2021, Firmware, Information Security and Surveillance

2021

Firmware

Information Security

Surveillance

An RCE in Annke video surveillance product allows hacking the device

Security Affairs

AUGUST 27, 2021

Researchers from Nozomi Networks discovered a critical vulnerability that can be exploited to hack a video surveillance product made by Annke. The vulnerability, tracked as CVE-2021-32941 can be exploited by an attacker to hack a video surveillance product made by Annke, a provider of home and business security solutions.

Surveillance

Surveillance Hacking Firmware Manufacturing

White hat hackers gained access more than 150,000 surveillance cameras

Security Affairs

MARCH 10, 2021

A group of hackers claimed to have compromised more than 150,000 surveillance cameras at banks, jails, schools, and prominent companies like Tesla and Equinox. A group of US hackers claimed to have gained access to footage from 150,000 security cameras at banks, jails, schools, healthcare clinics, and prominent organizations.

Surveillance

Surveillance Hacking Banking Firmware

Join 29,000+

Insiders

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

Trending Sources

3.5m IP cameras exposed, with US in the lead

Security Affairs

DECEMBER 14, 2022

Businesses and homeowners increasingly rely on internet protocol (IP) cameras for surveillance. All too often, this gives them a false sense of security: when in fact, threat actors can not only access and watch your camera feed but exploit the unsecured device to hack into your network. This time, the Cybernews research team found 3.5

Surveillance

Surveillance Manufacturing Passwords Internet

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

Beastmode Mirai botnet now includes exploits for Totolink routers

Security Affairs

APRIL 2, 2022

The threat actors added TOTOLINK exploits just a week after the exploit codes were publicly released on GitHub in the attempt to compromise the largest number of devices as possible before the owners upgrade to the latest firmware releases. TOTOLINK has already addressed these flaws with the release of new firmware for vulnerable devices.

DDOS

DDOS Firmware Surveillance IoT

Experts observed for the first time FinFisher infections involving usage of a UEFI bootkit

Security Affairs

SEPTEMBER 28, 2021

Experts spotted a new variant of the FinFisher surveillance spyware that is able to hijack and replace the Windows UEFI bootloader to infect Windows machines. Kaspersky experts shared the results of an 8-months investigation into FinSpy spyware at the Security Analyst Summit (SAS) 2021.

Spyware

Spyware Surveillance Firmware Malware

Kalay cloud platform flaw exposes millions of IoT devices to hack

Security Affairs

AUGUST 17, 2021

Researchers at FireEye’s Mandiant have discovered a critical vulnerability, tracked as CVE-2021-28372, in a core component of the Kalay cloud platform which is used by millions of IoT devices from many vendors. This varies from device to device but typically is used for device telemetry, firmware updates, and device control.”

IoT

IoT Hacking Social Engineering Firmware

Security Affairs newsletter Round 376 by Pierluigi Paganini

Security Affairs

JULY 31, 2022

and Blackmatter ransomware U.S. increased rewards for info on North Korea-linked threat actors to $10 million Threat actors leverages DLL-SideLoading to spread Qakbot malware Zero Day attacks target online stores using PrestaShop? and Blackmatter ransomware U.S.

Firmware

Firmware Surveillance Malware DDOS

Google TAG shares details about exploit chains used to install commercial spyware

Security Affairs

MARCH 29, 2023

The initial landing page was observed hosting the exploits for a WebKit remote code execution zero-day ( CVE-2022-42856 ) and a sandbox escape ( CVE-2021-30900 ) issue. At the time of delivery, the latest Samsung firmware had not included a fix for this vulnerability. This vulnerability grants the attacker system access.

Spyware

Spyware Surveillance Firmware Internet

Swiss expert Till Kottmann indicted for conspiracy, wire fraud, and aggravated identity theft

Security Affairs

MARCH 21, 2021

Hackers also posted images captured from the hacked surveillance video on Twitter with an #OperationPanopticon hashtag, published images show that they have gained root shell access to the surveillance cameras used by Telsa and Cloudflare. ” If you want to receive the weekly Security Affairs Newsletter for free subscribe here.

Identity Theft

Identity Theft Computers and Electronics Surveillance Hacking

MoonBounce UEFI implant spotted in a targeted APT41 attack

Security Affairs

JANUARY 21, 2022

At the end of 2021, researchers discovered a UEFI firmware-level compromise by analyzing logs from its Firmware Scanner. Threat actors compromised a single component within the firmware image to intercept the original execution flow of the machine’s boot sequence and inject the sophisticated implant. Pierluigi Paganini.

Firmware

Firmware Malware Spyware Surveillance

Cyber Security Informer

An RCE in Annke video surveillance product allows hacking the device

White hat hackers gained access more than 150,000 surveillance cameras

Webinars

Trending Sources

3.5m IP cameras exposed, with US in the lead

Webinars

Beastmode Mirai botnet now includes exploits for Totolink routers

Experts observed for the first time FinFisher infections involving usage of a UEFI bootkit

Kalay cloud platform flaw exposes millions of IoT devices to hack

Security Affairs newsletter Round 376 by Pierluigi Paganini

Google TAG shares details about exploit chains used to install commercial spyware

Swiss expert Till Kottmann indicted for conspiracy, wire fraud, and aggravated identity theft

MoonBounce UEFI implant spotted in a targeted APT41 attack

Stay Connected