2015, Information Security, Internet and IoT

IoT Cybersecurity: 5 Major Vulnerabilities and How to Tackle Them

Security Affairs

OCTOBER 13, 2020

The number of sensors and smart devices connected to the internet is exponentially rising, which are the 5 Major Vulnerabilities for IoT devices. If you take a look at the global market for IoT, you can easily spot the trend. IoT devices are exposed to cybersecurity vulnerabilities. IoT is a complicated concept.

IoT

IoT Cybersecurity Manufacturing Internet

Hacking IoT & RF Devices with BürtleinaBoard

Security Affairs

JULY 28, 2020

How to hack IoT & RF Devices with BürtleinaBoard. Few months ago I have presented #FocacciaBoard : a similar multipurpose breakout board that uses the famous FT232H to handle multiple protocols commonly found in (I)IoT devices (i.e. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

IoT

IoT Hacking Firmware Advertising

New Ttint IoT botnet exploits two zero-days in Tenda routers

Security Affairs

OCTOBER 5, 2020

Security researchers provided technical details about an IoT botnet dubbed Ttint that has been exploiting two zero-days in Tenda routers. Security researchers at Netlab, the network security division Qihoo 360, have published a report that details an IoT botnet dubbed Ttint. Pierluigi Paganini.

IoT

IoT Firmware DNS Advertising

Mozi Botnet is responsible for most of the IoT Traffic

Security Affairs

SEPTEMBER 20, 2020

The Mozi botnet accounted for 90% of the IoT network traffic observed between October 2019 and June 2020, IBM reported. Mozi is an IoT botnet that borrows the code from Mirai variants and the Gafgyt malware , it appeared on the threat landscape in late 2019. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

IoT

IoT DDOS Architecture Passwords

Bot list with Telnet credentials for more than 500,000 servers and IoT devices leaked online

Security Affairs

JANUARY 19, 2020

The availability online of a new collection of Telnet credentials for more than 500,000 servers, routers, and IoT devices made the headlines. The list appears to be the result of an Internet scan for devices using default credentials or easy-to-guess passwords. 33000+ telnet credentials of IoT devices exposed on pastebin.

IoT

IoT DDOS InfoSec Internet

BotenaGo botnet targets millions of IoT devices using 33 exploits

Security Affairs

NOVEMBER 11, 2021

Researchers at AT&T discovered a new BotenaGo botnet that is using thirty three exploits to target millions of routers and IoT devices. BotenaGo is a new botnet discovered by researchers at AT&T that leverages thirty three exploits to target millions of routers and IoT devices. CVE-2016-6277 NETGEAR R6250 before 1.0.4.6.Beta,

IoT

IoT Firmware Malware Wireless

IoT devices at major Manufacturers infected with crypto-miner

Security Affairs

FEBRUARY 8, 2020

Hackers have infected with a piece of malware some IoT devices running Windows 7 designed by three of the world’s largest manufacturers. Security experts from TrapX reported that some IoT devices running Windows 7 have been infected with a piece of malware, is it a supply chain attack? Pierluigi Paganini.

Manufacturing

Manufacturing IoT Malware Cryptocurrency

Flaws in mobile Internet protocol GTP allow hackers to target 5G users

Security Affairs

JUNE 15, 2020

Attackers could leverage a compromised identifier to use mobile Internet at the legitimate user’s expense and carry out fraud and impersonation, Attackers can also hijack user session data containing relevant identifiers (e.g., phone number) of a real subscriber and impersonate him to access the Internet. Pierluigi Paganini.

Mobile

Mobile Internet Internet Wireless

ARES ADB IOT Botnet targets Android Set Top Boxes (STB) and TVs

Security Affairs

AUGUST 31, 2019

Researchers from WootCloud Labs have uncovered a new IoT botnet named Ares that is targeting Android-based devices. Experts from WootCloud Labs have spotted a new IoT botnet tracked as Ares that is targeting Android-based devices that have a debug port exposed online. IoT #malware branches seen in ???????? .

IoT

IoT Passwords Advertising Malware

Creator of multiple IoT botnets, including Satori, pleaded guilty

Security Affairs

SEPTEMBER 4, 2019

Kenneth Currin Schuchman (21) from Vancouver, Washington pleaded guilty to creating and operating multiple DDoS IoT botnet , including Satori. Kenneth Currin Schuchman (21) from Vancouver, Washington, aka Nexus Zeta, pleaded guilty to creating and operating multiple DDoS IoT botnets. Pierluigi Paganini.

IoT

IoT DDOS Internet Internet

XMR crypto miner switches from arm IoT devices to X86/I686 Intel servers

Security Affairs

SEPTEMBER 2, 2019

Akamai researcher Larry Cashdollar reported that a cryptocurrency miner that previously hit only Arm-powered IoT devices it now targeting Intel systems. The researchers revealed that one of his honeypots was hit by this IoT malware that targets Intel machines running Linux. “This one seems to target enterprise systems.”

IoT

IoT Cryptocurrency Malware System Administration

Silex malware bricks thousands of IoT devices in a few hours

Security Affairs

JUNE 26, 2019

Security experts warn of a new piece of the Silex malware that is bricking thousands of IoT devices, and the situation could rapidly go worse. Silex is not the first IoT malware with this behavior, back in 2017 BrickerBot bricked millions of devices worldwide. pic.twitter.com/Ue661ku0fy — Larry W. ” reported ZDnet.

IoT

IoT Malware Advertising Firmware

Million of Telestar Digital GmbH IoT radio devices can be remotely hacked

Security Affairs

SEPTEMBER 10, 2019

A security researcher disclosed zero-day flaws in Telestar Digital GmbH IoT radio devices that could be exploited by remote attackers to hijack systems without any user interaction. Kunz and his colleagues were able to brute-force the IoT radio in just 10 minutes and achieve root access with full privileges. .

IoT

IoT Hacking Firmware Advertising

Russia-linked STRONTIUM APT targets IoT devices to hack corporate networks

Security Affairs

AUGUST 6, 2019

The STRONTIUM Russia-linked APT group is compromising common IoT devices to gain access to several corporate networks. Researchers at Microsoft observed the Russia-linked APT group STRONTIUM abusing IoT devices to gain access to several corporate networks. ” IoT risk must be taken seriously. ” continues Microsoft.

IoT

IoT Hacking Advertising Government

Gucci IOT Bot Discovered Targeting European Region

Security Affairs

OCTOBER 1, 2019

Security Labs discovered a new IOT bot named “GUCCI”. It seems like the IOT botnet is named after an Italian luxury brand of fashion and leather goods. The IOT threat detection engine picked the infection IP has shown below hosting number of bins for different architectures. Inference. Pierluigi Paganini.

IoT

IoT Advertising Engineering Architecture

Hackers claim to have compromised 50,000 home cameras and posted footage online

Security Affairs

OCTOBER 19, 2020

The news is not surprising, unfortunately in many cases IoT devices, including IP cameras, are deployed without proper security measures. As worrying as it may seem, this comes as a clear reminder that when cameras are placed on the internet, they must be properly installed with security in mind.

IoT

IoT Internet Internet Hacking

New Mirai variant includes exploit for a flaw in Comtrend Routers

Security Affairs

JULY 14, 2020

Researchers spotted a new version of the Mirai IoT botnet that includes an exploit for a vulnerability affecting Comtrend routers. Malware researchers at Trend Micro have discovered a new version of the Mirai Internet of Things (IoT) botnet that includes an exploit for the CVE-2020-10173 vulnerability impacting Comtrend routers.

IoT

IoT Advertising DDOS Authentication

New HEH botnet wipes devices potentially bricking them

Security Affairs

OCTOBER 7, 2020

Researchers from from Netlab, the network security division of Chinese tech giant Qihoo 360, have discovered a new botnet, tracked as HEH, that contains the code to wipe all data from infected systems, such as routers, IoT devices, and servers. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Architecture

Architecture IoT Malware Advertising

The Essential Guide to Radio Frequency Penetration Testing

Pen Test

OCTOBER 12, 2023

In contemporary times, with the exponential growth of the Internet of Things (IoT), smart homes, connected cars, and wearable devices, the importance of RF pentesting has soared significantly. GHz and 5 GHz bands, providing high-speed wireless internet connectivity (Kurkovsky, 2006). IoT Security Techniques and Implementation.

Penetration Testing

Penetration Testing Wireless IoT Technology

Security Affairs newsletter Round 283

Security Affairs

SEPTEMBER 27, 2020

fitness chains Town Sports leaked online Group-IB detects a series of ransomware attacks by OldGremlin HOW DO PROVIDERS IMPLEMENT INTERNET BLOCKING IN BELARUS? fitness chains Town Sports leaked online Group-IB detects a series of ransomware attacks by OldGremlin HOW DO PROVIDERS IMPLEMENT INTERNET BLOCKING IN BELARUS?

IoT

IoT Banking Advertising Ransomware

Microsoft took down 120 of 128 Trickbot servers in recent takedown

Security Affairs

OCTOBER 21, 2020

The seven remaining servers are not traditional command-and-control servers but rather internet of things (IoT) devices Trickbot infected and was using as part of its server infrastructure; these are in the process of being disabled. ” ~ Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

IoT

IoT Advertising Internet Internet

Developer of DDoS Mirai based botnets sentenced to prison

Security Affairs

JUNE 26, 2020

. “According to court documents, the botnets were initially based largely on the source code previously developed by other individuals to create the Mirai botnet;” In September 2019, Schuchman pleaded guilty to creating and operating multiple DDoS IoT botnets. ” the DoJ concludes. Pierluigi Paganini.

DDOS

DDOS IoT Advertising Internet

FBI, CISA alert warns of imminent ransomware attacks on healthcare sector

Security Affairs

OCTOBER 29, 2020

Microsoft announced to have taken down 62 of the original 69 TrickBot C&C servers, seven servers that could not be brought down last week were Internet of Things (IoT) devices. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini. SecurityAffairs – hacking, ransomware).

Healthcare

Healthcare Ransomware Cybercrime Advertising

Mirai-based DDoS botnet IZ1H9 added 13 payloads to target routers

Security Affairs

OCTOBER 11, 2023

Below is the list of exploit payloads added to the bot: D-Link: CVE-2015-1187 , CVE-2016-20017 , CVE-2020-25506 , and CVE-2021-45382. “IZ1H9, a Mirai variant, infects Linux-based networked devices, especially IoT devices, turning them into remote-controlled bots for large-scale network attacks.”

DDOS

DDOS Wireless Architecture IoT

The Mystery of Fbot

Security Affairs

JANUARY 21, 2020

In a few days back, the MalwareMustDie team’s security researcher unixfreaxjp has published a new Linux malware analysis of Fbot that has focused on the decryption of the last encryption logic used by its bot client. This wave is a significant timeline as a technology step-up for DDoS botnet and IoT malware development.

DDOS

DDOS IoT Malware Advertising

EnemyBot malware adds new exploits to target CMS servers and Android devices

Security Affairs

MAY 30, 2022

The Enemybot botnet employs several methods to spread and targets other IoT devices. “Keksec’s EnemyBot appears to be just starting to spread, however due to the authors’ rapid updates, this botnet has the potential to become a major threat for IoT devices and web servers. LFI CVE-2018-16763 Fuel CMS 1.4.1

Malware

Malware DDOS IoT Cybercrime

KCodes NetUSB flaw impacts millions of SOHO routers

Security Affairs

JANUARY 12, 2022

According to the report published by SentinelOne, a threat actor could send crafted commands to internet-connected routers on port 20005. At the time of this writing, only Netgear has released security updates for its impacted models. As it turned out, this module was listening on TCP port 20005 on the IP 0.0.0.0.”

Internet

Internet Internet Firewall Hacking

Hacking Wi-Fi networks by exploiting a flaw in Philips Smart Light Bulbs

Security Affairs

FEBRUARY 6, 2020

“Check Point’s researchers showed how a threat actor could exploit an IoT network (smart lightbulbs and their control bridge) to launch attacks on conventional computer networks in homes, businesses or even smart cities.” Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Hacking

Hacking IoT Wireless Firmware

New Echobot Botnet targets Oracle, VMware Apps and includes 26 Exploits

Security Affairs

JUNE 16, 2019

Operators behind the Echobot botnet added new exploits to infect IoT devices, and also enterprise apps Oracle WebLogic and VMware SD-Wan. The latest Echobot variant targets flaws in IoT devices and in enterprise systems as well. ” ~ Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

IoT

IoT Wireless Advertising Malware

Critical zero-days discovered in VxWorks RTOS, billions of devices at risk

Security Affairs

JULY 30, 2019

It is quite easy to find Wind River VxWorks in IoT devices, including webcam, network appliances, VOIP phones, and printers. The vulnerabilities could be exploited by a remote attacker to bypass traditional security solutions and take full control over vulnerable devices without requiring any user interaction.

Risk

Risk IoT Firewall DNS

Experts found 125 new flaws in SOHO routers and NAS devices from multiple vendors

Security Affairs

SEPTEMBER 17, 2019

Internet-connected embedded devices are often placed into a broader category referred to as IoT devices. According to the experts, the level of security for IoT devices is slightly improved since SOHOpelessly Broken 1.0, Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Manufacturing

Manufacturing IoT Advertising Authentication

Dutch police shut down bulletproof service hosting tens of DDoS botnets

Security Affairs

OCTOBER 3, 2019

Dutch police seized a bulletproof hosting service in a major takedown, the infrastructure was used by tens of IoT botnets involved in DDoS attacks. The servers were hosted at an unnamed data center in Amsterdam, it was used by tens of IoT botnets involved in DDoS attacks worldwide. ” continues the statement. Pierluigi Paganini.

DDOS

DDOS IoT Cybercrime Advertising

TrickBot operators employ Linux variants in attacks after recent takedown

Security Affairs

OCTOBER 28, 2020

Microsoft announced to have taken down 62 of the original 69 TrickBot C&C servers, seven servers that could not be brought down last week were Internet of Things (IoT) devices. Microsoft has taken down 120 of the 128 servers that were composing the Trickbot infrastructure. ” concludes the report. Pierluigi Paganini.

DNS

DNS Banking Advertising IoT

SweynTooth Bluetooth flaws affect devices from major system-on-a-chip (SoC) vendors

Security Affairs

FEBRUARY 15, 2020

.” Experts confirmed that more issues are still under disclosure and that the list of impacted SoC vendors is longer, and the number of IoT products designed on top of vulnerable SoCs still need independent patches from their respective vendors. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

IoT

IoT Firmware Advertising Hacking

New Miori botnet has a unique protocol for C2 communication

Security Affairs

JULY 12, 2019

The Miori bot targets IoT devices having SSH and Telnet services exposed online and that are poorly secured. “Regardless of the reason behind its design, the malware’s routine is generally similar to typical Mirai variants: infect vulnerable IoT devices and use them as platforms for launching a DDoS attack.

IoT

IoT DDOS Encryption Malware

Enemybot, a new DDoS botnet appears in the threat landscape

Security Affairs

APRIL 17, 2022

The Enemybot botnet employs several methods to spread and targets other IoT devices. .” The botnet implements multiple obfuscation techniques to avoid detection and hides C2 on the Tor network. The bot also tries to run shell commands to infect misconfigured Android devices that expose Android Debug Bridge port (5555).

DDOS

DDOS Architecture Malware Cybercrime

New MATA Multi-platform malware framework linked to NK Lazarus APT

Security Affairs

JULY 23, 2020

The hackers targeted unnamed companies in software development, e-commerce, and an internet service provider around the world, including Poland, Germany, Turkey, Korea, Japan, and India. MATA is also able to target Linux-based diskless network devices, including such as routers, firewalls, or IoT devices. ” concludes the report.

Malware

Malware Ransomware Advertising Encryption

Tridium Niagara framework affected by 2 flaws in BlackBerry QNX OS

Security Affairs

OCTOBER 1, 2019

The Niagara Framework is a universal software infrastructure developed by Tridium that allows building controls integrators , HVAC and mechanical contractors to build custom, web-enabled applications for accessing, automating and controlling smart devices real-time via local network or over the Internet. SecurityAffairs – Tridium, IoT).

IoT

IoT Advertising Manufacturing Internet

Security Affairs newsletter Round 230

Security Affairs

SEPTEMBER 8, 2019

XMR crypto miner switches from arm IoT devices to X86/I686 Intel servers. Creator of multiple IoT botnets, including Satori, pleaded guilty. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. The role of a secret Dutch mole in the US-Israeli Stuxnet attack on Iran. Crooks stole €1.5 Pierluigi Paganini.

IoT

IoT Data breaches DNS Advertising

cdpwn – Millions of devices at risk due to flaws in implementations of Cisco Discovery Protocol (CDP)

Security Affairs

FEBRUARY 6, 2020

Researchers at IoT security firm Armis discovered a set of five serious vulnerabilities in the implementation of the Cisco Discovery Protocol (CDP) protocol. Cisco has published security dvisories and released patches to address the issues. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Risk

Risk IoT Advertising Cyber Attacks

OT attacks increased by over 2000 percent in 2019, IBM reports

Security Affairs

FEBRUARY 11, 2020

According to IBM, OT attacks increased by over 2000 percent in 2019, most of them involved the Echobot IoT malware. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. ” concludes IBM. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Advertising

Advertising Malware IoT Technology

Dozens of Linksys router models leak data useful for hackers

Security Affairs

MAY 18, 2019

The devices continue to leak the information even when their firewall is turned on. The expert used the Binary Edge IoT search engine to find vulnerable devices, earlier this week he discovered 25,617 routers that were leaking a total of 756,565 unique MAC addresses. Pierluigi Paganini. SecurityAffairs – LinkSys, Data leak).

Wireless

Wireless IoT DNS Advertising

IoT and Cybersecurity: What’s the Future?

Security Affairs

MAY 2, 2022

IoT gizmos make our lives easier, but we forget that these doohickeys are IP endpoints that act as mini-radios. They continuously send and receive data via the internet and can be the easiest way for a hacker to access your home network. After the 2015 cyberattack that disabled the power grid in parts of Ukraine, the U.S.

IoT

IoT Cybersecurity VPN Internet

Roboto, a new P2P botnet targets Linux Webmin servers

Security Affairs

NOVEMBER 21, 2019

Webmin 1.930 and Usermin version 1.780 have addressed the flaw, anyway it is possible to secure the systems by disabling the ‘user password change’ option. Searching with Shodan for internet-exposed Webmin installs, it is possible to find over 233,000 instances, most of them located in the United States, France and Germany.

DDOS

DDOS System Administration Advertising DNS

IoT Cybersecurity: 5 Major Vulnerabilities and How to Tackle Them

Hacking IoT & RF Devices with BürtleinaBoard

Trending Sources

New Ttint IoT botnet exploits two zero-days in Tenda routers

Mozi Botnet is responsible for most of the IoT Traffic

Bot list with Telnet credentials for more than 500,000 servers and IoT devices leaked online

BotenaGo botnet targets millions of IoT devices using 33 exploits

IoT devices at major Manufacturers infected with crypto-miner

Flaws in mobile Internet protocol GTP allow hackers to target 5G users

ARES ADB IOT Botnet targets Android Set Top Boxes (STB) and TVs

Creator of multiple IoT botnets, including Satori, pleaded guilty

XMR crypto miner switches from arm IoT devices to X86/I686 Intel servers

Silex malware bricks thousands of IoT devices in a few hours

Million of Telestar Digital GmbH IoT radio devices can be remotely hacked

Russia-linked STRONTIUM APT targets IoT devices to hack corporate networks

Gucci IOT Bot Discovered Targeting European Region

Hackers claim to have compromised 50,000 home cameras and posted footage online

New Mirai variant includes exploit for a flaw in Comtrend Routers

New HEH botnet wipes devices potentially bricking them

The Essential Guide to Radio Frequency Penetration Testing

Security Affairs newsletter Round 283

Microsoft took down 120 of 128 Trickbot servers in recent takedown

Developer of DDoS Mirai based botnets sentenced to prison

FBI, CISA alert warns of imminent ransomware attacks on healthcare sector

Mirai-based DDoS botnet IZ1H9 added 13 payloads to target routers

The Mystery of Fbot

EnemyBot malware adds new exploits to target CMS servers and Android devices

KCodes NetUSB flaw impacts millions of SOHO routers

Hacking Wi-Fi networks by exploiting a flaw in Philips Smart Light Bulbs

New Echobot Botnet targets Oracle, VMware Apps and includes 26 Exploits

Critical zero-days discovered in VxWorks RTOS, billions of devices at risk

Experts found 125 new flaws in SOHO routers and NAS devices from multiple vendors

Dutch police shut down bulletproof service hosting tens of DDoS botnets

TrickBot operators employ Linux variants in attacks after recent takedown

SweynTooth Bluetooth flaws affect devices from major system-on-a-chip (SoC) vendors

New Miori botnet has a unique protocol for C2 communication

Enemybot, a new DDoS botnet appears in the threat landscape

New MATA Multi-platform malware framework linked to NK Lazarus APT

Tridium Niagara framework affected by 2 flaws in BlackBerry QNX OS

Security Affairs newsletter Round 230

cdpwn – Millions of devices at risk due to flaws in implementations of Cisco Discovery Protocol (CDP)

OT attacks increased by over 2000 percent in 2019, IBM reports

Dozens of Linksys router models leak data useful for hackers

IoT and Cybersecurity: What’s the Future?

Roboto, a new P2P botnet targets Linux Webmin servers

Stay Connected