DNS, Firmware and IoT - Cyber Security Informer

IoT Unravelled Part 3: Security

Troy Hunt

NOVEMBER 25, 2020

In part 1 of this series, I posited that the IoT landscape is an absolute mess but Home Assistant (HA) does an admirable job of tying it all together. I also looked at custom firmware and soldering and why, to my mind, that was a path I didn't need to go down at this time. Now for the big challenge - security. Let's dive into it.

IoT

IoT Firmware Risk Manufacturing

New DNS Spoofing Threat Puts Millions of Devices at Risk

eSecurity Planet

MAY 3, 2022

Security researchers have uncovered a critical vulnerability that could lead to DNS spoofing attacks in two popular C standard libraries that provide functions for common DNS operations. Understanding DNS Spoofing Attacks. For example, when you enter [link] the browser queries a DNS service to reach the matching servers.

DNS

DNS Risk Firmware IoT

Unfixed vulnerability in popular library puts IoT products at risk

Malwarebytes

MAY 4, 2022

Researchers have found a vulnerability in a popular C standard library in IoT products that could allow attackers to perform DNS poisoning attacks against a target device. DNS poisoning. The devices like your laptop, phones, tablets and IoT (Internet of Things) devices such as TVs, temperature sensors, and security cameras.

IoT

IoT DNS Risk Internet

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

Overview of IoT threats in 2023

SecureList

SEPTEMBER 21, 2023

IoT devices (routers, cameras, NAS boxes, and smart home components) multiply every year. The first-ever large-scale malware attacks on IoT devices were recorded back in 2008, and their number has only been growing ever since. Telnet, the overwhelmingly popular unencrypted IoT text protocol, is the main target of brute-forcing.

IoT

IoT DDOS Passwords Malware

New Ttint IoT botnet exploits two zero-days in Tenda routers

Security Affairs

OCTOBER 5, 2020

Security researchers provided technical details about an IoT botnet dubbed Ttint that has been exploiting two zero-days in Tenda routers. Security researchers at Netlab, the network security division Qihoo 360, have published a report that details an IoT botnet dubbed Ttint. ” concludes the report. Pierluigi Paganini.

IoT

IoT Firmware DNS Advertising

NAME:WRECK, a potential IoT trainwreck

Malwarebytes

APRIL 13, 2021

A set of vulnerabilities has been found in the way a number of popular TCP/IP stacks handle DNS requests. Yes, the researchers found 9 DNS-related vulnerabilities that have the potential to allow attackers to take targeted devices offline or to gain control over them. Basically, you could say DNS is the phonebook of the internet.

IoT

IoT DNS Internet Internet

Hacking the Twinkly IoT Christmas lights

Security Affairs

DECEMBER 24, 2018

Security researchers discovered some flaws in the Twinkly IoT lights that could be exploited display custom lighting effects and to remotely turn off them. The experts demonstrated the remote management of the Twinkly lights carrying out the DNS rebinding attack technique. Pierluigi Paganini. SecurityAffairs – SDUSD , data breach).

IoT

IoT Hacking DNS Authentication

Mozi P2P Botnet also targets Netgear, Huawei, and ZTE devices

Security Affairs

AUGUST 20, 2021

Mozi is an IoT botnet that borrows the code from Mirai variants and the Gafgyt malware , it appeared on the threat landscape in late 2019. Now researchers from Microsoft Security Threat Intelligence Center and Section 52 at Azure Defender for IoT have monitored a new evolution of the threat that extent the list of targets. .

IoT

IoT DNS Manufacturing Firmware

Experts share details of five flaws that can be chained to hack Netgear RAX30 Routers

Security Affairs

MAY 11, 2023

Industrial and IoT cybersecurity firm Claroty disclosed technical details of five vulnerabilities that be exploited to hack some Netgear router models. “NETGEAR strongly recommends that you download the latest firmware as soon as possible.” ” reads the advisory published by the security firm.

Hacking

Hacking Firmware Authentication DNS

GhostDNS malware already infected over 100K+ devices and targets 70+ different types of home routers

Security Affairs

OCTOBER 1, 2018

Attackers have already hijacked over 100,000 home routers, the malicious code allows to modify DNS settings to hijack the traffic and redirect users to phishing websites. GhostDNS reminds us of the infamous DNSChanger malware that made the headlines for its ability to change DNS settings on the infected device.

DNS

DNS Malware Firmware Phishing

Cr1ptT0r Ransomware targets D-Link NAS Devices and embedded systems

Security Affairs

FEBRUARY 23, 2019

A user reported that its D-Link DNS-320 device was infected by malicious code. The D-Link DNS-320 model is no more available for sale, one of the members of the forum explained that the firmware of its NAS was never updated and its device was exposed to WAN through ports 8080, FTP port 21, and a range of ports for port forwarding.

Ransomware

Ransomware DNS Firmware Encryption

For nearly a year, Brazilian users have been targeted with router attacks

Security Affairs

JULY 13, 2019

The campaign uncovered by Avast aimed at silently modifying the Brazilian users’ Domain Name System (DNS) settings to redirect victims to malicious websites mimicking legitimate ones. In some cases the router is reconfigured to use rogue DNS servers, which redirect victims to phishing pages that closely look like real online banking sites.

DNS

DNS Passwords Advertising Banking

2024 State of Cybersecurity: Reports of More Threats & Prioritization Issues

eSecurity Planet

MAY 2, 2024

50,000 DDoS attacks on public domain name service (DNS) resolvers. 553% increase in DNS Flood attacks from 1H 2020 to 2H 2023. DDoS attacks on single networks or websites render them unavailable, but DDoS attacks on DNS resolvers bring down all networks and websites using that DNS resource.

Cybersecurity

Cybersecurity DDOS Penetration Testing Passwords

10 Network Security Threats Everyone Should Know

eSecurity Planet

MARCH 16, 2023

DNS attacks : DNS cache poisoning, or hijacking, redirects a legitimate site’s DNS address and takes users to a malicious site when they attempt to navigate to that webpage. This includes IoT devices. Sooner rather than later, you’ll want to perform an audit of your OT and IoT devices. Segmentation.

Network Security

Network Security Firewall Internet Internet

What is a Managed Security Service Provider? MSSPs Explained

eSecurity Planet

AUGUST 22, 2023

Expanding attack surfaces require additional skills to secure, maintain, and monitor an ever-expanding environment of assets such as mobile, cloud, and the internet of things (IoT). assets (endpoints, servers, IoT, routers, etc.), and installed software (operating systems, applications, firmware, etc.).

Telecommunications

Telecommunications Firewall Penetration Testing Cybersecurity

Network Protection: How to Secure a Network

eSecurity Planet

MARCH 22, 2023

Similarly, spoofed domain name system (DNS) and IP addresses can redirect users from legitimate connections to dangerous and malicious websites. Some applications, cloud infrastructure, networking equipment, or Internet of Things (IoT) devices may require more sophisticated ITAM or additional tools to detect them.

Firewall

Firewall Network Security Penetration Testing Encryption

Types of Malware & Best Malware Protection Practices

eSecurity Planet

FEBRUARY 16, 2021

Always change the default passwords for any IoT devices you install before extended use. However, a growing number of botnet attacks are used against IoT devices and their connected networks. With over 600,000 devices, this botnet exposed just how vulnerable IoT devices could be and led to the IoT Cybersecurity Improvement Act of 2020.

Malware

Malware Adware Spyware Antivirus

DDoS attacks in Q4 2020

SecureList

FEBRUARY 16, 2021

The DTLS (Datagram Transport Layer Security) protocol is used to establish secure connections over UDP, through which most DNS queries, as well as audio and video traffic, are sent. After the attacks came to light, the manufacturer promptly released a firmware update for configuring verification of incoming requests.

DDOS

DDOS Cryptocurrency Marketing Internet

Cyber Security Informer

IoT Unravelled Part 3: Security

New DNS Spoofing Threat Puts Millions of Devices at Risk

Webinars

Trending Sources

Unfixed vulnerability in popular library puts IoT products at risk

Webinars

Overview of IoT threats in 2023

New Ttint IoT botnet exploits two zero-days in Tenda routers

NAME:WRECK, a potential IoT trainwreck

Hacking the Twinkly IoT Christmas lights

Mozi P2P Botnet also targets Netgear, Huawei, and ZTE devices

Experts share details of five flaws that can be chained to hack Netgear RAX30 Routers

GhostDNS malware already infected over 100K+ devices and targets 70+ different types of home routers

Cr1ptT0r Ransomware targets D-Link NAS Devices and embedded systems

For nearly a year, Brazilian users have been targeted with router attacks

2024 State of Cybersecurity: Reports of More Threats & Prioritization Issues

10 Network Security Threats Everyone Should Know

Top SD-WAN Solutions for Enterprise Security

What is a Managed Security Service Provider? MSSPs Explained

Network Protection: How to Secure a Network

Types of Malware & Best Malware Protection Practices

DDoS attacks in Q4 2020

Stay Connected