2019, Authentication, Firmware and Information Security

CVE-2019-0090 flaw affects Intel Chips released in the last 5 years

Security Affairs

MARCH 7, 2020

A new vulnerability, tracked as CVE-2019-0090 , affects all Intel chips that could allow attackers to bypass every hardware-enabled security technology. Security experts from Positive Technologies warn of a new vulnerability, tracked as CVE-2019-0090, that affects all Intel processors that were released in the past 5 years.

Firmware

Firmware Technology Advertising Authentication

Intel addresses High-Severity flaws in NUC Firmware and other tools

Security Affairs

AUGUST 18, 2019

Intel released security updates to address high-severity vulnerabilities in NUC firmware, the Processor Identification Utility, and the Computing Improvement Program. Intel Patch Tuesday for August 2019 addressed high-severity vulnerabilities in NUC firmware, Processor Identification Utility, and Computing Improvement Program.

Firmware

Firmware Authentication Advertising Hacking

Netgear fixes a critical RCE that could allow to takeover Flagship Nighthawk routers

Security Affairs

MARCH 8, 2020

Netgear has addressed a critical remote code execution vulnerability that could be exploited by an unauthenticated attacker to take over AC Router Nighthawk (R7800) hardware running firmware versions prior to 1.0.2.68. The critical vulnerability, tracked as PSV-2019-0076 , affects Netgear Nighthawk X4S Smart Wi-Fi Router (R7800) family.

Firmware

Firmware Wireless Advertising Authentication

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

SonicWall warns of ‘imminent ransomware’ attacks on its EOL products

Security Affairs

JULY 15, 2021

. “Through the course of collaboration with trusted third parties, SonicWall has been made aware of threat actors actively targeting Secure Mobile Access (SMA) 100 series and Secure Remote Access (SRA) products running unpatched and end-of-life (EOL) 8.x x firmware in an imminent ransomware campaign using stolen credentials.”

Firmware

Firmware Ransomware Passwords Mobile

Multiple flaws in CODESYS V3 SDK could lead to RCE or DoS?

Security Affairs

AUGUST 13, 2023

The experts pointed out that the exploiting the vulnerabilities requires user authentication, as well as deep knowledge of the proprietary protocol of CODESYS V3 and the structure of the different services that the protocol uses. Check with the device manufacturers for available patches and update the device firmware to version to 3.5.19.0

Authentication

Authentication Firmware Hacking Passwords

Intel addresses high severity flaw in Processor Diagnostic Tool

Security Affairs

JULY 11, 2019

Intel Patch Tuesday updates for July 2019 address a serious flaw in Processor Diagnostic Tool and minor issue in the Solid State Drives (SSD) for Data Centers (DC). The “high severity” vulnerability in the Processor Diagnostic Tool is tracked as CVE-2019-11133, it was rated with a CVSS score of 8.2 ” reads the security advisory.

Firmware

Firmware Advertising Authentication Hacking

Second-ever UEFI rootkit used in North Korea-themed attacks

Security Affairs

OCTOBER 5, 2020

The experts were investigating several suspicious UEFI firmware images when discovered four components, some of which were borrowing the source code a Hacking Team spyware. The firmware malware is based on code associated with HackingTeam’s VectorEDK bootkit, with minor changes. ” concludes the report.

Firmware

Firmware Spyware Surveillance Hacking

QSnatch malware infected over 62,000 QNAP NAS Devices

Security Affairs

JULY 28, 2020

CGI password logger This installs a fake version of the device admin login page, logging successful authentications and passing them to the legitimate login page. In November 2019, security experts first spotted the QSnatch malware that at the time infected thousands of QNAP NAS devices worldwide. ” reads the alert.

Malware

Malware Firmware Advertising Manufacturing

Flaws in Wyze cam devices allow their complete takeover

Security Affairs

MARCH 31, 2022

The three flaws reported by the cybersecurity firm are: An authentication bypass tracked CVE-2019-9564 A stack-based buffer overflow, tracked as CVE-2019-12266 , which could lead to remote control execution. A remote attacker could exploit the CVE-2019-9564 flaw to take over the device, including turning on/off the camera.

IoT

IoT Firmware Marketing Authentication

Infecting Canon EOS DSLR camera with ransomware over the air

Security Affairs

AUGUST 12, 2019

Searching online the expert first found an encrypted firmware, he found on a forum a Portable ROM Dumper , (a custom firmware update file that once loaded, dumps the memory of the camera into the SD Card) that allowed him to dump the camera’s firmware and load it into his disassembler (IDA Pro). ” – Eyal Itkin.

Firmware

Firmware Ransomware Wireless Encryption

Netgear is releasing fixes for ten issues affecting 79 products

Security Affairs

JULY 1, 2020

Netgear is releasing security patches to address ten vulnerabilities affecting nearly 80 of its products. Some of the vulnerabilities were discovered during the Pwn2Own Tokyo 2019 hacking contest and reported through the Zero Day Initiative (ZDI). ZDI reported the flaws to the vendor in November 2019, January and February 2020.

Authentication

Authentication Firmware Hacking Mobile

D-Link addressed 5 flaws on some router models, some of them reached EoL

Security Affairs

JULY 25, 2020

Unfortunately, some of the impacted models have reached their End-of-Support (“EOS”)/ End-of-Life (“EOL”) date, which means they wouldn’t receive security updates to fix the issues. B09 (and below) will receive no security updates remaining vulnerable.

Firmware

Firmware Advertising Authentication Hacking

Fortinet removed hardcoded SSH keys and database backdoors from FortiSIEM

Security Affairs

JANUARY 27, 2020

An attacker with this key can successfully authenticate as this user to the FortiSIEM Supervisor.” reads the security advisory. While the user’s shell is limited to running the /opt/phoenix/phscripts/bin/tunnelshell script, SSH authentication still succeeds.”. The unencrypted key is also stored inside the FortiSIEM image.

Advertising

Advertising Firmware Authentication Passwords

DRAGONBLOOD flaws allow hacking WPA3 protected WiFi passwords

Security Affairs

AUGUST 3, 2019

The WPA Wireless security standard was designed to authenticate wireless devices using the Advanced Encryption Standard (AES) protocol and to establish secure connections that hackers cannot spy on. The Enterprise mode implements 192-bit encryption for networks that require extra security.

Passwords

Passwords Hacking Wireless Authentication

FBI and CISA are warning of APT actors targeting Fortinet FortiOS servers

Security Affairs

APRIL 2, 2021

The threat actors are actively exploiting the following vulnerabilities in Fortinet FortiOS: CVE-2018-13379 ; CVE-2020-12812 ; CVE-2019-5591. The joint alert also states that attackers scanning also enumerated devices for the CVE-2020-12812 and CVE-2019-5591 flaws. Use multifactor authentication where possible.

Passwords

Passwords Government Firmware Accountability

FBI warns of increase in PYSA ransomware attacks targeting education

Malwarebytes

MARCH 17, 2021

PYSA, also known as Mespinoza, was first spotted in the wild in October 2019 where it was initially used against large corporate networks. To prevent attacks: Install security updates for operating systems, software, and firmware as soon as they are released. Use multi-factor authentication wherever possible.

Education

Education Ransomware Phishing Passwords

CISA, FBI shared a joint advisory to warn of Zeppelin ransomware attacks

Security Affairs

AUGUST 13, 2022

The US Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) have published a joint advisory to warn of Zeppelin ransomware attacks.

Ransomware

Ransomware Encryption Firmware Backups

CISA warns of critical flaws in Prima FlexAir access control system

Security Affairs

JULY 31, 2019

The list of flaws includes OS Command Injection, Unrestricted Upload of File with Dangerous Type, Cross-site Request Forgery, Small Space of Random Values, Cross-site Scripting, Exposure of Backup file to Unauthorized Control Sphere, Improper Authentication, and Use of Hard-coded Credentials. “Prima Systems FlexAir, Versions 2.3.38

Backups

Backups Authentication Advertising Firmware

Cisco addressed critical flaws in Cisco Small Business 220 Series Smart Switches

Security Affairs

AUGUST 7, 2019

Cisco released security updates to address several vulnerabilities in Cisco Small Business 220 Series Smart Switches, including two critical issues. The most important flaw, tracked as CVE-2019-1913, could be exploited by an unauthenticated, remote attacker to execute arbitrary code with root privileges.

Small Business

Small Business Advertising Firmware Authentication

Remote Command Execution and Information disclosure flaws affect dozens of D-Link routers

Security Affairs

JANUARY 3, 2020

The security duo published on Medium the technical details of the vulnerabilities in two posts along with PoC videos for their exploitation. One of the flaws is a remote command execution flaw , tracked as CVE-2019-17621, that resides in the code used to manage UPnP requests. ” reads the post published by the experts. .”

Advertising

Advertising Firmware VPN Authentication

Bad News: AI and 5G Are Expected to Worsen Cybersecurity Risks

Security Affairs

NOVEMBER 10, 2019

Information Risk Management (IRM) recently published its 2019 Risky Business Report. It also concluded that the top three cybersecurity reasons that respondents use AI now are for network intrusion detection and prevention, fraud detection and secure user authentication.

Risk

Risk Cybersecurity Artificial Intelligence Education

Threat spotlight: Conti, the ransomware used in the HSE healthcare attack

Malwarebytes

MAY 28, 2021

The first is Ransom.Sodinokibi , which Malwarebytes has already profiled and has been detecting since 2019.). Implement a recovery plan to maintain and retain multiple copies of sensitive or proprietary data and servers in a physically separate, segmented, secure location (i.e., Use multi-factor authentication where possible.

Healthcare

Healthcare Ransomware Encryption Passwords

McAfee Enterprise ATR Uncovers Vulnerabilities in Globally Used B. Braun Infusion Pump

McAfee

AUGUST 24, 2021

CVE-2021-33885 – Insufficient Verification of Data Authenticity (CVSS 9.7). CVE-2021-33882 – Missing Authentication for Critical Function (CVSS 8.2). CVE-2021-33883 – Cleartext Transmission of Sensitive Information (CVSS 7.1). CVE-2021-33884 – Unrestricted Upload of File with Dangerous Type (CVSS 5.8).

Computers and Electronics

Computers and Electronics Authentication Software Risk

The Biggest Lessons about Vulnerabilities at RSAC 2021

eSecurity Planet

MAY 28, 2021

Also Read: Remote Work Security | Top Priorities & Projects for 2021. The truth is that solutions like single sign-on (SSO) and multi-factor authentication (MFA) can spell disaster if initial access is all a malicious actor needs to traverse the network’s resources. Current Target: VBOS.

Software

Software Firmware DNS VPN

A Spectre proof-of-concept for a Spectre-proof web

Google Security

MARCH 12, 2021

Posted by Stephen Röttger and Artur Janc, Information Security Engineers Three years ago, Spectre changed the way we think about security boundaries on the web. Cross-Origin Embedder Policy (COEP) ensures that any authenticated resources requested by the application have explicitly opted in to being loaded.

Engineering

Engineering Architecture Software Firmware

The Hacker Mind Podcast: Hacking Teslas

ForAllSecure

JUNE 8, 2022

So I haven't tried that activity but that was one of the observations I had during the talk because when I was programming or like developing the Tesla key app, I had a lot of messages going back and forth and that was just one observation that this token which is used for authentication requests. Herfurt: The issue was in 2019.

Hacking

Hacking Manufacturing Encryption Wireless

The Hacker Mind Podcast: The Right To Repair

ForAllSecure

FEBRUARY 10, 2021

As Stuart Brand said back in 1984 “information wants to be free.” ” So should analyzing a device’s firmware for security flaws be considered illegal? And I think there were something like 18 and 2019. Roberts: We've got some great so secure repairs I founded in 2019.

InfoSec

InfoSec Manufacturing Technology Software

The Hacker Mind Podcast: The Right To Repair

ForAllSecure

FEBRUARY 10, 2021

As Stuart Brand said back in 1984 “information wants to be free.” ” So should analyzing a device’s firmware for security flaws be considered illegal? And I think there were something like 18 and 2019. Roberts: We've got some great so secure repairs I founded in 2019.

InfoSec

InfoSec Manufacturing Technology Software

Cyber Security Informer

CVE-2019-0090 flaw affects Intel Chips released in the last 5 years

Intel addresses High-Severity flaws in NUC Firmware and other tools

Webinars

Trending Sources

Netgear fixes a critical RCE that could allow to takeover Flagship Nighthawk routers

Webinars

SonicWall warns of ‘imminent ransomware’ attacks on its EOL products

Multiple flaws in CODESYS V3 SDK could lead to RCE or DoS?

Intel addresses high severity flaw in Processor Diagnostic Tool

Second-ever UEFI rootkit used in North Korea-themed attacks

QSnatch malware infected over 62,000 QNAP NAS Devices

Flaws in Wyze cam devices allow their complete takeover

Infecting Canon EOS DSLR camera with ransomware over the air

Netgear is releasing fixes for ten issues affecting 79 products

D-Link addressed 5 flaws on some router models, some of them reached EoL

Fortinet removed hardcoded SSH keys and database backdoors from FortiSIEM

DRAGONBLOOD flaws allow hacking WPA3 protected WiFi passwords

FBI and CISA are warning of APT actors targeting Fortinet FortiOS servers

FBI warns of increase in PYSA ransomware attacks targeting education

CISA, FBI shared a joint advisory to warn of Zeppelin ransomware attacks

CISA warns of critical flaws in Prima FlexAir access control system

Cisco addressed critical flaws in Cisco Small Business 220 Series Smart Switches

Remote Command Execution and Information disclosure flaws affect dozens of D-Link routers

Bad News: AI and 5G Are Expected to Worsen Cybersecurity Risks

Threat spotlight: Conti, the ransomware used in the HSE healthcare attack

McAfee Enterprise ATR Uncovers Vulnerabilities in Globally Used B. Braun Infusion Pump

The Biggest Lessons about Vulnerabilities at RSAC 2021

A Spectre proof-of-concept for a Spectre-proof web

The Hacker Mind Podcast: Hacking Teslas

The Hacker Mind Podcast: The Right To Repair

The Hacker Mind Podcast: The Right To Repair

Stay Connected