Krebs on Security

JUNE 25, 2021

Hard drive giant Western Digital is urging users of its MyBook Live brand of network storage drives to disconnect them from the Internet, warning that malicious hackers are remotely wiping the drives using a critical flaw that can be triggered by anyone who knows the Internet address of an affected device.

Internet 303

Internet Internet Backups Small Business 303

Security Affairs

OCTOBER 20, 2018

CVE-2018-18472 – XXE and Unauthenticated Remote Command Execution in Axentra Hipserv NAS firmware. . It’s used in different devices from different vendors, the affected devices sharing the firmware are: Netgear Stora. The company provides a firmware with a web interface that mainly uses PHP as a serverside language.

Firmware 60

Firmware IoT VPN Authentication 60

eSecurity Planet

MARCH 4, 2024

All sites incorporated the archaic FCKeditor plug-in, which stopped receiving support in 2010. The fix: To eliminate malware infections, perform a factory reset, upgrade to the latest firmware, change all default usernames and passwords, and adjust firewall rules to block exposure to unwanted remote management services.

IoT 108

IoT Internet Internet Ransomware 108

SecureList

OCTOBER 26, 2021

The malicious payload was then used to upload additional malware, usually the Quarian backdoor that has been seen in use by Chinese-speaking actors since around 2010. The samples we analyzed mimicked various applications such as private messaging, VPN, and media services. This campaign affected Ethiopia, Palestine and Kuwait.

Malware 140

Malware Government Surveillance Spyware 140