARCH 4, 2024

The fix: To eliminate malware infections, perform a factory reset, upgrade to the latest firmware, change all default usernames and passwords, and adjust firewall rules to block exposure to unwanted remote management services. Email Address By signing up to receive our newsletter, you agree to our Terms of Use and Privacy Policy.

IoT

IoT Internet Internet Ransomware

Cyber Security Informer

2.9 Billion Records Exposed in NPD Breach: How to Stay Safe

Vulnerability Recap 6/18/24 – Patch Tuesday, Plus More Ivanti Issues

Trending Sources

Vulnerability Recap 6/24/24 – Patch Highlights Across Platforms

How to Prevent Malware: 15 Best Practices for Malware Prevention

2024 State of Cybersecurity: Reports of More Threats & Prioritization Issues

Weekly Vulnerability Recap – Sept. 11, 2023 – Android Update Fixes 33 Vulnerabilities

What Is Industrial Control System (ICS) Cyber Security?

Vulnerability Recap 8/20/24 – Microsoft Has the Spotlight This Week

Vulnerability Recap 8/12/24 – Old Vulnerabilities Unexpectedly Emerge

Vulnerability Recap 8/13/24 – Old Vulnerabilities Unexpectedly Emerge

Vulnerability Recap 9/2/24 – Big Companies Upgrade vs Risks

How to Perform a Firewall Audit in 11 Steps (+Free Checklist)

Vulnerability Recap 6/10/24 – RCE Attacks in Major Platforms

Types of Encryption, Methods & Use Cases

How To Set Up a Firewall in 8 Easy Steps + Best Practices

Advanced threat predictions for 2025

VulnRecap 3/4/24 – Ivanti, Ubiquiti, AppLocker Under Attack

Stay Connected