2020, DDOS, Firmware and Hacking - Cyber Security Informer

Apple AirTag can be hacked say security research

CyberSecurity Insiders

MAY 14, 2021

Apple AirTags can be hacked says a security expert from Germany and that too within a week of the sale of the very first device launched prestigiously in the first week of May’2021. Stack claimed that his study found that the device can be infiltrated and the firmware can be altered in such a way that it starts favoring the hackers.

Hacking

Hacking Firmware DDOS Scams

Attackers are hacking NSC Linear eMerge E3 building access systems to launch DDoS attacks

Security Affairs

FEBRUARY 3, 2020

Researchers from SonicWall revealed that hackers are attempting to compromise Linear eMerge E3 smart building access systems to recruit them in a DDoS botnet. CVE-2019-7256 is actively being exploited by DDoS botnet operators. link] #threatintel — Bad Packets Report (@bad_packets) January 10, 2020. 06 and older.

DDOS

DDOS Hacking Internet Internet

Interview With a Crypto Scam Investment Spammer

Krebs on Security

MAY 22, 2023

Shortly after that, those same servers came under a sustained distributed denial-of-service (DDoS) attack. Chaput said whoever was behind the DDoS was definitely not using point-and-click DDoS tools, like a booter or stresser service. In May 2020, Zipper told another Lolzteam member that quot[.]pw pw was their domain.

Scams

Scams DDOS Cryptocurrency Accountability

New Ttint IoT botnet exploits two zero-days in Tenda routers

Security Affairs

OCTOBER 5, 2020

Unlike other IoT DDoS botnets, Ttint implements 12 remote access functions such as Socket5 proxy for router devices, tampering with router firewall and DNS settings, executing remote custom system commands. .” The vulnerability was detailed in July 2020 by the security researchers Sanjana Sarda. ” concludes the report.

IoT

IoT Firmware DNS Advertising

A new Zerobot variant spreads by exploiting Apache flaws

Security Affairs

DECEMBER 22, 2022

com) with links to the bot was among the 48 domains associated with DDoS-for-hire services seized by the FBI in December. The most recent variant spotted by Microsoft spreads by exploiting vulnerabilities in Apache and Apache Spark ( CVE-2021-42013 and CVE-2022-33891 respectively) and also supports new DDoS attack capabilities.

IoT

IoT DDOS Malware Firmware

Router security in 2021

SecureList

JUNE 8, 2022

Routers are forever being hacked and infected, and used to infiltrate local networks. During 2020 and 2021, more than 500 router vulnerabilities were found. The nvd.nist.gov website presents different figures, but they too show a significant increase in the number of router vulnerabilities found in 2020 and 2021.

DDOS

DDOS Passwords IoT Firmware

Pink Botnet infected over 1.6 Million Devices, it is one of the largest botnet ever seen

Security Affairs

NOVEMBER 1, 2021

The botnet was created to launch DDoS attacks and to insert advertisements in the legitimate HTTP traffic of the victims, most of which are in China (96%). On 2020-01-02, CNCERT reported that “the number of Bot node IP addresses associated with this botnet exceeds 5 million. SecurityAffairs – hacking, Pink botnet).

Architecture

Architecture DDOS Advertising Firmware

Both Mirai and Hoaxcalls IoT botnets target Symantec Web Gateways

Security Affairs

MAY 19, 2020

“There is no evidence to support any other firmware versions are vulnerable at this point in time and these findings have been shared with Symantec.” Experts first observed the exploitation of the flaw in the wild on April 24, 2020, as part of an evolution of the Hoaxcalls botnet that was first discovered early of April.

IoT

IoT DDOS Authentication Advertising

DDoS attacks in Q4 2020

SecureList

FEBRUARY 16, 2021

In Q4 2020, Citrix ADC (application delivery controller) devices became one such tool, when perpetrators abused their DTLS interface. After the attacks came to light, the manufacturer promptly released a firmware update for configuring verification of incoming requests. Overall, Q4 remained within the parameters of 2020 trends.

DDOS

DDOS Cryptocurrency Marketing Internet

Overview of IoT threats in 2023

SecureList

SEPTEMBER 21, 2023

We conducted an analysis of the IoT threat landscape for 2023, as well as the products and services offered on the dark web related to hacking connected devices. Dark web services: DDoS attacks, botnets, and zero-day IoT vulnerabilities Of all IoT-related services offered on the dark web, DDoS attacks are worth examining first.

IoT

IoT DDOS Passwords Malware

Mozi Botnet is responsible for most of the IoT Traffic

Security Affairs

SEPTEMBER 20, 2020

The Mozi botnet accounted for 90% of the IoT network traffic observed between October 2019 and June 2020, IBM reported. According to the researchers, in the last months of 2019, the botnet was mainly involved in DDoS attacks. SecurityAffairs – hacking, Mozi botnet). reads the analysis published by the experts.

IoT

IoT DDOS Architecture Passwords

Why Healthcare IoT Requires Strong Machine Identity Management

Security Boulevard

MAY 30, 2022

For example, in October 2020, CISA, FBI, and the Department of Health and Human Services (HHS) issued a joint cybersecurity advisory which described the tactics used by cybercriminals against targets in the healthcare sector to infect systems with ransomware for financial gain. How to secure healthcare IoT.

Healthcare

Healthcare IoT Manufacturing Risk

IoT Cybersecurity: 5 Major Vulnerabilities and How to Tackle Them

Security Affairs

OCTOBER 13, 2020

Here are five significant cybersecurity vulnerabilities with IoT in 2020. Nobody told them that their coffee machine could be hacked into or that their camera could be used to launch a DDoS attack. SecurityAffairs – hacking, IoT). The Threat is Definitely Real. IoT is a complicated concept. Shadow IoT Devices.

IoT

IoT Cybersecurity Manufacturing Internet

The Internet of Things: Security Risks Concerns

Spinone

MARCH 17, 2018

In 2020, this number is expected to grow to a staggering 20.8 75% of Bluetooth Smart door locks have been found to have vulnerabilities that allow them to be easily hacked. The biggest ever DDoS attack was recently carried out using over 150,000 hacked smart devices worldwide including cameras, printers, and fridges.

Internet

Internet Internet Risk Computers and Electronics

Mukashi, the new Mirai variant that targets Zyxel NAS

Security Affairs

MARCH 21, 2020

A new variant of the infamous Mirai malware, tracked as Mukashi, targets Zyxel network-attached storage (NAS) devices exploiting recently patched CVE-2020-9054 issue. According to Palo Alto researchers, threat actors exploited the recently patched CVE-2020-9054 vulnerability in Zyxel NAS. The vendor advisory is also available.

DDOS

DDOS Authentication Advertising Firmware

APT trends report Q2 2022

SecureList

JULY 28, 2022

In late 2021, we encountered a malicious DXE driver incorporated into several UEFI firmware images that were flagged by our firmware scanner (integrated into Kaspersky products at the start of 2019). We first reported DeathStalker’s VileRAT campaign in August 2020. Cybercriminals are also seeking to exploit the conflict.

Malware

Malware Firmware Phishing Cryptocurrency

Cyber Security Roundup for March 2021

Security Boulevard

FEBRUARY 28, 2021

While these Linux operating systems remain unpatched to prevent exploitation of the CVE-2021-3156 vulnerability, there are waiting to be hacked. Npower App Hack. Three North Korean Hackers charged for Financial and Revenge-motivated Hacks. DDoS Attacks Leverage Plex Media Server. VULNERABILITIES AND SECURITY UPDATES.

Energy and Utilities

Energy and Utilities Ransomware DDOS Accountability

Advanced threat predictions for 2024

SecureList

NOVEMBER 14, 2023

Mail servers become priority targets In June, Recorded Future warned that BlueDelta (aka Sofacy, APT28, Fancy Bear and Sednit) exploited vulnerabilities in Roundcube Webmail to hack multiple organizations including government institutions and military entities involved in aviation infrastructure. Drone hacking!

Hacking

Hacking Energy and Utilities Media Malware

Security Affairs newsletter Round 441 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

OCTOBER 15, 2023

FBI and CISA published a new advisory on AvosLocker ransomware More than 17,000 WordPress websites infected with the Balada Injector in September Ransomlooker, a new tool to track and analyze ransomware groups’ activities Apple releases iOS 16 update to fix CVE-2023-42824 on older devices Phishing, the campaigns that are targeting Italy A new (..)

DDOS

DDOS Data breaches Cybercrime Ransomware

Cyber Security Informer

Apple AirTag can be hacked say security research

Attackers are hacking NSC Linear eMerge E3 building access systems to launch DDoS attacks

Trending Sources

Interview With a Crypto Scam Investment Spammer

New Ttint IoT botnet exploits two zero-days in Tenda routers

A new Zerobot variant spreads by exploiting Apache flaws

Router security in 2021

Pink Botnet infected over 1.6 Million Devices, it is one of the largest botnet ever seen

Both Mirai and Hoaxcalls IoT botnets target Symantec Web Gateways

DDoS attacks in Q4 2020

Overview of IoT threats in 2023

Mozi Botnet is responsible for most of the IoT Traffic

Why Healthcare IoT Requires Strong Machine Identity Management

IoT Cybersecurity: 5 Major Vulnerabilities and How to Tackle Them

The Internet of Things: Security Risks Concerns

Mukashi, the new Mirai variant that targets Zyxel NAS

APT trends report Q2 2022

Cyber Security Roundup for March 2021

Advanced threat predictions for 2024

Security Affairs newsletter Round 441 by Pierluigi Paganini – INTERNATIONAL EDITION

Stay Connected