Security Affairs

DECEMBER 17, 2023

The security firm revealed that threat actors were exploiting a vulnerability, tracked as CVE-2023-49897 (CVSS score 8.0) that impacted several routers, including Future X Communications (FXC) AE1021 and AE1021PE wall routers, running firmware versions 2.0.9 released June 21, 2014). and earlier. and earlier (5.0.0

Firmware 110

Firmware Wireless DDOS IoT 110

Security Affairs

JULY 15, 2021

. “Through the course of collaboration with trusted third parties, SonicWall has been made aware of threat actors actively targeting Secure Mobile Access (SMA) 100 series and Secure Remote Access (SRA) products running unpatched and end-of-life (EOL) 8.x x firmware in an imminent ransomware campaign using stolen credentials.”

Firmware 108

Firmware Ransomware Passwords Mobile 108

Security Affairs

MARCH 7, 2020

The CVE-2019-0090 vulnerability affects the firmware running on the ROM of the Intel’s Converged Security and Management Engine (CSME). Intel CSME is responsible for initial authentication of Intel-based systems by loading and verifying all other firmware for modern platforms.” x, SPS_E3_05.00.04.027.0. .”

Firmware 126

Firmware Technology Advertising Authentication 126

Security Affairs

OCTOBER 5, 2020

The experts were investigating several suspicious UEFI firmware images when discovered four components, some of which were borrowing the source code a Hacking Team spyware. The firmware malware is based on code associated with HackingTeam’s VectorEDK bootkit, with minor changes. ” concludes the report. Pierluigi Paganini.

Firmware 126

Firmware Spyware Surveillance Hacking 126

Security Affairs

NOVEMBER 11, 2021

Ax with firmware 1.04b12 and earlier CVE-2016-1555 Netgear WN604 before 3.3.3 CVE-2017-6077 NETGEAR DGN2200 devices with firmware through 10.0.0.50 CVE-2020-9054 Multiple ZyXEL network-attached storage (NAS) devices running firmware version 5.2, Affected products include: NAS326 before firmware V5.21(AAZF.7)C0 A2pvI042j1.d26m

IoT 119

IoT Firmware Malware Wireless 119

Security Affairs

OCTOBER 5, 2020

According to the experts, Tenda routers running a firmware version between AC9 to AC18 are vulnerable to the attack. “We recommend that Tenda router users check their firmware and make necessary update.” ” ~ Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

IoT 136

IoT Firmware DNS Advertising 136

Security Affairs

JULY 21, 2020

Researchers devised a technique dubbed BadPower to alter the firmware of fast chargers to cause damage to connected systems or cause the device to catch fire. BadPower consists of corrupting the firmware of fast chargers. “Most BadPower problems can be fixed by updating the device firmware.” Pierluigi Paganini.

Firmware 105

Firmware Manufacturing Advertising Hacking 105

Security Affairs

JUNE 22, 2020

AMD is going to release patches for a flaw affecting the System Management Mode (SMM) of the Unified Extensible Firmware Interface (UEFI). The vulnerability was discovered by the security researcher Danny Odler, it resides in the AMD’s Mini PC could allow attackers to manipulate secure firmware and execute arbitrary code.

Firmware 92

Firmware Architecture Advertising Manufacturing 92

Security Affairs

APRIL 7, 2020

Upon the installation, the malicious app registers itself as a foreground service and extracts an encrypted payload that gathers information about the victim’s device (android_id, manufacturer, model, firmware version, etc.) In this case, reflashing is pointless, so it would be worth considering alternative firmwares for your device.

Malware 119

Malware Firmware Manufacturing Mobile 119

Security Affairs

JULY 10, 2020

The backdoor accounts in the firmware of 29 FTTH Optical Line Termination (OLT) devices from popular vendor C-Data. The security duo, composed of Pierre Kim and Alexandre Torres, disclosed seven vulnerabilities in the firmware of FTTH OLT devices manufactured by C-Data. ” reads the analysis published by the experts.

Firmware 94

Firmware Accountability Advertising Manufacturing 94

Security Affairs

JULY 25, 2020

The vendor pointed out that DAP-1522 and DIR-816L models that have reached their “end of support” phase, this means that these devices running firmware versions v1.42 (and below) and v12.06.B09 B09 (and below) will receive no security updates remaining vulnerable. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Firmware 97

Firmware Advertising Authentication Hacking 97

Security Affairs

JULY 28, 2020

The first campaign likely began in early 2014 and continued until mid-2017, while the second started in late 2018 and was still active in late 2019. The experts observed that once a device has been infected, the malicious code can prevent the installation of firmware updates.

Malware 102

Malware Firmware Advertising Manufacturing 102

Security Affairs

OCTOBER 4, 2020

Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. The post Security Affairs newsletter Round 284 appeared first on Security Affairs. Pierluigi Paganini. SecurityAffairs – hacking, newsletter).

Ransomware 85

Ransomware Firmware Advertising Insurance 85

Security Affairs

APRIL 10, 2020

The secure boot prevents that malware such as a rootkit will replace the boot loader staying completely invisible and undetectable on a target system. The security feature is part of the UEFI 2.3.1 Errata C specification (or higher), when the Secure Boot is enabled the OS is loaded only after all the firmware checks pass.

Firmware 98

Firmware Advertising Encryption Internet 98

Security Affairs

JUNE 18, 2020

A whopping 79 Netgear router models are vulnerable to a severe security flaw that can let hackers take over devices remotely. Nichols discovered that the vulnerability affects 758 different firmware versions that run on 79 Netgear routers. Oldest firmware versions have been released as far back as 2007. Pierluigi Paganini.

Firmware 133

Firmware Internet Internet Advertising 133

Security Affairs

JULY 28, 2020

Flashing Firmware: Flashing BUSSide firmware inside the NodeMCU is quick and easy: # apt-get install esptool # git clone [link] # esptool --port /dev/ttyUSB0 write_flash 0x00000 BUSSide/FirmwareImages/*.bin. his majesty, the Firmware). In a couple of minutes you should get extracted the firmware. What do you do?

IoT 125

IoT Hacking Firmware Advertising 125

Security Affairs

JULY 11, 2019

The second vulnerability addressed by Intel affects SSD DC S4500/S4600 series firmware, it could be exploited by an attacker with physical access for privilege escalation. The flaw has been classified as “medium severity,” it affects firmware versions prior to SCV10150. ” reads the analysis published by Intel. Pierluigi Paganini.

Firmware 76

Firmware Advertising Authentication Hacking 76

Security Affairs

MARCH 28, 2020

On February 10, 2020, the Taiwanese manufacturer DrayTek issued a security bulletin to address the vulnerability with the release of the firmware program 1.5.1. On the 6th Feb, we released an updated firmware to address this issue.” ” reads the security bulletin. firmware or later. .”

Firmware 80

Firmware VPN Accountability Advertising 80

Security Affairs

JULY 5, 2019

Experts discovered a malicious app on Google Play, named Updates for Samsung , that was downloaded by over ten million users that poses as firmware updates. Over ten million users have installed a fake Samsung app named “ Updates for Samsung ” that poses as firmware updates. com via HTTPS. Pierluigi Paganini.

Scams 67

Scams Firmware Advertising Software 67

Security Affairs

JULY 3, 2023

For this reason, if the customer has SSL-VPN enabled, Fortinet is advising customers to take immediate action to upgrade to the most recent firmware release. Experts recommend organizations using FortiGate firewall, or anything else powered by FortiOS, to follow Fortinet’s advisory for this issue and upgrade their firmware immediately.

Firewall 82

Firewall VPN Firmware Internet 82

Security Affairs

AUGUST 10, 2019

. “We were able to find the presence of a Remote Code Execution (RCE) vulnerability in a piece of open source software that Avaya likely copied and modified 10 years ago, and then failed to apply subsequent security patches to.” Avaya addressed the issue with the release of new firmware on June 25. Only the H.323

Firmware 83

Firmware IoT Advertising Software 83

Security Affairs

SEPTEMBER 8, 2020

“Several firmware versions have been released, but some of the vulnerabilities have not been fully patched.” ” The vendor has released roughly 10 firmware updates since the vulnerabilities have been reported. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Firmware 84

Firmware Wireless Authentication Advertising 84

Security Affairs

JUNE 14, 2019

The security advisory published by the company states that the issue impacts YubiKey series devices running versions 4.4.2 of the firmware. “An issue exists in the YubiKey FIPS Series devices with firmware version 4.4.2 there is no released firmware version 4.4.3) that was certified at the end of April.

Firmware 72

Firmware Advertising Authentication Passwords 72

Security Affairs

NOVEMBER 17, 2019

The Siemens S7 is considered one of the most secure controllers in the industry, it is used in power plants, traffic lights, water pumps, building control, production lines, aviation systems, and many other critical infrastructures. . Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Firmware 86

Firmware Advertising Manufacturing Risk 86

Security Affairs

AUGUST 12, 2019

Searching online the expert first found an encrypted firmware, he found on a forum a Portable ROM Dumper , (a custom firmware update file that once loaded, dumps the memory of the camera into the SD Card) that allowed him to dump the camera’s firmware and load it into his disassembler (IDA Pro). Pierluigi Paganini.

Firmware 85

Firmware Ransomware Wireless Encryption 85

Security Affairs

JULY 31, 2020

This week, firmware security company Eclypsium reported that billions of Windows and Linux devices are affected by a serious GRUB2 bootloader issue (CVE-2020-10713), dubbed BootHole , that can be exploited to install a stealthy malware. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Firmware 82

Firmware Advertising Malware Hacking 82

Security Affairs

JUNE 13, 2019

The company has already fixed the issues with the release of firmware versions 1.2.2.S0, “The industrial managed switch series 852 from WAGO is affected by multiple vulnerabilities such as old software components embedded in the firmware. ” reads the security advisory. ” reads the security advisory.

Firmware 63

Firmware Passwords Advertising IoT 63

Security Affairs

APRIL 5, 2020

A group of security researchers has found thousands of Android apps containing hidden backdoors and blacklists. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. the researchers conclude. Pierluigi Paganini.

Mobile 113

Mobile Passwords Advertising Firmware 113

Security Affairs

AUGUST 30, 2019

Evdokimov discovered the wiretapping equipment on April 2018 and since June 2018 he worked with ISPs to secure the SORM equipment. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. ” continues Meduza. billion rubles ($154.5

Surveillance 79

Surveillance Firmware Mobile Advertising 79

Security Affairs

JUNE 14, 2020

Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. . Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Firmware 66

Firmware Advertising Ransomware Hacking 66

Security Affairs

JUNE 25, 2020

In 2014 its global sales reached $55.91 “One of the screenshots seems to consist of LG Electronics official firmware or software update releases that assist their hardware products to work more efficiently.” Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. ” continues Cyble.

Computers and Electronics 101

Computers and Electronics Ransomware Mobile Telecommunications 101

Security Affairs

JULY 10, 2020

The company published a list of security advisories to inform its customers of the vulnerabilities in its products. Some of the issues also affected third-party components, including OpenSSL, Intel firmware, Bouncy Castle, Java SE, Apache software, and others. Pierluigi Paganini. SecurityAffairs – hacking, Juniper).

Firmware 80

Firmware Advertising Firewall Internet 80

Security Affairs

OCTOBER 8, 2020

Recently QNAP published a security advisory urging its customers to update the firmware and apps installed on their network-attached storage (NAS) devices to prevent AgeLocker ransomware infections. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. The application is updated. Pierluigi Paganini.

Encryption 99

Encryption Firmware Advertising Ransomware 99

Security Affairs

FEBRUARY 23, 2020

Unsigned Firmware running on peripherals could expose Windows, Linux systems to hack. 5 Ways artificial intelligence Is Being Used to Keep Sensitive Information Secure. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Artificial Intelligence 61

Artificial Intelligence eCommerce Firmware Hacking 61

Security Affairs

FEBRUARY 6, 2020

The bridge discovers the hacker-controlled bulb with updated firmware, and the user adds it back onto their network. The company released firmware p atches for the device in January. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Hacking 115

Hacking IoT Wireless Firmware 115

Security Affairs

AUGUST 7, 2020

Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. The post Intel investigates security breach after the leak of 20GB of internal documents appeared first on Security Affairs. Pierluigi Paganini.

Firmware 63

Firmware Advertising Engineering Hacking 63

Security Affairs

DECEMBER 8, 2019

Both, the firmware and hardware of the tools are completely open-source, this means that researchers can extend their functionalities according to their needs. . Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. NAND chips).

Firmware 67

Firmware Advertising Marketing Hacking 67