Security Affairs

JANUARY 1, 2021

Zyxel addressed a critical flaw in its firmware, tracked as CVE-2020-29583 , related to the presence of a hardcoded undocumented secret account. The Taiwanese vendor Zyxel has addressed a critical vulnerability in its firmware related to the presence of a hardcoded undocumented secret account. “Firmware version 4.60

Firewall 138

Firewall VPN Firmware Passwords 138

Security Affairs

DECEMBER 31, 2021

Researchers discovered multiple high-risk vulnerabilities affecting the latest firmware version for the Netgear Nighthawk R6700v3 router. Researchers from Tenable have discovered multiple vulnerabilities in the latest firmware version (version 1.0.4.120) of the popular Netgear Nighthawk R6700v3 WiFi router. Vendor supplies information.

Firmware 120

Firmware Encryption Authentication Passwords 120

Security Affairs

OCTOBER 26, 2021

“Unknown cyber criminals using Ranzy Locker ransomware had compromised more than 30 US businesses as of July 2021. Below are the recommended mitigations included in the alert: Implement regular backups of all data to be stored as air gapped, password protected copies offline. ” reads the flash alert. Pierluigi Paganini.

Ransomware 125

Ransomware Firmware Antivirus Accountability 125

SecureWorld News

AUGUST 8, 2022

Cybersecurity and Infrastructure Security Agency (CISA) and the Australian Cyber Security Centre (ACSC) released a joint Cybersecurity Advisory (CSA) providing details on the top malware strains of 2021. The top malware strains in 2021 included remote access Trojans (RATs), banking Trojans, information stealers, and ransomware.

Malware 86

Malware Banking Healthcare Penetration Testing 86

Security Affairs

SEPTEMBER 6, 2021

Netgear has released firmware updates to address high-severity vulnerabilities in more than a dozen of its smart switches used on businesses. Netgear has addressed three vulnerabilities tracked by the vendor as PSV-2021-0140, PSV-2021-0144, PSV-2021-0145 that received a CVSS score between 7.4 ” explained Coldwind.

Firmware 101

Firmware Authentication Passwords Hacking 101

Security Boulevard

FEBRUARY 28, 2021

A roundup of UK focused Cyber and Information Security News, Blog Posts, Reports and general Threat Intelligence from the previous calendar month, February 2021. The sudo vulnerability aka CVE-2001-3156 , seemed to go under the radar after it was announced and patches were released on 26th January 2021. Serious Linux Vulnerability.

Energy and Utilities 145

Energy and Utilities Ransomware DDOS Accountability 145

Malwarebytes

AUGUST 23, 2022

In September 2021 we told you about insecure Hikvision security cameras that were ready to be taken over remotely. No username or password is needed, nor are any actions needed from the camera owner, and the attack is not detectable by any logging on the camera itself. The vulnerability. The critical bug received a 9.8 Mitigation.

Firmware 85

Firmware VPN Internet Internet 85

Security Affairs

DECEMBER 27, 2021

The researchers performed reverse engineering of the firmware image for the COMpact 5500, version 7.8A The experts started investigating the password reset functionality that requests access to the web interface. “Equipped with this password we then could authenticate successfully. “Firmware Update 8.2B

Firmware 90

Firmware Manufacturing Passwords Penetration Testing 90

Security Affairs

SEPTEMBER 18, 2021

The flaws, tracked by the networking device vendor PSV-2021-0140, PSV-2021-0144, and PSV-2021-0145, impact the following models: GC108P GC108PP GS108Tv3 GS110TPP GS110TPv3 GS110TUP GS308T GS310TP GS710TUP GS716TP GS716TPP GS724TPP GS724TPv2 GS728TPPv2 GS728TPv2 GS750E GS752TPP GS752TPv2 MS510TXM MS510TXUP. .” “P.S.

Firmware 86

Firmware Engineering Passwords Hacking 86

Malwarebytes

SEPTEMBER 22, 2021

In a detailed post on Github , security researcher Watchful_IP describes how he found that the majority of the recent camera product ranges of Hikvision cameras are susceptible to a critical, unauthenticated, remote code execution (RCE) vulnerability, even with the latest firmware. Hangzhou Hikvision Digital Technology Co.,

Firmware 135

Firmware Surveillance Marketing VPN 135

Security Affairs

JANUARY 6, 2021

The Taiwanese vendor Zyxel has recently addressed a critical vulnerability in its firmware, tracked as CVE-2020-29583 , related to the presence of a hardcoded undocumented secret account. Firmware version 4.60 of Zyxel USG devices contains an undocumented account (zyfwp) with an unchangeable password. Firmware version 4.60

Firmware 108

Firmware Passwords Accountability VPN 108

Adam Shostack

JANUARY 3, 2021

Some lessons learned over the last few days: Apple has disabled single user mode as of Mojave, and many recovery options are not available if you use a firmware password. Do yours work? Do not forget that availability is a security property. Using a pi.hole made getting to Apple’s network Recovery Installer difficult.

Backups 100

Backups Firmware Passwords Internet 100

Malwarebytes

AUGUST 9, 2021

On August 3, 2021 a vulnerability that was discovered by Tenable was made public. The vulnerability is listed as CVE-2021-20090. Router firmware. Under the description of CVE-2021-20090 you will find: “a path traversal vulnerability in the web interfaces of Buffalo WSR-2533DHPL2 firmware version <= 1.02

Firmware 128

Firmware DDOS Internet Internet 128

Security Boulevard

JUNE 1, 2021

roundup of UK focused Cyber and Information Security News, Blog Posts, Reports and general Threat Intelligence from the previous calendar month, May 2021. Use of weak passwords was a common theme with the investigation, which concluded: weak default passwords cyber-criminals could hack were found on most of the routers.

Ransomware 105

Ransomware Passwords Scams Cyber Attacks 105

Security Affairs

AUGUST 23, 2022

Security researchers from CYFIRMA have discovered over 80,000 Hikvision cameras affected by a critical command injection vulnerability tracked as CVE-2021-36260. The Chinese vendor addressed the issue in September 2021, but tens of thousands of devices are yet to be patched. wrote the expert. “.

Hacking 112

Hacking Firmware Internet Internet 112

Thales Cloud Protection & Licensing

APRIL 20, 2021

Organizations Need a New NetSec Approach, Reveals Verizon’s 2021 Mobile Security Index. Tue, 04/20/2021 - 11:33. In the MSI 2021, more than half of respondents told Verizon that their organizations allowed employees to access corporate IT assets over public Wi-Fi. Verizon’s MSI 2021, page 72. Verizon’s MSI 2021, page 73.

Mobile 71

Mobile Architecture Data breaches Authentication 71

Security Affairs

SEPTEMBER 22, 2021

A critical issue, tracked as CVE-2021-36260, affects more than 70 Hikvision device models and can allow attackers to take over them. A critical vulnerability, tracked as CVE-2021-36260, affects more than 70 Hikvision camera and NVR models and can allow attackers to take over the devices. ” wrote the expert. Pierluigi Paganini.

Hacking 109

Hacking Firmware IoT Internet 109

SecureList

NOVEMBER 26, 2021

IT threat evolution Q3 2021. IT threat evolution in Q3 2021. IT threat evolution in Q3 2021. While tracking this threat actor in spring 2021, we discovered a newer version. Targeted attacks exploiting CVE-2021-40444. PC statistics. Mobile statistics. Targeted attacks. WildPressure targets macOS.

Malware 92

Malware Banking Energy and Utilities Accountability 92

CyberSecurity Insiders

NOVEMBER 25, 2021

From backdoors- As the Korean giant creates, validates and manufactures its computing devices all on its own, its every piece of hardware, wiring and firmware is securely drafted at its high secure R&D plants & factories in the world. Gift yourself a Samsung device from this Thanksgiving 2021 or Black Friday 2021 deals.

Mobile 132

Mobile Firmware Manufacturing Passwords 132

Security Affairs

AUGUST 2, 2021

An attacker could also push an insecure firmware upgrade to fully compromise the devices. The CVE-2021-37160 has yet to be addressed. Swisslog has released Nexus Control Panel version 7.2.5.7 that addresses most of the above vulnerabilities.

Healthcare 106

Healthcare Firmware Manufacturing Ransomware 106

Security Affairs

DECEMBER 14, 2022

Some of the most popular brands don’t enforce a strong password policy, meaning anyone can peer into their owners’ lives. million IP cameras exposed to the internet, signifying an eightfold increase since April 2021. The number of internet-facing cameras in the world is growing exponentially. Original post at [link].

Surveillance 126

Surveillance Manufacturing Passwords Internet 126

SecureList

SEPTEMBER 29, 2022

To address the vulnerability, Schneider Electric developed a new mechanism, Application Password, which should provide protection against unauthorized access to PLCs and unwanted modifications. CVE-2020-28212: authentication bypass without Application Password. In firmware versions prior to 2.7 Device reservation.

Firmware 88

Firmware Passwords Authentication Engineering 88

Security Affairs

JANUARY 25, 2022

Threat actors are actively exploiting a critical flaw (CVE-2021-20038) in SonicWall’s Secure Mobile Access (SMA) gateways addressed in December. Threat actors are actively exploiting a critical flaw, tracked as CVE-2021-20038 , in SonicWall’s Secure Mobile Access (SMA) gateways addressed by the vendor in December.

Mobile 87

Mobile Passwords Firmware Firewall 87

Security Affairs

NOVEMBER 10, 2022

The industrial automation giant ABB addressed the flaw with the release of firmware updates on July 14, 2022. “We chose the simplest approach, reading /etc/shadow and using hashcat cracking the root account password (which turned out to be root:root). ” reads an advisory published by Claroty. Pierluigi Paganini.

Firmware 128

Firmware Authentication Passwords Manufacturing 128

Security Affairs

MAY 25, 2021

“ TALOS-2021-1230 (CVE-2021-32457) and TALOS-2021-1231 (CVE-2021-32458) are elevation of privilege vulnerabilities that could allow an attacker to obtain elevate permissions on the targeted device. The flaws addressed by the security firm were reported by experts from Cisco Talos.

Network Security 114

Network Security Authentication Firmware Passwords 114

Malwarebytes

DECEMBER 16, 2021

In 2021’s final Patch Tuesday, Microsoft included a total of 67 fixes for security vulnerabilities. CVE-2021-42310 Microsoft Defender for IoT Remote Code Execution vulnerability. Due to a flaw in the password reset request process, an attacker can reset someone else’s password. The attack may be launched remotely.

Wireless 87

Wireless Passwords Firmware Authentication 87

Krebs on Security

AUGUST 12, 2022

It had the username and password for the system printed on the machine. That may be because the patches were included in version 4 of the firmware for the EAS devices, and many older models apparently do not support the new software. A Digital Alert Systems EAS encoder/decoder that Pyle said he acquired off eBay in 2019.

Firmware 209

Firmware Manufacturing Passwords Software 209

Security Affairs

DECEMBER 22, 2022

The most recent variant spotted by Microsoft spreads by exploiting vulnerabilities in Apache and Apache Spark ( CVE-2021-42013 and CVE-2022-33891 respectively) and also supports new DDoS attack capabilities. Ensure secure configurations for devices: Change the default password to a strong one, and block SSH from external access.

IoT 113

IoT DDOS Malware Firmware 113

eSecurity Planet

NOVEMBER 4, 2021

CWE-1277 : Firmware Not Updateable – firmware exploitation exposes the victim to a permanent risk without any possibility to patch weaknesses. Hackers may use firmware exploitation to compromise the network, as the firmware links the operating system and the hardware. The most popular firmware is BIOS and UEFI.

Software 114

Software Firmware Computers and Electronics Risk 114

Security Affairs

AUGUST 10, 2021

The Taiwanese vendor was informed of ongoing eCh0raix ransomware attacks that infected QNAP NAS devices using weak passwords. To achieve this, attackers are also leveraging CVE-2021-28799 to deliver the new eCh0raix ransomware variant to QNAP devices.” ” reads the report published by Palo Alto Researchers.

Ransomware 125

Ransomware Encryption Firmware Passwords 125

Security Affairs

SEPTEMBER 3, 2021

.” The PIN provides a series of examples of ransomware attacks impacting food and agriculture sector businesses, such as an attack that took place in January 2021 against an identified US farm that resulted in losses of approximately $9 million due to the disruption of the farming operations. Implement network segmentation.

Ransomware 94

Ransomware Passwords Backups Firmware 94

eSecurity Planet

APRIL 5, 2023

Tens of thousands of new security vulnerabilities are discovered each year; the value of CISA’s KEV catalog is that it helps organizations prioritize the software and firmware flaws that threat groups are actively exploiting — and many of those exploited flaws are older ones that users have failed to apply patches for.

Ransomware 126

Ransomware Firmware Cybersecurity Healthcare 126

Security Affairs

JULY 16, 2022

Critical flaw in Netwrix Auditor application allows arbitrary code execution CISA urges to fix multiple critical flaws in Juniper Networks products Threat actors exploit a flaw in Digium Phone Software to target VoIP servers Tainted password-cracking software for industrial systems used to spread P2P Sality bot Experts warn of attacks on sites using (..)

Firmware 93

Firmware Ransomware DDOS Cryptocurrency 93

Security Affairs

APRIL 23, 2021

The malware moves all files stored on the device to password-protected 7zip archives and demand the payment of a $550 ransom. The vendor recommends the use of strong passwords and to modify the default network port 8080 for accessing the NAS operating interface. qlocker @QNAP_nas — Jack Cable (@jackhcable) April 22, 2021.

Ransomware 115

Ransomware Backups Media Malware 115

Security Affairs

JANUARY 16, 2022

The threat actors behind the attacks were exploiting an improper authorization vulnerability, tracked as CVE-2021-28799 , that could allow them to log in to a NAS device. “A A ransomware campaign targeting QNAP NAS began the week of April 19th, 2021. Up to date apps and firmware seem not to help either.”

Ransomware 110

Ransomware Encryption Backups Firmware 110

Malwarebytes

OCTOBER 22, 2021

Unfortunately, in an echo of the Y2K bug, a flaw in some versions of GPSD could cause time to roll back after October 23, 2021. The buggy versions of the code reportedly subtract 1024 from the week number on October 24, 2021. Authentication mechanisms such as Time-based One-Time Password (TOTP) and Kerberos also rely heavily on time.

Authentication 144

Authentication System Administration Firmware Passwords 144

Security Affairs

FEBRUARY 28, 2024

The Mirai -based Moobot botnet was first documented by Palo Alto Unit 42 researchers in February 2021, in November 2021, it started exploiting a critical command injection flaw ( CVE-2021-36260 ) in the webserver of several Hikvision products. Upgrade to the latest firmware version.

Energy and Utilities 93

Energy and Utilities Government Firewall Malware 93