2015, Encryption and Firmware - Cyber Security Informer

QNAP urges users to update NAS firmware and app to prevent infections

Security Affairs

SEPTEMBER 29, 2020

While the AgeLocker ransomware continues to target QNAP NAS systems, the Taiwanese vendor urges customers to update the firmware and apps. Taiwanese vendor QNAP is urging its customers to update the firmware and apps installed on their network-attached storage (NAS) devices to prevent AgeLocker ransomware infections.

Firmware

Firmware Ransomware Encryption Advertising

Flaws in several self-encrypting SSDs allows attackers to decrypt data they contain

Security Affairs

NOVEMBER 6, 2018

The encryption system implemented by popular solid-state drives (SSDs) is affected by critical vulnerabilities that could be exploited by a local attacker to decrypt data. “We have analyzed the hardware full-disk encryption of several SSDs by reverse engineering their firmware.

Encryption

Encryption Firmware Passwords Advertising

Flaws in firmware expose almost any modern PC to Cold Boot Attacks

Security Affairs

SEPTEMBER 13, 2018

New Firmware Flaws Resurrect Cold Boot Attacks. A team of security researchers demonstrated that the firmware running on nearly all modern computers is vulnerable to cold boot attacks. encryption keys, passwords) from a running operating system after using a cold reboot to restart the machine. concludes the experts.

Firmware

Firmware Encryption Advertising Passwords

D-Link releases a security firmware update that only fixes 3 out 6 issues in DIR-865L home routers

Security Affairs

JUNE 13, 2020

D-Link has released a firmware update to address three security flaws impacting the DIR-865L home router model, but left some issue unpatched. D-Link has recently released a firmware update to address three out of six security flaws impacting the DIR-865L wireless home router. Pierluigi Paganini.

Firmware

Firmware Wireless Advertising Risk

CVE-2019-0090 flaw affects Intel Chips released in the last 5 years

Security Affairs

MARCH 7, 2020

The CVE-2019-0090 vulnerability affects the firmware running on the ROM of the Intel’s Converged Security and Management Engine (CSME). Intel CSME is responsible for initial authentication of Intel-based systems by loading and verifying all other firmware for modern platforms.” x, SPS_E3_05.00.04.027.0. .

Firmware

Firmware Technology Advertising Authentication

New Ttint IoT botnet exploits two zero-days in Tenda routers

Security Affairs

OCTOBER 5, 2020

The botnet uses the WSS (WebSocket over TLS) protocol for C2 communication to circumvent the typical Mirai traffic detection and provide secure encrypted communication for command and control. “Two zero days, 12 remote access functions for the router, encrypted traffic protocol, and infrastructure IP that that moves around.

IoT

IoT Firmware DNS Advertising

Tails OS version 4.5 supports the Secure Boot

Security Affairs

APRIL 10, 2020

The Tails OS allows to use the Internet anonymously and circumvent censorship by using the Tor Network, it leaves no trace on the computer users are using and uses the state-of-the-art cryptographic tools to encrypt files, emails and instant messaging. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Firmware

Firmware Advertising Encryption Internet

xHelper, the Unkillable Android malware that re-Installs after factory reset

Security Affairs

APRIL 7, 2020

Upon the installation, the malicious app registers itself as a foreground service and extracts an encrypted payload that gathers information about the victim’s device (android_id, manufacturer, model, firmware version, etc.) In this case, reflashing is pointless, so it would be worth considering alternative firmwares for your device.

Malware

Malware Firmware Manufacturing Mobile

Researchers found allegedly intentional backdoors in FTTH devices from Chinese vendor C-Data

Security Affairs

JULY 10, 2020

The backdoor accounts in the firmware of 29 FTTH Optical Line Termination (OLT) devices from popular vendor C-Data. The security duo, composed of Pierre Kim and Alexandre Torres, disclosed seven vulnerabilities in the firmware of FTTH OLT devices manufactured by C-Data. ” reads the analysis published by the experts.

Firmware

Firmware Accountability Advertising Manufacturing

QNAP addresses 2 critical flaws that can allow hackers to take over NASs

Security Affairs

OCTOBER 8, 2020

Recently QNAP published a security advisory urging its customers to update the firmware and apps installed on their network-attached storage (NAS) devices to prevent AgeLocker ransomware infections. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini. SecurityAffairs – hacking, QNAP).

Encryption

Encryption Firmware Advertising Ransomware

QSnatch malware infected over 62,000 QNAP NAS Devices

Security Affairs

JULY 28, 2020

These are encrypted with the actor’s public key and sent to their infrastructure over HTTPS. The experts observed that once a device has been infected, the malicious code can prevent the installation of firmware updates. If sources are in question, run a full factory reset on the device prior to completing the firmware upgrade.

Malware

Malware Firmware Advertising Manufacturing

Infecting Canon EOS DSLR camera with ransomware over the air

Security Affairs

AUGUST 12, 2019

Searching online the expert first found an encrypted firmware, he found on a forum a Portable ROM Dumper , (a custom firmware update file that once loaded, dumps the memory of the camera into the SD Card) that allowed him to dump the camera’s firmware and load it into his disassembler (IDA Pro). Pierluigi Paganini.

Ransomware

Ransomware Firmware Wireless Encryption

Maze Ransomware operators published data from LG and Xerox

Security Affairs

AUGUST 4, 2020

At the time, the Maze ransomware operators only released three screenshots as proof of the data breaches on the Maze ransomware leak site: Researchers from ZDNet who analyzed the leaked data confirmed that it included source code for the firmware of various LG products, including phones and laptops. Pierluigi Paganini.

Ransomware

Ransomware Encryption Advertising Hacking

Expert released PoC exploit code for unpatched backdoor in HiSilicon chips

Security Affairs

FEBRUARY 5, 2020

More recent firmware versions had Telnet access and debug port (9527/ tcp ) disabled by default, but they had open port 9530/ tcp that could be exploited by attackers to send a special command to start telnet daemon and enable shell access with a static password ([ 1 ], [ 2 ], [ 3 ]). Pierluigi Paganini.

Firmware

Firmware Encryption Advertising Passwords

A daily average of 80,000 printers exposed online via IPP

Security Affairs

JUNE 23, 2020

Unlike other printer management protocols, the IPP protocol supports multiple security features, including authentication and encryption, but evidently organizations don’t use them. This info includes printer names, locations, models, firmware versions, organization names, and even WiFi network names. Pierluigi Paganini.

Internet

Internet Internet Firmware Advertising

Security Affairs newsletter Round 268

Security Affairs

JUNE 14, 2020

Firmware

Firmware Advertising Ransomware Hacking

Hackers infect Linux servers with JungleSec Ransomware via IPMI Remote console

Security Affairs

DECEMBER 27, 2018

The IPMI is a set of computer interface specifications for an autonomous computer subsystem that provides management and monitoring capabilities independently of the host system’s CPU, firmware (BIOS or UEFI) and operating system. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Ransomware

Ransomware Passwords Firmware Advertising

NCSC warns of a surge in ransomware attacks on education institutions

Security Affairs

SEPTEMBER 20, 2020

Once gained the foothold in the target network, the attackers will attempt lateral movements to elevate the privileges and search for high-value machines to encrypt (i.e. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. backup servers, network shares, servers, auditing devices). Pierluigi Paganini.

Education

Education Ransomware Antivirus Backups

USBAnywhere BMC flaws expose Supermicro servers to hack

Security Affairs

SEPTEMBER 3, 2019

Researchers at firmware security firm Eclypsium discovered multiple vulnerabilities referred as USBAnywhere that could be exploited to potentially allow an attacker to take over the baseboard management controller (BMC) for three different models of Supermicro server boards: the X9, X10, and X11. ” reads the post published by Eclypsium.

Hacking

Hacking Firmware Media Authentication

Security Affairs newsletter Round 252

Security Affairs

FEBRUARY 23, 2020

Russian govn blocked Tutanota service in Russia to stop encrypted communication. Russian govn blocked Tutanova service in Russia to stop encrypted communication. Unsigned Firmware running on peripherals could expose Windows, Linux systems to hack. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Artificial Intelligence

Artificial Intelligence eCommerce Hacking Firmware

Intel investigates security breach after the leak of 20GB of internal documents

Security Affairs

AUGUST 7, 2020

Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. The good news is that the leaked files doesn’t contain sensitive data about customers or employees of the chip maker. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Firmware

Firmware Advertising Hacking Engineering

Millions of Xiongmai video surveillance devices can be easily hacked via cloud feature

Security Affairs

OCTOBER 10, 2018

If the data connection is not properly encrypted ( spoiler alert: it’s not, we’ve checked! ), anyone who can intercept the connection is able to monitor all data that is exchanged. ” Experts also discovered that it is possible to execute arbitrary code on the device through a firmware update. Who controls these servers?

Surveillance

Surveillance Hacking Firmware Manufacturing

Feds Warn About Critical Infrastructure Ransomware Attacks, Vulnerabilities

eSecurity Planet

FEBRUARY 15, 2022

The ransomware encrypts files on compromised Windows host systems, including physical and virtual servers, the advisory noted, and the executable leaves a ransom note in all directories where encryption occurs, including ransom payment instructions for obtaining a decryption key. 7 SP1, 8, 8.1) 7 SP1, 8, 8.1)

Ransomware

Ransomware Encryption Backups Accountability

Privacy Roundup: Week 1 of Year 2025

Security Boulevard

JANUARY 4, 2025

Vulnerabilities and Malware Primarily includes severe and exploited vulnerabilities in devices or software used by end users (ex: a major router firmware flaw). Commonly, these botnets exploit CVE-2015-2051, CVE-2019-10891, CVE-2022-37056, and CVE-2024-33112 for initial access to vulnerable D-Link routers.

Data breaches

Data breaches Firmware Healthcare Malware

USBsamurai for Dummies: How To Make a Malicious USB Implant & Bypass Air-Gapped Environments for 10$. The Dumb-Proof Guide.

Security Affairs

SEPTEMBER 26, 2019

With this article I wanna bring more light regarding: Which are the differences between C-U0007 & C-U0012 How to Build USBsamurai with a C-U0012 How to flash the C-U0012 with the LIGHTSPEED Firmware How to Flash the C-U0007 with the G700 firmware to achieve better performances and get the Air-Gap Bypass feature How to setup LOGITacker.

Firmware

Firmware Encryption Advertising InfoSec

FBI warns about high-impact Ransomware attacks on U.S. Organizations

Security Affairs

OCTOBER 3, 2019

Sometimes crooks don’t decrypt them after the payment, in other cases security issues in the encryption process, or in the malware development, make it impossible to decrypt the data. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. gov to receive the necessary support. Pierluigi Paganini.

Ransomware

Ransomware Firmware Advertising Internet

DRAGONBLOOD flaws allow hacking WPA3 protected WiFi passwords

Security Affairs

AUGUST 3, 2019

The WPA Wireless security standard was designed to authenticate wireless devices using the Advanced Encryption Standard (AES) protocol and to establish secure connections that hackers cannot spy on. The Enterprise mode implements 192-bit encryption for networks that require extra security. ” the experts added. Pierluigi Paganini.

Passwords

Passwords Hacking Wireless Authentication

Key Reuse opens to attacks on IPsec IKE, Cisco, Huawei, ZyXEL products are affected

Security Affairs

AUGUST 14, 2018

Security researchers from the University of Opole in Poland and the Ruhr-University Bochum in Germany have devised a new attack technique that allows cracking encrypted communications. We exploit a Bleichenbacher oracle in an IKEv1 mode, where RSA encrypted nonces are used for authentication.” Many vendors are affected.

Encryption

Encryption Authentication Internet Internet

Hacking the Twinkly IoT Christmas lights

Security Affairs

DECEMBER 24, 2018

The communications are not encrypted, however the WiFi password is sent encrypted during set up (albeit trivial to decrypt).” “As the communications are not encrypted, it is simple to Man-in-the-Middle the traffic and analyse the API.” ” reads the analysis published by MWR InfoSecurity.

IoT

IoT Hacking DNS Authentication

QSnatch malware already infected thousands of QNAP NAS devices

Security Affairs

NOVEMBER 4, 2019

“The original infection method remains unknown, but during that phase malicious code is injected to the firmware of the target system, and the code is then run as part of normal operations within the device. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. ” reads the report. Pierluigi Paganini.

Malware

Malware Firmware Advertising Encryption

Smart home security advice. Ring, SimpliSafe, Swann, and Yale

Pen Test Partners

SEPTEMBER 9, 2024

Encryption: End-to-end encryption isn’t enabled by default for doorbells but should be activated. Enhanced encryption protocols now provide better protection against unauthorised access to Wi-Fi credentials. Encryption: What’s the deal? Since then, Ring has made substantial improvements to address this issue.

Firmware

Firmware Encryption Passwords Authentication

NGINX zero-day vulnerability: Check if you’re affected

Malwarebytes

APRIL 13, 2022

The reference implementation was announced in June 2015. Because LDAP extends to IoT devices, of which there are many more than IT devices, organizations running LDAP need to encrypt traffic using TLS certificates on IoT devices, keep the firmware up to date, and apply proper password management. Stay safe, everyone!

Authentication

Authentication IoT Firmware Password Management

IoT Cybersecurity: 5 Major Vulnerabilities and How to Tackle Them

Security Affairs

OCTOBER 13, 2020

As an example, we could use communications between systems that are not properly encrypted. Improper encryption. Hackers or other malicious sources can intercept poorly encrypted communications on the web. IoT devices on public Wi-Fi and encrypted networks are especially vulnerable to this type of attack. Vicious insider.

IoT

IoT Cybersecurity Manufacturing Internet

TP-Link Archer routers allow remote takeover without passwords

Security Affairs

DECEMBER 17, 2019

” The experts also pointed out that the RSA encryption key would fail since it is not designed to work with an empty password. TP-Link has already addressed the flaw with the release of the following security patches for Archer C5 V4, Archer MR200v4, Archer MR6400v4, and Archer MR400v3 routers: Firmware for Archer C5 V4: [link].

Passwords

Passwords Advertising Firmware Authentication

Privacy-oriented Linux OS Tails 3.9 is out, what’s new?

Security Affairs

SEPTEMBER 8, 2018

that includes security patches for the Foreshadow attacks as well as updated Intel and AMD microcode firmware to address the latest Spectre and Meltdown security flaws. Integrating VeraCrypt or TrueCrypt users can easily manage encrypted disk drives directly from the GNOME desktop environment. relies on Linux kernel 4.17 Tails 3.10

Encryption

Encryption Firmware Advertising Software

CVE-2018-5383 Bluetooth flaw allows attackers to monitor and manipulate traffic

Security Affairs

JULY 24, 2018

The issue tracked as CVE-2018-5383 affects the Secure Simple Pairing and LE Secure Connections features, it affects firmware or drivers from some major vendors including Apple, Broadcom, Intel, and Qualcomm. The vendor has already rolled out both software and firmware updates to fix the issue.

Wireless

Wireless Firmware Advertising Encryption

The Biggest Lessons about Vulnerabilities at RSAC 2021

eSecurity Planet

MAY 28, 2021

Ransomware: Encryption, Exfiltration, and Extortion. Ransomware perpetrators of the past presented a problem of availability through encryption. Detect Focus on encryption Assume exfiltration. From BIOS and firmware to UEFI code, VBOS is an attack vector that requires more attention. Old way New way. Current Target: VBOS.

Software

Software DNS Firmware VPN

Security Affairs newsletter Round 228

Security Affairs

AUGUST 25, 2019

Intel addresses High-Severity flaws in NUC Firmware and other tools. million to allow towns to access encrypted data. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Bluetana App allows detecting Bluetooth card skimmers in just 3 seconds. 5 Common Phishing Attacks and How to Avoid Them?

Small Business

Small Business Data breaches Spyware Firmware

VISA warns of cyber attacks on PoS systems of fuel dispenser merchants

Security Affairs

DECEMBER 13, 2019

EMV Chip, Pointto -Point Encryption, Tokenization, etc.) Maintain a patch management program and update all software and hardware firmware to most current release to limit the attack surface for zero-day vulnerabilities. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Cyber Attacks

Cyber Attacks Malware Cybercrime Advertising

The Internet of Things: Security Risks Concerns

Spinone

MARCH 17, 2018

billion “things” connected to the Internet , a 30% increase from 2015. While updates tend to be released regularly for such devices, 60% of those studied downloaded these updates automatically without encryption. Lack of Data Encryption 70% of devices were found to send data over the network unencrypted.

Internet

Internet Internet Risk Computers and Electronics

The Hacker Mind: Hacking IoT

ForAllSecure

APRIL 22, 2021

And the hope is that we will continue expanding on the exemptions that have been granted for good faith security research so in 2015, we got some narrow exemptions for medical devices cars and voting machines. Vamosi: So we have some hardware tools, there's still the issue of the various communications protocols and firmware itself.

IoT

IoT Hacking Internet Internet

The Hacker Mind: Hacking IoT

ForAllSecure

APRIL 22, 2021

And the hope is that we will continue expanding on the exemptions that have been granted for good faith security research so in 2015, we got some narrow exemptions for medical devices cars and voting machines. Vamosi: So we have some hardware tools, there's still the issue of the various communications protocols and firmware itself.

IoT

IoT Hacking Internet Internet

McAfee Enterprise ATR Uncovers Vulnerabilities in Globally Used B. Braun Infusion Pump

McAfee

AUGUST 24, 2021

Even earlier, in 2015 research was published on the Hospira Symbiq Infusion Pump showing that it was possible to modify drug library files and raise dose limits through “unanticipated operations”, although authentication was required. The infusion pump portion of their research was focused on the Medtronic insulin pumps.

Computers and Electronics

Computers and Electronics Authentication Software Risk

QNAP urges users to update NAS firmware and app to prevent infections

Flaws in several self-encrypting SSDs allows attackers to decrypt data they contain

Trending Sources

Flaws in firmware expose almost any modern PC to Cold Boot Attacks

D-Link releases a security firmware update that only fixes 3 out 6 issues in DIR-865L home routers

CVE-2019-0090 flaw affects Intel Chips released in the last 5 years

New Ttint IoT botnet exploits two zero-days in Tenda routers

Tails OS version 4.5 supports the Secure Boot

xHelper, the Unkillable Android malware that re-Installs after factory reset

Researchers found allegedly intentional backdoors in FTTH devices from Chinese vendor C-Data

QNAP addresses 2 critical flaws that can allow hackers to take over NASs

QSnatch malware infected over 62,000 QNAP NAS Devices

Infecting Canon EOS DSLR camera with ransomware over the air

Maze Ransomware operators published data from LG and Xerox

Expert released PoC exploit code for unpatched backdoor in HiSilicon chips

A daily average of 80,000 printers exposed online via IPP

Security Affairs newsletter Round 268

Hackers infect Linux servers with JungleSec Ransomware via IPMI Remote console

NCSC warns of a surge in ransomware attacks on education institutions

USBAnywhere BMC flaws expose Supermicro servers to hack

Security Affairs newsletter Round 252

Intel investigates security breach after the leak of 20GB of internal documents

Millions of Xiongmai video surveillance devices can be easily hacked via cloud feature

Feds Warn About Critical Infrastructure Ransomware Attacks, Vulnerabilities

Privacy Roundup: Week 1 of Year 2025

USBsamurai for Dummies: How To Make a Malicious USB Implant & Bypass Air-Gapped Environments for 10$. The Dumb-Proof Guide.

FBI warns about high-impact Ransomware attacks on U.S. Organizations

DRAGONBLOOD flaws allow hacking WPA3 protected WiFi passwords

Key Reuse opens to attacks on IPsec IKE, Cisco, Huawei, ZyXEL products are affected

Hacking the Twinkly IoT Christmas lights

QSnatch malware already infected thousands of QNAP NAS devices

Smart home security advice. Ring, SimpliSafe, Swann, and Yale

NGINX zero-day vulnerability: Check if you’re affected

IoT Cybersecurity: 5 Major Vulnerabilities and How to Tackle Them

TP-Link Archer routers allow remote takeover without passwords

Privacy-oriented Linux OS Tails 3.9 is out, what’s new?

CVE-2018-5383 Bluetooth flaw allows attackers to monitor and manipulate traffic

The Biggest Lessons about Vulnerabilities at RSAC 2021

Security Affairs newsletter Round 228

Top SD-WAN Solutions for Enterprise Security

VISA warns of cyber attacks on PoS systems of fuel dispenser merchants

The Internet of Things: Security Risks Concerns

The Hacker Mind: Hacking IoT

The Hacker Mind: Hacking IoT

McAfee Enterprise ATR Uncovers Vulnerabilities in Globally Used B. Braun Infusion Pump

Stay Connected