Blog, Firmware, Information Security and Passwords

China-linked APT Mustang Panda targets TP-Link routers with a custom firmware implant

Security Affairs

MAY 16, 2023

China-linked APT group Mustang Panda employed a custom firmware implant targeting TP-Link routers in targeted attacks since January 2023. In most recent attacks observed by Check Point, the threat actors employed custom firmware implant designed explicitly for TP-Link routers. ” reads the report published by Check point.

Firmware

Firmware Encryption Government Malware

Expert found Backdoor credentials in ZyXEL LTE3301 M209

Security Affairs

DECEMBER 24, 2022

Unlike the D-Link analysis, the researchers has no physical access to the device and attempted to retrieve the password from the config. “The firmware is basically a merge of 3 sections, the LZMA section is the kernel, at 0x148CD6 the root-fs and at 0x90BD36 the www content.” A firmware fix has been released.

Firmware

Firmware Passwords Hacking Cybersecurity

3.5m IP cameras exposed, with US in the lead

Security Affairs

DECEMBER 14, 2022

Some of the most popular brands don’t enforce a strong password policy, meaning anyone can peer into their owners’ lives. While the default security settings have improved over the review period, some popular brands either offer default passwords or no authentication, meaning anyone can spy on the spies.

Surveillance

Surveillance Manufacturing Passwords Internet

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

Experts share details of five flaws that can be chained to hack Netgear RAX30 Routers

Security Affairs

MAY 11, 2023

These vulnerabilities require an attacker to have your WiFi password or an Ethernet connection to your network to be exploited.” “NETGEAR strongly recommends that you download the latest firmware as soon as possible.” ” The vendor addressed the issues in April 2023 with the release of firmware version 1.0.10.94

Hacking

Hacking Firmware Authentication DNS

Expert found Backdoor credentials in ZyXEL LTE3301 M209

Security Affairs

DECEMBER 24, 2022

Unlike the D-Link analysis, the researchers has no physical access to the device and attempted to retrieve the password from the config. “The firmware is basically a merge of 3 sections, the LZMA section is the kernel, at 0x148CD6 the root-fs and at 0x90BD36 the www content.” A firmware fix has been released.

Firmware

Firmware Passwords Hacking Cybersecurity

Expert managed to crack 70% of a 5,000 WiFi network sample in Tel Aviv

Security Affairs

OCTOBER 26, 2021

The PMK is calculated from the following parameters: Passphrase– The WiFi password — hence, the part that we are really looking for. Hoorvitch used an attack technique devised by Jens “atom” Steube’s (Hashcat’s lead developer) to retrieve the PMKIDs that allowed him to derive the password. SSID – The name of the network.

Passwords

Passwords Small Business Firmware Manufacturing

BlackCat Ransomware gang breached over 60 orgs worldwide

Security Affairs

APRIL 25, 2022

Regularly back up data, air gap, and password-protect backup copies offline. Install updates/patch operating systems, software, and firmware as soon as updates/patches are released. Regularly change passwords to network systems and accounts, and avoid reusing passwords for different accounts. To nominate, please visit:?

Ransomware

Ransomware Antivirus Passwords Malware

Security Affairs newsletter Round 420 by Pierluigi Paganini – International edition

Security Affairs

MAY 21, 2023

Please vote for Security Affairs ( [link] ) as the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS Vote for me in the sections where is reported Securityaffairs or my name Pierluigi Paganini Please nominate Security Affairs as your favorite blog.

Data breaches

Data breaches Cybercrime Ransomware Passwords

US gov agencies e private firms warn nation-state actors are targeting ICS & SCADA devices

Security Affairs

APRIL 14, 2022

Change all passwords to ICS/SCADA devices and systems on a consistent schedule, especially all default passwords, to device-unique strong passwords to mitigate password brute force attacks and to give defender monitoring systems opportunities to detect common attacks. To nominate, please visit:? Pierluigi Paganini.

Passwords

Passwords Architecture Backups Cyber Attacks

Russia-linked APT28 compromised Ubiquiti EdgeRouters to facilitate cyber operations

Security Affairs

FEBRUARY 28, 2024

Per a Microsoft blog post[3] published in March 2023, CVE-2023-23397 is a critical elevation of privilege vulnerability in Microsoft Outlook on Windows wherein Net-NTLMv2 hashes are leaked to actor-controlled infrastructure [T1119, T1020].” Upgrade to the latest firmware version. Change any default usernames and passwords.

Energy and Utilities

Energy and Utilities Government Firewall Malware

Cyber Security Roundup for June 2021

Security Boulevard

JUNE 1, 2021

roundup of UK focused Cyber and Information Security News, Blog Posts, Reports and general Threat Intelligence from the previous calendar month, May 2021. The UK National Cyber Security Centre (NCSC) published its Smart Cities (connected places) guidance for UK local authorities. Is your Home Router a Security Risk?

Ransomware

Ransomware Passwords Scams Cyber Attacks

Cyber Security Roundup for March 2021

Security Boulevard

FEBRUARY 28, 2021

roundup of UK focused Cyber and Information Security News, Blog Posts, Reports and general Threat Intelligence from the previous calendar month, February 2021. I wrote a blog post about my concerns given Linux is embedded everywhere, yet many of these systems are rarely, and even never updated with security updates.

Energy and Utilities

Energy and Utilities Ransomware DDOS Accountability

Kali Linux 2023.4 Release (Cloud ARM64, Vagrant Hyper-V & Raspberry Pi 5)

Kali Linux

DECEMBER 4, 2023

Much more could be written on the topic, and we plan a longer blog post dedicated to it. If you want our blog posts, and only that, in your inbox, sign up! This is where anyone can ask questions to us about Kali or the information security industry as a whole. We have a RSS feeds and newsletter of our blog to help you.

Architecture

Architecture Passwords Firmware Software

For nearly a year, Brazilian users have been targeted with router attacks

Security Affairs

JULY 13, 2019

” reads a blog post published by Avast. “ Malware then guesses routers’ passwords , which new research from Avast shows are often weak. The router attacks involved an exploit kit that attempts to find the router IP on a network, then attempts to guess the password using common login credentials. concludes Avast.

DNS

DNS Passwords Advertising Banking

Security Affairs newsletter Round 419 by Pierluigi Paganini – International edition

Security Affairs

MAY 14, 2023

Please vote for Security Affairs ( [link] ) as the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS Vote for me in the sections where is reported Securityaffairs or my name Pierluigi Paganini Please nominate Security Affairs as your favorite blog.

Data breaches

Data breaches DDOS Artificial Intelligence Ransomware

Threat spotlight: Conti, the ransomware used in the HSE healthcare attack

Malwarebytes

MAY 28, 2021

In this blog, we’ll home in on Conti, the strain identified by some as the successor, cousin or relative of Ryuk ransomware , due to similarities in code use and distribution tactics. Install updates/patch operating systems, software, and firmware as soon as they are released. Avoid reusing passwords for multiple accounts.

Healthcare

Healthcare Ransomware Encryption Passwords

Lemon Group gang pre-infected 9 million Android devices for fraudulent activities

Security Affairs

MAY 19, 2023

” The Guerrilla malware has a modular structure, each plugin was designed to support a specific feature, including: SMS Plugin : Intercepts one-time passwords sent via SMS. Threat actors compromised third-party software or the installation of malware-laced firmware. Please nominate Security Affairs as your favorite blog.

Mobile

Mobile Advertising Malware Cybercrime

Kali Linux 2023.3 Release (Internal Infrastructure & Kali Autopilot)

Kali Linux

AUGUST 22, 2023

This release blog post does not have the most features in it, as a lot of the changes have been behind-the-scenes, which brings a huge benefit to us and an indirect positive effect to you as end-users. This is when anyone can ask questions (hopefully relating to Kali or the information security industry) to us. Automate it!

Architecture

Architecture Firmware Firewall Software

McAfee Enterprise ATR Uncovers Vulnerabilities in Globally Used B. Braun Infusion Pump

McAfee

AUGUST 24, 2021

For a brief overview please see our summary blog here. What Security Research has Already Been Performed? Due to the potential critical impact and the state of medical device security, many previous projects didn’t need to dig very deep to find security issues or concerns. Table of Contents. Background.

Computers and Electronics

Computers and Electronics Authentication Software Risk

The Hacker Mind Podcast: Reverse Engineering Smart Meters

ForAllSecure

MAY 13, 2022

Everybody's got their own little blog where they post stuff. And that's probably a security design of what they're, what they might put out there and encryption keys and things like that. And then you have the smart meters and so the software on the smart meters that's just 100% on its firmware. It's pretty cool stuff.

Engineering

Engineering Energy and Utilities Computers and Electronics Firmware

Cyber Security Informer

China-linked APT Mustang Panda targets TP-Link routers with a custom firmware implant

Expert found Backdoor credentials in ZyXEL LTE3301 M209

Webinars

Trending Sources

3.5m IP cameras exposed, with US in the lead

Webinars

Experts share details of five flaws that can be chained to hack Netgear RAX30 Routers

Expert found Backdoor credentials in ZyXEL LTE3301 M209

Expert managed to crack 70% of a 5,000 WiFi network sample in Tel Aviv

BlackCat Ransomware gang breached over 60 orgs worldwide

Security Affairs newsletter Round 420 by Pierluigi Paganini – International edition

US gov agencies e private firms warn nation-state actors are targeting ICS & SCADA devices

Russia-linked APT28 compromised Ubiquiti EdgeRouters to facilitate cyber operations

Cyber Security Roundup for June 2021

Cyber Security Roundup for March 2021

Kali Linux 2023.4 Release (Cloud ARM64, Vagrant Hyper-V & Raspberry Pi 5)

For nearly a year, Brazilian users have been targeted with router attacks

Security Affairs newsletter Round 419 by Pierluigi Paganini – International edition

Threat spotlight: Conti, the ransomware used in the HSE healthcare attack

Lemon Group gang pre-infected 9 million Android devices for fraudulent activities

Kali Linux 2023.3 Release (Internal Infrastructure & Kali Autopilot)

McAfee Enterprise ATR Uncovers Vulnerabilities in Globally Used B. Braun Infusion Pump

The Hacker Mind Podcast: Reverse Engineering Smart Meters

Stay Connected