Security Affairs

OCTOBER 10, 2018

Millions of Xiongmai video surveillance devices can be easily hacked via cloud feature, a gift for APT groups and cyber crime syndicates. Xiongmai hereinafter) that are open to hack. The experts also discovered an undocumented user with the name “default” and password “tluafed.”. ” continues the analysis.

Surveillance 80

Surveillance Hacking Firmware Manufacturing 80

Security Affairs

SEPTEMBER 3, 2019

Researchers at firmware security firm Eclypsium discovered multiple vulnerabilities referred as USBAnywhere that could be exploited to potentially allow an attacker to take over the baseboard management controller (BMC) for three different models of Supermicro server boards: the X9, X10, and X11. ” reads the post published by Eclypsium.

Hacking 83

Hacking Firmware Media Authentication 83

Security Affairs

SEPTEMBER 6, 2019

600,000 GPS trackers left exposed online with a default password of ‘123456’ Avast researchers found at least 600,000 GPS trackers manufactured by a Chinese vendor that were exposed online with a default password of “123456.” The use of default passwords represents a serious problem also for the Chinese vendor.

Passwords 79

Passwords Manufacturing Advertising Firmware 79

Security Affairs

JULY 16, 2018

A security researcher discovered that the IoT search engine ZoomEye has cached login passwords for tens of thousands of Dahua DVRs. The IoT search engine ZoomEye has cached login passwords for tens of thousands of Dahua DVRs, the discovery was made by security researcher Ankit Anubhav, Principal Researcher at NewSky Security.

IoT 55

IoT Engineering Passwords Firmware 55

Security Affairs

SEPTEMBER 10, 2019

The hardware of the terminals is equipped with Shenzen technology, while the firmware is based on BusyBox Linux Debian. . The telnetd service is being deactivated and old and weak passwords are as well being removed or changed. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

IoT 82

IoT Hacking Firmware Advertising 82

Security Affairs

MARCH 23, 2020

Netlab shared its findings with LILIN on January 19, 2020, and the vendor addressed the issues with the release of the firmware update (version 2.0b60_20200207). The new firmware released by the vendors validated the hostname passed as input to prevent command execution. SecurityAffairs – hacking, LILIN). Pierluigi Paganini.

Firmware 103

Firmware Surveillance Manufacturing Advertising 103

Security Affairs

SEPTEMBER 8, 2020

Researchers found multiple vulnerabilities in MoFi Network routers, including critical flaws that can be exploited to remotely hack a device. “The authentication function contains undocumented code which provides the ability to authenticate as root without having to know the actual root password. ” continues the report.

Firmware 82

Firmware Wireless Authentication Advertising 82

Security Affairs

FEBRUARY 18, 2020

Successfully dumped the smartlock’s firmware. And after having successfully dumped the firmware we can proceed at extracting some valuable evidences for the forensics case. Artifacts extracted from the FW analysis: Smartlock Passwords & User’s Logs. But it saves my time while hacking (I)IoT targets.

IoT 79

IoT Hacking Firmware Advertising 79

Security Affairs

JUNE 13, 2019

The company has already fixed the issues with the release of firmware versions 1.2.2.S0, “The industrial managed switch series 852 from WAGO is affected by multiple vulnerabilities such as old software components embedded in the firmware. The expert also found hardcoded private keys for the SSH daemon in the device’s firmware.

Firmware 62

Firmware Passwords Advertising IoT 62

Security Affairs

FEBRUARY 3, 2020

“ Attackers can easily obtain default passwords and identify internet-connected target systems. Passwords can be found in p roduct documentation and compiled lists available on the Internet.” Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. 06 and older. ” continues SonicWall.

DDOS 73

DDOS Hacking Internet Internet 73

Security Affairs

APRIL 26, 2019

An attacker could chain the issues to steal password theft and possibly remotely compromise the devices, he only needs to know the IP address of the P2P server used by the device. Furthermore, even if software patches were issued, the likelihood of most users updating their device firmware is low. ” reported Brian Krebs.

IoT 79

IoT Hacking Manufacturing Advertising 79

Security Affairs

DECEMBER 24, 2018

The communications are not encrypted, however the WiFi password is sent encrypted during set up (albeit trivial to decrypt).” If Twinkly lights are present in the network they will be instructed to display the message ‘Hack the Planet!’ ” reads the analysis published by MWR InfoSecurity. Pierluigi Paganini.

IoT 76

IoT Hacking DNS Authentication 76

Security Affairs

DECEMBER 29, 2018

The vulnerability lies within the design and implementation of Amazon Simple Storage Service (S3) credentials inside the Guardzilla Security Camera firmware.” It has a CVSSv3 base score of 8.6 , since once the password is known, any unauthenticated user can collect the data from any affected system over the internet.”

Firmware 82

Firmware Surveillance IoT Passwords 82

Security Affairs

JULY 28, 2020

CGI password logger This installs a fake version of the device admin login page, logging successful authentications and passing them to the legitimate login page. The experts observed that once a device has been infected, the malicious code can prevent the installation of firmware updates. SecurityAffairs – hacking, QSnatch).

Malware 100

Malware Firmware Advertising Manufacturing 100

Security Affairs

JUNE 14, 2019

of the firmware. The weakness impacts PIV smart card applications, Universal 2nd Factor (U2F) authentication, OATH one-time passwords, and OpenPGP. “An issue exists in the YubiKey FIPS Series devices with firmware version 4.4.2 there is no released firmware version 4.4.3) SecurityAffairs – Yubico, hacking).

Firmware 70

Firmware Advertising Authentication Passwords 70

Security Affairs

JANUARY 27, 2020

“A use of hard-coded cryptographic key vulnerability in FortiSIEM may allow a remote unauthenticated attacker to obtain SSH access to the supervisor as the restricted user “tunneluser” by leveraging knowledge of the private key from another installation or a firmware image.” SecurityAffairs – Fortinet, hacking). reads the advisory.

Advertising 107

Advertising Firmware Authentication Passwords 107

Security Affairs

NOVEMBER 6, 2018

The flaws were discovered by researchers Carlo Meijer and Bernard van Gastel at Radboud University in the Netherlands, the duo discovered that it is possible to bypass password-based authentication to access to encrypted data stored on the drives. Anyway, an attacker can reprogram the firmware to ignore the password and use the DEK.

Encryption 89

Encryption Firmware Passwords Advertising 89

Security Affairs

DECEMBER 25, 2018

Threat actors are attempting to exploit a flaw in Orange LiveBox ADSL modems to retrieve their SSID and WiFi password in plaintext. “A flaw exists in these modems that allow remote unauthenticated users to obtain the device’s SSID and WiFi password.” SecurityAffairs – Orange Livebox ADSL modems, hacking).

Passwords 82

Passwords Wireless Firmware Advertising 82

Security Affairs

FEBRUARY 5, 2020

More recent firmware versions had Telnet access and debug port (9527/ tcp ) disabled by default, but they had open port 9530/ tcp that could be exploited by attackers to send a special command to start telnet daemon and enable shell access with a static password ([ 1 ], [ 2 ], [ 3 ]). SecurityAffairs – HiSilicon chips, hacking).

Firmware 77

Firmware Encryption Advertising Passwords 77

Security Affairs

APRIL 5, 2020

Experts analyzed more than 150,000 Android applications, including the top 100,000 apps from the official Google Play, the top 20,000 apps from an alternative store, and 30,000 pre-installed apps extracted from Samsung smartphones’ firmware. censorship keywords , cyber-bulling expressions, and weak passwords).”

Mobile 111

Mobile Passwords Advertising Firmware 111

Security Affairs

APRIL 4, 2019

Firmware updates that address this vulnerability are not currently available. Chaining the two flaws it is possible to take over the Cisco RV320 and RV325 routers, the hackers exploit the bugs to obtain hashed passwords for a privileged account and run arbitrary commands as root. Pierluigi Paganini. ( – Cisco Cisco RV325, hacking).

Small Business 78

Small Business Firmware Advertising VPN 78

Malwarebytes

APRIL 13, 2022

On April 9, hacking group BlueHornet tweeted about an experimental exploit for NGINX 1.18 Companies store usernames, passwords, email addresses, printer connections, and other static data within directories. The reference implementation was announced in June 2015. and promised to warn companies affected by it.

Authentication 100

Authentication IoT Password Management Firmware 100

ForAllSecure

APRIL 22, 2021

In this episode of The Hacker Mind , Beau Woods and Paulino Calderon discuss their book, Practical IoT Hacking, and talk about IoT threat models, the technologies being used today, and what tools and knowledge you need to get started successfully hacking IoT devices. Vamosi: I once lived near a large urban park.

IoT 52

IoT Hacking Internet Internet 52

ForAllSecure

APRIL 22, 2021

In this episode of The Hacker Mind , Beau Woods and Paulino Calderon discuss their book, Practical IoT Hacking, and talk about IoT threat models, the technologies being used today, and what tools and knowledge you need to get started successfully hacking IoT devices. Vamosi: I once lived near a large urban park.

IoT 52

IoT Hacking Internet Internet 52

Security Affairs

OCTOBER 1, 2018

Security experts from Qihoo 360 NetLab have uncovered an ongoing hacking campaign that leverages the GhostDNS malware. GhostDNS scans for the IP addresses used by routers that use weak or no password then accesses them and changes the DNS settings to a rogue DNS server operated by the attackers. Pierluigi Paganini.

DNS 72

DNS Malware Firmware Phishing 72

Security Affairs

SEPTEMBER 7, 2018

Researchers from security firm Eclypsium have discovered a vulnerability in the firmware update mechanism that could be exploited by hackers to deliver persistent malware, completely wipe and reinstall of the operating system. Our research has uncovered vulnerabilities in the way that multiple vendors update their BMC firmware.

Firmware 51

Firmware Malware Advertising Passwords 51

Security Affairs

DECEMBER 27, 2018

The IPMI is a set of computer interface specifications for an autonomous computer subsystem that provides management and monitoring capabilities independently of the host system’s CPU, firmware (BIOS or UEFI) and operating system. “In one case, the IPMI interface was using the default manufacturer passwords. .

Ransomware 104

Ransomware Passwords Firmware Advertising 104

Security Affairs

JULY 25, 2018

EliteLands is using a 2-years old exploit that could be used to trigger tens of well-known vulnerabilities in the AVTech firmware. Many products of the vendor currently run the vulnerable firmware, including DVRs, NVRs, and IP cameras. “So, if I put reboot as password, the AVTech system gets rebooted,” Anubhav explained.

Firmware 43

Firmware Passwords IoT Advertising 43

Security Affairs

SEPTEMBER 20, 2020

The Mozi botnet was spotted by security experts from 360 Netlab, at the time of its discovered it was actively targeting Netgear, D-Link, and Huawei routers by probing for weak Telnet passwords to compromise them. The sample spreads via Telnet with weak passwords and some known exploits (see the list below). Pierluigi Paganini.

IoT 119

IoT DDOS Architecture Passwords 119

Security Affairs

MAY 2, 2019

Experts at Tenable discovered 15 vulnerabilities in eight wireless presentation systems, including flaws that can be exploited to remotely hack devices. Others issues can be exploited by a remote, unauthenticated attacker to change admin and moderator passwords and view presentations. Pierluigi Paganini.

Wireless 73

Wireless Firmware Advertising Authentication 73

Security Affairs

MARCH 30, 2019

Chaining the two flaws it is possible to take over the Cisco RV320 and RV325 routers, the hackers exploit the bugs to obtain hashed passwords for a privileged account and run arbitrary commands as root. Firmware updates that address this vulnerability are not currently available. SecurityAffairs – Cisco Cisco RV320, hacking).

Small Business 71

Small Business Firmware Advertising Engineering 71

Security Affairs

DECEMBER 11, 2018

A-Link WL54AP3 / WL54AP2 (CVE-2008-6823) D-Link DSL-2740R D-Link DIR 905L Medialink MWN-WAPR300 (CVE-2015-5996) Motorola SBG6580 Realtron Roteador GWR-120 Secutech RiS-11/RiS-22/RiS-33 (CVE-2018-10080) TP-Link TL-WR340G / TL-WR340GD TP-Link WR1043ND V1 (CVE-2013-2645). Security Affairs – Novidade exploit kit, hacking).

DNS 88

DNS Advertising Firmware Banking 88

Security Affairs

JUNE 25, 2020

“One of the screenshots seems to consist of LG Electronics official firmware or software update releases that assist their hardware products to work more efficiently.” Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Computers and Electronics 101

Computers and Electronics Ransomware Mobile Telecommunications 101

Security Affairs

NOVEMBER 4, 2019

“The original infection method remains unknown, but during that phase malicious code is injected to the firmware of the target system, and the code is then run as part of normal operations within the device. Gather all usernames and passwords related to the device and sent them to the C2 server. ” reads the report.

Malware 59

Malware Firmware Advertising Encryption 59

Security Affairs

OCTOBER 13, 2020

Simple or reused passwords are still a problem. While the cybersecurity industry has presented options for every netizen, the recommendation to use original and complex passwords continues to be disregarded. Instead, people come up with passwords that are comfortable. SecurityAffairs – hacking, IoT). Poor credentials.

IoT 129

IoT Cybersecurity Manufacturing Internet 129

Security Affairs

MARCH 29, 2019

Version 1 has no auth, version 2 requires the admin password.” Garrett told TP-Link it should “stop shipping debug daemons on production firmware and if you’re going to have a webform to submit security issues then have someone actually respond to it.” SecurityAffairs – hacking,TP-Link SR20 Router).

Advertising 71

Advertising Firmware Firewall Authentication 71

Security Affairs

JULY 13, 2019

“ Malware then guesses routers’ passwords , which new research from Avast shows are often weak. The router attacks involved an exploit kit that attempts to find the router IP on a network, then attempts to guess the password using common login credentials. ” reads a blog post published by Avast. concludes Avast.

DNS 70

DNS Passwords Advertising Banking 70