2018, Antivirus and Firmware - Cyber Security Informer

BotenaGo botnet targets millions of IoT devices using 33 exploits

Security Affairs

NOVEMBER 11, 2021

Ax with firmware 1.04b12 and earlier CVE-2016-1555 Netgear WN604 before 3.3.3 CVE-2017-6077 NETGEAR DGN2200 devices with firmware through 10.0.0.50 Beta, D6220, D6400, D7000 CVE-2018-10561, CVE-2018-10562 GPON home routers CVE-2013-3307 Linksys X3000 1.0.03 CVE-2018-10088 XiongMai uc-httpd 1.0.0 A2pvI042j1.d26m

IoT

IoT Firmware Malware Wireless

New tech on SSDs to stop ransomware spread

CyberSecurity Insiders

SEPTEMBER 10, 2021

Presenting their find at the IEEE International Conference on Distributed Computing Systems in 2018, a team of researchers refined their invention even further that led to the innovation of a firmware that blocks ransomware from encrypting data on a computer network.

Ransomware

Ransomware Firmware Antivirus Encryption

New Cring ransomware deployed targeting unpatched Fortinet VPN devices

Security Affairs

APRIL 7, 2021

Attackers are actively exploiting the CVE-2018-13379 flaw in Fortinet VPN to deploy the Cring ransomware to organizations in the industrial sector. “The primary causes of the incident include the use of an outdated and vulnerable firmware version on the Fortigate VPN server (version 6.0.2 ” continues Kaspersky.

VPN

VPN Ransomware Antivirus Firmware

AT&T Alien Labs finds new Golang malware (BotenaGo) targeting millions of routers and IoT devices with more than 30 exploits

CyberSecurity Insiders

NOVEMBER 11, 2021

As of the publishing of this article, BotenaGo currently has low antivirus (AV) detection rate with only 6/62 known AVs seen in VirusTotal: (Figure 1). Ax with firmware 1.04b12 and earlier. NETGEAR DGN2200 devices with firmware through 10.0.0.50. CVE-2018-10561, CVE-2018-10562. CVE-2018-10088. CVE-2016-1555.

Malware

Malware IoT Firmware Authentication

FBI and CISA are warning of APT actors targeting Fortinet FortiOS servers

Security Affairs

APRIL 2, 2021

The threat actors are actively exploiting the following vulnerabilities in Fortinet FortiOS: CVE-2018-13379 ; CVE-2020-12812 ; CVE-2019-5591. Install updates/patch operating systems, software, and firmware as soon as updates/patches are released. • Install and regularly update antivirus and anti-malware software on all hosts.

Passwords

Passwords Government Firmware Accountability

Millions put at risk by old, out of date routers

Malwarebytes

MAY 7, 2021

There has been much discussion of antivirus protection, patching your software, and using VPNs. Firmware updates aren’t only important for performance, they’re also needed to fix security issues when they arise. But what if the security flaws aren’t in your phones or laptops, but the router your ISP gave you? Lack of updates.

Risk

Risk Passwords Internet Internet

BotenaGo strikes again – malware source code uploaded to GitHub

CyberSecurity Insiders

JANUARY 26, 2022

As of the publishing of this article, antivirus (AV) vendor detection for BotenaGo and its variants remains behind with very low detection coverage from most of AV vendors. Figure 8 shows the low level of antivirus detections for BotenaGo’s new variants. Install security and firmware upgrades from vendors, as soon as possible.

Malware

Malware IoT Authentication Antivirus

Lemon Group gang pre-infected 9 million Android devices for fraudulent activities

Security Affairs

MAY 19, 2023

In March 2018, security researchers at Antivirus firm Dr. Web discovered that 42 models of low-cost Android smartphones are shipped with the Android.Triada.231 Threat actors compromised third-party software or the installation of malware-laced firmware. 231 banking malware. ” reads the analysis published by Trend Micro.

Mobile

Mobile Advertising Malware Cybercrime

Wireless Security: WEP, WPA, WPA2 and WPA3 Explained

eSecurity Planet

MARCH 1, 2023

You need to have a reasonable level of trust in the devices connecting to any network, so any policies you can set to require things like antivirus , updated operating systems and VPNs will protect both the network and its users. Device security is also an important part of wireless network security.

Wireless

Wireless Encryption Authentication IoT

Feds Warn About Critical Infrastructure Ransomware Attacks, Vulnerabilities

eSecurity Planet

FEBRUARY 15, 2022

Implement network segmentation , “such that all machines on your network are not accessible from every other machine” Update antivirus software on all hosts and enable real-time detection. Update and patch operating systems, software, and firmware as soon as updates and patches are released.

Ransomware

Ransomware Encryption Backups Accountability

StripedFly: Perennially flying under the radar

SecureList

OCTOBER 25, 2023

This archive is discreetly hosted on legitimate websites, cleverly disguised as firmware binaries for enigmatic devices labeled “m100” The Bitbucket repository was created on June 21, 2018, under the account of Julie Heilman, and it remains the sole repository associated with this profile. onion ghtyqipha6mcwxiz[.]onion

Malware

Malware DNS Encryption Cryptocurrency

Mobile malware evolution 2020

SecureList

MARCH 1, 2021

Users attacked by adware in 2018 through 2020 ( download ). The manufacturer of the mobile device preloads an adware application or a component with the firmware. variant has been known since 2018, and we have never once had to adjust the process of detecting it in almost three years. Where did these come from?

Mobile

Mobile Malware Adware Banking

Q&A: How emulating attacks in a live environment can more pervasively protect complex networks

The Last Watchdog

SEPTEMBER 4, 2018

And at Black Hat USA 2018 , the company unveiled a new CyberFlood functionality that makes it possible for an enterprise to emulate a real-world attack in a live environment. DeSanto: Due to the way enterprises have set up their clients, servers, routers, antivirus, firewalls, IDS, and the like, every network has a unique fingerprint.

Penetration Testing

Penetration Testing Firewall Data breaches Malware

IT threat evolution Q3 2021

SecureList

NOVEMBER 26, 2021

After 2018, we observed falling detection rates for FinSpy for Windows. Apart from Trojanized installers, we also observed infections involving use of a UEFI (Unified Extensible Firmware Interface) and MBR (Master Boot Record) bootkit. Melcoz had been active in Brazil since at least 2018, before expanding overseas.

Malware

Malware Banking Energy and Utilities Accountability

Do cyber regulations actually make K–12 schools safer? Navigating compliance while securing school and student data

Malwarebytes

APRIL 5, 2023

The Cybersecurity and Infrastructure Security Agency (CISA) found that K–12 cyberattacks more than tripled over the pandemic, from 400 reported incidents in 2018 to over 1,300 in 2021. Install, regularly update, and enable real-time detection for antivirus software. Keep all operating systems, software, and firmware up to date.

Education

Education Ransomware Cybersecurity Risk

Experts hacked 28,000 unsecured printers to raise awareness of printer security issues

Security Affairs

AUGUST 27, 2020

Most of us already know the importance of using antivirus , anti-malware, and VPNs to secure our computers, phones, and other devices against potential attacks. Update your printer firmware to the latest version. Original post: [link]. Not so much. Change the default password.

Hacking

Hacking IoT Firmware Internet

FortiNAC: Network Access Control (NAC) Product Review

eSecurity Planet

MARCH 30, 2023

The company acquired Bradford Networks and its Network Sentry NAC product in 2018. Additionally, FortiNAC can enforce company policies on device patching and firmware version. Founded in 2000 , Sunnyvale, California headquartered Fortinet’s flagship FortiGate provides enterprise-grade firewall solutions.

IoT

IoT Firewall Wireless Mobile

Alert: 'Imminent and Increasing Threat' as Wave of Ryuk Ransomware Hits Hospitals

SecureWorld News

OCTOBER 29, 2020

The hackers hit Hancock Regional Hospital during a severe 2018 flu season. Patch operating systems, software, and firmware as soon as manufacturers release updates. Set antivirus and anti-malware solutions to automatically update; conduct regular scans. Just ask hospital CEO and president Steve Long.

Ransomware

Ransomware Healthcare Backups Cybercrime

EP 31: Stopping the Mirai IoT Botnet, One CnC Server At A Time

ForAllSecure

OCTOBER 5, 2021

You cannot go ahead and install an antivirus on the IoT device, they don't have enough processing power. And in September of 2018. Vamosi: The devices themselves are becoming less and less expensive, Yay, but would you rather upgrade the firmware on a toothbrush, probably not. In other words, getting caught off is really easy.

IoT

IoT DDOS Malware Internet

Cyber Security Informer

BotenaGo botnet targets millions of IoT devices using 33 exploits

New tech on SSDs to stop ransomware spread

Trending Sources

New Cring ransomware deployed targeting unpatched Fortinet VPN devices

AT&T Alien Labs finds new Golang malware (BotenaGo) targeting millions of routers and IoT devices with more than 30 exploits

FBI and CISA are warning of APT actors targeting Fortinet FortiOS servers

Millions put at risk by old, out of date routers

BotenaGo strikes again – malware source code uploaded to GitHub

Lemon Group gang pre-infected 9 million Android devices for fraudulent activities

Wireless Security: WEP, WPA, WPA2 and WPA3 Explained

Feds Warn About Critical Infrastructure Ransomware Attacks, Vulnerabilities

StripedFly: Perennially flying under the radar

Mobile malware evolution 2020

Q&A: How emulating attacks in a live environment can more pervasively protect complex networks

IT threat evolution Q3 2021

Do cyber regulations actually make K–12 schools safer? Navigating compliance while securing school and student data

Experts hacked 28,000 unsecured printers to raise awareness of printer security issues

FortiNAC: Network Access Control (NAC) Product Review

Alert: 'Imminent and Increasing Threat' as Wave of Ryuk Ransomware Hits Hospitals

EP 31: Stopping the Mirai IoT Botnet, One CnC Server At A Time

Stay Connected