2014, Encryption, Firmware and Passwords

Flaws in firmware expose almost any modern PC to Cold Boot Attacks

Security Affairs

SEPTEMBER 13, 2018

New Firmware Flaws Resurrect Cold Boot Attacks. A team of security researchers demonstrated that the firmware running on nearly all modern computers is vulnerable to cold boot attacks. encryption keys, passwords) from a running operating system after using a cold reboot to restart the machine. concludes the experts.

Firmware

Firmware Encryption Advertising Passwords

TP-Link Archer routers allow remote takeover without passwords

Security Affairs

DECEMBER 17, 2019

TP-Link has addressed a critical vulnerability impacting some TP-Link Archer routers that could allow attackers to login without passwords. “In such an event, the victim could lose access to the console and even a shell, and thereby would not be able to re-establish a new password.” ” continues the post.

Passwords

Passwords Advertising Firmware Authentication

DRAGONBLOOD flaws allow hacking WPA3 protected WiFi passwords

Security Affairs

AUGUST 3, 2019

Dragonblood researchers found two new weaknesses in WPA3 protocol that could be exploited to hack WPA3 protected WiFi passwords. passwords. A group of researchers known as Dragonblood (Mathy Vanhoef and Eyal Ronen ) devised new methods to hack WPA3 protected WiFi passwords by exploiting two new vulnerabilities dubbed Dragonblood flaws.

Passwords

Passwords Hacking Wireless Authentication

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

QSnatch malware infected over 62,000 QNAP NAS Devices

Security Affairs

JULY 28, 2020

CGI password logger This installs a fake version of the device admin login page, logging successful authentications and passing them to the legitimate login page. These are encrypted with the actor’s public key and sent to their infrastructure over HTTPS. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Malware

Malware Firmware Advertising Manufacturing

Expert released PoC exploit code for unpatched backdoor in HiSilicon chips

Security Affairs

FEBRUARY 5, 2020

More recent firmware versions had Telnet access and debug port (9527/ tcp ) disabled by default, but they had open port 9530/ tcp that could be exploited by attackers to send a special command to start telnet daemon and enable shell access with a static password ([ 1 ], [ 2 ], [ 3 ]). Pierluigi Paganini.

Firmware

Firmware Encryption Advertising Passwords

USBAnywhere BMC flaws expose Supermicro servers to hack

Security Affairs

SEPTEMBER 3, 2019

Researchers at firmware security firm Eclypsium discovered multiple vulnerabilities referred as USBAnywhere that could be exploited to potentially allow an attacker to take over the baseboard management controller (BMC) for three different models of Supermicro server boards: the X9, X10, and X11. ” reads the post published by Eclypsium.

Hacking

Hacking Firmware Media Authentication

QSnatch malware already infected thousands of QNAP NAS devices

Security Affairs

NOVEMBER 4, 2019

“The original infection method remains unknown, but during that phase malicious code is injected to the firmware of the target system, and the code is then run as part of normal operations within the device. Gather all usernames and passwords related to the device and sent them to the C2 server. ” reads the report.

Malware

Malware Firmware Advertising Encryption

Millions of Xiongmai video surveillance devices can be easily hacked via cloud feature

Security Affairs

OCTOBER 10, 2018

If the data connection is not properly encrypted ( spoiler alert: it’s not, we’ve checked! ), anyone who can intercept the connection is able to monitor all data that is exchanged. The experts also discovered an undocumented user with the name “default” and password “tluafed.”. Who controls these servers? Where are they located?

Surveillance

Surveillance Hacking Firmware Manufacturing

IoT Cybersecurity: 5 Major Vulnerabilities and How to Tackle Them

Security Affairs

OCTOBER 13, 2020

Simple or reused passwords are still a problem. While the cybersecurity industry has presented options for every netizen, the recommendation to use original and complex passwords continues to be disregarded. Instead, people come up with passwords that are comfortable. Improper encryption. Poor credentials.

IoT

IoT Cybersecurity Manufacturing Internet

Feds Warn About Critical Infrastructure Ransomware Attacks, Vulnerabilities

eSecurity Planet

FEBRUARY 15, 2022

The ransomware encrypts files on compromised Windows host systems, including physical and virtual servers, the advisory noted, and the executable leaves a ransom note in all directories where encryption occurs, including ransom payment instructions for obtaining a decryption key. 7 SP1, 8, 8.1)

Ransomware

Ransomware Encryption Backups Accountability

Hacking the Twinkly IoT Christmas lights

Security Affairs

DECEMBER 24, 2018

The communications are not encrypted, however the WiFi password is sent encrypted during set up (albeit trivial to decrypt).” “As the communications are not encrypted, it is simple to Man-in-the-Middle the traffic and analyse the API.” ” reads the analysis published by MWR InfoSecurity.

IoT

IoT Hacking DNS Authentication

VISA warns of cyber attacks on PoS systems of fuel dispenser merchants

Security Affairs

DECEMBER 13, 2019

EMV Chip, Pointto -Point Encryption, Tokenization, etc.) Secure remote access with strong passwords, ensure only the necessary individuals have permission for remote access, disable remote access when not in use, and use two-factor authentication for remote sessions. and non-compliance with PCI DSS.

Cyber Attacks

Cyber Attacks Malware Cybercrime Advertising

WizCase Report: Vulnerabilities found in WD My Book, NetGear Stora, SeaGate Home, Medion LifeCloud NAS

Security Affairs

OCTOBER 20, 2018

CVE-2018-18472 – XXE and Unauthenticated Remote Command Execution in Axentra Hipserv NAS firmware. . It’s used in different devices from different vendors, the affected devices sharing the firmware are: Netgear Stora. The company provides a firmware with a web interface that mainly uses PHP as a serverside language.

Firmware

Firmware IoT VPN Authentication

Flaws in several self-encrypting SSDs allows attackers to decrypt data they contain

Security Affairs

NOVEMBER 6, 2018

The encryption system implemented by popular solid-state drives (SSDs) is affected by critical vulnerabilities that could be exploited by a local attacker to decrypt data. “We have analyzed the hardware full-disk encryption of several SSDs by reverse engineering their firmware.

Encryption

Encryption Firmware Passwords Advertising

Do cyber regulations actually make K–12 schools safer? Navigating compliance while securing school and student data

Malwarebytes

APRIL 5, 2023

According to the Data Quality Campaign , 45 states and Washington, DC, enacted new student privacy laws between 2014 and 2020. Most states require strong data privacy controls, which typically include encrypting any sensitive personal information of staff and students. Keep all operating systems, software, and firmware up to date.

Education

Education Ransomware Cybersecurity Risk

IT threat evolution Q3 2021

SecureList

NOVEMBER 26, 2021

Apart from Trojanized installers, we also observed infections involving use of a UEFI (Unified Extensible Firmware Interface) and MBR (Master Boot Record) bootkit. While the MBR infection has been known since at least 2014, details on the UEFI bootkit were publicly revealed for the first time in our private report on FinSpy.

Malware

Malware Banking Energy and Utilities Accountability

Hackers infect Linux servers with JungleSec Ransomware via IPMI Remote console

Security Affairs

DECEMBER 27, 2018

The IPMI is a set of computer interface specifications for an autonomous computer subsystem that provides management and monitoring capabilities independently of the host system’s CPU, firmware (BIOS or UEFI) and operating system. “In one case, the IPMI interface was using the default manufacturer passwords. .

Ransomware

Ransomware Passwords Firmware Advertising

IT threat evolution Q3 2022

SecureList

NOVEMBER 18, 2022

In July, we reported a rootkit that we found in modified Unified Extensible Firmware Interface (UEFI) firmware, the code that loads and initiates the boot process when the computer is turned on. The attackers compress stolen files into encrypted and password-protected ZIP archives. Mobile statistics. Targeted attacks.

Malware

Malware Computers and Electronics Adware Cryptocurrency

The Hacker Mind Podcast: Reverse Engineering Smart Meters

ForAllSecure

MAY 13, 2022

I moved here at the end of 2014. And so, what I didn't want to do is is make it that I'm just completely rogue, and I dumped the firmware and I posted on for everybody to see and you do these things that you're not that legally, you know, as kind of a society we say we don't want to do, but we still need to look at these things.

Engineering

Engineering Energy and Utilities Computers and Electronics Firmware

Cyber Security Informer

Flaws in firmware expose almost any modern PC to Cold Boot Attacks

TP-Link Archer routers allow remote takeover without passwords

Webinars

Trending Sources

DRAGONBLOOD flaws allow hacking WPA3 protected WiFi passwords

Webinars

QSnatch malware infected over 62,000 QNAP NAS Devices

Expert released PoC exploit code for unpatched backdoor in HiSilicon chips

USBAnywhere BMC flaws expose Supermicro servers to hack

QSnatch malware already infected thousands of QNAP NAS devices

Millions of Xiongmai video surveillance devices can be easily hacked via cloud feature

IoT Cybersecurity: 5 Major Vulnerabilities and How to Tackle Them

Feds Warn About Critical Infrastructure Ransomware Attacks, Vulnerabilities

Hacking the Twinkly IoT Christmas lights

VISA warns of cyber attacks on PoS systems of fuel dispenser merchants

WizCase Report: Vulnerabilities found in WD My Book, NetGear Stora, SeaGate Home, Medion LifeCloud NAS

Flaws in several self-encrypting SSDs allows attackers to decrypt data they contain

Do cyber regulations actually make K–12 schools safer? Navigating compliance while securing school and student data

IT threat evolution Q3 2021

Hackers infect Linux servers with JungleSec Ransomware via IPMI Remote console

IT threat evolution Q3 2022

The Hacker Mind Podcast: Reverse Engineering Smart Meters

Stay Connected