2018, Firmware and Hacking - Cyber Security Informer

Android devices shipped with backdoored firmware as part of the BADBOX network

Security Affairs

OCTOBER 8, 2023

Researchers warn that more than 70,000 Android smartphones, CTV boxes, and tablets were shipped with backdoored firmware as part of BADBOX network. Cybersecurity researchers at Human Security discovered a global network of consumer products, dubbed BADBOX, with firmware backdoors installed and sold through a compromised hardware supply chain.

Firmware

Firmware Mobile Malware Retail

MY TAKE: Why locking down ‘firmware’ has now become the next big cybersecurity challenge

The Last Watchdog

JUNE 10, 2019

Locking down firmware. Starks Federal Communications Commission member Geoffrey Starks recently alluded to the possibility that China may have secretly coded the firmware in Huawei’s equipment to support cyber espionage and cyber infrastructure attacks. telecoms by Chinese tech giant Huawei.

Firmware

Firmware Cybersecurity Technology Engineering

SHARED INTEL: How ‘memory attacks’ and ‘firmware spoilage’ circumvent perimeter defenses

The Last Watchdog

NOVEMBER 20, 2019

What does Chinese tech giant Huawei have in common with the precocious kid next door who knows how to hack his favorite video game? Related: Ransomware remains a scourge The former has been accused of placing hidden backdoors in the firmware of equipment distributed to smaller telecom companies all across the U.S. percent from 2018.

Firmware

Firmware Hacking Software Surveillance

How to hack Wincor Cineo ATMs to bypass black-box attack protections and withdraw cash

Security Affairs

NOVEMBER 1, 2021

Researchers demonstrated how crooks could hack Diebold Nixdorf’s Wincor Cineo ATMs to bypass black-box attack protections and withdraw cash. An attacker with access to the dispenser controller’s USB port can install an outdated or modified firmware version to bypass the encryption and make cash withdrawals. score of 6.8.

Hacking

Hacking Firmware Encryption Manufacturing

ASUS addressed critical flaws in some router models

Security Affairs

JUNE 19, 2023

ASUS addressed critical vulnerabilities in multiple router models, urging customers to immediately install firmware updates. ASUS is warning customers to update some router models to the latest firmware to address critical vulnerabilities. CVE-2018-1160 is an out-of-bounds write issue that resides in dsi_opensess.c.

Firmware

Firmware VPN Wireless Passwords

Devices from Dell, HP, and Lenovo used outdated OpenSSL versions

Security Affairs

NOVEMBER 25, 2022

The researchers discovered the issue by analyzing firmware images used devices from the above manufacturers. The experts analyzed one of the core frameworks EDKII used as a part of any UEFI firmware which has its own submodule and wrapper over the OpenSSL library ( OpensslLib ) in the CryptoPkg component. that dates back to 2009.

Firmware

Firmware Manufacturing Hacking Software

Hacking the infotainment system used in Mercedes-Benz cars

Security Affairs

MAY 19, 2021

The experts focused their analysis on the Mercedes-Benz User Experience (MBUX) infotainment system, which was first presented by the carmaker in 2018. SecurityAffairs – hacking, Mercedes). The post Hacking the infotainment system used in Mercedes-Benz cars appeared first on Security Affairs. Pierluigi Paganini.

Hacking

Hacking Firmware Engineering Software

Netgear fixes a critical RCE that could allow to takeover Flagship Nighthawk routers

Security Affairs

MARCH 8, 2020

Netgear has addressed a critical remote code execution vulnerability that could be exploited by an unauthenticated attacker to take over AC Router Nighthawk (R7800) hardware running firmware versions prior to 1.0.2.68. NETGEAR strongly recommends that you download the latest firmware as soon as possible.” Pierluigi Paganini.

Firmware

Firmware Wireless Advertising Authentication

Experts found 9 NAS flaws that expose LenovoEMC, Iomega Devices to hack

Security Affairs

OCTOBER 3, 2018

The vulnerabilities are traked as CVE-2018-9074 , CVE-2018-9075 , CVE-2018-9076 , CVE-2018-9077 , CVE-2018-9078 , CVE-2018-9079 , CVE-2018-9080 , CVE-2018-9081 and CVE-2018-9082. 20 and publicly disclosed the vulnerabilities on September 30. Pierluigi Paganini.

Hacking

Hacking Firmware Advertising Backups

BotenaGo botnet targets millions of IoT devices using 33 exploits

Security Affairs

NOVEMBER 11, 2021

Ax with firmware 1.04b12 and earlier CVE-2016-1555 Netgear WN604 before 3.3.3 CVE-2017-6077 NETGEAR DGN2200 devices with firmware through 10.0.0.50 Beta, D6220, D6400, D7000 CVE-2018-10561, CVE-2018-10562 GPON home routers CVE-2013-3307 Linksys X3000 1.0.03 CVE-2018-10088 XiongMai uc-httpd 1.0.0 A2pvI042j1.d26m

IoT

IoT Firmware Malware Wireless

Toyota presented PASTA (Portable Automotive Security Testbed) Car-Hacking Tool

Security Affairs

DECEMBER 6, 2018

PASTA is an open-source testing platform specifically designed for car hacking, it was developed to help experts to test cyber security features of modern vehicles. — Black Hat (@BlackHatEvents) October 10, 2018. “It’s small and portable so users can study, research, and hack with it anywhere.”

Hacking

Hacking Advertising Firmware Engineering

HP releases firmware updates for two critical RCE flaws in Inkjet Printers

Security Affairs

AUGUST 6, 2018

HP has released firmware updates that address two critical remote code execution vulnerabilities in some models of inkjet printers. HP has released firmware updates to address two critical RCE flaws affecting some Inkjet printers. Go to the Upgrading Printer Firmware page and follow the instructions provided to install the firmware.

Firmware

Firmware Advertising Software Hacking

Millions of Xiongmai video surveillance devices can be easily hacked via cloud feature

Security Affairs

OCTOBER 10, 2018

Millions of Xiongmai video surveillance devices can be easily hacked via cloud feature, a gift for APT groups and cyber crime syndicates. Xiongmai hereinafter) that are open to hack. ” Experts also discovered that it is possible to execute arbitrary code on the device through a firmware update.

Surveillance

Surveillance Hacking Firmware Manufacturing

US and UK link new Cyclops Blink malware to Russian state hackers?

Security Affairs

FEBRUARY 23, 2022

Cyclops Blink is believed to be a replacement for the VPNFilter botnet, which was first exposed in 2018 and at the time was composed of more than 500,000 compromised routers and network-attached storage (NAS) devices. The malware leverages the firmware update process to achieve persistence. SecurityAffairs – hacking, CISA).

Malware

Malware Firmware Architecture Firewall

DRAGONBLOOD flaws allow hacking WPA3 protected WiFi passwords

Security Affairs

AUGUST 3, 2019

Dragonblood researchers found two new weaknesses in WPA3 protocol that could be exploited to hack WPA3 protected WiFi passwords. A group of researchers known as Dragonblood (Mathy Vanhoef and Eyal Ronen ) devised new methods to hack WPA3 protected WiFi passwords by exploiting two new vulnerabilities dubbed Dragonblood flaws.

Passwords

Passwords Hacking Wireless Authentication

New Cring ransomware deployed targeting unpatched Fortinet VPN devices

Security Affairs

APRIL 7, 2021

Attackers are actively exploiting the CVE-2018-13379 flaw in Fortinet VPN to deploy the Cring ransomware to organizations in the industrial sector. “The primary causes of the incident include the use of an outdated and vulnerable firmware version on the Fortigate VPN server (version 6.0.2 ” continues Kaspersky.

VPN

VPN Ransomware Antivirus Firmware

ESET warns of three flaws that affect over 100 Lenovo notebook models

Security Affairs

APRIL 19, 2022

Lenovo warns of vulnerabilities in its Unified Extensible Firmware Interface (UEFI) shipped with at least 100 notebook models. The vulnerabilities affecting the Lenovo UEFI result from the use of two UEFI firmware drivers, named SecureBackDoor and SecureBackDoorPeim respectively. ” reads the advisory published by Lenovo.

Firmware

Firmware Manufacturing Hacking Cybersecurity

A new Zerobot variant spreads by exploiting Apache flaws

Security Affairs

DECEMBER 22, 2022

the malware operators have removed CVE-2018-12613, a phpMyAdmin vulnerability that could allow threat actors to view or execute files. Maintain device health with updates: Make sure devices are up to date with the latest firmware and patches. SecurityAffairs – hacking, botnet). . “Since the release of Zerobot 1.1,

IoT

IoT DDOS Malware Firmware

Beastmode Mirai botnet now includes exploits for Totolink routers

Security Affairs

APRIL 2, 2022

The threat actors added TOTOLINK exploits just a week after the exploit codes were publicly released on GitHub in the attempt to compromise the largest number of devices as possible before the owners upgrade to the latest firmware releases. TOTOLINK has already addressed these flaws with the release of new firmware for vulnerable devices.

DDOS

DDOS Firmware Surveillance IoT

335,923 out of 489,337 Fortinet firewalls vulnerable to CVE-2023-27997

Security Affairs

JULY 3, 2023

For this reason, if the customer has SSL-VPN enabled, Fortinet is advising customers to take immediate action to upgrade to the most recent firmware release. Experts recommend organizations using FortiGate firewall, or anything else powered by FortiOS, to follow Fortinet’s advisory for this issue and upgrade their firmware immediately.

Firewall

Firewall VPN Firmware Internet

Decoding Security 127: We Got Conned

SiteLock

AUGUST 27, 2021

Up next, Black Hat, one of the world’s largest information security conferences, took place in early August 2018 in Sin City. A topic of importance came from Kryptowire, a mobile security research firm that found firmware vulnerabilities in as many as 10 million Android devices in the United States that have remote escalation privileges.

Small Business

Small Business Artificial Intelligence Firmware IoT

Severe vulnerabilities allow hacking older GE anesthesia machines

Security Affairs

JULY 10, 2019

The experts at the healthcare cybersecurity firm CyberMDX have found some flaws in the firmware of the anesthesia machines, the issues could expose patients to serious risks. CyberMDX reported the vulnerability to GE in October 2018, at the time of writing the company only plans to share suggestions to mitigate the problems.

Hacking

Hacking Healthcare Advertising Firmware

Group-IB presented latest cybercrime and nation-state hacking trends in Asia

Security Affairs

NOVEMBER 16, 2018

Hong Kong, 16.11.2018 – Group-IB, an international company that specializes in preventing cyber attacks, presented the findings of its latest Hi-Tech Crime Trends 2018 report at the FinTech Security Conference in Hong Kong organized by Binary Solutions Limited in partnership with Group-IB. Attacks on Crypto. Group-IB in Asia.

Cybercrime

Cybercrime Hacking Banking Phishing

Cisco says its RV routers will no longer receive updates

Security Affairs

JANUARY 15, 2021

Cisco announced it will no longer release firmware updates to fix 74 vulnerabilities affecting its RV routers, which reached end-of-life (EOL). Cisco will no longer release firmware updates to address 74 vulnerabilities affecting some of its RV routers that reached end-of-life (EOL). SecurityAffairs – hacking, Cisco RV routers).

Small Business

Small Business Firmware Software Hacking

HP bug bounty programs now covers flaws in cartridges

Security Affairs

OCTOBER 3, 2020

“The program underscores HP’s commitment to delivering defense-in-depth across all aspects of printing—including supply chain, cartridge chip, cartridge packaging, firmware and printer hardware.” HP covered printers in its bug bounty program since 2018 paying rewards that range between $500 and $10,000 per flaw.

Firmware

Firmware Advertising Hacking Cybersecurity

QSnatch malware infected over 62,000 QNAP NAS Devices

Security Affairs

JULY 28, 2020

The first campaign likely began in early 2014 and continued until mid-2017, while the second started in late 2018 and was still active in late 2019. The experts observed that once a device has been infected, the malicious code can prevent the installation of firmware updates. SecurityAffairs – hacking, QSnatch).

Malware

Malware Firmware Advertising Manufacturing

The Hacker Mind: Hacking IoT

ForAllSecure

APRIL 22, 2021

In this episode of The Hacker Mind , Beau Woods and Paulino Calderon discuss their book, Practical IoT Hacking, and talk about IoT threat models, the technologies being used today, and what tools and knowledge you need to get started successfully hacking IoT devices. Vamosi: I once lived near a large urban park.

IoT

IoT Hacking Internet Internet

The Hacker Mind: Hacking IoT

ForAllSecure

APRIL 22, 2021

In this episode of The Hacker Mind , Beau Woods and Paulino Calderon discuss their book, Practical IoT Hacking, and talk about IoT threat models, the technologies being used today, and what tools and knowledge you need to get started successfully hacking IoT devices. Vamosi: I once lived near a large urban park.

IoT

IoT Hacking Internet Internet

Researchers show how to steal a Tesla Model X in a few minutes

Security Affairs

NOVEMBER 23, 2020

Then, they exploited the insecure update mechanism to deliver a tainted firmware to the fob. The researchers used cheap components for their hack, just $300 worth of equipment that includes the ECU, a Raspberry Pi, a secondhand Model X BCM, a key fob, a power converter, and a battery. SecurityAffairs – hacking, Tesla Model X).

Computers and Electronics

Computers and Electronics Firmware Hacking Advertising

Experts demonstrate how to unlock several Honda models via Rolling-PWN attack

Security Affairs

JULY 10, 2022

But the recommended mitigation strategy is to upgrade the vulnerable BCM firmware through Over-the-Air (OTA) Updates if feasible. SecurityAffairs – hacking, Rolling-PWN Attack). However, some old vehicles may not support OTA.” ” the experts recommended. Follow me on Twitter: @securityaffairs and Facebook.

Firmware

Firmware Marketing Engineering Hacking

Cisco ASA is affacted by a privilege escalation flaw. Patch it now!

Security Affairs

DECEMBER 23, 2018

A privilege escalation vulnerability tracked as CVE-2018-15465 affects the Cisco Adaptive Security Appliance (ASA) software. The flaw was discovered by experts at Tenable that explained that an authenticated remote unprivileged user can change or download the running configuration or replace the appliance firmware where they shouldn’t.

Firmware

Firmware Authentication Software Advertising

STEPS FORWARD: Regulators are on the move to set much needed IoT security rules of the road

The Last Watchdog

SEPTEMBER 5, 2023

Here are a few takeaways: Minimum requirements A few years back, a spate of seminal IoT hacks grabbed the full attention of governments worldwide. For a full drill down on my discussion with Hanna, please view the accompanying videocast. other European nations and Singapore soon began moving in this direction, as well.

IoT

IoT Government Internet Internet

A daily average of 80,000 printers exposed online via IPP

Security Affairs

JUNE 23, 2020

This info includes printer names, locations, models, firmware versions, organization names, and even WiFi network names. It is quite easy for hackers to use tools specifically designed to hack printers such as PRET (Printer Exploitation Toolkit). SecurityAffairs – hacking, printers). ” continues the report. .

Internet

Internet Internet Firmware Advertising

Tens of flaws in Samsung SmartThings Hub expose smart home to attack

Security Affairs

JULY 29, 2018

“Cisco Talos recently discovered several vulnerabilities present within the firmware of the Samsung SmartThings Hub.” Samsung SmartThings Hub runs a Linux-based firmware and allows for communications with various IoT devices using various wireless standards Zigbee, Z-Wave, and Bluetooth. RCE Chain – CVE-2018-3911.

Firmware

Firmware IoT Advertising Wireless

Sony Bravia Smart TVs affected by a critical vulnerability

Security Affairs

OCTOBER 6, 2018

The most severe vulnerability tracked as CVE-2018-16593 is a command-injection flaw that resides in the Sony application Photo Sharing Plus that allows users to share multimedia content from their mobile devices via Sony Smart TVs. . Click the Firmware update link for details about how to check the software version.

Wireless

Wireless IoT Advertising Firmware

BLEEDINGBIT Bluetooth flaws in TI chips expose enterprises to remote attacks

Security Affairs

NOVEMBER 1, 2018

The BLEEDINGBIT vulnerabilities affect several Texas Instruments chips, the CVE-2018-16986 flaw affects CC2640 and CC2650 chips running BLE-STACK 2.2.1 “The security vulnerability for CVE-2018-16986 is present in these TI chips when scanning is used (e.g. to address the CVE-2018-16986 flaw. or earlier.

Firmware

Firmware Manufacturing IoT Mobile

Guardzilla Security Video System Footage exposed online

Security Affairs

DECEMBER 29, 2018

. “During the 0DAYALLDAY Research Event a vulnerability was discovered ( CVE-2018-5560 ) in the Guardzilla Security Video System Model #: GZ521W. The vulnerability lies within the design and implementation of Amazon Simple Storage Service (S3) credentials inside the Guardzilla Security Camera firmware.”

Firmware

Firmware Surveillance IoT Passwords

"In our modern world, countless applications rely on radio frequency elements" - an Interview with Larbi Ouiyzme

Pen Test

OCTOBER 12, 2023

What are the common firmware and software vulnerabilities in RF devices that can be exploited? Vulnerabilities in RF technology often encompass various weaknesses and security gaps within the firmware and software used in RF devices. Keeping firmware up to date is essential for security.

Encryption

Encryption Firmware Surveillance Technology

Security Affairs newsletter Round 180 – News of the week

Security Affairs

SEPTEMBER 16, 2018

Firmware

Firmware Advertising Surveillance Data breaches

Interview With a Crypto Scam Investment Spammer

Krebs on Security

MAY 22, 2023

This email address is also connected to accounts on several Russian cybercrime forums, including “ __edman__ ,” who had a history of selling “logs” — large amounts of data stolen from many bot-infected computers — as well as giving away access to hacked Internet of Things (IoT) devices. pw was their domain.

Scams

Scams DDOS Cryptocurrency Accountability

ZoomEye IoT search engine cached login passwords for tens of thousands of Dahua DVRs

Security Affairs

JULY 16, 2018

Anubhav explained that the passwords are related to Dahua DVRs running very old firmware that is known to be affected by a five-year-old vulnerability tracked as CVE-2013-6117. Even if the vulnerability has been patched, many Dahua devices are still running ancient firmware. — Ankit Anubhav (@ankit_anubhav) July 13, 2018.

IoT

IoT Engineering Passwords Firmware

Over 19,000 Orange Livebox ADSL modems leak WiFi credentials

Security Affairs

DECEMBER 25, 2018

The flaw tracked as CVE-2018-20377 is known at least since 2012 when Rick Murray described it in a blog post. . “On Friday, December 21, 2018, our honeypots observed an interesting scan consisting of a GET request for /get_getnetworkconf.cgi. SecurityAffairs – Orange Livebox ADSL modems, hacking). admin/admin).

Passwords

Passwords Wireless Firmware Advertising

CISA adds WatchGuard flaw to its Known Exploited Vulnerabilities Catalog

Security Affairs

APRIL 12, 2022

Cyclops Blink is believed to be a replacement for the VPNFilter botnet, which was first exposed in 2018 and at the time was composed of more than 500,000 compromised routers and network-attached storage (NAS) devices. The malware leverages the firmware update process to achieve persistence. To nominate, please visit:?

Firmware

Firmware Malware Cybersecurity Hacking

TP-Link fixes 2 Remote Code Execution flaws in TL-R600VPN SOHO Router and other issues

Security Affairs

NOVEMBER 20, 2018

The vulnerabilities are two remote code execution (RCE) flaws(CVE-2018-3950, CVE-2018-3951), a denial-of-service issue (CVE-2018-3948), and a server information disclosure bug (CVE-2018-394). The CVE-2018-3948 DoS flaw affects the URI-parsing function of the TL-R600VPN HTTP server. Pierluigi Paganini.

Authentication

Authentication Advertising Firmware Hacking

Android devices shipped with backdoored firmware as part of the BADBOX network

MY TAKE: Why locking down ‘firmware’ has now become the next big cybersecurity challenge

Trending Sources

SHARED INTEL: How ‘memory attacks’ and ‘firmware spoilage’ circumvent perimeter defenses

How to hack Wincor Cineo ATMs to bypass black-box attack protections and withdraw cash

ASUS addressed critical flaws in some router models

Devices from Dell, HP, and Lenovo used outdated OpenSSL versions

Hacking the infotainment system used in Mercedes-Benz cars

Netgear fixes a critical RCE that could allow to takeover Flagship Nighthawk routers

Experts found 9 NAS flaws that expose LenovoEMC, Iomega Devices to hack

BotenaGo botnet targets millions of IoT devices using 33 exploits

Toyota presented PASTA (Portable Automotive Security Testbed) Car-Hacking Tool

HP releases firmware updates for two critical RCE flaws in Inkjet Printers

Millions of Xiongmai video surveillance devices can be easily hacked via cloud feature

US and UK link new Cyclops Blink malware to Russian state hackers?

DRAGONBLOOD flaws allow hacking WPA3 protected WiFi passwords

New Cring ransomware deployed targeting unpatched Fortinet VPN devices

ESET warns of three flaws that affect over 100 Lenovo notebook models

A new Zerobot variant spreads by exploiting Apache flaws

Beastmode Mirai botnet now includes exploits for Totolink routers

335,923 out of 489,337 Fortinet firewalls vulnerable to CVE-2023-27997

Decoding Security 127: We Got Conned

Severe vulnerabilities allow hacking older GE anesthesia machines

Group-IB presented latest cybercrime and nation-state hacking trends in Asia

Cisco says its RV routers will no longer receive updates

HP bug bounty programs now covers flaws in cartridges

QSnatch malware infected over 62,000 QNAP NAS Devices

The Hacker Mind: Hacking IoT

The Hacker Mind: Hacking IoT

Researchers show how to steal a Tesla Model X in a few minutes

Experts demonstrate how to unlock several Honda models via Rolling-PWN attack

Cisco ASA is affacted by a privilege escalation flaw. Patch it now!

STEPS FORWARD: Regulators are on the move to set much needed IoT security rules of the road

A daily average of 80,000 printers exposed online via IPP

Tens of flaws in Samsung SmartThings Hub expose smart home to attack

Sony Bravia Smart TVs affected by a critical vulnerability

BLEEDINGBIT Bluetooth flaws in TI chips expose enterprises to remote attacks

Guardzilla Security Video System Footage exposed online

"In our modern world, countless applications rely on radio frequency elements" - an Interview with Larbi Ouiyzme

Security Affairs newsletter Round 180 – News of the week

Interview With a Crypto Scam Investment Spammer

ZoomEye IoT search engine cached login passwords for tens of thousands of Dahua DVRs

Over 19,000 Orange Livebox ADSL modems leak WiFi credentials

CISA adds WatchGuard flaw to its Known Exploited Vulnerabilities Catalog

TP-Link fixes 2 Remote Code Execution flaws in TL-R600VPN SOHO Router and other issues

Stay Connected