eSecurity Planet

MAY 2, 2024

Compromised Credentials Compromised identities from phishing, info stealers, keyloggers, and bad password habits provide the entry point for most ransomware attacks and data breaches. 583% increase in Kerberoasting [password hash cracking] attacks. 64% of managers and higher admit to poor password practices.

Cybersecurity 108

Cybersecurity DDOS Penetration Testing Passwords 108

eSecurity Planet

AUGUST 13, 2024

If exploited, the vulnerability would allow a threat actor to execute their own code within the processor’s firmware using System Management Mode (SMM). If your business uses Windows, restrict administrative privileges as much as you can and require password resets as soon as possible. This can happen even when SMM is locked.

Firmware 97

Firmware Software Wireless Security Defenses 97

eSecurity Planet

AUGUST 20, 2024

Third-Party Application Package Installed on Pixel Devices Type of vulnerability: Third-party application package installed on Pixel device firmware, with insufficient security controls. The problem: Mobile security vendor iVerify’s EDR product discovered an unsecured Android device at data analytics firm Palantir Technologies.

Authentication 90

Authentication Firmware Technology Software 90

eSecurity Planet

FEBRUARY 21, 2024

Check the Firewall Hardware & Operating System After you’ve prepared all the documentation and know everyone’s roles, one of the early steps in a firewall audit process is a hardware and firmware check. Look at the hardware to see whether it fits your company’s standards and security requirements.

Firewall 111

Firewall Firmware Software Risk 111

eSecurity Planet

SEPTEMBER 2, 2024

The fix: Upgrade to SonicWall’s firmware updates for Gen 5 (to version 5.9.2.14-13o), The vulnerability stems from a static password used for the HSQL database, which allows remote attackers to acquire administrative privileges. This default credential vulnerability jeopardizes program security, integrity, and availability.

Risk 58

Risk Firewall Firmware Engineering 58

eSecurity Planet

DECEMBER 7, 2023

Users can establish a symmetric key to share private messages through a secure channel, like a password manager. Unfortunately, while symmetric encryption is a faster method, it is also less secure because sharing the key exposes it to theft.

Encryption 108

Encryption Authentication Passwords Password Management 108

eSecurity Planet

APRIL 30, 2024

Set Secure Firewall Rules & ACLs To prevent unwanted access and ensure effective traffic management, secure your firewall through updating firmware to resolve vulnerabilities and adopting proper configurations prior to installing firewalls in production. Regular updates are required for firewall maintenance.

Firewall 63

Firewall Architecture Firmware Risk 63

eSecurity Planet

JUNE 10, 2024

This lets threat actors change setups and access sensitive personal information of millions of Cox customers, such as MAC addresses and Wi-Fi passwords. They performed a follow-up security review to ensure that the vulnerability had not been exploited previously. The fix: Zyxel issued firmware patches 5.21(AAZF.17)C0

Malware 65

Malware Authentication Software Telecommunications 65

SecureList

NOVEMBER 25, 2024

One of these botnets was Quad7 , which was installed on compromised routers by the Storm-0940 actor to conduct password spraying. Many IoT devices rely on remote servers for control, but the security practices of the companies managing these servers are often unclear, resulting in new potential attack vectors on their infrastructure.

IoT 115

IoT Energy and Utilities Phishing Cryptocurrency 115

eSecurity Planet

MARCH 4, 2024

The fix: To eliminate malware infections, perform a factory reset, upgrade to the latest firmware, change all default usernames and passwords, and adjust firewall rules to block exposure to unwanted remote management services. Email Address By signing up to receive our newsletter, you agree to our Terms of Use and Privacy Policy.

IoT 115

IoT Internet Internet Ransomware 115