Security Affairs

JULY 17, 2021

Network equipment vendor D-Link has released a firmware hotfix to fix multiple vulnerabilities in the DIR-3040 AC3000-based wireless internet router. Network equipment vendor D-Link has released a firmware hotfix to address multiple vulnerabilities affecting the DIR-3040 AC3000-based wireless internet router. score of 7,5.

Firmware 117

Firmware Wireless Passwords Internet 117

Security Affairs

DECEMBER 8, 2021

The most severe vulnerabilities addressed by SonicWall are two critical stack-based buffer overflow vulnerabilities tracked as CVE-2021-20038 and CVE-2021-20045 respectively. This vulnerability affected SMA 200, 210, 400, 410 and 500v appliances firmware 10.2.0.8-37sv, ” reads the advisory for the CVE-2021-20038 flaw.

Authentication 113

Authentication Firmware Hacking Information Security 113

Security Affairs

AUGUST 24, 2021

Realtek published a security advisory on August 15 to warn customers about security updates to address vulnerabilities in its software developers kits (SDK) which is used by at least 65 separate vendors. On August 15, firmware security company IoT Inspector published details about the flaws. ” states SAM experts.

IoT 122

IoT Firmware Internet Internet 122

Security Affairs

MAY 25, 2021

Trend Micro fixed some flaws in Trend Micro Home Network Security devices that could be exploited to elevate privileges or achieve arbitrary authentication. Trend Micro fixed three vulnerabilities in Home Network Security devices that could be exploited to elevate privileges or achieve arbitrary authentication.

Network Security 116

Network Security Authentication Firmware Passwords 116

Security Affairs

JUNE 24, 2021

The threat actors are targeting the USG, ZyWALL, USG FLEX, ATP, and VPN series running on-premise ZLD firmware. link] pic.twitter.com/EpBsc715kI — JAMESWT (@JAMESWT_MHT) June 24, 2021. Upon accessing the devices, attackers then bypass authentication and establish SSL VPN tunnels with unknown user accounts (i.e.

VPN 109

VPN Firewall Firmware Authentication 109

Security Affairs

MARCH 9, 2022

Two of the TLStorm vulnerabilities reside in the TLS implementation used by Cloud-connected Smart-UPS devices, while the third one is a design flaw in the firmware upgrade process of Smart-UPS devices. The researchers discovered that the firmware upgrades are not properly signed and validated.

Firmware 92

Firmware IoT Authentication Backups 92

Security Affairs

NOVEMBER 10, 2022

The industrial automation giant ABB addressed the flaw with the release of firmware updates on July 14, 2022. The researchers initially discovered an authentication bypass issue, then explored the systems looking at functionalities available to authenticated users such as uploading and downloading configuration files.

Firmware 129

Firmware Authentication Passwords Manufacturing 129

Security Affairs

AUGUST 27, 2021

The vulnerability, tracked as CVE-2021-32941 can be exploited by an attacker to hack a video surveillance product made by Annke, a provider of home and business security solutions. ” reads the security advisory published by Nozomi Networks Labs. At the end of the process, the firmware was rewritten to the device’s memory.

Surveillance 99

Surveillance Hacking Firmware Manufacturing 99

Security Affairs

DECEMBER 14, 2022

million IP cameras exposed to the internet, signifying an eightfold increase since April 2021. While the default security settings have improved over the review period, some popular brands either offer default passwords or no authentication, meaning anyone can spy on the spies. The reign of a Chinese brand.

Surveillance 127

Surveillance Manufacturing Passwords Internet 127

Security Affairs

SEPTEMBER 2, 2021

As of today, the researchers discovered 16 security vulnerabilities, with 20 common vulnerability exposures (CVEs) already assigned and four vulnerabilities are pending CVE assignment from Intel and Qualcomm. Crashes generally trigger a fatal assertion, segmentation faults due to a buffer or heap overflow within the SoC firmware.

Firmware 88

Firmware Manufacturing IoT Technology 88

Security Affairs

JULY 3, 2023

For this reason, if the customer has SSL-VPN enabled, Fortinet is advising customers to take immediate action to upgrade to the most recent firmware release. The vulnerability was reported to Fortinet by the researcher Charles Fol and Dany Bach ( DDXhunter ) from Lexfo Security. states the report published by Fortinet.

Firewall 82

Firewall VPN Firmware Internet 82

Security Affairs

FEBRUARY 28, 2024

The Mirai -based Moobot botnet was first documented by Palo Alto Unit 42 researchers in February 2021, in November 2021, it started exploiting a critical command injection flaw ( CVE-2021-36260 ) in the webserver of several Hikvision products. Upgrade to the latest firmware version.

Energy and Utilities 95

Energy and Utilities Government Firewall Malware 95

Security Affairs

SEPTEMBER 3, 2021

.” The PIN provides a series of examples of ransomware attacks impacting food and agriculture sector businesses, such as an attack that took place in January 2021 against an identified US farm that resulted in losses of approximately $9 million due to the disruption of the farming operations. hard drive, storage device, the cloud).

Ransomware 95

Ransomware Passwords Backups Firmware 95

Security Affairs

JULY 31, 2022

and Blackmatter ransomware U.S. increased rewards for info on North Korea-linked threat actors to $10 million Threat actors leverages DLL-SideLoading to spread Qakbot malware Zero Day attacks target online stores using PrestaShop? and Blackmatter ransomware U.S. and Blackmatter ransomware U.S.

Firmware 71

Firmware Surveillance Malware DDOS 71

Security Affairs

APRIL 23, 2021

Recently QNAP addressed a critical authentication bypass issue, tracked as CVE-2021-28799 , in its Hybrid Backup Sync. If you are using a QNAP NAS device update the above apps and its firmware as soon as possible. qlocker @QNAP_nas — Jack Cable (@jackhcable) April 22, 2021. I can help recover data.

Ransomware 117

Ransomware Backups Media Malware 117

Security Affairs

NOVEMBER 17, 2021

Netgear addressed a code execution vulnerability, tracked as CVE-2021-34991, in its small office/home office (SOHO) devices. Netgear released security patches that fix the vulnerability in multiple devices and announced that it is testing additional firmware fixes. D6220 – 1.0.0.72 D8500 – 1.0.3.60

Firmware 102

Firmware Authentication Hacking Internet 102

Security Affairs

MARCH 16, 2022

The nation-state actors gained access to the network by exploiting default MFA protocols and the Windows Print Spooler vulnerability, “PrintNightmare” ( CVE-2021-34527 ), reads the advisory. Update software, including operating systems, applications, and firmware on IT network assets in a timely manner. ” continues the analysis.

Accountability 91

Accountability Passwords Authentication Firmware 91

Security Affairs

FEBRUARY 14, 2022

Secret Service (USSS) to provide information on BlackByte ransomware. As of November 2021, BlackByte ransomware had compromised multiple US and foreign businesses, including entities in at least three US critical infrastructure sectors (government facilities, financial, and food & agriculture).” ” reads the advisory.

Ransomware 88

Ransomware Accountability Firmware Antivirus 88

Security Affairs

APRIL 2, 2021

Security researchers at SAM Seamless Network discovered a couple of critical unpatched flawsin QNAP small office/home office (SOHO) network-attached storage (NAS) devices that could allow remote attackers to execute arbitrary code on vulnerable devices. February 12, 2021 – Grace period has elapsed. ” continues the advisory.

Firmware 72

Firmware Internet Internet Authentication 72

Security Affairs

MARCH 23, 2021

The vendor released security updates for all these devices and urges customers to update their installs, it also released mitigations to address the flaws. “GE strongly recommends users with impacted firmware versions update their UR devices to UR firmware Version 8.10, or greater to resolve these vulnerabilities.

Firmware 77

Firmware VPN Firewall Risk 77

Security Affairs

MARCH 19, 2022

The AvosLocker ransomware-as-a-service emerged in the threat landscape in September 2021, since January the group expanded its targets by implementing the support for encrypting Linux systems, specifically VMware ESXi servers. Install updates/patch operating systems, software, and firmware as soon as updates/patches are released.

Ransomware 96

Ransomware DDOS Passwords Backups 96

Security Affairs

JUNE 27, 2022

The timeline of the issues is: On September 15, 2021 ?Started Started research on ABB AC series PLC & CODESYS V2 runtime On September 29, 2021, 3 vulnerabilities about CODESYS V2 runtime were submitted to codesys On October 25, 2021, codesys published a security advisory and a latest version of CODESYS V2 runtime 2.4.7.56

Software 82

Software Manufacturing Firmware Risk 82

Security Affairs

APRIL 19, 2023

The joint advisory provides detailed info on tactics, techniques, and procedures (TTPs) associated with APT28’s attacks conducted in 2021 that exploited the flaw in Cisco routers. The Russia-linked APT28 conducted the attacks in 2021 and targeted a small number of entities in Europe, U.S. ” reads the joint advisory. through 12.4

Malware 84

Malware Firmware Government Education 84

Security Affairs

JUNE 23, 2021

A critical vulnerability, tracked as CVE-2021-20019 , in SonicWall VPN appliances was only partially patched last year and could allow a remote attacker to steal sensitive data. This flaw exists pre-authentication and within a component (SSLVPN) which is typically exposed to the public Internet.”. Pierluigi Paganini.

VPN 84

VPN Firewall Firmware Authentication 84

Malwarebytes

MARCH 17, 2021

link] pic.twitter.com/NOPAcEFxM8 — FBI Buffalo (@FBIBuffalo) March 16, 2021. To prevent attacks: Install security updates for operating systems, software, and firmware as soon as they are released. Use multi-factor authentication wherever possible. Disable unused RDP ports and monitor remote access/RDP logs.

Education 107

Education Ransomware Phishing Passwords 107

Security Affairs

JUNE 15, 2021

The Resecurity® HUNTER unit has identified a new tool available for sale in the Dark Web called MASQ , enabling bad actors to emulate device fingerprints thus allowing them to bypass fraud protection controls, including authentication mechanisms. The latest release has been dated June 13, 2021. Current version of MASQ – 0.198.

Mobile 121

Mobile Authentication Accountability Cyber threats 121

Security Affairs

JUNE 3, 2021

.” The vulnerabilities impact all embedded and IoT devices that use the Realtek RTL8710C module, they could be exploited only by attackers on the same Wi-Fi network or know the network’s pre-shared key (PSK) used to authenticate wireless clients on local area networks. The latest version of ambz2 SDK (7.1d) addresses the issues.

Wireless 87

Wireless IoT Encryption Firmware 87

Security Affairs

APRIL 2, 2021

In March 2021, government experts observed state sponsored hackers scanning the internet for servers vulnerable to the above flaws, the attackers were probing systems on ports 4443, 8443, and 10443. Implement a recovery plan to restore sensitive or proprietary data from a physically separate, segmented, secure location (e.g.,

Passwords 65

Passwords Government Firmware Accountability 65

eSecurity Planet

MAY 28, 2021

We look at three RSAC 2021 sessions and some of the most daunting vulnerabilities presented by the SANS Institute, Cybersecurity and Infrastructure Security Agency (CISA), and Varonis Systems. Also Read: And the Winner of the 2021 RSA Innovation Contest is… SANS: Five dangerous new attack techniques and vulnerabilities.

Software 99

Software Firmware DNS VPN 99

Malwarebytes

MAY 28, 2021

According to Coveware, a company that offers incident response services to organizations impacted by ransomware attacks, Conti is the second most common ransomware family that victim organizations have reported in the first quarter of 2021. Install updates/patch operating systems, software, and firmware as soon as they are released.

Healthcare 108

Healthcare Ransomware Encryption Passwords 108

McAfee

AUGUST 24, 2021

Though this partnership, our research led us to discover five previously unreported vulnerabilities in the medical system which include: CVE-2021-33886 – Use of Externally-Controlled Format String (CVSS 7.7). CVE-2021-33885 – Insufficient Verification of Data Authenticity (CVSS 9.7). Braun on January 11, 2021.

Computers and Electronics 145

Computers and Electronics Authentication Software Risk 145

Security Affairs

DECEMBER 27, 2021

The researchers performed reverse engineering of the firmware image for the COMpact 5500, version 7.8A The researchers used Ghidra for their analysis, it is the open-source reverse engineering tool developed by the US National Security Agency (NSA). . “Equipped with this password we then could authenticate successfully.

Firmware 91

Firmware Manufacturing Passwords Penetration Testing 91

Security Affairs

JULY 19, 2021

Security researchers demonstrated how to bypass the Windows Hello facial recognition that is used in Windows 10 as a login mechanism. Microsoft already fixed the vulnerability with the release of July Patch Tuesday security updates. For more information, please see CVE-2021-34466: [link].

Manufacturing 116

Manufacturing Authentication Firmware Hacking 116

ForAllSecure

JUNE 8, 2022

So I haven't tried that activity but that was one of the observations I had during the talk because when I was programming or like developing the Tesla key app, I had a lot of messages going back and forth and that was just one observation that this token which is used for authentication requests. Let's give it a try. I gave it a try.

Hacking 52

Hacking Manufacturing Encryption Wireless 52

Security Affairs

MARCH 20, 2022

15, 2021, U.S. The risk of cyber attacks is growing with services in any industry increasing reliance on satellite-dependent technologies. Not only cyber attacks. Have Russia weapons to destroy satellites? officials detected a dangerous new debris field in orbit near Earth.

Cyber Attacks 85

Cyber Attacks Digital transformation Firmware Internet 85

eSecurity Planet

NOVEMBER 7, 2022

In 2021, Connelly and other researchers presented a new paper outlining an approach to detecting rootkits similar to CloudSkulk. Firmware Rootkit. A firmware rootkit uses device or platform firmware to create a persistent malware image in the router, network card, hard drive or the basic input/output system (BIOS).

Firmware 109

Firmware Malware Antivirus Firewall 109

ForAllSecure

FEBRUARY 10, 2021

As Stuart Brand said back in 1984 “information wants to be free.” ” So should analyzing a device’s firmware for security flaws be considered illegal? In April of 2021, the Library of Congress will again review new exemption requests.

InfoSec 52

InfoSec Manufacturing Technology Software 52