Firmware, Passwords and VPN - Cyber Security Informer

Hacker leaks passwords for 900+ Pulse Secure VPN enterprise servers

Security Affairs

AUGUST 5, 2020

ZDNet reported in exclusive that a list of passwords for 900+ enterprise VPN servers has been shared on a Russian-speaking hacker forum. According to Bank Security , all the Pulse Secure VPN servers included in the list were vulnerable to the CVE-2019-11510 flaw. SecurityAffairs – hacking, Pulse VPN).

VPN

VPN Passwords Banking Advertising

Expert found a secret backdoor in Zyxel firewall and VPN

Security Affairs

JANUARY 1, 2021

Zyxel addressed a critical flaw in its firmware, tracked as CVE-2020-29583 , related to the presence of a hardcoded undocumented secret account. The Taiwanese vendor Zyxel has addressed a critical vulnerability in its firmware related to the presence of a hardcoded undocumented secret account. “Firmware version 4.60

Firewall

Firewall VPN Firmware Passwords

Industrial Remote Access Tool Ewon Cosy+ Vulnerable to Root Access Attacks

The Hacker News

AUGUST 11, 2024

The elevated access could then be weaponized to decrypt encrypted firmware files and encrypted data such as passwords in configuration files, and even get correctly signed X.509 509 VPN certificates for foreign

Firmware

Firmware VPN Encryption Passwords

Zyxel firewalls targeted in recent ransomware attacks

Security Affairs

NOVEMBER 25, 2024

“A command injection vulnerability in the IPSec VPN feature of some firewall versions could allow an unauthenticated attacker to execute some OS commands on an affected device by sending a crafted username to the vulnerable device.” ” The vendor addressed these vulnerabilities with the release of firmware version 5.39

Firewall

Firewall Ransomware VPN Firmware

UDP Technology IP Camera firmware vulnerabilities allow for attacker to achieve root

Malwarebytes

JULY 28, 2021

Researchers at RandoriSec have found serious vulnerabilities in the firmware provided by UDP Technology to Geutebrück and many other IP camera vendors. According to the researchers the firmware supplier UDP Technology fails to respond to their reports despite numerous mails and LinkedIn messages. History lessons. Mitigation.

Firmware

Firmware Technology Authentication IoT

ASUS addressed critical flaws in some router models

Security Affairs

JUNE 19, 2023

ASUS addressed critical vulnerabilities in multiple router models, urging customers to immediately install firmware updates. ASUS is warning customers to update some router models to the latest firmware to address critical vulnerabilities. “Update your router to the latest firmware. ” ASUS added.

Firmware

Firmware VPN Wireless Passwords

SonicWall warns of ‘imminent ransomware’ attacks on its EOL products

Security Affairs

JULY 15, 2021

x firmware in an imminent ransomware campaign using stolen credentials.” “The exploitation targets a known vulnerability that has been patched in newer versions of firmware.” The network equipment vendor is now urging customers to update the firmware of their devices as soon as possible. “If 34 or 9.0.0.10

Firmware

Firmware Ransomware Passwords Mobile

Recently disclosed CVE-2020-29583 Zyxel flaw already under opportunistic attack

Security Affairs

JANUARY 6, 2021

The Taiwanese vendor Zyxel has recently addressed a critical vulnerability in its firmware, tracked as CVE-2020-29583 , related to the presence of a hardcoded undocumented secret account. Firmware version 4.60 of Zyxel USG devices contains an undocumented account (zyfwp) with an unchangeable password. Firmware version 4.60

Firmware

Firmware Passwords Accountability VPN

Hundreds of vulnerabilities in common Wi-Fi routers affect millions of users

Security Affairs

DECEMBER 5, 2021

The most common issues discovered by the experts were outdated Linux kernel in the firmware, outdated multimedia and VPN functions, presence of hardcoded credentials, the use of insecure communication protocols and weak default passwords. “Some of the security issues were detected more than once.

Manufacturing

Manufacturing IoT Firmware VPN

Weekly Vulnerability Recap – Sept. 11, 2023 – Android Update Fixes 33 Vulnerabilities

eSecurity Planet

SEPTEMBER 11, 2023

Network security is another big theme this week: Whether it’s a VPN connection or an enterprise-grade networking platform, patch management solutions typically won’t update network devices, so admins may need to keep an eye on any flaws there too. of the Atlas VPN Linux client. via port 8076. version of Superset.

VPN

VPN Authentication Firmware Phishing

Experts found backdoors in a popular Auerswald VoIP appliance

Security Affairs

DECEMBER 27, 2021

The researchers performed reverse engineering of the firmware image for the COMpact 5500, version 7.8A The experts started investigating the password reset functionality that requests access to the web interface. “Equipped with this password we then could authenticate successfully. “Firmware Update 8.2B

Firmware

Firmware Manufacturing Passwords Penetration Testing

Who and What is Behind the Malware Proxy Service SocksEscort?

Krebs on Security

JULY 25, 2023

Researchers this month uncovered a two-year-old Linux-based remote access trojan dubbed AVrecon that enslaves Internet routers into botnet that bilks online advertisers and performs password-spraying attacks. co and a VPN provider called HideIPVPN[.]com. WHO’S BEHIND SOCKSESCORT? SocksEscort began in 2009 as “ super-socks[.]com

Malware

Malware VPN Internet Internet

SonicWall warns users of “imminent ransomware campaign”

Malwarebytes

JULY 15, 2021

The exploitation targets a known vulnerability that has been patched in newer versions of SonicWall firmware. x versions of the firmware. x firmware. x firmware versions. The notice mentions the following products along with recommended actions: SRA 4600/1600 (EOL 2019) disconnect immediately and reset passwords.

Ransomware

Ransomware Firmware VPN Passwords

Patch now! Insecure Hikvision security cameras can be taken over remotely

Malwarebytes

SEPTEMBER 22, 2021

In a detailed post on Github , security researcher Watchful_IP describes how he found that the majority of the recent camera product ranges of Hikvision cameras are susceptible to a critical, unauthenticated, remote code execution (RCE) vulnerability, even with the latest firmware. Hangzhou Hikvision Digital Technology Co.,

Firmware

Firmware Surveillance Marketing VPN

NSA, CISA Release Guidance for Choosing and Hardening VPNs

eSecurity Planet

OCTOBER 1, 2021

The National Security Agency (NSA) and the Cybersecurity and Infrastructure Security Agency (CISA) have released guidance and best practices for securing virtual private network (VPN) solutions. What might be most striking about the document is how many security steps and solutions it takes to properly secure VPN connections.

VPN

VPN Authentication Passwords Software

Proroute H685 4G router vulnerabilities

Pen Test Partners

SEPTEMBER 18, 2024

AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Product: H685t-w Vulnerable Firmware Version: 3.2.334 Links: CVE-2024-45682 icsa-24-261-02 Proroute changelogs Description Two authenticated command injection vulnerabilities have been identified in the H685t-w-P2 Compact 4G router running firmware version 3.2.334. High) CVSS: 3.1/ Host: 192.168.8.1

Firmware

Firmware VPN Mobile Passwords

Thousands of Hikvision video cameras remain unpatched and vulnerable to takeover

Malwarebytes

AUGUST 23, 2022

No username or password is needed, nor are any actions needed from the camera owner, and the attack is not detectable by any logging on the camera itself. The flaw is tracked as CVE-2021-36260 and was addressed by Hikvision via a firmware update in September 2021. The critical bug received a 9.8

Firmware

Firmware Internet Internet VPN

Daixin Team targets health organizations with ransomware, US agencies warn

Security Affairs

OCTOBER 22, 2022

The Daixin Team group gains initial access to victims through virtual private network (VPN) servers. In one successful attack, the attackers likely exploited an unpatched vulnerability in the organization’s VPN server. In another compromise, the group leveraged on compromised credentials to access a legacy VPN server.

Ransomware

Ransomware VPN Cybercrime Accountability

FBI warns of ransomware attacks targeting the food and agriculture sector

Security Affairs

SEPTEMBER 3, 2021

The FBI provided the following mitigations to protect against ransomware attacks: Regularly back up data, air gap, and password protect backup copies offline. Install updates/patch operating systems, software, and firmware as soon as they are released. Avoid reusing passwords for multiple accounts.

Ransomware

Ransomware Passwords Backups Firmware

Spyware in the IoT – the Biggest Privacy Threat This Year

SiteLock

AUGUST 27, 2021

Cybercriminals were able to exploit the default password on thousands of these innocuous devices to carry out this nefarious attack. When not secured properly on their own Wi-Fi channel, IoT devices can be more than an inconvenience, they can be seen as a critical security risk due to the poor security protocols like fixed default passwords.

IoT

IoT Spyware VPN Passwords

BlackCat Ransomware gang breached over 60 orgs worldwide

Security Affairs

APRIL 25, 2022

Regularly back up data, air gap, and password-protect backup copies offline. Install updates/patch operating systems, software, and firmware as soon as updates/patches are released. Regularly change passwords to network systems and accounts, and avoid reusing passwords for different accounts.

Ransomware

Ransomware Antivirus Passwords Malware

ITHC (IT Health Check) and PSN compliance: an overview and considerations

IT Security Guru

JUNE 22, 2021

Check that your OS, applications and firmware are updated with appropriate patches. Any systems you have in place to allow staff to connect into your organisation remotely, including VPN. Passwords – your first line of defence. Authentication and access control, these include: Ensuring all passwords are changed from defaults.

Passwords

Passwords Authentication Wireless Government

Defending Against Misconfigured MFA & PrintNightmare Vulnerabilities

eSecurity Planet

MARCH 21, 2022

Hackers gained initial access by brute-forcing an existing account via “a simple, predictable password” to enroll a new device in the MFA procedures, the agencies said. They then authenticated to the victim’s VPN to initiate a remote desktop protocol (RDP) connection to the domain controllers. Security Best Practices.

VPN

VPN Accountability Authentication Passwords

Unauthenticated RCE can allow hacking DrayTek Vigor routers without user interaction

Security Affairs

AUGUST 4, 2022

All the affected models have a patched firmware available for download on the vendor’s website.” An attacker can trigger the flaw by supplying carefully crafted username and/or password as base64 encoded strings inside the fields aa and ab of the login page.

Hacking

Hacking Internet Internet Passwords

New Checkmate ransomware target QNAP NAS devices

Security Affairs

JULY 8, 2022

The Taiwanese vendor QNAP is warning of a new family of ransomware targeting its NAS devices using weak passwords. Threat actors are targeting devices exposed online with the SMB service enabled, they perform brute-force attacks against accounts using weak passwords. Go to Control Panel > System > Firmware Update.

Ransomware

Ransomware Encryption Passwords Internet

Remotely Accessing Secure Kali Pi

Kali Linux

NOVEMBER 27, 2022

To enable wireless support, we need to find: The kernel Wi-Fi modules that need to be in the initramfs (Depends on hardware) The Wi-Fi firmware files that need to be in the initramfs (Depends on hardware) The Wireless interface name (Kali defaults to: wlan0 ) Additional packages to increase functionally. bin firmware: brcm/brcmfmac*-sdio.*.txt

Firmware

Firmware Wireless Passwords VPN

Some Zyxel devices can be hacked via DNS requests

Security Affairs

SEPTEMBER 4, 2019

The first issue is an information disclosure flaw via unauthenticated external DNS requests that affect Zyxel devices from the USG, UAG, ATP, VPN and NXC series. An attacker could use these credentials to log on to the APs FTP server and steal the configuration file that includes SSIDs and passwords. “An ” reads the advisory.

DNS

DNS Hacking Firmware Wireless

A new Zerobot variant spreads by exploiting Apache flaws

Security Affairs

DECEMBER 22, 2022

Experts observed the bot attempting to gain access to the device by using a combination of eight common usernames and 130 passwords for IoT devices over SSH and telnet on ports 23 and 2323. Ensure secure configurations for devices: Change the default password to a strong one, and block SSH from external access.

IoT

IoT DDOS Malware Firmware

Beyond the Office: Securing Home Devices and Networks Against Corporate Breaches

SecureWorld News

OCTOBER 8, 2023

Even harmless details, such as pet names or birthplaces, can be used by hackers to reset passwords. Use the administrator account only for maintenance, software installation, or firmware updates. Opt for strong, hard-to-crack passwords. Consider using dedicated password manager apps.

Firmware

Firmware IoT Accountability Passwords

Vulnerabilities Detected in These 9 Routers for SMBs

SecureWorld News

DECEMBER 8, 2021

Since the integration of a new kernel into the firmware is costly, no manufacturer was up to date here. Additional services that the devices offer besides routing – such as multimedia functions or VPN – tend to be outdated as well. IoT Inspector says that "without exception" all responded with prepared firmware patches.

Manufacturing

Manufacturing IoT Firmware Small Business

Cisco fixes flaws RV320 and RV325 routers targeted in attacks

Security Affairs

APRIL 4, 2019

Firmware updates that address this vulnerability are not currently available. Chaining the two flaws it is possible to take over the Cisco RV320 and RV325 routers, the hackers exploit the bugs to obtain hashed passwords for a privileged account and run arbitrary commands as root. through 1.4.2.20.

Small Business

Small Business Firmware Advertising VPN

Internet safety tips for kids and teens: A comprehensive guide for the modern parent

Malwarebytes

SEPTEMBER 21, 2021

Show them these tips: Never use the same password twice. And if your child uses the same password across multiple accounts, when one gets breached they are all vulnerable. And if your child uses the same password across multiple accounts, when one gets breached they are all vulnerable. This is where a password manager comes in.

Internet

Internet Internet Passwords Password Management

Russia-linked threats actors exploited default MFA protocol and PrintNightmare bug to compromise NGO cloud

Security Affairs

MARCH 16, 2022

In order to compromise the target network, the attackers conducted a brute-force password guessing attack against an un-enrolled and inactive account. Update software, including operating systems, applications, and firmware on IT network assets in a timely manner. Require all accounts with password logins (e.g.,

Accountability

Accountability Passwords Authentication Firmware

FBI published a flash alert on Mamba Ransomware attacks

Security Affairs

MARCH 26, 2021

According to the alert, when one of the DiskCryptor files are detected, in order to attempt to recover the files without paying the ransom, it is possible to determine if the myConf.txt is still accessible and then recover the password. Install updates/patch operating systems, software, and firmware as soon as they are released. •

Ransomware

Ransomware Encryption Passwords Malware

FBI warns of increase in PYSA ransomware attacks targeting education

Malwarebytes

MARCH 17, 2021

To prevent attacks: Install security updates for operating systems, software, and firmware as soon as they are released. Avoid reusing passwords for different accounts and implement the shortest acceptable timeframe for password changes. Consider installing and using a VPN. Disable hyperlinks in received emails.

Education

Education Ransomware Phishing Passwords

What does WiFi stand for?

Malwarebytes

MAY 13, 2021

If you have to use public WiFi hotspots, it’s wise to also use a VPN to keep your activity private while you use that connection. A VPN wraps your network traffic (including web browsing, email, and other things) in a protective tunnel and makes up for any weaknesses in their encryption. Always change default passwords.

Wireless

Wireless VPN Internet Internet

FBI and CISA are warning of APT actors targeting Fortinet FortiOS servers

Security Affairs

APRIL 2, 2021

Regularly back up data, air gap, and password protect backup copies offline. Install updates/patch operating systems, software, and firmware as soon as updates/patches are released. • Regularly change passwords to network systems and accounts, and avoid reusing passwords for different accounts. .

Government

Government Passwords Firmware Accountability

FBI warns of ransomware threat to food and agriculture

Malwarebytes

SEPTEMBER 3, 2021

The FBI notice includes the following recommendations: Regularly back up data, air gap, and password protect backup copies offline. Install updates/patch operating systems, software, and firmware as soon as they are released. Avoid reusing passwords for multiple accounts. Consider installing and using a VPN.

Ransomware

Ransomware Manufacturing Passwords Internet

5 Signs a Cyberattack Is Under Way and 5 Things You Need to Do Before It Happens

Adam Levin

FEBRUARY 10, 2020

Never buy a device that doesn’t allow you to set a long and strong password. When your phone or computer alerts you to an available software or firmware update, pay attention and do what you’re asked to do immediately (as opposed to clicking “Remind me later”) because many of these patches are security-related.

Passwords

Passwords Phishing Password Management Accountability

IT threat evolution Q1 2024

SecureList

JUNE 3, 2024

The attackers were able to bypass this hardware-based security protection using another hardware feature of Apple-designed SoCs (System on a Chip): they did this by writing the data, destination address and data hash to unknown hardware registers of the chip that are not used by the firmware.

Banking

Banking Malware Computers and Electronics Mobile

Nastiest Malware 2024

Webroot

OCTOBER 31, 2024

Throughout 2024, RedLine demonstrated its effectiveness by stealing over 170 million passwords in just a six-month period, highlighting its massive impact. The malware’s capabilities expanded to include stealing not only passwords but also credit card details, cryptocurrency wallets, and browser data.

Malware

Malware Ransomware Passwords Healthcare

10 Network Security Threats Everyone Should Know

eSecurity Planet

MARCH 16, 2023

Even failing to change a router’s default passwords is a misconfiguration, and a mistake like that allows a hacker to more easily access the router’s controls and change network settings. Examples of human error include: Posting written router passwords or sending them over email or Slack.

Network Security

Network Security Firewall Internet Internet

Overview of IoT threats in 2023

SecureList

SEPTEMBER 21, 2023

Attack vectors There are two main IoT infection routes: brute-forcing weak passwords and exploiting vulnerabilities in network services. A successful password cracking enables hackers to execute arbitrary commands on a device and inject malware. Unfortunately, users tend to leave these passwords unchanged.

IoT

IoT DDOS Passwords Malware

OpenSSH trojan campaign targets Linux systems and IoT devices

Malwarebytes

JUNE 26, 2023

The operating system giant has some specific advice for those who may be worried about this attack impacting their business: Harden internet-facing devices against attacks Ensure secure configurations for devices: Change the default password to a strong one, and block SSH from external access.

IoT

IoT Adware Firmware Internet

Hacker leaks passwords for 900+ Pulse Secure VPN enterprise servers

Expert found a secret backdoor in Zyxel firewall and VPN

Trending Sources

Industrial Remote Access Tool Ewon Cosy+ Vulnerable to Root Access Attacks

Zyxel firewalls targeted in recent ransomware attacks

UDP Technology IP Camera firmware vulnerabilities allow for attacker to achieve root

ASUS addressed critical flaws in some router models

SonicWall warns of ‘imminent ransomware’ attacks on its EOL products

Recently disclosed CVE-2020-29583 Zyxel flaw already under opportunistic attack

Hundreds of vulnerabilities in common Wi-Fi routers affect millions of users

Weekly Vulnerability Recap – Sept. 11, 2023 – Android Update Fixes 33 Vulnerabilities

Experts found backdoors in a popular Auerswald VoIP appliance

Who and What is Behind the Malware Proxy Service SocksEscort?

SonicWall warns users of “imminent ransomware campaign”

Patch now! Insecure Hikvision security cameras can be taken over remotely

NSA, CISA Release Guidance for Choosing and Hardening VPNs

Proroute H685 4G router vulnerabilities

Thousands of Hikvision video cameras remain unpatched and vulnerable to takeover

Daixin Team targets health organizations with ransomware, US agencies warn

FBI warns of ransomware attacks targeting the food and agriculture sector

Spyware in the IoT – the Biggest Privacy Threat This Year

BlackCat Ransomware gang breached over 60 orgs worldwide

ITHC (IT Health Check) and PSN compliance: an overview and considerations

Defending Against Misconfigured MFA & PrintNightmare Vulnerabilities

Unauthenticated RCE can allow hacking DrayTek Vigor routers without user interaction

New Checkmate ransomware target QNAP NAS devices

Remotely Accessing Secure Kali Pi

Some Zyxel devices can be hacked via DNS requests

A new Zerobot variant spreads by exploiting Apache flaws

Beyond the Office: Securing Home Devices and Networks Against Corporate Breaches

Vulnerabilities Detected in These 9 Routers for SMBs

Cisco fixes flaws RV320 and RV325 routers targeted in attacks

Internet safety tips for kids and teens: A comprehensive guide for the modern parent

Russia-linked threats actors exploited default MFA protocol and PrintNightmare bug to compromise NGO cloud

FBI published a flash alert on Mamba Ransomware attacks

FBI warns of increase in PYSA ransomware attacks targeting education

What does WiFi stand for?

FBI and CISA are warning of APT actors targeting Fortinet FortiOS servers

FBI warns of ransomware threat to food and agriculture

5 Signs a Cyberattack Is Under Way and 5 Things You Need to Do Before It Happens

IT threat evolution Q1 2024

Nastiest Malware 2024

10 Network Security Threats Everyone Should Know

Overview of IoT threats in 2023

OpenSSH trojan campaign targets Linux systems and IoT devices

Stay Connected