Blog, Firmware, Information Security and Internet

China-linked APT Mustang Panda targets TP-Link routers with a custom firmware implant

Security Affairs

MAY 16, 2023

China-linked APT group Mustang Panda employed a custom firmware implant targeting TP-Link routers in targeted attacks since January 2023. In most recent attacks observed by Check Point, the threat actors employed custom firmware implant designed explicitly for TP-Link routers. ” reads the report published by Check point.

Firmware

Firmware Encryption Government Malware

QNAP urges users to update NAS firmware and app to prevent infections

Security Affairs

SEPTEMBER 29, 2020

While the AgeLocker ransomware continues to target QNAP NAS systems, the Taiwanese vendor urges customers to update the firmware and apps. Taiwanese vendor QNAP is urging its customers to update the firmware and apps installed on their network-attached storage (NAS) devices to prevent AgeLocker ransomware infections.

Firmware

Firmware Ransomware Encryption Advertising

QNAP firmware updates fix Apache HTTP vulnerabilities in its NAS

Security Affairs

APRIL 22, 2022

Taiwanese vendor QNAP warns users to update their NAS Firmware to fix Apache HTTP flaws addressed in the Apache HTTP server last month. Taiwanese vendor QNAP warns users to update their NAS Firmware to address Apache HTTP vulnerabilities, tracked as CVE-2022-22721 and CVE-2022-23943 , addressed in the Apache HTTP server in March.

Firmware

Firmware Hacking Cybersecurity Internet

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

A new wave of DeadBolt Ransomware attacks hit QNAP NAS devices ?

Security Affairs

MARCH 22, 2022

Internet search engine Censys reported a new wave of DeadBolt ransomware attacks targeting QNAP NAS devices. Internet search engine Censys reported that QNAP devices were targeted in a new wave of DeadBolt ransomware attacks. In a blog post published on Monday, Censys said there had been 1,146 hacked devices on March 19.

Ransomware

Ransomware Firmware Internet Internet

3.5m IP cameras exposed, with US in the lead

Security Affairs

DECEMBER 14, 2022

The number of internet-facing cameras in the world is growing exponentially. Businesses and homeowners increasingly rely on internet protocol (IP) cameras for surveillance. New research by Cybernews shows an exponential rise in the uptake of internet-facing cameras. Surge in internet-facing cameras.

Surveillance

Surveillance Manufacturing Passwords Internet

Experts share details of five flaws that can be chained to hack Netgear RAX30 Routers

Security Affairs

MAY 11, 2023

” reads the advisory published by the security firm. “Successful exploits could allow attackers to monitor users’ internet activity, highjack internet connections and redirect traffic to malicious websites or inject malware into network traffic. ” reads the advisory published by NETGEAR.

Hacking

Hacking Firmware Authentication DNS

Expert found Backdoor credentials in ZyXEL LTE3301 M209

Security Affairs

DECEMBER 24, 2022

“The firmware is basically a merge of 3 sections, the LZMA section is the kernel, at 0x148CD6 the root-fs and at 0x90BD36 the www content.” Owners of impacted devices have to upgrade them with the latest firmware release as soon as possible. They ask to keep the information confidential until the patch has been released.

Firmware

Firmware Passwords Hacking Cybersecurity

QNAP warns of a new wave of DeadBolt ransomware attacks against its NAS devices

Security Affairs

MAY 20, 2022

Taiwanese vendor QNAP is asking users to install the latest update on their NAS devices and avoid exposing them on the Internet. “QNAP urges all NAS users to check and update QTS to the latest version as soon as possible, and avoid exposing their NAS to the Internet.” and QTS 4.4.1. “QNAP® Systems, Inc.

Ransomware

Ransomware Internet Internet Firmware

Zyxel fixed firewall unauthenticated remote command injection issue

Security Affairs

MAY 13, 2022

Below is the list of vulnerable products and related patches: Affected model Affected firmware version Patch availability USG FLEX 100(W), 200, 500, 700 ZLD V5.00 According to Rapid 7, there are more than 15,000 internet-facing vulnerable systems tracked by the Shodan search engine. If possible, enable automatic firmware updates.

Firewall

Firewall Firmware VPN Wireless

Experts explained how to hack a building controller widely adopted in Russia

Security Affairs

MARCH 24, 2022

Querying the Shodan search engine , Bertin discovered more than 117 devices connected to the internet located in Russia that are running with default credentials. The expert explained that anyone can access the Internet-facing systems and perform changes and actions as “admin” only. ” wrote the expert.

Hacking

Hacking Firmware Internet Internet

CISA adds CVE-2022-30525 flaw in Zyxel Firewalls to its Known Exploited Vulnerabilities Catalog

Security Affairs

MAY 17, 2022

Below is the list of vulnerable products and related patches: AFFECTED MODEL AFFECTED FIRMWARE VERSION PATCH AVAILABILITY USG FLEX 100(W), 200, 500, 700 ZLD V5.00 According to Rapid 7, there are more than 15,000 internet-facing vulnerable systems tracked by the Shodan search engine. If possible, enable automatic firmware updates.

Firewall

Firewall VPN Firmware Internet

Kali Linux 2024.1 Release (Micro Mirror)

Kali Linux

FEBRUARY 27, 2024

As it turns out, Kenneth operates a network of mirrors, which was officially announced back in May 2023 on his blog: Building the Micro Mirror Free Software CDN. For anyone interested in Internet infrastructure, we encourage you to read it, that’s a well-written blog post right there, waiting for you.

Software

Software Firmware VPN Internet

Expert found Backdoor credentials in ZyXEL LTE3301 M209

Security Affairs

DECEMBER 24, 2022

“The firmware is basically a merge of 3 sections, the LZMA section is the kernel, at 0x148CD6 the root-fs and at 0x90BD36 the www content.” Owners of impacted devices have to upgrade them with the latest firmware release as soon as possible. They ask to keep the information confidential until the patch has been released.

Firmware

Firmware Passwords Hacking Cybersecurity

Synology and QNAP warn of critical Netatalk flaws in some of their products

Security Affairs

MAY 1, 2022

Critical Ongoing VS Firmware 2.3 Synology products affected by the flaw are: Product Severity Fixed Release Availability DSM 7.1 Critical Upgrade to 7.1-42661-1 42661-1 or above. Critical Ongoing DSM 6.2 Critical Ongoing SRM 1.2 Critical Ongoing. To nominate, please visit:? Follow me on Twitter: @securityaffairs and Facebook.

Firmware

Firmware Hacking Cybersecurity Internet

Tens of thousands of QNAP SOHO NAS devices affected by unpatched RCEs

Security Affairs

APRIL 2, 2021

Security researchers at SAM Seamless Network discovered a couple of critical unpatched flawsin QNAP small office/home office (SOHO) network-attached storage (NAS) devices that could allow remote attackers to execute arbitrary code on vulnerable devices. March 31, 2021 – Initial blog post published. Pierluigi Paganini.

Firmware

Firmware Internet Internet Authentication

Google TAG shares details about exploit chains used to install commercial spyware

Security Affairs

MARCH 29, 2023

This was recently highlighted by blog posts from Project Zero and Github Security Lab.” ” The second campaign was spotted in December 2022 when the researchers discovered an exploit chain targeting the latest version of the Samsung Internet Browser using multiple zero-days and n-days. ” concludes the report.

Spyware

Spyware Surveillance Firmware Internet

US dismantled the Russia-linked Cyclops Blink botnet

Security Affairs

APRIL 6, 2022

. “The Justice Department today announced a court-authorized operation, conducted in March 2022, to disrupt a two-tiered global botnet of thousands of infected network hardware devices under the control of a threat actor known to security researchers as Sandworm, which the U.S. ” reads the press release published by DoJ.

Malware

Malware Government Firmware Firewall

Cyber Security Roundup for June 2021

Security Boulevard

JUNE 1, 2021

roundup of UK focused Cyber and Information Security News, Blog Posts, Reports and general Threat Intelligence from the previous calendar month, May 2021. The UK National Cyber Security Centre (NCSC) published its Smart Cities (connected places) guidance for UK local authorities. Is your Home Router a Security Risk?

Ransomware

Ransomware Passwords Scams Cyber Attacks

US gov agencies e private firms warn nation-state actors are targeting ICS & SCADA devices

Security Affairs

APRIL 14, 2022

Maintain known-good offline backups for faster recovery upon a disruptive attack, and conduct hashing and integrity checks on firmware and controller configuration files to ensure validity of those backups. Enforce multifactor authentication for all remote access to ICS networks and devices whenever possible. To nominate, please visit:?

Passwords

Passwords Architecture Backups Cyber Attacks

Security Affairs newsletter Round 419 by Pierluigi Paganini – International edition

Security Affairs

MAY 14, 2023

Please vote for Security Affairs ( [link] ) as the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS Vote for me in the sections where is reported Securityaffairs or my name Pierluigi Paganini Please nominate Security Affairs as your favorite blog.

Data breaches

Data breaches DDOS Artificial Intelligence Ransomware

Cyber Security Roundup for March 2021

Security Boulevard

FEBRUARY 28, 2021

roundup of UK focused Cyber and Information Security News, Blog Posts, Reports and general Threat Intelligence from the previous calendar month, February 2021. I wrote a blog post about my concerns given Linux is embedded everywhere, yet many of these systems are rarely, and even never updated with security updates.

Energy and Utilities

Energy and Utilities Ransomware DDOS Accountability

Topic-specific policy 7/11: backup

Notice Bored

OCTOBER 19, 2021

before returning to read the remainder of this blog. If not, hopefully this blog series has given you food for thought! Software, data, metadata and configuration items tucked away in RAM, in firmware, on computer chips and tapes and floppy disks and DVDs. Think about it. Does it address those three questions? What is its scope?

Backups

Backups Risk Internet Internet

For nearly a year, Brazilian users have been targeted with router attacks

Security Affairs

JULY 13, 2019

” reads a blog post published by Avast. “The password “gvt12345”, for example, suggests that hackers target users with routers from the former Brazilian internet service provider (ISP) GVT, which was acquired by Teleônica Brasil, and is the largest telecommunications company in the country.” concludes Avast.

DNS

DNS Passwords Advertising Banking

CryptoAgility to take advantage of Quantum Computing

Thales Cloud Protection & Licensing

MAY 4, 2021

The same goes with the advent of Quantum Computing , which is supposed to bring exponential computing power that shall not only bring endless benefits but also raises question marks on the current state of cryptography that is the bedrock of all information security as we know today. Data security. Internet Of Things.

Computers and Electronics

Computers and Electronics Banking IoT Risk

Security experts disclosed Wyze data leak

Security Affairs

DECEMBER 29, 2019

According to Twelve Security , the exposed data includes: User name and email of those who purchased cameras and then connected them to their home 24% of the 2.4 Experts from Twelve Security claimed they found API tokens that would have allowed hackers to access Wyze user accounts from any iOS or Android device. ” continues Song.

IoT

IoT Accountability Advertising Wireless

GUEST ESSAY: The story behind how DataTribe is helping to seed ‘Cybersecurity Valley’ in Maryland

The Last Watchdog

JUNE 4, 2019

Maryland was one of the very first states to recognize the importance of information security, not only as a critical issue for the nation, but also as a strategic industry for the state,” said Governor Larry Hogan. Also disrupting new technology categories are BlueRidge AI and Refirm Labs.

Cybersecurity

Cybersecurity Computers and Electronics Technology Marketing

McAfee Enterprise ATR Uncovers Vulnerabilities in Globally Used B. Braun Infusion Pump

McAfee

AUGUST 24, 2021

For a brief overview please see our summary blog here. What Security Research has Already Been Performed? Due to the potential critical impact and the state of medical device security, many previous projects didn’t need to dig very deep to find security issues or concerns. Could this attack take place over the internet?

Computers and Electronics

Computers and Electronics Authentication Software Risk

The Hacker Mind Podcast: Reverse Engineering Smart Meters

ForAllSecure

MAY 13, 2022

Everybody's got their own little blog where they post stuff. I kind of felt like it was giving back a bit to the community that I had kind of taken a lot from like when I was growing up by being IRC channels, and I had found the internet, all this information that was available. I noticed it seems like it's very fragmented.

Engineering

Engineering Energy and Utilities Computers and Electronics Firmware

The Hacker Mind Podcast: The Right To Repair

ForAllSecure

FEBRUARY 10, 2021

As Stuart Brand said back in 1984 “information wants to be free.” ” So should analyzing a device’s firmware for security flaws be considered illegal? Roberts: We've got some great so secure repairs I founded in 2019. Or should our right to repair our own devices extend into the digital world?

InfoSec

InfoSec Manufacturing Technology Software

The Hacker Mind Podcast: The Right To Repair

ForAllSecure

FEBRUARY 10, 2021

As Stuart Brand said back in 1984 “information wants to be free.” ” So should analyzing a device’s firmware for security flaws be considered illegal? Roberts: We've got some great so secure repairs I founded in 2019. Or should our right to repair our own devices extend into the digital world?

InfoSec

InfoSec Manufacturing Technology Software

Cyber Security Informer

China-linked APT Mustang Panda targets TP-Link routers with a custom firmware implant

QNAP urges users to update NAS firmware and app to prevent infections

Webinars

Trending Sources

QNAP firmware updates fix Apache HTTP vulnerabilities in its NAS

Webinars

A new wave of DeadBolt Ransomware attacks hit QNAP NAS devices ?

3.5m IP cameras exposed, with US in the lead

Experts share details of five flaws that can be chained to hack Netgear RAX30 Routers

Expert found Backdoor credentials in ZyXEL LTE3301 M209

QNAP warns of a new wave of DeadBolt ransomware attacks against its NAS devices

Zyxel fixed firewall unauthenticated remote command injection issue

Experts explained how to hack a building controller widely adopted in Russia

CISA adds CVE-2022-30525 flaw in Zyxel Firewalls to its Known Exploited Vulnerabilities Catalog

Kali Linux 2024.1 Release (Micro Mirror)

Expert found Backdoor credentials in ZyXEL LTE3301 M209

Synology and QNAP warn of critical Netatalk flaws in some of their products

Tens of thousands of QNAP SOHO NAS devices affected by unpatched RCEs

Google TAG shares details about exploit chains used to install commercial spyware

US dismantled the Russia-linked Cyclops Blink botnet

Cyber Security Roundup for June 2021

US gov agencies e private firms warn nation-state actors are targeting ICS & SCADA devices

Security Affairs newsletter Round 419 by Pierluigi Paganini – International edition

Cyber Security Roundup for March 2021

Topic-specific policy 7/11: backup

For nearly a year, Brazilian users have been targeted with router attacks

CryptoAgility to take advantage of Quantum Computing

Security experts disclosed Wyze data leak

GUEST ESSAY: The story behind how DataTribe is helping to seed ‘Cybersecurity Valley’ in Maryland

McAfee Enterprise ATR Uncovers Vulnerabilities in Globally Used B. Braun Infusion Pump

The Hacker Mind Podcast: Reverse Engineering Smart Meters

The Hacker Mind Podcast: The Right To Repair

The Hacker Mind Podcast: The Right To Repair

Stay Connected