Security Affairs

SEPTEMBER 18, 2024

Researchers warn of a new IoT botnet called Raptor Train that already compromised over 200,000 devices worldwide. Cybersecurity researchers from Lumen’s Black Lotus Labs discovered a new botnet, named Raptor Train, composed of small office/home office (SOHO) and IoT devices.

IoT 137

IoT Wireless DDOS Architecture 137

Security Affairs

JANUARY 5, 2022

Cybersecurity researchers demonstrate how to use electromagnetic field emanations from IoT devices to detect malware. The researchers proposed a novel approach of using side channel information to identify malware targeting IoT systems. SecurityAffairs – hacking, IoT devices). Pierluigi Paganini.

IoT 142

IoT Malware Internet Internet 142

Security Affairs

JANUARY 4, 2025

In September 2024, cybersecurity researchers from Lumens Black Lotus Labs discovered a new botnet, named Raptor Train, composed of small office/home office (SOHO) and IoT devices. According to OFAC, between 2022 and 2023, Flax Typhoon hacked U.S. The experts believe the botnet is controlled by a Chine-linked APT group Flax Typhoon.

Cybersecurity 122

Cybersecurity IoT Hacking Technology 122

Security Affairs

FEBRUARY 8, 2020

Hackers have infected with a piece of malware some IoT devices running Windows 7 designed by three of the world’s largest manufacturers. Security experts from TrapX reported that some IoT devices running Windows 7 have been infected with a piece of malware, is it a supply chain attack? Pierluigi Paganini.

Manufacturing 145

Manufacturing IoT Malware Cryptocurrency 145

Security Affairs

AUGUST 7, 2021

This flaw potentially affects millions of IOT devices manufactured by no less than 17 vendors, including some ISPs. . The ongoing attacks were spotted by researchers from Juniper Threat Labs , experts believe that were conducted by a threat actor that targeted IoT devices in a campaign since February. Pierluigi Paganini.

IoT 145

IoT Firmware Authentication Wireless 145

Security Affairs

AUGUST 17, 2021

FireEye Mandiant researchers have discovered a critical vulnerability in the Kalay cloud platform that exposes millions of IoT devices to attacks. The flaw could be easily exploited by a remote attacker to take over an IoT device, the only info needed for the attack is the Kalay unique identifier (UID) of the targeted user. .

IoT 123

IoT Hacking Social Engineering Firmware 123

Security Affairs

NOVEMBER 11, 2021

Researchers at AT&T discovered a new BotenaGo botnet that is using thirty three exploits to target millions of routers and IoT devices. BotenaGo is a new botnet discovered by researchers at AT&T that leverages thirty three exploits to target millions of routers and IoT devices. Pierluigi Paganini.

IoT 140

IoT Firmware Malware Wireless 140

Security Affairs

DECEMBER 4, 2023

Cybersecurity researchers discovered a new variant of the P2PInfect botnet that targets routers and IoT devices. Researchers at Cado Security Labs discovered a new variant of the P2Pinfect botnet that targets routers, IoT devices, and other embedded devices. ” reads the report published by Cado Security.

IoT 126

IoT Architecture Malware Hacking 126

Security Affairs

AUGUST 28, 2023

Researchers spotted an updated version of the KmsdBot botnet that is now targeting Internet of Things (IoT) devices. The Akamai Security Intelligence Response Team (SIRT) discovered a new version of the KmsdBot botnet that employed an updated Kmsdx binary targeting Internet of Things (IoT) devices.

IoT 98

IoT DDOS Architecture Internet 98

Security Affairs

MAY 3, 2022

A vulnerability in the domain name system (DNS) component of the uClibc library impacts millions of IoT products. Nozomi Networks warns of a vulnerability, tracked as CVE-2022-05-02, in the domain name system (DNS) component of the uClibc library which is used by a large number of IoT products. Pierluigi Paganini.

DNS 125

DNS IoT Hacking Cybersecurity 125

Joseph Steinberg

APRIL 7, 2021

For various reasons, when I wrote those two pieces, I intentionally featured innovators from outside of the information-security sector. Argus Cyber Security . Back in 2015 and 2017, I ran articles in Inc. Pay me this ransom or I will cause your car to crash while you are driving at high speed!”.

Cybersecurity 246

Cybersecurity Small Business IoT Computers and Electronics 246

Security Affairs

JUNE 22, 2023

Since March 2023, researchers at Palo Alto Networks Unit 42 have observed a new variant of the Mirai botnet targeting multiple vulnerabilities in popular IoT devices. “The widespread adoption of IoT devices has become a ubiquitous trend. However, the persistent security concerns surrounding these devices cannot be ignored.

IoT 98

IoT Malware Encryption DDOS 98

Security Affairs

NOVEMBER 2, 2024

The company discovered the zero-day vulnerabilities in IoT live-streaming cameras, used in industrial operations, healthcare, and other sensitive environments. GreyNoise discovered the two flaws while investigating the use of an exploit detected by its LLM-powered threat-hunting tool Sift.

Firmware 121

Firmware Manufacturing IoT Healthcare 121

Security Affairs

FEBRUARY 16, 2023

During the second half of 2022, a variant of the Mirai bot, tracked as V3G4, targeted IoT devices by exploiting tens of flaws. Palo Alto Networks Unit 42 researchers reported that a Mirai variant called V3G4 was attempting to exploit several flaws to infect IoT devices from July to December 2022.

IoT 98

IoT DDOS Encryption Malware 98

Security Affairs

JANUARY 21, 2025

The ShellScript is loaded onto IoT devices such as IP cameras, and network devices, revealing that the Murdoc Botnet specifically targets IoT devices via this mechanism, leveraging C2 servers for new Mirai variant propagation. The Qualys Threat Research Unit discovered over 500 samples containing ELF files and ShellScript files.

IoT 82

IoT Malware Hacking Cybercrime 82

The Last Watchdog

DECEMBER 13, 2020

SASE then provides secure connectivity between the cloud and users, much as with a VPN. It can also deploy web filtering, threat prevention, DNS security, sandboxing, data loss prevention, next-generation firewall policies, information security and credential theft prevention. . Extend security with cloud.

IoT 214

IoT B2C B2B VPN 214

Hot for Security

FEBRUARY 16, 2021

Seismic monitoring equipment is vulnerable to common cybersecurity threats like those faced by IoT devices, a new research paper warns. Non-encrypted data, insecure protocols and poor user authentication mechanisms are among the security issues that leave seismological networks open to breaches, the authors note.

IoT 128

IoT InfoSec Data collection Encryption 128

Krebs on Security

JANUARY 24, 2023

Many of the infected systems were Internet of Things (IoT) devices , including industrial control systems, time clocks, routers, audio/video streaming devices, and smart garage door openers. “Thanks to you, we are now developing in the field of information security and anonymity!,” Kloster’s blog enthused. “We

Cybercrime 280

Cybercrime Advertising IoT Malware 280

Security Affairs

JANUARY 19, 2025

The Planet WGS-804HPT industrial switch is used in building and home automation networks to provide connectivity of Internet of things (IoT) devices, IP surveillance cameras, and wireless LAN network applications. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,IOT)

Firmware 69

Firmware IoT Wireless Surveillance 69

Security Affairs

MARCH 12, 2025

“IoT devices have been constantly targeted by threat actors for multiple reasons” concludes the report. “Proactive identification and management of IoT devices within an organizations network remain essential for mitigating risk and ensuring the resilience of critical infrastructure.”

IoT 72

IoT Malware Encryption DDOS 72

The Last Watchdog

MAY 15, 2023

Funso Richard , Information Security Officer at Ensemble , highlighted the gravity of these threats. This implies an even greater potential for cyberattacks as more devices get connected and the demand for software-powered smart cars increases in an IoT-powered world.

Malware 230

Malware Manufacturing IoT Software 230

Security Affairs

AUGUST 24, 2021

On August 15, firmware security company IoT Inspector published details about the flaws. “On August 16th, three days ago, multiple vulnerabilities in a software SDK distributed as part of Realtek chipsets were disclosed by IoT Inspector Research Lab [1]. ” reported IoT Inspector.

IoT 133

IoT Firmware Internet Internet 133

Security Affairs

DECEMBER 5, 2021

The researchers analyzed the network devices using IoT Inspector’s security platform, which checked for thousands of CVEs and security flaws. “Some of the security issues were detected more than once. Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini. SecurityAffairs – hacking, routers).

Manufacturing 145

Manufacturing IoT Firmware VPN 145

Krebs on Security

AUGUST 27, 2024

” Those third-party reports came in late June 2024 from Michael Horka , senior lead information security engineer at Black Lotus Labs , the security research arm of Lumen Technologies , which operates one of the global Internet’s largest backbones. victims and one non-U.S. ”

Internet 335

Internet Internet Technology Engineering 335

Security Affairs

NOVEMBER 26, 2021

Below is the video PoC of the zero-day exploitation: According to Resecurity, the vulnerability was identified by the cause of abnormal traffic monitoring which consisted of a network of “honeypot” sensors to emulate common IoT devices developed by Resecurity are to hunt for malice on the internet.

IoT 145

IoT Wireless DDOS VPN 145

Security Affairs

DECEMBER 26, 2024

“Using a Mirai malware variant that incorporates ChaCha20 and XOR decryption algorithms, it has been seen compromising vulnerable Internet of Things (IoT) devices in the wild, such as the DigiEver DVR, and TP-Link devices through CVE-2023-1389.” .” reads the analysis published by Akamai.

Manufacturing 88

Manufacturing Malware Firmware IoT 88

The Last Watchdog

DECEMBER 31, 2019

Physical security is the protection of personnel and IT infrastructure (such as hardware, software, and data) from physical actions and events that could cause severe damage to an organization. Related: Good to know about IoT Physical security is often a second thought when it comes to information security.

Cyber Risk 173

Cyber Risk Risk Firewall Surveillance 173

Security Affairs

FEBRUARY 8, 2024

Apart from the electronic toothbrush mess, the Internet of Things (IoT) are privileged targets for many threat actors. Some cases underscore the urgency of securing our smart homes. IoT devices, such as smart fridges, smart meters, or thermostats, are often designed with connectivity in mind, but lack of security.

DDOS 142

DDOS IoT Media Internet 142

Security Affairs

OCTOBER 21, 2021

IoT Devices. IoT devices include wearable devices, coffee makers, sensors, and cameras, all of which connect to the Internet. Many organizations don’t have visibility into all of their IoT devices. Furthermore, it’s common for IoT devices to use default credentials that hackers can easily guess. Conclusion.

IoT 138

IoT Phishing Passwords Scams 138

Security Affairs

JULY 14, 2020

Researchers spotted a new version of the Mirai IoT botnet that includes an exploit for a vulnerability affecting Comtrend routers. Malware researchers at Trend Micro have discovered a new version of the Mirai Internet of Things (IoT) botnet that includes an exploit for the CVE-2020-10173 vulnerability impacting Comtrend routers.

IoT 136

IoT Advertising DDOS Authentication 136

Security Affairs

MARCH 16, 2025

Attacks on Middle Eastern countries Ballista New IoT Botnet Targeting Thousands of TP-Link Archer Routers Captain MassJacker Sparrow: Uncovering the Malwares Buried Treasure Enhancing Malware Fingerprinting through Analysis of Evasive Techniques Hacking Tarlogic detects a hidden feature in the mass-market ESP32 chip that could infect millions of IoT (..)

Spyware 72

Spyware Cybercrime Ransomware IoT 72

Security Affairs

APRIL 24, 2020

The Hoaxcalls IoT botnet expanded the list of targeted devices and has added new distributed denial of service (DDoS) capabilities. SecurityAffairs – Hoaxcalls, IoT botnet). The post Hoaxcalls Botnet expands the target list and adds new DDoS capabilities appeared first on Security Affairs. Pierluigi Paganini.

DDOS 139

DDOS IoT Advertising DNS 139

Security Affairs

MARCH 2, 2025

DragonForce Ransomware Group is Targeting Saudi Arabia Massive Botnet Targets M365 with Stealthy Password Spraying Attacks Notorious Malware, Spam Host Prospero Moves to Kaspersky Lab ACRStealer Infostealer Exploiting Google Docs as C2 #StopRansomware: Ghost (Cring) Ransomware The GitVenom campaign: cryptocurrency theft using GitHub Silent Killers: (..)

Malware 62

Malware Architecture IoT Ransomware 62

Daniel Miessler

MAY 8, 2020

Next come your social media accounts, and then any accounts that control IoT systems in your house. This is where you take your higher-risk systems, like your IoT devices, your entertainment systems, gaming systems, etc., Do you have internet-connected lights, appliances, gaming systems, media systems, etc?

Passwords 255

Passwords DNS Accountability IoT 255

Security Affairs

MARCH 26, 2024

A new variant of TheMoon malware infected thousands of outdated small office and home office (SOHO) routers and IoT devices worldwide. The Black Lotus Labs team at Lumen Technologies uncovered an updated version of “ TheMoon ” bot targeting end-of-life (EoL) small home/small office (SOHO) routers and IoT devices.

IoT 138

IoT Cybercrime Internet Internet 138

CyberSecurity Insiders

AUGUST 13, 2021

CAP information security practitioners champion system security commensurate with organizations’ missions and risk tolerance while meeting legal and regulatory requirements. As the needs in cyber risk management change, so must the credentials that support them.

Risk 126

Risk Artificial Intelligence Cyber Risk IoT 126

Security Affairs

FEBRUARY 6, 2020

“Check Point’s researchers showed how a threat actor could exploit an IoT network (smart lightbulbs and their control bridge) to launch attacks on conventional computer networks in homes, businesses or even smart cities.” ” reads the report published by CheckPoint.”Our

Hacking 141

Hacking IoT Wireless Firmware 141