Security Affairs

DECEMBER 22, 2022

Microsoft Threat Intelligence Center (MSTIC) researchers discovered a new variant of the Zerobot botnet (aka ZeroStresser) that was improved with the capabilities to target more Internet of Things (IoT) devices. Adopt a comprehensive IoT security solution. The IT giant is tracking this cluster of threat activity as DEV-1061.

IoT 116

IoT DDOS Malware Firmware 116

Security Affairs

DECEMBER 15, 2020

Experts from IoT security firm Sternum discovered vulnerabilities discovered in Medtronic’s MyCareLink Smart 25000 Patient Reader product that could be exploited to take control of a paired cardiac device. The experts found three flaws that could be exploited to modify or forge data that is received from the implanted cardiac devices.

Firmware 101

Firmware Authentication Mobile IoT 101

Security Affairs

FEBRUARY 6, 2020

Security experts from Check Point discovered a high-severity flaw ( CVE-2020-6007 ) in Philips Hue Smart Light Bulbs that can be exploited by hackers to gain entry into a targeted WiFi network. The bridge discovers the hacker-controlled bulb with updated firmware, and the user adds it back onto their network.

Hacking 119

Hacking IoT Wireless Firmware 119

Security Affairs

MARCH 31, 2022

The flaws were reported to Wyze in May 2019, the company addressed the CVE-2019-9564 and CVE-2019-12266 flaws in September 2019 and November 2020, respectively. The vendor addressed the unauthenticated access to the content of the SD card with the release of firmware updates on January 29, 2022.

IoT 74

IoT Firmware Marketing Authentication 74

Security Affairs

NOVEMBER 24, 2022

The Boa web server is widely used across a variety of devices, including IoT devices, and is often used to access settings and management consoles as well as sign-in screens. Researchers at Recorded Future observed several intrusion attempts on Indian critical infrastructure since 2020 and shared IOCs related to this campaign.

IoT 93

IoT Firmware Software Risk 93

Krebs on Security

MAY 22, 2023

pw has been registered and abandoned by several parties since 2014, but the most recent registration data available through DomainTools.com shows it was registered in March 2020 to someone in Krasnodar, Russia with the email address edgard011012@gmail.com. In May 2020, Zipper told another Lolzteam member that quot[.]pw

Scams 243

Scams DDOS Cryptocurrency Accountability 243

Security Affairs

JUNE 3, 2021

Researchers from Israeli IoT security firm Vdoo found multiple vulnerabilities in the Realtek RTL8170C Wi-Fi module that could allow to elevate privileges and hijack wireless communications. ” reads a reported published by Vdoo. .” The latest version of ambz2 SDK (7.1d) addresses the issues. Pierluigi Paganini.

Wireless 89

Wireless IoT Encryption Firmware 89

Malwarebytes

SEPTEMBER 3, 2021

The state of IoT is poor enough as it is, security wise. As we pointed out in our State of Malware report, published earlier this year, Malwarebytes recorded an eye-watering 607% increase in malware detections in the agriculture sector in 2020. Malwarebytes recorded a 607% increase in agriculture sector attacks in 2020.

Ransomware 138

Ransomware Manufacturing Passwords Internet 138

Security Affairs

MARCH 21, 2020

A new variant of the infamous Mirai malware, tracked as Mukashi, targets Zyxel network-attached storage (NAS) devices exploiting recently patched CVE-2020-9054 issue. According to Palo Alto researchers, threat actors exploited the recently patched CVE-2020-9054 vulnerability in Zyxel NAS. The vendor advisory is also available.

DDOS 103

DDOS Authentication Advertising Firmware 103

Security Affairs

APRIL 25, 2021

Researchers from Eye Security have found thousands of unpatched ABUS Secvest home alarm systems exposed online despite the vendor has addressed a critical bug (CVE-2020-28973) in January. ” states the report published by Eye security.

Firmware 112

Firmware Passwords Authentication Wireless 112

Security Affairs

JULY 28, 2020

In mid-June 2020, there were approximately 62,000 infected devices worldwide; of these, approximately 7,600 were in the United States and 3,900 were in the United Kingdom.” The experts observed that once a device has been infected, the malicious code can prevent the installation of firmware updates. ” reads the alert.

Malware 105

Malware Firmware Advertising Manufacturing 105

Security Affairs

APRIL 2, 2021

Security researchers at SAM Seamless Network discovered a couple of critical unpatched flawsin QNAP small office/home office (SOHO) network-attached storage (NAS) devices that could allow remote attackers to execute arbitrary code on vulnerable devices. October 23, 2020 – Sent another e-mail to QNAP security team.

Firmware 73

Firmware Internet Internet Authentication 73

Security Affairs

JULY 1, 2020

ZDI reported the flaws to the vendor in November 2019, January and February 2020. “The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to update to the most recent firmware version and to replace end-of-life devices that are no longer supported with security patches.”

Authentication 129

Authentication Firmware Hacking Mobile 129

Security Boulevard

FEBRUARY 28, 2021

roundup of UK focused Cyber and Information Security News, Blog Posts, Reports and general Threat Intelligence from the previous calendar month, February 2021. I wrote a blog post about my concerns given Linux is embedded everywhere, yet many of these systems are rarely, and even never updated with security updates.

Energy and Utilities 145

Energy and Utilities Ransomware DDOS Accountability 145

ForAllSecure

AUGUST 2, 2022

And, there’s thirty more villages including Girls Hack Village, the Voting Machine Hacking village, the IoT Village, and the Bio Hacking village. Anyone who has anyone in the information security community is usually melting under the hot Nevada sun. In each you will find people with like interests. is or what it controls.

Hacking 40

Hacking Computers and Electronics InfoSec Software 40