2014, Firewall, Firmware and Internet - Cyber Security Informer

MyBook Users Urged to Unplug Devices from Internet

Krebs on Security

JUNE 25, 2021

Hard drive giant Western Digital is urging users of its MyBook Live brand of network storage drives to disconnect them from the Internet, warning that malicious hackers are remotely wiping the drives using a critical flaw that can be triggered by anyone who knows the Internet address of an affected device.

Internet

Internet Internet Backups Small Business

335,923 out of 489,337 Fortinet firewalls vulnerable to CVE-2023-27997

Security Affairs

JULY 3, 2023

Researchers reported that there are 490,000 Fortinet firewalls exposing SSL VPN interfaces on the internet, and roughly 69% of them are still vulnerable to CVE-2023-27997. For this reason, if the customer has SSL-VPN enabled, Fortinet is advising customers to take immediate action to upgrade to the most recent firmware release.

Firewall

Firewall VPN Firmware Internet

79 Netgear router models affected by a dangerous Zero-day

Security Affairs

JUNE 18, 2020

Security experts Adam Nichols from GRIMM and d4rkn3ss from the Vietnamese internet service provider VNPT have independently reported a severe unpatched security vulnerability that affects 79 Netgear router models. Nichols discovered that the vulnerability affects 758 different firmware versions that run on 79 Netgear routers.

Firmware

Firmware Internet Internet Advertising

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

New Ttint IoT botnet exploits two zero-days in Tenda routers

Security Affairs

OCTOBER 5, 2020

Unlike other IoT DDoS botnets, Ttint implements 12 remote access functions such as Socket5 proxy for router devices, tampering with router firewall and DNS settings, executing remote custom system commands. According to the experts, Tenda routers running a firmware version between AC9 to AC18 are vulnerable to the attack.

IoT

IoT Firmware DNS Advertising

A daily average of 80,000 printers exposed online via IPP

Security Affairs

JUNE 23, 2020

The Shadowserver Foundation is a nonprofit security organization working altruistically behind the scenes to make the Internet more secure for everyone. The researchers scanned the Internet for printers that are exposing their Internet Printing Protocol (IPP) port online. and printers (or print servers). .

Internet

Internet Internet Firmware Advertising

DoS attack the caused disruption at US power utility exploited a known flaw

Security Affairs

SEPTEMBER 9, 2019

A DoS attack that caused disruptions at a power utility in the United States exploited a flaw in a firewall used in the facility. The incident took place earlier this year, threat actors exploited a known vulnerability in a firewall used by the affected facility to cause disruption. and 7 p.m., power grid ( Energywire , April 30).

Energy and Utilities

Energy and Utilities Firewall Firmware Advertising

SonicWall warns users of “imminent ransomware campaign”

Malwarebytes

JULY 15, 2021

The exploitation targets a known vulnerability that has been patched in newer versions of SonicWall firmware. x versions of the firmware. x firmware. x firmware versions. SSL-VPN 200/2000/400 (EOL 2013/2014) disconnect immediately and reset passwords. SMA 210/410/500v (Actively Supported) update firmware to 9.0.0.10-28sv

Ransomware

Ransomware Firmware VPN Firewall

Experts hacked 28,000 unsecured printers to raise awareness of printer security issues

Security Affairs

AUGUST 27, 2020

To perform the experiment, we used Internet of Things (IoT) search engines to search for open devices that utilized common printer ports and protocols. After filtering out most of the false positives, we were left with more than 800,000 printers that had network printing features enabled and were accessible over the internet.

Hacking

Hacking IoT Firmware Internet

Juniper Networks addressed many issues in its products

Security Affairs

JULY 10, 2020

Juniper Networks addressed several vulnerabilities in its firewalls, most of them can be exploited by attackers for denial-of-service (DoS) attacks. Some of the issues also affected third-party components, including OpenSSL, Intel firmware, Bouncy Castle, Java SE, Apache software, and others. Pierluigi Paganini.

Firmware

Firmware Advertising Firewall Internet

Some Zyxel devices can be hacked via DNS requests

Security Affairs

SEPTEMBER 4, 2019

“A DNS request can be made by an unauthenticated attacker to either spam a DNS service of a third party with requests that have a spoofed origin or probe whether domain names are present on the internal network behind the firewall,” reads the advisory published by the experts. ” reads the advisory. Pierluigi Paganini.

DNS

DNS Hacking Firmware Wireless

Attackers are hacking NSC Linear eMerge E3 building access systems to launch DDoS attacks

Security Affairs

FEBRUARY 3, 2020

L inear eMerge E3 smart building access systems designed by N ortek Security & Control (NSC) are affected by a severe vulnerability (CVE-2019-7256) that has yet to be fixed and attackers are actively scanning the internet for vulnerable devices. Passwords can be found in p roduct documentation and compiled lists available on the Internet.”

DDOS

DDOS Hacking Internet Internet

Millions of Xiongmai video surveillance devices can be easily hacked via cloud feature

Security Affairs

OCTOBER 10, 2018

Additionally, no firewall rules, port forwarding rules, or DDNS setup are required on the router, which makes this option convenient also for non-tech-savvy users.” The “P2P Cloud” feature bypasses firewalls and effectively allows remote connections into private networks. ” reads the report published by SEC Consult. !

Surveillance

Surveillance Hacking Firmware Manufacturing

A flaw in Rockwell Controller allows attackers to redirect users to malicious Sites

Security Affairs

APRIL 25, 2019

Rockwell has released firmware updates that address the vulnerability for the affected controllers. Below the recommendations published by Rockwell Automation to minimize the risk of exploitation of this vulnerability: Update to the latest available firmware revision that addresses the associated risk. Pierluigi Paganini.

Firmware

Firmware Social Engineering Advertising Malware

Zyxel addresses Zero-Day vulnerability in NAS devices

Security Affairs

FEBRUARY 25, 2020

A remote code execution vulnerability was identified in the weblogin.cgi program of Zyxel NAS products running firmware version 5.21 Do not leave the product directly exposed to the internet. If possible, connect it to a security router or firewall for additional protection,” Zyxel recommends. . and earlier. Pierluigi Paganini.

Authentication

Authentication Advertising Firmware Internet

AT&T Alien Labs finds new Golang malware (BotenaGo) targeting millions of routers and IoT devices with more than 30 exploits

CyberSecurity Insiders

NOVEMBER 11, 2021

Ax with firmware 1.04b12 and earlier. NETGEAR DGN2200 devices with firmware through 10.0.0.50. Multiple ZyXEL network-attached storage (NAS) devices running firmware version 5.2, Affected products include: NAS326 before firmware V5.21(AAZF.7)C0 7)C0 NAS520 before firmware V5.21(AASZ.3)C0 CVE-2014-2321.

Malware

Malware IoT Firmware Authentication

Silex malware bricks thousands of IoT devices in a few hours

Security Affairs

JUNE 26, 2019

Cashdollar explained that the Silex malware trashes the storage of the infected devices, drops firewall rules and wipe network configurations before halting the system. The only way to recover infected devices is to manually reinstall the device’s firmware. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

IoT

IoT Malware Advertising Firmware

Key Reuse opens to attacks on IPsec IKE, Cisco, Huawei, ZyXEL products are affected

Security Affairs

AUGUST 14, 2018

” The experts focused their analysis on the impact of key reuse on Internet Protocol Security (IPsec). The cryptographic key for IPsec leverages the Internet Key Exchange (IKE) protocol, which has two versions, IKEv1 and IKEv2. According to the Huawei’s advisory , its firewall products are affected by the flaw.

Encryption

Encryption Authentication Internet Internet

Too much UPnP-enabled connected devices still vulnerable to cyber attacks

Security Affairs

MARCH 7, 2019

. “The hackers behind it reportedly took advantage of poorly configured routers that had the Universal Plug and Play (UPnP) service enabled, which caused the routers to forward public ports to the private devices and be open to the public internet,” reads the analysis published by Yang. ” continues the expert.

Cyber Attacks

Cyber Attacks Advertising Firmware Data collection

CISA warns of critical flaws in Prima FlexAir access control system

Security Affairs

JULY 31, 2019

“To update to the latest firmware, each user should select the “Check for Upgrade” option in the “Centrals” menu in the GUI. Specifically, users should: Minimize network exposure for all control system devices and/or systems, and ensure that they are not accessible from the Internet. ” concludes the CISA advisory.

Backups

Backups Authentication Advertising Firmware

WizCase Report: Vulnerabilities found in WD My Book, NetGear Stora, SeaGate Home, Medion LifeCloud NAS

Security Affairs

OCTOBER 20, 2018

CVE-2018-18472 – XXE and Unauthenticated Remote Command Execution in Axentra Hipserv NAS firmware. . It’s used in different devices from different vendors, the affected devices sharing the firmware are: Netgear Stora. The company provides a firmware with a web interface that mainly uses PHP as a serverside language.

Firmware

Firmware IoT VPN Authentication

BotenaGo strikes again – malware source code uploaded to GitHub

CyberSecurity Insiders

JANUARY 26, 2022

Maintain minimal exposure to the Internet on Linux servers and IoT devices and use a properly configured firewall. Install security and firmware upgrades from vendors, as soon as possible. 2032077: ET EXPLOIT ZTE Cable Modem RCE Attempt (CVE-2014-2321). Recommended actions. Conclusion. SURICATA IDS SIGNATURES.

Malware

Malware IoT Authentication Antivirus

GUEST ESSAY: The story behind how DataTribe is helping to seed ‘Cybersecurity Valley’ in Maryland

The Last Watchdog

JUNE 4, 2019

million unfilled cybersecurity positions globally by 2021 – up from 1 million in 2014. BlueRidge AI integrates the Internet of Things, machine learning and predictive analytics to enable manufacturers to transform their operations into globally competitive operations. According to Cybersecurity Ventures, there will be 3.5

Cybersecurity

Cybersecurity Computers and Electronics Technology Marketing

Cyber Security Informer

MyBook Users Urged to Unplug Devices from Internet

335,923 out of 489,337 Fortinet firewalls vulnerable to CVE-2023-27997

Webinars

Trending Sources

79 Netgear router models affected by a dangerous Zero-day

Webinars

New Ttint IoT botnet exploits two zero-days in Tenda routers

A daily average of 80,000 printers exposed online via IPP

DoS attack the caused disruption at US power utility exploited a known flaw

SonicWall warns users of “imminent ransomware campaign”

Experts hacked 28,000 unsecured printers to raise awareness of printer security issues

Juniper Networks addressed many issues in its products

Some Zyxel devices can be hacked via DNS requests

Attackers are hacking NSC Linear eMerge E3 building access systems to launch DDoS attacks

Millions of Xiongmai video surveillance devices can be easily hacked via cloud feature

A flaw in Rockwell Controller allows attackers to redirect users to malicious Sites

Zyxel addresses Zero-Day vulnerability in NAS devices

AT&T Alien Labs finds new Golang malware (BotenaGo) targeting millions of routers and IoT devices with more than 30 exploits

Silex malware bricks thousands of IoT devices in a few hours

Key Reuse opens to attacks on IPsec IKE, Cisco, Huawei, ZyXEL products are affected

Too much UPnP-enabled connected devices still vulnerable to cyber attacks

CISA warns of critical flaws in Prima FlexAir access control system

WizCase Report: Vulnerabilities found in WD My Book, NetGear Stora, SeaGate Home, Medion LifeCloud NAS

BotenaGo strikes again – malware source code uploaded to GitHub

GUEST ESSAY: The story behind how DataTribe is helping to seed ‘Cybersecurity Valley’ in Maryland

Stay Connected