2021, Authentication, Firmware and VPN - Cyber Security Informer

UDP Technology IP Camera firmware vulnerabilities allow for attacker to achieve root

Malwarebytes

JULY 28, 2021

Researchers at RandoriSec have found serious vulnerabilities in the firmware provided by UDP Technology to Geutebrück and many other IP camera vendors. According to the researchers the firmware supplier UDP Technology fails to respond to their reports despite numerous mails and LinkedIn messages. History lessons.

Firmware

Firmware Technology Authentication IoT

Zyxel warns customers of attacks on its enterprise firewall and VPN devices

Security Affairs

JUNE 24, 2021

Networking equipment giant Zyxel warns customers of a series of attacks that have been targeting some of its enterprise firewall and VPN devices. Networking equipment vendor Zyxel warned its customers of a series of attacks that have been targeting some of its enterprise firewall and VPN server solutions. Pierluigi Paganini.

VPN

VPN Firewall Firmware Authentication

Cybersecurity Agencies Reveal the Top Exploited Vulnerabilities of 2021

eSecurity Planet

APRIL 28, 2022

cybersecurity agencies joined their counterparts around the globe to urge organizations to address the top 15 vulnerabilities exploited in 2021. The advisory entails the top 15 Common Vulnerabilities and Exposures (CVEs) that were routinely exploited by malicious cyber actors in 2021, plus another 21 frequently exploited CVEs.

Cybersecurity

Cybersecurity Software Firmware Internet

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

335,923 out of 489,337 Fortinet firewalls vulnerable to CVE-2023-27997

Security Affairs

JULY 3, 2023

Researchers reported that there are 490,000 Fortinet firewalls exposing SSL VPN interfaces on the internet, and roughly 69% of them are still vulnerable to CVE-2023-27997. For this reason, if the customer has SSL-VPN enabled, Fortinet is advising customers to take immediate action to upgrade to the most recent firmware release.

Firewall

Firewall VPN Firmware Internet

NSA, CISA Release Guidance for Choosing and Hardening VPNs

eSecurity Planet

OCTOBER 1, 2021

The National Security Agency (NSA) and the Cybersecurity and Infrastructure Security Agency (CISA) have released guidance and best practices for securing virtual private network (VPN) solutions. What might be most striking about the document is how many security steps and solutions it takes to properly secure VPN connections.

VPN

VPN Authentication Passwords Software

The Biggest Lessons about Vulnerabilities at RSAC 2021

eSecurity Planet

MAY 28, 2021

We look at three RSAC 2021 sessions and some of the most daunting vulnerabilities presented by the SANS Institute, Cybersecurity and Infrastructure Security Agency (CISA), and Varonis Systems. Also Read: And the Winner of the 2021 RSA Innovation Contest is… SANS: Five dangerous new attack techniques and vulnerabilities.

Software

Software Firmware DNS VPN

Organizations Need a New NetSec Approach, Reveals Verizon’s 2021 Mobile Security Index

Thales Cloud Protection & Licensing

APRIL 20, 2021

Organizations Need a New NetSec Approach, Reveals Verizon’s 2021 Mobile Security Index. Tue, 04/20/2021 - 11:33. In the MSI 2021, more than half of respondents told Verizon that their organizations allowed employees to access corporate IT assets over public Wi-Fi. Verizon’s MSI 2021, page 72. Verizon’s MSI 2021, page 73.

Mobile

Mobile Architecture Data breaches Authentication

Experts found backdoors in a popular Auerswald VoIP appliance

Security Affairs

DECEMBER 27, 2021

The researchers performed reverse engineering of the firmware image for the COMpact 5500, version 7.8A However, it turns out that this information is not so secret after all, but can be retrieved without authentication from the path /about_state” reads the analysis published by the experts. “Firmware Update 8.2B

Firmware

Firmware Manufacturing Passwords Penetration Testing

SonicWall finally fixed a flaw resulting from a partially patched 2020 zero-day

Security Affairs

JUNE 23, 2021

A critical vulnerability, tracked as CVE-2021-20019 , in SonicWall VPN appliances was only partially patched last year and could allow a remote attacker to steal sensitive data. The flaw resides in the HTTP/HTTPS service used for product management as well as SSL VPN remote access. “An reads the analysis published by Tripwire.

VPN

VPN Firewall Firmware Authentication

Defending Against Misconfigured MFA & PrintNightmare Vulnerabilities

eSecurity Planet

MARCH 21, 2022

Using misconfigured multi-factor authentication (MFA) and an unpatched Windows vulnerability, Russian state-sponsored hackers were able to breach a non-governmental organization (NGO) and escalate privileges, the Cybersecurity and Infrastructure Security Agency (CISA) and the FBI revealed last week. Network Best Practices.

VPN

VPN Accountability Authentication Passwords

Vulnerability Recap 5/20/24 – Patch Tuesday, Chrome & D-Link

eSecurity Planet

MAY 20, 2024

doesn’t always require authentication for SSID during a Wi-Fi session. It’s also possible that your VPN app will automatically disable the VPN once your device connects to a supposedly trusted Wi-Fi network, according to the researchers at Top10VPN.

VPN

VPN Firmware Malware Software

Russia-linked threats actors exploited default MFA protocol and PrintNightmare bug to compromise NGO cloud

Security Affairs

MARCH 16, 2022

The nation-state actors gained access to the network by exploiting default MFA protocols and the Windows Print Spooler vulnerability, “PrintNightmare” ( CVE-2021-34527 ), reads the advisory. Update software, including operating systems, applications, and firmware on IT network assets in a timely manner. ” continues the analysis.

Accountability

Accountability Passwords Authentication Firmware

Two critical flaws affect CODESYS ICS Automation Software

Security Affairs

JUNE 27, 2022

The timeline of the issues is: On September 15, 2021 ?Started Started research on ABB AC series PLC & CODESYS V2 runtime On September 29, 2021, 3 vulnerabilities about CODESYS V2 runtime were submitted to codesys On October 25, 2021, codesys published a security advisory and a latest version of CODESYS V2 runtime 2.4.7.56

Software

Software Manufacturing Firmware Risk

CISA is warning of vulnerabilities in GE Power Management Devices

Security Affairs

MARCH 23, 2021

“GE strongly recommends users with impacted firmware versions update their UR devices to UR firmware Version 8.10, or greater to resolve these vulnerabilities. GE provides additional mitigations and information about these vulnerabilities in GE Publication Number: GES-2021-004 (login required).”

Firmware

Firmware VPN Firewall Risk

FBI warns of ransomware attacks targeting the food and agriculture sector

Security Affairs

SEPTEMBER 3, 2021

.” The PIN provides a series of examples of ransomware attacks impacting food and agriculture sector businesses, such as an attack that took place in January 2021 against an identified US farm that resulted in losses of approximately $9 million due to the disruption of the farming operations. Consider installing and using a VPN.

Ransomware

Ransomware Passwords Backups Firmware

Ransomware: February 2022 review

Malwarebytes

MARCH 10, 2022

Observed since: July 2021 Ransomware note: BlackByteRestore.txt Ransomware extension: BlackByte Kill Chain: Some victims reported that attackers used known Microsoft Exchange Server vulnerabilities to gain access to their networks. > Observed since: January 2021 Ransomware note: BackFiles_encoded01.txt LockBit 2.0.

Ransomware

Ransomware Phishing Accountability Technology

Lapsus$: The New Name in Ransomware Gangs

Security Boulevard

MARCH 15, 2022

The LHR was created to limit Ethereum mining capabilities in the NVidia RTX 30 series graphics cards, after the cryptomining community depleted the stock in early 2021. The ransomware group specified that “they are not looking for data” but rather to buy remote VPN access to the corporate network. But first things first.

Ransomware

Ransomware Telecommunications Firmware Media

Avoslocker ransomware gang targets US critical infrastructure

Security Affairs

MARCH 19, 2022

The AvosLocker ransomware-as-a-service emerged in the threat landscape in September 2021, since January the group expanded its targets by implementing the support for encrypting Linux systems, specifically VMware ESXi servers. Install updates/patch operating systems, software, and firmware as soon as updates/patches are released.

Ransomware

Ransomware DDOS Passwords Backups

Remotely Accessing Secure Kali Pi

Kali Linux

NOVEMBER 27, 2022

To enable wireless support, we need to find: The kernel Wi-Fi modules that need to be in the initramfs (Depends on hardware) The Wi-Fi firmware files that need to be in the initramfs (Depends on hardware) The Wireless interface name (Kali defaults to: wlan0 ) Additional packages to increase functionally. bin firmware: brcm/brcmfmac*-sdio.*.txt

Firmware

Firmware Wireless Passwords VPN

FBI warns of increase in PYSA ransomware attacks targeting education

Malwarebytes

MARCH 17, 2021

link] pic.twitter.com/NOPAcEFxM8 — FBI Buffalo (@FBIBuffalo) March 16, 2021. To prevent attacks: Install security updates for operating systems, software, and firmware as soon as they are released. Use multi-factor authentication wherever possible. Consider installing and using a VPN.

Education

Education Ransomware Phishing Passwords

Advanced threat predictions for 2023

SecureList

NOVEMBER 14, 2022

In another publication , Google also followed up on the activities of a similar vendor named Cytrox that had leveraged four 0-day vulnerabilities in a 2021 campaign. Okta was breached through one of its service providers, Sitel, itself compromised via the insecure VPN gateway of a recently acquired company.

Firmware

Firmware Surveillance Mobile Telecommunications

FBI and CISA are warning of APT actors targeting Fortinet FortiOS servers

Security Affairs

APRIL 2, 2021

In March 2021, government experts observed state sponsored hackers scanning the internet for servers vulnerable to the above flaws, the attackers were probing systems on ports 4443, 8443, and 10443. Install updates/patch operating systems, software, and firmware as soon as updates/patches are released. •

Passwords

Passwords Government Firmware Accountability

Threat spotlight: Conti, the ransomware used in the HSE healthcare attack

Malwarebytes

MAY 28, 2021

According to Coveware, a company that offers incident response services to organizations impacted by ransomware attacks, Conti is the second most common ransomware family that victim organizations have reported in the first quarter of 2021. Install updates/patch operating systems, software, and firmware as soon as they are released.

Healthcare

Healthcare Ransomware Encryption Passwords

Cyber Security Informer

UDP Technology IP Camera firmware vulnerabilities allow for attacker to achieve root

Zyxel warns customers of attacks on its enterprise firewall and VPN devices

Webinars

Trending Sources

Cybersecurity Agencies Reveal the Top Exploited Vulnerabilities of 2021

Webinars

335,923 out of 489,337 Fortinet firewalls vulnerable to CVE-2023-27997

NSA, CISA Release Guidance for Choosing and Hardening VPNs

The Biggest Lessons about Vulnerabilities at RSAC 2021

Organizations Need a New NetSec Approach, Reveals Verizon’s 2021 Mobile Security Index

Experts found backdoors in a popular Auerswald VoIP appliance

SonicWall finally fixed a flaw resulting from a partially patched 2020 zero-day

Defending Against Misconfigured MFA & PrintNightmare Vulnerabilities

Vulnerability Recap 5/20/24 – Patch Tuesday, Chrome & D-Link

Russia-linked threats actors exploited default MFA protocol and PrintNightmare bug to compromise NGO cloud

Two critical flaws affect CODESYS ICS Automation Software

CISA is warning of vulnerabilities in GE Power Management Devices

FBI warns of ransomware attacks targeting the food and agriculture sector

Ransomware: February 2022 review

Lapsus$: The New Name in Ransomware Gangs

Avoslocker ransomware gang targets US critical infrastructure

Remotely Accessing Secure Kali Pi

FBI warns of increase in PYSA ransomware attacks targeting education

Advanced threat predictions for 2023

FBI and CISA are warning of APT actors targeting Fortinet FortiOS servers

Threat spotlight: Conti, the ransomware used in the HSE healthcare attack

Stay Connected