Thales Cloud Protection & Licensing

MARCH 17, 2022

Enhance your security posture by detecting risks on authenticator devices. Thu, 03/17/2022 - 09:46. Not only are mobile devices used as end points to access corporate mail and other enterprise applications, they are also frequently used as authentication devices. Anonymous (not verified). Continuous Risk Detection.

Authentication 62

Authentication Risk Mobile Computers and Electronics 62

The Hacker News

MAY 13, 2022

SonicWall has published an advisory warning of a trio of security flaws in its Secure Mobile Access (SMA) 1000 appliances, including a high-severity authentication bypass vulnerability. The weaknesses in question impact SMA 6200, 6210, 7200, 7210, 8000v running firmware versions 12.4.0 and 12.4.1.

Firmware 88

Firmware Mobile Authentication 88

Security Affairs

SEPTEMBER 7, 2022

Zyxel addressed a critical vulnerability, tracked as CVE-2022-34747 , impacting its network-attached storage (NAS) devices. The CVE-2022-34747 (CVSS score: 9.8) flaw is classified as a format string vulnerability that resides in Zyxel NAS326 firmware versions prior to V5.21(AAZF.12)C0. 11)C0 and earlier V5.21(AAZF.12)C0

Firewall 83

Firewall Firmware Authentication VPN 83

Malwarebytes

MARCH 10, 2022

In this February 2022 ransomware review, we go over some the most successful ransomware incidents based on both open source and dark web intelligence. Observed since: February 2022 Ransomware note: read_me.html Ransomware extension: <original file name> [vote2024forjb@protonmail[.]com].encryptedJB SFile (Escal).

Ransomware 69

Ransomware Phishing Accountability Technology 69

Security Affairs

MAY 11, 2023

.” The vulnerabilities, tracked as CVE-2023-27357 , CVE-2023-27367 , CVE-2023-27368 , CVE-2023-27369 , CVE-2023-27370 , were demonstrated by Claroty researchers during the 2022 Pwn2Own Toronto hacking contest as part of an exploit. “NETGEAR strongly recommends that you download the latest firmware as soon as possible.”

Hacking 95

Hacking Firmware Authentication DNS 95

Security Affairs

JUNE 12, 2022

By using the manufacturer’s built-in ports, we were able to manipulate on-board components and interact with the device.Combining both known and novel techniques, we were able to achieve root access to the device’s operating system and pull its firmware for emulation and vulnerability discovery.” Overall 4.8. Overall 4.8.

Firmware 87

Firmware Penetration Testing Manufacturing Authentication 87

Malwarebytes

FEBRUARY 16, 2023

Security researcher Yerodin Richards has found an authenticated remote code execution (RCE) vulnerability in Arris routers. According to Richards, when he contacted Arris (acquired by CommScope), the company said the devices running the vulnerable firmware are end-of-life (EOL) and are no longer supported by the company.

Firmware 98

Firmware Authentication Passwords Internet 98

Security Affairs

MARCH 9, 2022

Two of the TLStorm vulnerabilities reside in the TLS implementation used by Cloud-connected Smart-UPS devices, while the third one is a design flaw in the firmware upgrade process of Smart-UPS devices. The researchers discovered that the firmware upgrades are not properly signed and validated.

Firmware 92

Firmware IoT Authentication Backups 92

Security Affairs

APRIL 1, 2022

Networking equipment vendor Zyxel has pushed security updates for a critical flaw, tracked as CVE-2022-0342 (CVSS 9.8), that affects some of its business firewall and VPN products. “Zyxel has released patches for products affected by the authentication bypass vulnerability. Patch 5 in May 2022. Patch 5 in May 2022.

Firewall 87

Firewall VPN Firmware Authentication 87

Security Affairs

NOVEMBER 10, 2022

The vulnerability, CVE-2022-0902 (CVSS score: 8.1), is a path-traversal issue that can be exploited by an attacker to inject and execute arbitrary code. “Team82 found a high-severity path-traversal vulnerability (CVE-2022-0902) in ABB’s TotalFlow Flow Computers and Remote Controllers. .”

Firmware 130

Firmware Authentication Passwords Manufacturing 130

Security Affairs

MAY 4, 2023

In order to exploit the flaw, an attacker has to upgrade an affected device to a crafted version of the firmware. “This vulnerability is due to a missing authentication process within the firmware upgrade function.” “Cisco has not released firmware updates to address this vulnerability.

Firmware 85

Firmware Education Media Authentication 85

Malwarebytes

APRIL 4, 2022

Zyxel says the vulnerability, listed as CVE-2022-0342 , is an authentication bypass vulnerability caused by the lack of a proper access control mechanism, which has been found in the CGI program of some firewall versions. The flaw could allow an attacker to bypass the authentication and obtain administrative access of the device.

Firewall 76

Firewall Firmware VPN Authentication 76

Digital Shadows

NOVEMBER 10, 2022

Sporting events, like the upcoming FIFA World Cup Qatar 2022 (Qatar 2022 World Cup), attract massive attention from every corner of the world. After triaging said incidents to remove false positives, we collected the true positive incidents to analyze them and better comprehend how attackers were targeting the Qatar 2022 World Cup.

Cyber threats 52

Cyber threats Media Social Engineering Mobile 52

Security Affairs

MARCH 22, 2023

The experts discovered four vulnerabilities in the Netgear Orbi mesh wireless system, the most critical one is a critical remote code vulnerability, tracked as CVE-2022-37337 (CVSS v3.1: “An attacker can make an authenticated HTTP request to trigger this vulnerability.” ” states Talos. on January 19, 2023.

Wireless 89

Wireless Firmware Authentication Passwords 89

Malwarebytes

OCTOBER 18, 2022

Europol said it's supported the investigation since March 2022 by providing extensive analysis and the dissemination of intelligence packages to each of the affected countries. Vulnerabilities in the keyless entry systems have been found in the firmware of other car manufactures. Mitigation.

Firmware 84

Firmware Manufacturing Software Authentication 84

eSecurity Planet

JULY 8, 2022

“With a cyberattack, it’s more than just data that needs protecting—at risk is really the entire physical infrastructure from applications and operating systems down to low-level firmware and BIOS. Identity and access management with role-based access control and multi-factor authentication is available.

Backups 128

Backups Ransomware Technology Marketing 128

Security Affairs

AUGUST 13, 2023

The CVE-2022-47391 received a severity rating of 7.5, The experts pointed out that the exploiting the vulnerabilities requires user authentication, as well as deep knowledge of the proprietary protocol of CODESYS V3 and the structure of the different services that the protocol uses. ” reads the advisory published by Microsoft.

Authentication 88

Authentication Firmware Hacking Passwords 88

eSecurity Planet

JANUARY 16, 2024

Potential results of the exploits include authentication bypass and command injection. January 11, 2024 Smart Thermostat from Bosch Puts Offices in Danger Type of vulnerability: Malicious commands sent from an attacker to the thermostat, including potentially replacing firmware with rogue code. Versions 9.x

Firewall 97

Firewall Firmware IoT Authentication 97

Malwarebytes

MARCH 9, 2022

The updates for Microsoft’s March 2022 Patch Tuesday should fix 92 vulnerabilities, including three zero-day vulnerabilities. CVE-2022-21990 : A Remote Desktop Client remote code execution vulnerability. CVE-2022-24512 : A.NET and Visual Studio Remote Code Execution vulnerability. Remote Desktop Client. Exchange Server.

Authentication 95

Authentication Firmware Accountability 95

Malwarebytes

JANUARY 12, 2022

Microsoft yesterday released the first patch Tuesday security updates of the year 2022. Microsoft has a technology called Active Directory that allows workstations to authenticate with a “domain controller.” It’s unclear if Server 2022 is similarly impacted. CVE-2022-21836 allows an attacker to bypass a security feature.

Authentication 111

Authentication Firmware Passwords Technology 111

Malwarebytes

APRIL 5, 2022

On April 4 2022, the Cybersecurity & Infrastructure Security Agency (CISA) added CVE-2021-45382 to its known exploited vulnerabilities catalog. As a general policy, when products reach EOS/EOL, they can no longer be supported, and all firmware development for these products cease. CISA catalog.

Firmware 144

Firmware Software Risk Authentication 144

The Last Watchdog

MAY 23, 2022

They require integrity, authentication, trusted identity and encryption. Protocols and policies setting new parameters for trusted connections are being hammered out and advanced encryption, authentication and data protection solutions are being ramped up. Related: Leveraging PKI to advance electronic signatures.

Digital transformation 214

Digital transformation Computers and Electronics Cybersecurity Encryption 214

Security Affairs

AUGUST 18, 2022

The PoC exploit code for a critical stack-based buffer overflow issue, tracked as CVE-2022-27255 (CVSS 9.8), affecting networking devices using Realtek’s RTL819x system on a chip was released online. ” reads the advisory published by Realtek, which published the issue in March 2022. exploits_nexx t: PoC and exploit code.

Firmware 145

Firmware IoT Hacking Authentication 145

Malwarebytes

OCTOBER 6, 2022

The critical Qualcomm vulnerabilities all relate to the WLAN component and have the following CVEs: CVE-2022-25748 has a CVSS score of 9.8 CVE-2022-25718 has a CVSS score of 9.1 CVE-2022-25720 has a CVSS score of 9.8 CVE-2022-25720 has a CVSS score of 9.8

Wireless 82

Wireless Mobile Encryption Firmware 82

SecureList

JULY 19, 2023

The connection to the remote SMB server sends the user’s Net-NTLMv2 hash in a negotiation message, which the threat actor can use to either: Relay for authentication against other systems that support NTLMv2 authentication. on 2022-05-17 14:21:25 UTC Target: Energy transportation critical infrastructure – PO Information!

Firmware 85

Firmware Internet Internet Government 85

Security Affairs

MARCH 3, 2023

Both vulnerabilities were reported in November 2022 by cybersecurity firm Quarkslab. “An authenticated, local attacker could send maliciously crafted commands to a vulnerable TPM allowing access to sensitive data. In some cases, the attacker can also overwrite protected data in the TPM firmware. ” states Quarkslab.

Firmware 97

Firmware IoT Authentication Hacking 97

Security Affairs

FEBRUARY 28, 2024

“As early as 2022, APT28 actors had utilized compromised EdgeRouters to facilitate covert cyber operations against governments, militaries, and organizations around the world.” Since September 2022, Moobot botnet was spotted targeting vulnerable D-Link routers. Upgrade to the latest firmware version.

Energy and Utilities 97

Energy and Utilities Government Firewall Malware 97

Security Boulevard

NOVEMBER 10, 2022

The vulnerability, CVE-2022-0902 (CVSS score: 8.1), is a path-traversal issue that can be exploited by an attacker to inject and execute arbitrary code. Team82 found a high-severity path-traversal vulnerability (CVE-2022-0902) in ABB’s TotalFlow Flow Computers and Remote Controllers. reads an advisory published by Claroty.

Firmware 98

Firmware Authentication Passwords Manufacturing 98

Malwarebytes

DECEMBER 19, 2023

According to the FBI, Play made around 300 victims between June 2022 and October 2023 among a wide range of businesses and critical infrastructure in North America, South America, and Europe. This means they steal data as well as encrypting systems and then threaten to publish the stolen data on their Dark Web leak site.

Ransomware 72

Ransomware Backups Encryption Firmware 72

Security Affairs

JUNE 27, 2022

Two of these vulnerabilities, tracked as CVE-2022-31805 and CVE-2022-31806, have been rated critical (CVSS scores: 9.8), 7 as high risk, and 2 as medium risk. recommending vendors who use CODESYS V2 Runtime to investigate themselves in time, and actively to fix and release the patched version of firmware.

Software 83

Software Manufacturing Firmware Risk 83

Security Affairs

JUNE 13, 2023

“For this reason, if the customer has SSL-VPN enabled, Fortinet is advising customers to take immediate action to upgrade to the most recent firmware release. The researcher describes the issue as a reachable pre-authentication that impacts every SSL VPN appliance. .” states the report published by Fortinet. through 6.2.13

Firewall 83

Firewall VPN Firmware Manufacturing 83

Krebs on Security

JUNE 15, 2023

The directive applies to any networking devices — such as firewalls, routers and load balancers — that allow remote authentication or administration. “This is reachable pre-authentication, on every SSL VPN appliance,” French vulnerability researcher Charles Fol tweeted. “Patch your #Fortigate.”

Risk 213

Risk VPN Internet Internet 213

SecureList

JUNE 8, 2022

Number of router vulnerabilities according to cve.mitre.org, 2010–2022 ( download ). Number of router vulnerabilities according to nvd.nist.gov, 2010–2022 ( download ). search for smart devices with the default password in the summer of last year revealed more than 27,000 hits, a similar search in April 2022 returned only 851.

DDOS 88

DDOS Passwords IoT Firmware 88

Security Affairs

MARCH 31, 2022

The three flaws reported by the cybersecurity firm are: An authentication bypass tracked CVE-2019-9564 A stack-based buffer overflow, tracked as CVE-2019-12266 , which could lead to remote control execution. The vendor addressed the unauthenticated access to the content of the SD card with the release of firmware updates on January 29, 2022.

IoT 74

IoT Firmware Marketing Authentication 74

Malwarebytes

AUGUST 16, 2022

The advisory contains indicators of compromise (IOCs) and tactics, techniques, and procedures (TTPs) associated with ransomware variants identified through FBI investigations as recently as June 21, 2022. Authentication. Require multifactor authentication wherever you can—particularly for webmail, VPNs, and critical systems.

Ransomware 80

Ransomware Backups Passwords Authentication 80

Malwarebytes

MAY 12, 2022

The Cybersecurity & Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) have updated their joint cybersecurity advisory, Strengthening Cybersecurity of SATCOM Network Providers and Customers , originally released March 17, 2022, with US government attribution to Russian state-sponsored malicious cyberactors.

Government 63

Government Firmware DDOS Cybersecurity 63

Malwarebytes

JULY 20, 2022

In April 2022, the FBI observed a payment of approximately $120,000 in Bitcoin into one of the seized cryptocurrency accounts identified thanks to the cooperation of the Kansas hospital. In May 2022, the FBI seized the contents of two cryptocurrency accounts that had received funds from the Kansas and Colorado health care providers.

Ransomware 89

Ransomware Cryptocurrency Healthcare Firmware 89