Security Affairs

MAY 7, 2021

HideezKey- This is a deep-dive into a nice concept for a security token & password manager that turned into a horrible product due to lack of proper R&D and Threat Modeling. Passive Recon & OSINT: First of all (even without attempting to open the token) we can immediately notice our best-hardware-hacking-friend: the FCC ID.

Firmware 97

Firmware Passwords Password Management Encryption 97

Pen Test

OCTOBER 12, 2023

Countermeasures: To prevent drone signal hijacking, drone manufacturers and operators can implement encryption and authentication mechanisms for RF communication. What encryption standards are currently implemented for your RF communications, and how do they compare to the latest industry-recommended protocols, such as WPA3 for Wi-Fi?

Encryption 52

Encryption Firmware Surveillance Technology 52

Security Affairs

MARCH 26, 2021

The Federal Bureau of Investigation (FBI) issued an alert to warn that the Mamba ransomware is abusing the DiskCryptor open source tool to encrypt entire drives. Mamba ransomware is one of the first malware that encrypted hard drives rather than files that was detected in public attacks. ” reads the alert published by the FBI.

Ransomware 143

Ransomware Encryption Passwords Malware 143

Security Affairs

SEPTEMBER 3, 2019

Researchers at firmware security firm Eclypsium discovered multiple vulnerabilities referred as USBAnywhere that could be exploited to potentially allow an attacker to take over the baseboard management controller (BMC) for three different models of Supermicro server boards: the X9, X10, and X11. ” reads the post published by Eclypsium.

Hacking 83

Hacking Firmware Media Authentication 83

eSecurity Planet

MARCH 3, 2023

To protect against those threats, a Wi-Fi Protected Access (WPA) encryption protocol is recommended. WPA2 is a security protocol that secures wireless networks using the advanced encryption standard (AES). WEP and WPA are both under 4%, while WPA2 commands a 73% share of known wireless encryption connections.

Wireless 98

Wireless Encryption Passwords IoT 98

Security Affairs

JULY 8, 2022

The Taiwanese vendor QNAP is warning of a new family of ransomware targeting its NAS devices using weak passwords. Threat actors are targeting devices exposed online with the SMB service enabled, they perform brute-force attacks against accounts using weak passwords. All your data has been encrypted, backups have been deleted.

Ransomware 88

Ransomware Encryption Passwords Internet 88

Security Affairs

AUGUST 9, 2023

Malware can carry out a Downfall attack to steal sensitive information like passwords, encryption keys, and private data such as banking details, personal emails, and messages. ” Intel informed customers that is releasing firmware updates to address the vulnerability. ” reads the advisory published by the chip maker.

Firmware 62

Firmware Encryption Software Banking 62

Security Affairs

OCTOBER 10, 2018

Millions of Xiongmai video surveillance devices can be easily hacked via cloud feature, a gift for APT groups and cyber crime syndicates. Xiongmai hereinafter) that are open to hack. The experts also discovered an undocumented user with the name “default” and password “tluafed.”. Who controls these servers?

Surveillance 80

Surveillance Hacking Firmware Manufacturing 80

Security Affairs

OCTOBER 10, 2023

While this communication system is useful for transferring real-time data, it offers neither encryption nor lockout mechanisms against password-guessing. Use encryption mechanisms to secure communications between the camera and the viewing client. Ensure that RTSP cameras require solid and unique passwords for access.

Risk 92

Risk Encryption VPN Passwords 92

Troy Hunt

NOVEMBER 25, 2020

I also looked at custom firmware and soldering and why, to my mind, that was a path I didn't need to go down at this time. I can't blame this on the teddy bears themselves, rather the fact that the MongoDB holding all the collected data was left publicly facing without a password. IoT firmware should be self-healing.

IoT 357

IoT Firmware Risk Manufacturing 357

Malwarebytes

MARCH 3, 2022

In the case of the Nvidia breach, LAPSUS$ claimed it was mainly after the removal of the lite hast rate (LHR) limitations in all GeForce 30 series firmware—apparently all to help out gamers and the mining community. Hacked back? The passwords and email addresses of some 70k employees were involved.

Ransomware 88

Ransomware Password Management Passwords Hacking 88

Security Affairs

MAY 21, 2023

X Master Password Dumper (CVE-2023-32784) Malware RapperBot DDoS Botnet Expands into Cryptojacking Newly identified RA Group compromises companies in U.S. X Master Password Dumper (CVE-2023-32784) Malware RapperBot DDoS Botnet Expands into Cryptojacking Newly identified RA Group compromises companies in U.S.

Data breaches 83

Data breaches Cybercrime Ransomware Passwords 83

Security Affairs

AUGUST 10, 2021

The ransomware, tracked by Intezer as “ QNAPCrypt ” and “ eCh0raix ” by Anomali, is written in the Go programming language and uses AES encryption to encrypt files. The malicious code appends.encrypt extension to filenames of encrypted files. Create complex login passwords to make brute-forcing more difficult for attackers.

Ransomware 125

Ransomware Encryption Firmware Passwords 125

Security Affairs

MARCH 19, 2022

The AvosLocker ransomware-as-a-service emerged in the threat landscape in September 2021, since January the group expanded its targets by implementing the support for encrypting Linux systems, specifically VMware ESXi servers. Regularly back up data, password protect backup copies offline. Avoid reusing passwords for multiple accounts.

Ransomware 92

Ransomware DDOS Passwords Backups 92

Security Affairs

DECEMBER 13, 2021

Boffins discovered bugs in WiFi chips that can be exploited to extract passwords and manipulate traffic by targeting a device’s Bluetooth component. The WiFi chip encrypts network traffic and holds the current WiFi credentials, thereby providing the attacker with further information.” Pierluigi Paganini.

Wireless 99

Wireless Firmware Mobile Passwords 99

SecureList

JUNE 8, 2022

Routers are forever being hacked and infected, and used to infiltrate local networks. According to a survey by UK company Broadband Genie, 48% of users had not changed any of their router’s settings at all , even the control panel and Wi-Fi network passwords. search results for “default password” in June 2021.

DDOS 95

DDOS Passwords IoT Firmware 95

eSecurity Planet

OCTOBER 24, 2023

Secure practices like robust admin passwords and advanced encryption ensure control over traffic, safeguarding personal information and increasing the odds of a secure online experience. Regularly update router firmware to patch vulnerabilities and close potential avenues of attack.

Malware 120

Malware Antivirus Software Passwords 120

Security Affairs

OCTOBER 26, 2021

The PMK is calculated from the following parameters: Passphrase– The WiFi password — hence, the part that we are really looking for. Hoorvitch used an attack technique devised by Jens “atom” Steube’s (Hashcat’s lead developer) to retrieve the PMKIDs that allowed him to derive the password. SSID – The name of the network.

Passwords 108

Passwords Small Business Firmware Manufacturing 108

Security Affairs

DECEMBER 24, 2018

The communications are not encrypted, however the WiFi password is sent encrypted during set up (albeit trivial to decrypt).” “As the communications are not encrypted, it is simple to Man-in-the-Middle the traffic and analyse the API.” ” reads the analysis published by MWR InfoSecurity.

IoT 76

IoT Hacking DNS Authentication 76

Security Affairs

JANUARY 16, 2022

Once the ransomware has infected a device, it moves all the files on the NAS into password-protected 7z archives and demands the payment of a $550 ransom. BleepingComputer also reported that dozens of ransom notes and encrypted files have been submitted to the ID-Ransomware service by affected QNAP users. Pierluigi Paganini.

Ransomware 106

Ransomware Encryption Backups Firmware 106

eSecurity Planet

MARCH 1, 2023

To prevent unwanted access and protect data in transit, wireless connections must be secured with strong authentication procedures, encryption protocols, access control rules, intrusion detection and prevention systems, and other security measures. As a result, wireless networks are prone to eavesdropping, illegal access and theft.

Wireless 98

Wireless Encryption Authentication IoT 98

Security Affairs

FEBRUARY 5, 2020

More recent firmware versions had Telnet access and debug port (9527/ tcp ) disabled by default, but they had open port 9530/ tcp that could be exploited by attackers to send a special command to start telnet daemon and enable shell access with a static password ([ 1 ], [ 2 ], [ 3 ]). SecurityAffairs – HiSilicon chips, hacking).

Firmware 77

Firmware Encryption Advertising Passwords 77

Security Affairs

AUGUST 13, 2022

To each encrypted file, it appends a randomized nine-digit hexadecimal number as an extension. The US agencies recommend not paying the ransom because there is no guarantee to recover the encrypted files and paying the ransomware will encourage the illegal practice of extortion. SecurityAffairs – hacking, Zeppelin ransomware).

Ransomware 81

Ransomware Encryption Firmware Backups 81

Krebs on Security

JULY 25, 2023

Researchers this month uncovered a two-year-old Linux-based remote access trojan dubbed AVrecon that enslaves Internet routers into botnet that bilks online advertisers and performs password-spraying attacks. Usually, these users have no idea their systems are compromised. WHO’S BEHIND SOCKSESCORT?

Malware 211

Malware VPN Internet Internet 211

Security Affairs

SEPTEMBER 3, 2021

“Cyber criminal threat actors exploit network vulnerabilities to exfiltrate data and encrypt systems in a sector that is increasingly reliant on smart technologies, industrial control systems, and internet-based automation systems. Install updates/patch operating systems, software, and firmware as soon as they are released.

Ransomware 91

Ransomware Passwords Backups Firmware 91

Security Affairs

MAY 14, 2023

ransom Dragon Breath APT uses double-dip DLL sideloading strategy International Press Cybercrime San Bernardino County pays $1.1-million ransom Dragon Breath APT uses double-dip DLL sideloading strategy International Press Cybercrime San Bernardino County pays $1.1-million

Data breaches 84

Data breaches DDOS Artificial Intelligence Ransomware 84

Security Affairs

JULY 28, 2020

CGI password logger This installs a fake version of the device admin login page, logging successful authentications and passing them to the legitimate login page. These are encrypted with the actor’s public key and sent to their infrastructure over HTTPS. SecurityAffairs – hacking, QSnatch). Pierluigi Paganini.

Malware 100

Malware Firmware Advertising Manufacturing 100

Security Affairs

APRIL 23, 2021

The malware moves all files stored on the device to password-protected 7zip archives and demand the payment of a $550 ransom. The vendor recommends the use of strong passwords and to modify the default network port 8080 for accessing the NAS operating interface. SecurityAffairs – hacking, QNAP NAS). “QNAP® Systems, Inc.

Ransomware 112

Ransomware Backups Media Malware 112

SecureList

SEPTEMBER 21, 2023

We conducted an analysis of the IoT threat landscape for 2023, as well as the products and services offered on the dark web related to hacking connected devices. Attack vectors There are two main IoT infection routes: brute-forcing weak passwords and exploiting vulnerabilities in network services. per day, or $1350 per month.

IoT 92

IoT DDOS Passwords Malware 92

Security Affairs

FEBRUARY 28, 2024

In April 2023, FortiGuard Labs researchers observed a hacking campaign targeting Cacti ( CVE-2022-46169 ) and Realtek ( CVE-2021-35394 ) vulnerabilities to spread ShellBot and Moobot malware. Communication to and from the EdgeRouters involved encryption using a randomly generated 16-character AES key. ” concludes the report.

Energy and Utilities 90

Energy and Utilities Government Firewall Malware 90

Security Affairs

FEBRUARY 14, 2022

“BlackByte is a Ransomware as a Service (RaaS) group that encrypts files on compromised Windows host systems, including physical and virtual servers.” Once gained access to the network, threat actors deployed tools to perform lateral movements and escalate privileges before exfiltrating and encrypting files.

Ransomware 84

Ransomware Accountability Firmware Antivirus 84

Security Affairs

DECEMBER 27, 2018

The IPMI is a set of computer interface specifications for an autonomous computer subsystem that provides management and monitoring capabilities independently of the host system’s CPU, firmware (BIOS or UEFI) and operating system. “In one case, the IPMI interface was using the default manufacturer passwords. .

Ransomware 104

Ransomware Passwords Firmware Advertising 104

Security Affairs

OCTOBER 13, 2020

Simple or reused passwords are still a problem. While the cybersecurity industry has presented options for every netizen, the recommendation to use original and complex passwords continues to be disregarded. Instead, people come up with passwords that are comfortable. Improper encryption. SecurityAffairs – hacking, IoT).

IoT 129

IoT Cybersecurity Manufacturing Internet 129

eSecurity Planet

JUNE 30, 2023

This recent exploitation expands their repertoire, highlighting their ability to hack and steal critical data through the MOVEit Transfer web applications with the LEMURLOOT web shell. Encrypt backup data to ensure the data infrastructure’s immutability and coverage.

Ransomware 103

Ransomware Backups Passwords Software 103

ForAllSecure

APRIL 22, 2021

In this episode of The Hacker Mind , Beau Woods and Paulino Calderon discuss their book, Practical IoT Hacking, and talk about IoT threat models, the technologies being used today, and what tools and knowledge you need to get started successfully hacking IoT devices. Vamosi: I once lived near a large urban park.

IoT 52

IoT Hacking Internet Internet 52

ForAllSecure

APRIL 22, 2021

In this episode of The Hacker Mind , Beau Woods and Paulino Calderon discuss their book, Practical IoT Hacking, and talk about IoT threat models, the technologies being used today, and what tools and knowledge you need to get started successfully hacking IoT devices. Vamosi: I once lived near a large urban park.

IoT 52

IoT Hacking Internet Internet 52

Adam Levin

FEBRUARY 10, 2020

But, then again, you may have been hacked–“wiped” being the current term of art and something Iran has earned a reputation for. Never buy a device that doesn’t allow you to set a long and strong password. password, 123456, qwerty, etc. Consider using a password manager. You may have made a mistake.

Passwords 245

Passwords Phishing Password Management Accountability 245