2015, Firmware and Surveillance - Cyber Security Informer

MY TAKE: Why locking down ‘firmware’ has now become the next big cybersecurity challenge

The Last Watchdog

JUNE 10, 2019

Locking down firmware. Starks Federal Communications Commission member Geoffrey Starks recently alluded to the possibility that China may have secretly coded the firmware in Huawei’s equipment to support cyber espionage and cyber infrastructure attacks. telecoms by Chinese tech giant Huawei.

Firmware

Firmware Cybersecurity Technology Engineering

Expert found Russia’s SORM surveillance equipment leaking user data

Security Affairs

AUGUST 30, 2019

A Russian security researcher has found that hardware wiretapping equipment composing Russia’s SORM surveillance system had been leaking user data. SORM is a mass surveillance system that allows the Government of Moscow to track online activities of single individuals thanks to the support of the Russian ISPs. million). .

Surveillance

Surveillance Firmware Advertising Mobile

Millions of Xiongmai video surveillance devices can be easily hacked via cloud feature

Security Affairs

OCTOBER 10, 2018

Millions of Xiongmai video surveillance devices can be easily hacked via cloud feature, a gift for APT groups and cyber crime syndicates. The flaws reside in a feature named the “XMEye P2P Cloud” that is enabled by default which is used to connect surveillance devices to the cloud infrastructure. Pierluigi Paganini.

Surveillance

Surveillance Hacking Firmware Manufacturing

Second-ever UEFI rootkit used in North Korea-themed attacks

Security Affairs

OCTOBER 5, 2020

The experts were investigating several suspicious UEFI firmware images when discovered four components, some of which were borrowing the source code a Hacking Team spyware. In 2015, the hacker who breached the systems of the Italian surveillance firm Hacking Team leaked a 400GB package containing hacking tools and exploits codes.

Firmware

Firmware Spyware Surveillance Hacking

Botnet operators target multiple zero-day flaws in LILIN DVRs

Security Affairs

MARCH 23, 2020

Experts observed multiple botnets exploiting zero-day vulnerabilities in DVRs for surveillance systems manufactured by Taiwan-based LILIN. Botnet operators are exploiting several zero-day vulnerabilities in digital video recorders (DVRs) for surveillance systems manufactured by Taiwan-based LILIN-. ” Netlab concludes.

Firmware

Firmware Surveillance Manufacturing Advertising

Guardzilla Security Video System Footage exposed online

Security Affairs

DECEMBER 29, 2018

A vulnerability in the Guardzilla home video surveillance system could be exploited by users to watch Guardzilla footage of other users. The Guardzilla All-In-One Video Security System is an indoor video surveillance solution. This was determined through static analysis of the firmware shipping with the device.

Firmware

Firmware Surveillance IoT Passwords

Security Affairs newsletter Round 180 – News of the week

Security Affairs

SEPTEMBER 16, 2018

Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Let me inform you that my new book, “Digging in the Deep Web” is online with a special deal. 20% discount. Kindle Edition. Paper Copy. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Advertising

Advertising Firmware Surveillance Data breaches

Experts discloses dangerous flaws in robotic Dongguan Diqee 360 smart vacuums

Security Affairs

JULY 20, 2018

Positive Technologies discovered two flaws affecting Dongguan Diqee 360 smart vacuums that can be used to perform video surveillance. ” The second vulnerability requires physical access to be triggered, it can be exploited by an attacker to load a tainted version of the firmware by inserting a microSD card into the vacuum.

Firmware

Firmware Surveillance Technology Authentication

Security Affairs newsletter Round 175 – News of the week

Security Affairs

AUGUST 12, 2018

Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini. Security Affairs – Newsletter ).

DNS

DNS Advertising Firmware Surveillance

Security experts disclosed Wyze data leak

Security Affairs

DECEMBER 29, 2019

The incident was independently verified by the authors of the blog IPVM that focuses on video surveillance products. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Song pointed out that both Twelve Security and IPVM disclosed the leak without giving the company the time to fix the issue.

IoT

IoT Accountability Advertising Wireless

Sony addresses remotely exploitable flaws in Sony IPELA E Network Cameras

Security Affairs

JULY 23, 2018

Both vulnerabilities effects Sony IPELA E series G5 firmware 1.87.00, the tech giant released an update last week to address them. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Advertising

Advertising Firmware Hacking Surveillance

The Hacker Mind: Hacking IoT

ForAllSecure

APRIL 22, 2021

And the hope is that we will continue expanding on the exemptions that have been granted for good faith security research so in 2015, we got some narrow exemptions for medical devices cars and voting machines. Vamosi: So we have some hardware tools, there's still the issue of the various communications protocols and firmware itself.

IoT

IoT Hacking Internet Internet

The Hacker Mind: Hacking IoT

ForAllSecure

APRIL 22, 2021

And the hope is that we will continue expanding on the exemptions that have been granted for good faith security research so in 2015, we got some narrow exemptions for medical devices cars and voting machines. Vamosi: So we have some hardware tools, there's still the issue of the various communications protocols and firmware itself.

IoT

IoT Hacking Internet Internet

APT trends report Q1 2022

SecureList

APRIL 27, 2022

In December we were made aware of a UEFI firmware-level compromise through logs from our firmware scanning technology. Further analysis showed that the attackers modified a single component within the firmware to append a payload to one of its sections and incorporate inline hooks within particular functions.

Malware

Malware Firmware Government Phishing

The Death botnet grows targeting AVTech devices with a 2-years old exploit

Security Affairs

JULY 25, 2018

AVTech is one of the world’s leading CCTV manufacturers, it is the largest public-listed company in the Taiwan surveillance industry. EliteLands is using a 2-years old exploit that could be used to trigger tens of well-known vulnerabilities in the AVTech firmware. ” Stay tuned. Pierluigi Paganini.

Firmware

Firmware Passwords IoT Advertising

Cyber Security Informer

MY TAKE: Why locking down ‘firmware’ has now become the next big cybersecurity challenge

Expert found Russia’s SORM surveillance equipment leaking user data

Trending Sources

Millions of Xiongmai video surveillance devices can be easily hacked via cloud feature

Second-ever UEFI rootkit used in North Korea-themed attacks

Botnet operators target multiple zero-day flaws in LILIN DVRs

Guardzilla Security Video System Footage exposed online

Security Affairs newsletter Round 180 – News of the week

Experts discloses dangerous flaws in robotic Dongguan Diqee 360 smart vacuums

Security Affairs newsletter Round 175 – News of the week

Security experts disclosed Wyze data leak

Sony addresses remotely exploitable flaws in Sony IPELA E Network Cameras

The Hacker Mind: Hacking IoT

The Hacker Mind: Hacking IoT

APT trends report Q1 2022

The Death botnet grows targeting AVTech devices with a 2-years old exploit

Stay Connected