2019, Firmware, Hacking and Internet - Cyber Security Informer

MY TAKE: Why locking down ‘firmware’ has now become the next big cybersecurity challenge

The Last Watchdog

JUNE 10, 2019

Locking down firmware. These are the carriers that provide Internet access to rural areas all across America. Firmware is the coding that’s embedded below the software layer on all computing devices, ranging from printers to hard drives and motherboards to routers and switches. telecoms by Chinese tech giant Huawei.

Firmware

Firmware Cybersecurity Technology Engineering

SHARED INTEL: How ‘memory attacks’ and ‘firmware spoilage’ circumvent perimeter defenses

The Last Watchdog

NOVEMBER 20, 2019

What does Chinese tech giant Huawei have in common with the precocious kid next door who knows how to hack his favorite video game? Related: Ransomware remains a scourge The former has been accused of placing hidden backdoors in the firmware of equipment distributed to smaller telecom companies all across the U.S. percent from 2018.

Firmware

Firmware Hacking Software Surveillance

The Internet of Things Is Everywhere. Are You Secure?

Security Boulevard

MARCH 18, 2021

From smart homes that enable you to control your thermostat from a distance to sensors on oil rigs that help predict maintenance to autonomous vehicles to GPS sensors implanted in the horns of endangered black rhinos , the internet of things is all around you. In 2019 alone, attacks on IoT devices increased by 300%. Are You Secure?

Internet

Internet Internet IoT Software

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

Attackers are hacking NSC Linear eMerge E3 building access systems to launch DDoS attacks

Security Affairs

FEBRUARY 3, 2020

L inear eMerge E3 smart building access systems designed by N ortek Security & Control (NSC) are affected by a severe vulnerability (CVE-2019-7256) that has yet to be fixed and attackers are actively scanning the internet for vulnerable devices. CVE-2019-7256 is actively being exploited by DDoS botnet operators.

DDOS

DDOS Hacking Internet Internet

Hacking Wi-Fi networks by exploiting a flaw in Philips Smart Light Bulbs

Security Affairs

FEBRUARY 6, 2020

The bridge discovers the hacker-controlled bulb with updated firmware, and the user adds it back onto their network. ” Check Point reported the issue to Philips and Signify (owner of the Philips Hue brand) in November 2019. The company released firmware p atches for the device in January. Pierluigi Paganini.

Hacking

Hacking IoT Wireless Firmware

New Ttint IoT botnet exploits two zero-days in Tenda routers

Security Affairs

OCTOBER 5, 2020

The experts are monitoring the Mirai-based botnet since November 2019 and observed it exploiting two Tenda router 0-day vulnerabilities to spread a Remote Access Trojan (RAT). ” When the botnet was first detected in 2019, experts noticed it was exploiting the Tenda zero-day flaw tracked as CVE-2020-10987. Pierluigi Paganini.

IoT

IoT Firmware DNS Advertising

Hacker leaks passwords for 900+ Pulse Secure VPN enterprise servers

Security Affairs

AUGUST 5, 2020

The list includes: IP addresses of Pulse Secure VPN servers Pulse Secure VPN server firmware version SSH keys for each server A list of all local users and their password hashes Admin account details Last VPN logins (including usernames and cleartext passwords) VPN session cookies. SecurityAffairs – hacking, Pulse VPN).

VPN

VPN Passwords Banking Advertising

Multiple flaws in CODESYS V3 SDK could lead to RCE or DoS?

Security Affairs

AUGUST 13, 2023

16 vulnerabilities in Codesys products could result in remote code execution and DoS attacks exposing OT environments to hacking. An attacker can trigger the flaw to gain remote code execution and conduct denial-of-service attacks under specific conditions, exposing operational technology (OT) environments to hacking.

Authentication

Authentication Firmware Hacking Passwords

Million of Telestar Digital GmbH IoT radio devices can be remotely hacked

Security Affairs

SEPTEMBER 10, 2019

The vulnerabilities have been tracked as CVE-2019-13473 and CVE-2019-13474. . The hardware of the terminals is equipped with Shenzen technology, while the firmware is based on BusyBox Linux Debian. . SecurityAffairs – IoT radio devices, hacking). . ” continues the experts. Pierluigi Paganini.

IoT

IoT Hacking Firmware Advertising

BotenaGo botnet targets millions of IoT devices using 33 exploits

Security Affairs

NOVEMBER 11, 2021

Ax with firmware 1.04b12 and earlier CVE-2016-1555 Netgear WN604 before 3.3.3 CVE-2017-6077 NETGEAR DGN2200 devices with firmware through 10.0.0.50 181024 CVE-2019-19824 TOTOLINK Realtek SDK based routers, this affects A3002RU through 2.0.0, Ax with firmware 1.04b12 and earlier CVE-2016-1555 Netgear WN604 before 3.3.3

IoT

IoT Firmware Malware Wireless

QSnatch malware infected over 62,000 QNAP NAS Devices

Security Affairs

JULY 28, 2020

In November 2019, security experts first spotted the QSnatch malware that at the time infected thousands of QNAP NAS devices worldwide. Weitere Informationen von unseren Kollegen bei @CERTFI : [link] — CERT-Bund (@certbund) October 31, 2019. Webshell functionality for remote access. ” reads the alert.

Malware

Malware Firmware Advertising Manufacturing

Flaws in Wyze cam devices allow their complete takeover

Security Affairs

MARCH 31, 2022

The three flaws reported by the cybersecurity firm are: An authentication bypass tracked CVE-2019-9564 A stack-based buffer overflow, tracked as CVE-2019-12266 , which could lead to remote control execution. A remote attacker could exploit the CVE-2019-9564 flaw to take over the device, including turning on/off the camera.

IoT

IoT Firmware Marketing Authentication

New eCh0raix ransomware variant targets NAS devices from both QNAP and Synology vendors

Security Affairs

AUGUST 10, 2021

The eCh0raix ransomware has been active since at least 2019, when eExperts from security firms Intezer and Anomali separately discovered sample of the ransomware targeting Network Attached Storage (NAS) devices. SecurityAffairs – hacking, NAS). Create complex login passwords to make brute-forcing more difficult for attackers.

Ransomware

Ransomware Encryption Firmware Passwords

Botnet operators target multiple zero-day flaws in LILIN DVRs

Security Affairs

MARCH 23, 2020

According to the Chinese security firm Qihoo 360’s Netlab team, operators of several botnets , including Chalubo , FBot , and Moobot , targeting LILIN DVRs at least since August 30, 2019. The new firmware released by the vendors validated the hostname passed as input to prevent command execution. ” Netlab concludes.

Firmware

Firmware Surveillance Manufacturing Advertising

A new Zerobot variant spreads by exploiting Apache flaws

Security Affairs

DECEMBER 22, 2022

Microsoft Threat Intelligence Center (MSTIC) researchers discovered a new variant of the Zerobot botnet (aka ZeroStresser) that was improved with the capabilities to target more Internet of Things (IoT) devices. Maintain device health with updates: Make sure devices are up to date with the latest firmware and patches.

IoT

IoT DDOS Malware Firmware

SweynTooth Bluetooth flaws affect devices from major system-on-a-chip (SoC) vendors

Security Affairs

FEBRUARY 15, 2020

Now experts found 12 vulnerabilities in the BLE software development kits (SDKs) of seven SoC vendors (Texas Instruments, NXP, Cypress, Dialog Semiconductors, Microchip, STMicroelectronics and Telink Semiconductor) that could be exploited to hack into various smart devices, including devices and environmental tracking or sensing systems.

IoT

IoT Firmware Advertising Hacking

Millions of IoT Devices exposed to remote hacks due to iLnkP2P flaws

Security Affairs

APRIL 26, 2019

The first iLnkP2P flaw tracked as CVE-2019-11219 is an enumeration vulnerability that could be exploited by an attacker to discover devices exposed online. The second issue tracked as CVE-2019-11220 can be exploited by an attacker to intercept connections to vulnerable devices and conduct man-in-the-middle (MitM) attacks.

IoT

IoT Hacking Manufacturing Advertising

Cisco fixes flaws RV320 and RV325 routers targeted in attacks

Security Affairs

APRIL 4, 2019

Firmware updates that address this vulnerability are not currently available. The first one could be exploited by a remote and unauthenticated attacker with admin privileges to obtain sensitive information ( CVE-2019-1653 ), while the second one can be exploited for command injection ( CVE-2019-1652 ). through 1.4.2.20.

Small Business

Small Business Firmware Advertising VPN

D-Link router models affected by remote code execution issue that will not be fixed

Security Affairs

OCTOBER 7, 2019

Security experts at Fortinet’s FortiGuard Labs disclosed a remote code execution vulnerability tracked as CVE-2019-16920. The vulnerability is an unauthenticated command injection issue that was discovered on September 2019. SecurityAffairs – routers, hacking). The flaw has received a CVSS v31 base score of 9.8

Authentication

Authentication Advertising Firmware Hacking

Mozi P2P Botnet also targets Netgear, Huawei, and ZTE devices

Security Affairs

AUGUST 20, 2021

Mozi is an IoT botnet that borrows the code from Mirai variants and the Gafgyt malware , it appeared on the threat landscape in late 2019. According to the researchers, in the last months of 2019, the botnet was mainly involved in DDoS attacks. SecurityAffairs – hacking, Mozi botnet). Pierluigi Paganini.

IoT

IoT DNS Manufacturing Firmware

Pink Botnet infected over 1.6 Million Devices, it is one of the largest botnet ever seen

Security Affairs

NOVEMBER 1, 2021

The number of infected devices is impressive, on 2019-11-30 a trusted security partner in the US informed Qihoo 360’s Netlab Cybersecurity reported to have observed 1,962,308 unique daily active IPs from the Pink botnet targeting its systems. SecurityAffairs – hacking, Pink botnet). Pierluigi Paganini.

Architecture

Architecture DDOS Advertising Firmware

DoS attack the caused disruption at US power utility exploited a known flaw

Security Affairs

SEPTEMBER 9, 2019

In May, the Department of Energy confirmed that on March 5, 2019, between 9 a.m. “Have as few internet facing devices as possible,” NERC urged in its report.” “ After seeing no adverse effects, the entity deployed the firmware patch at an operational generation site that night.” and 7 p.m.,

Energy and Utilities

Energy and Utilities Firewall Firmware Advertising

Initial fixes for Cisco RV320 and RV325 routers were incomplete

Security Affairs

MARCH 30, 2019

The first one could be exploited by a remote and unauthenticated attacker with admin privileges to obtain sensitive information ( CVE-2019-1653 ), while the second one can be exploited for command injection ( CVE-2019-1652 ). Firmware updates that address this vulnerability are not currently available. Pierluigi Paganini.

Small Business

Small Business Firmware Advertising Engineering

Mozi Botnet is responsible for most of the IoT Traffic

Security Affairs

SEPTEMBER 20, 2020

The Mozi botnet accounted for 90% of the IoT network traffic observed between October 2019 and June 2020, IBM reported. Mozi is an IoT botnet that borrows the code from Mirai variants and the Gafgyt malware , it appeared on the threat landscape in late 2019. SecurityAffairs – hacking, Mozi botnet). Pierluigi Paganini.

IoT

IoT DDOS Architecture Passwords

NEW TECH: ICS zero-day flaws uncovered by Nozomi Networks’ analysis of anomalous behaviors

The Last Watchdog

AUGUST 26, 2019

Related: Why the Golden Age of cyber spying is here Carcano hacked a computer screen at age 14, and that got him intrigued by software controls. I had the chance to visit with Carcano at Black Hat USA 2019. The state-sponsored hacking groups are still in business. For a full drill down, give a listen to the accompanying podcast.

Artificial Intelligence

Artificial Intelligence Hacking Technology Firmware

Both Mirai and Hoaxcalls IoT botnets target Symantec Web Gateways

Security Affairs

MAY 19, 2020

which is a product that became end-of-life (EOL) in 2015 and end-of-support-life (EOSL) in 2019.” “There is no evidence to support any other firmware versions are vulnerable at this point in time and these findings have been shared with Symantec.” SecurityAffairs – Symantec Web Gateways, hacking).

IoT

IoT DDOS Authentication Advertising

FBI and CISA are warning of APT actors targeting Fortinet FortiOS servers

Security Affairs

APRIL 2, 2021

The threat actors are actively exploiting the following vulnerabilities in Fortinet FortiOS: CVE-2018-13379 ; CVE-2020-12812 ; CVE-2019-5591. In March 2021, government experts observed state sponsored hackers scanning the internet for servers vulnerable to the above flaws, the attackers were probing systems on ports 4443, 8443, and 10443.

Passwords

Passwords Government Firmware Accountability

NEW TECH: Nozomi Networks tracks anomalous behaviors, finds zero-day ICS vulnerabilities

The Last Watchdog

AUGUST 26, 2019

Related: Why the Golden Age of cyber spying is here Carcano hacked a computer screen at age 14, and that got him intrigued by software controls. I had the chance to visit with Carcano at Black Hat USA 2019. The state-sponsored hacking groups are still in business. For a full drill down, give a listen to the accompanying podcast.

Artificial Intelligence

Artificial Intelligence Hacking Technology Firmware

A flaw in Rockwell Controller allows attackers to redirect users to malicious Sites

Security Affairs

APRIL 25, 2019

The vulnerabilyt was tracked as CVE-2019-10955 and received a CVSS score of 7.1 Rockwell has released firmware updates that address the vulnerability for the affected controllers. Minimize network exposure for all control system devices and/or systems, and ensure that they are not accessible from the Internet.

Firmware

Firmware Social Engineering Advertising Malware

US dismantled the Russia-linked Cyclops Blink botnet

Security Affairs

APRIL 6, 2022

“The operation copied and removed malware from vulnerable internet-connected firewall devices that Sandworm used for command and control (C2) of the underlying botnet.” The malware leverages the firmware update process to achieve persistence. SecurityAffairs – hacking, Russia). To nominate, please visit:?

Malware

Malware Government Firmware Firewall

CISA warns of critical flaws in Prima FlexAir access control system

Security Affairs

JULY 31, 2019

The most severe vulnerability, tracked as CVE-2019-7670, is an OS command injection flaw. Another issue, tracked as CVE-2019-7669, is an improper validation of file extensions when uploading files that was rated as CVSS score of 9.1. Another critical issue, tracked as CVE-2019-7672, received a CVSS score of 8.8.

Backups

Backups Authentication Advertising Firmware

Silex malware bricks thousands of IoT devices in a few hours

Security Affairs

JUNE 26, 2019

Cashdollar (@_larry0) June 25, 2019. The only way to recover infected devices is to manually reinstall the device’s firmware. pic.twitter.com/gUjWCdSIQO — Ankit Anubhav (@ankit_anubhav) June 25, 2019. SecurityAffairs – Silex malware, hacking). pic.twitter.com/Ue661ku0fy — Larry W. Pierluigi Paganini.

IoT

IoT Malware Advertising Firmware

Critical Success Factors to Widespread Deployment of IoT

Thales Cloud Protection & Licensing

FEBRUARY 16, 2021

Mirai, Jeep Hack, etc.) An IoT device connected to a network is simply a potential bridge between the internet and a malicious entity. Once installed, the malware “phoned home” to a command-and-control network run by the hacking group, which enabled them to enter the network and take further action. Internet Of Things.

IoT

IoT Manufacturing Energy and Utilities Data collection

Comprehensive analysis of initial attack samples exploiting CVE-2023-23397 vulnerability

SecureList

JULY 19, 2023

While the threat actor infrastructure might request Net-NTLMv2 authentication, Windows will honor the defined internet security zones and will not send (leak) Net-NTLMv2 hashes. msg VT First Submission 2022-10-25 10:00:00 UTC UNC path 168.205.200.55test (reminder time set to 2019-02-17 19:00) Sent by: 168.205.200.55 No Info 61.14.68[.]33

Firmware

Firmware Internet Internet Government

For nearly a year, Brazilian users have been targeted with router attacks

Security Affairs

JULY 13, 2019

In April 2019, experts at Bad Packets uncovered a new wave of attacks mainly aimed at compromising D-Link routers, many of them hosted belonging to Brazilian users. . According to Avast, in the first half of 2019, hackers have modified the DNS settings of over 180,000 Brazilian routers with even more complex attacks. concludes Avast.

DNS

DNS Passwords Advertising Banking

Why Healthcare IoT Requires Strong Machine Identity Management

Security Boulevard

MAY 30, 2022

By 2027, the IoT in Healthcare market is expected to reach $290 billion , up from just $60 billion in 2019. The use of internet connected medical devices can be incredibly scary if the right security isn’t put in place. Secure IoT firmware and authenticated devices offer benefits that extend to the entire healthcare ecosystem.

Healthcare

Healthcare IoT Manufacturing Risk

BotenaGo strikes again – malware source code uploaded to GitHub

CyberSecurity Insiders

JANUARY 26, 2022

In September 2016, source code of one of the most popular botnets named Mirai was leaked and uploaded to one of the hacking community forums, and later uploaded to GitHub with detailed information on the botnet, its infrastructure, configuration and how to build it. Install security and firmware upgrades from vendors, as soon as possible.

Malware

Malware IoT Authentication Antivirus

Sounding the Alarm on Emergency Alert System Flaws

Krebs on Security

AUGUST 12, 2022

A Digital Alert Systems EAS encoder/decoder that Pyle said he acquired off eBay in 2019. Pyle said he started acquiring old EAS equipment off of eBay in 2019, and that he quickly identified a number of serious security vulnerabilities in a device that is broadly used by states and localities to encode and decode EAS alert signals.

Firmware

Firmware Manufacturing Passwords Software

SHARING INTEL: Why full ‘digital transformation’ requires locking down ‘machine identities’

The Last Watchdog

OCTOBER 16, 2019

We had a chance to meet again at Black Hat 2019. Now consider that cloud computing is still on the rise, and that the Internet of Things is on the verge of rapid expansion as more 5G networks come on line. Criminal opportunities abound, and criminals using widely available hacking tools and proven tactics are taking full advantage.

Digital transformation

Digital transformation Firmware Authentication IoT

The Hacker Mind Podcast: Hacking OpenWRT

ForAllSecure

DECEMBER 10, 2020

In this episode, Guido Vranken talks about his approach to hacking, about the differences between memory safe and unsafe languages, his use of fuzz testing as a preferred tool, and how he came to discover the validation error in OpenWRT, as well as a serialization error in cereal, and other vulnerabilities. Listen to EP 11: Hacking OpenWRT.

Hacking

Hacking Banking Internet Internet

The Hacker Mind Podcast: Hacking OpenWRT

ForAllSecure

DECEMBER 10, 2020

In this episode, Guido Vranken talks about his approach to hacking, about the differences between memory safe and unsafe languages, his use of fuzz testing as a preferred tool, and how he came to discover the validation error in OpenWRT, as well as a serialization error in cereal, and other vulnerabilities. Listen to EP 11: Hacking OpenWRT.

Hacking

Hacking Banking Internet Internet

The Hacker Mind Podcast: Hacking OpenWRT

ForAllSecure

DECEMBER 11, 2020

In this episode, Guido Vranken talks about his approach to hacking, about the differences between memory safe and unsafe languages, his use of fuzz testing as a preferred tool, and how he came to discover the validation error in OpenWRT, as well as a serialization error in cereal, and other vulnerabilities. Listen to EP 11: Hacking OpenWRT.

Hacking

Hacking Banking Internet Internet

Kali Linux 2019.4 Release (Xfce, Gnome, GTK3, Kali-Undercover, Kali-Docs, KeX, PowerShell & Public Packaging)

Kali Linux

NOVEMBER 25, 2019

We are incredibly excited to announce our fourth and final release of 2019, Kali Linux 2019.4, Say you are working in a public place, hacking away, and you might not want the distinctive Kali dragon for everyone to see and wonder what it is you are doing. 3kali1 (2019-11-20) root@kali:~# root@kali:~# uname -r 5.3.0-kali2-amd64

Penetration Testing

Penetration Testing Firmware Architecture Internet

DDoS attacks in Q4 2020

SecureList

FEBRUARY 16, 2021

After the attacks came to light, the manufacturer promptly released a firmware update for configuring verification of incoming requests. Dear players, The PUBG MOBILE team are currently actively working to resolve the DDoS attacks against our systems and the new hacking issues. For information, please check out here: [link].

DDOS

DDOS Cryptocurrency Marketing Internet

MY TAKE: Why locking down ‘firmware’ has now become the next big cybersecurity challenge

SHARED INTEL: How ‘memory attacks’ and ‘firmware spoilage’ circumvent perimeter defenses

Webinars

Trending Sources

The Internet of Things Is Everywhere. Are You Secure?

Webinars

Attackers are hacking NSC Linear eMerge E3 building access systems to launch DDoS attacks

Hacking Wi-Fi networks by exploiting a flaw in Philips Smart Light Bulbs

New Ttint IoT botnet exploits two zero-days in Tenda routers

Hacker leaks passwords for 900+ Pulse Secure VPN enterprise servers

Multiple flaws in CODESYS V3 SDK could lead to RCE or DoS?

Million of Telestar Digital GmbH IoT radio devices can be remotely hacked

BotenaGo botnet targets millions of IoT devices using 33 exploits

QSnatch malware infected over 62,000 QNAP NAS Devices

Flaws in Wyze cam devices allow their complete takeover

New eCh0raix ransomware variant targets NAS devices from both QNAP and Synology vendors

Botnet operators target multiple zero-day flaws in LILIN DVRs

A new Zerobot variant spreads by exploiting Apache flaws

SweynTooth Bluetooth flaws affect devices from major system-on-a-chip (SoC) vendors

Millions of IoT Devices exposed to remote hacks due to iLnkP2P flaws

Cisco fixes flaws RV320 and RV325 routers targeted in attacks

D-Link router models affected by remote code execution issue that will not be fixed

Mozi P2P Botnet also targets Netgear, Huawei, and ZTE devices

Pink Botnet infected over 1.6 Million Devices, it is one of the largest botnet ever seen

DoS attack the caused disruption at US power utility exploited a known flaw

Initial fixes for Cisco RV320 and RV325 routers were incomplete

Mozi Botnet is responsible for most of the IoT Traffic

NEW TECH: ICS zero-day flaws uncovered by Nozomi Networks’ analysis of anomalous behaviors

Both Mirai and Hoaxcalls IoT botnets target Symantec Web Gateways

FBI and CISA are warning of APT actors targeting Fortinet FortiOS servers

NEW TECH: Nozomi Networks tracks anomalous behaviors, finds zero-day ICS vulnerabilities

A flaw in Rockwell Controller allows attackers to redirect users to malicious Sites

US dismantled the Russia-linked Cyclops Blink botnet

CISA warns of critical flaws in Prima FlexAir access control system

Silex malware bricks thousands of IoT devices in a few hours

Critical Success Factors to Widespread Deployment of IoT

Comprehensive analysis of initial attack samples exploiting CVE-2023-23397 vulnerability

For nearly a year, Brazilian users have been targeted with router attacks

Why Healthcare IoT Requires Strong Machine Identity Management

BotenaGo strikes again – malware source code uploaded to GitHub

Sounding the Alarm on Emergency Alert System Flaws

SHARING INTEL: Why full ‘digital transformation’ requires locking down ‘machine identities’

The Hacker Mind Podcast: Hacking OpenWRT

The Hacker Mind Podcast: Hacking OpenWRT

The Hacker Mind Podcast: Hacking OpenWRT

Kali Linux 2019.4 Release (Xfce, Gnome, GTK3, Kali-Undercover, Kali-Docs, KeX, PowerShell & Public Packaging)

DDoS attacks in Q4 2020

Stay Connected