Security Affairs

DECEMBER 24, 2022

Security researcher ReSolver announced the discovery of hardcoded credentials (CVE-2022-40602) in ZyXEL LTE3301-M209 LTE indoor routers. “The firmware is basically a merge of 3 sections, the LZMA section is the kernel, at 0x148CD6 the root-fs and at 0x90BD36 the www content.” 13 Sep 2022: Details sent to ZyXEL.

Firmware 98

Firmware Passwords Hacking Cybersecurity 98

Security Affairs

MAY 4, 2023

In order to exploit the flaw, an attacker has to upgrade an affected device to a crafted version of the firmware. “This vulnerability is due to a missing authentication process within the firmware upgrade function.” “Cisco has not released firmware updates to address this vulnerability.

Firmware 84

Firmware Education Media Authentication 84

Heimadal Security

DECEMBER 22, 2022

A firmware bug in Corsair’s K100 keyboards, rather than malware, is causing previously entered text to be auto-typed into applications days later. Initially reported on the Corsair forums in August 2022, the behavior left people puzzled and concerned that some form of keylogging or […].

Firmware 85

Firmware Malware Cybersecurity 85

Heimadal Security

APRIL 27, 2023

The flaw in the TP-Link Archer AX21 firmware was discovered back in December 2022, and the company released a patch in March.

Firmware 89

Firmware DDOS IoT Cybersecurity 89

Security Affairs

MAY 25, 2023

The vulnerabilities were reported to the company on December 23, 2022 through Trend Micro’s Zero Day Initiative (ZDI). “Please note that this is a device beta software, beta firmware, or hot-fix release which is still undergoing final testing before its official release. ” We are in the final!

Firmware 92

Firmware Authentication Software Hacking 92

Security Affairs

JUNE 12, 2022

By using the manufacturer’s built-in ports, we were able to manipulate on-board components and interact with the device.Combining both known and novel techniques, we were able to achieve root access to the device’s operating system and pull its firmware for emulation and vulnerability discovery.” Overall 4.8. Overall 4.8.

Firmware 85

Firmware Penetration Testing Manufacturing Authentication 85

Security Affairs

MAY 13, 2022

Zyxel has moved to address a critical security vulnerability (CVE-2022-30525, CVSS score: 9.8) Zyxel silently addressed the flaw by releasing security updates on April 28, 2022, Rapid7 pointed out that this choice leaves defenders in the dark and only advantage the attackers. If possible, enable automatic firmware updates.

Firewall 70

Firewall Firmware VPN Wireless 70

Security Affairs

MAY 16, 2022

Researchers devised an attack technique to tamper the firmware and execute a malware onto a Bluetooth chip when an iPhone is “off.” Unlike NFC and UWB chips, the Bluetooth firmware is neither signed nor encrypted opening the doors to modification. To nominate, please visit:?

Malware 95

Malware Wireless Firmware Mobile 95

Hacker Combat

SEPTEMBER 22, 2022

CVE-2022-3183 through CVE-2022-3189 are the CVE identifiers given to the seven vulnerabilities. A blog article from Claroty outlines the more critical vulnerabilities. The vendor has released firmware version 1.42.06162022 to address the problem.

Firmware 107

Firmware Firewall Manufacturing Internet 107

Security Affairs

DECEMBER 24, 2022

Security researcher ReSolver announced the discovery of hardcoded credentials (CVE-2022-40602) in ZyXEL LTE3301-M209 LTE indoor routers. “The firmware is basically a merge of 3 sections, the LZMA section is the kernel, at 0x148CD6 the root-fs and at 0x90BD36 the www content.” 13 Sep 2022: Details sent to ZyXEL.

Firmware 52

Firmware Passwords Hacking Cybersecurity 52

Digital Shadows

NOVEMBER 10, 2022

Sporting events, like the upcoming FIFA World Cup Qatar 2022 (Qatar 2022 World Cup), attract massive attention from every corner of the world. After triaging said incidents to remove false positives, we collected the true positive incidents to analyze them and better comprehend how attackers were targeting the Qatar 2022 World Cup.

Cyber threats 52

Cyber threats Media Social Engineering Mobile 52

Security Affairs

MAY 11, 2023

.” The vulnerabilities, tracked as CVE-2023-27357 , CVE-2023-27367 , CVE-2023-27368 , CVE-2023-27369 , CVE-2023-27370 , were demonstrated by Claroty researchers during the 2022 Pwn2Own Toronto hacking contest as part of an exploit. “NETGEAR strongly recommends that you download the latest firmware as soon as possible.”

Hacking 94

Hacking Firmware Authentication DNS 94

Security Affairs

MAY 1, 2022

Critical Ongoing VS Firmware 2.3 Synology also warns customers of other three flaws, tracked as CVE-2022-23125 , CVE-2022-23122 , CVE-2022-0194 that could allow remote attackers to run arbitrary code on affected devices. Synology products affected by the flaw are: Product Severity Fixed Release Availability DSM 7.1

Firmware 83

Firmware Hacking Cybersecurity Internet 83

Security Affairs

APRIL 25, 2023

The vulnerability was first reported to ZDI during the Pwn2Own Toronto 2022 event. In March, TP-Link released a firmware update to address multiple issues, including this vulnerability. A remote attacker can trigger the issue to inject commands that should be executed on the device.

DDOS 89

DDOS Engineering Firmware Architecture 89

Security Affairs

APRIL 19, 2022

Lenovo warns of vulnerabilities in its Unified Extensible Firmware Interface (UEFI) shipped with at least 100 notebook models. The vulnerabilities affecting the Lenovo UEFI result from the use of two UEFI firmware drivers, named SecureBackDoor and SecureBackDoorPeim respectively. ” reads the advisory published by Lenovo.

Firmware 83

Firmware Manufacturing Hacking Cybersecurity 83

Security Affairs

APRIL 7, 2023

MSI is urging users to obtain firmware/BIOS updates only from its official website fearing that threat actors could circulate malware-laced versions of the company’s BIOS. In response to the incident, the company announced it is enhancing the information security control measures of its network and infrastructure.

Ransomware 85

Ransomware Firmware Hacking Manufacturing 85

Security Affairs

MARCH 29, 2023

The first campaign was spotted in November 2022, the exploit chains discovered by TAG researchers were affecting Android and iOS and were delivered via bit.ly The initial landing page was observed hosting the exploits for a WebKit remote code execution zero-day ( CVE-2022-42856 ) and a sandbox escape ( CVE-2021-30900 ) issue.

Spyware 84

Spyware Surveillance Firmware Internet 84

Security Affairs

MARCH 22, 2022

At the end of January, QNAP forced the firmware update for its Network Attached Storage (NAS) devices to protect its customers against the DeadBolt ransomware. “At its peak on January 26th, 2022, Censys observed 4,988 Deadbolt-infected services out of the 130,000 QNAP devices currently on the internet.

Ransomware 97

Ransomware Firmware Internet Internet 97

Security Affairs

JUNE 5, 2022

Security Affairs is one of the finalists for the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS. sections “The Underdogs – Best Personal (non-commercial) Security Blog” and “The Tech Whizz – Best Technical Blog”) To nominate, please visit:? Follow me on Twitter: @securityaffairs and Facebook.

Spyware 102

Spyware Firmware Ransomware Scams 102

Security Affairs

APRIL 12, 2022

CISA added the CVE-2022-23176 flaw in WatchGuard Firebox and XTM appliances to its Known Exploited Vulnerabilities Catalog. Cybersecurity and Infrastructure Security Agency (CISA) added the CVE-2022-23176 flaw in WatchGuard Firebox and XTM appliances to its Known Exploited Vulnerabilities Catalog.

Firmware 82

Firmware Malware Cybersecurity Hacking 82

Security Affairs

FEBRUARY 28, 2024

“As early as 2022, APT28 actors had utilized compromised EdgeRouters to facilitate covert cyber operations against governments, militaries, and organizations around the world.” Since September 2022, Moobot botnet was spotted targeting vulnerable D-Link routers. Upgrade to the latest firmware version.

Energy and Utilities 96

Energy and Utilities Government Firewall Malware 96

Security Affairs

APRIL 24, 2022

Please vote for Security Affairs as the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS Vote for me in the sections “The Underdogs – Best Personal (non-commercial) Security Blog” and “The Tech Whizz – Best Technical Blog” and others of your choice.

Cyber Insurance 74

Cyber Insurance Spyware Firmware Insurance 74

Security Affairs

MAY 20, 2022

At the end of January, QNAP forced the firmware update for its Network Attached Storage (NAS) devices to protect its customers against the DeadBolt ransomware. Ransomware operators are also offering for sale the QNAP the master decryption key for 50 BTC which could allow all the victims of this ransomware family to decrypt their files.

Ransomware 96

Ransomware Internet Internet Firmware 96

SecureWorld News

FEBRUARY 2, 2022

Thankfully, Emsisoft CTO Fabian Wosar came to the rescue and shared this tweet: QNAP users who got hit by DeadBolt and paid the ransom are now struggling to decrypt their data because a forced firmware update issued by @QNAP_nas removed the payload that is required for decryption. January 30, 2022. link] — Fabian Wosar (@fwosar).

Ransomware 87

Ransomware Firmware Encryption Internet 87

Kali Linux

NOVEMBER 27, 2022

In Secure Kali Pi (2022) , the first blog post in the Raspberry Pi series, we set up a Raspberry Pi 4 with full disk encryption. author: Broadcom Corporation firmware: brcm/brcmfmac*-sdio.*.bin bin firmware: brcm/brcmfmac*-sdio.*.txt We mentioned that we can leave it somewhere as a drop box. wireless LAN fullmac driver.

Firmware 52

Firmware Wireless Passwords VPN 52

Security Affairs

APRIL 25, 2022

The alert includes indicators of compromise (IoCs) associated with BlackCat/ALPHV, as of mid-February 2022. Install updates/patch operating systems, software, and firmware as soon as updates/patches are released. Ransom demands range from a few hundreds of thousands up to $3M worth of Bitcoin or Monero. To nominate, please visit:?

Ransomware 104

Ransomware Antivirus Passwords Malware 104

Kali Linux

AUGUST 1, 2022

This is the first part of a 3 part series of blog posts surrounding Kali usage on Raspberry Pi devices. The /boot/cmdline.txt file on a RPi device is used to pass the kernel command line options.

Encryption 52

Encryption Passwords Backups Firmware 52

Security Affairs

MAY 16, 2023

The platform provides real-time monitoring and control, it also supports advanced features such as device management, software and firmware updates, GPS tracking, and data visualization. ” reads the advisory from CISA.

Hacking 91

Hacking Internet Internet Manufacturing 91

Security Affairs

APRIL 19, 2023

The agencies recommend updating to the latest firmware and switching from SNMP to NETCONF or RESTCONF for network management. It includes discovery of other devices on the network by querying the Address Resolution Protocol (ARP) table to obtain MAC addresses. ” continues the report.

Malware 83

Malware Firmware Government Education 83

Security Affairs

MAY 8, 2023

The authenticity of the leaked private key was confirmed by Alex Matrosov, founder of firmware security firm Binarly. Now the ransomware gang has leaked the company’s private code signing keys on their darkweb leaksite. Confirmed, Intel OEM private key leaked, causing an impact on the entire ecosystem.

Data breaches 78

Data breaches Ransomware Firmware Manufacturing 78

Security Affairs

APRIL 6, 2022

“The Justice Department today announced a court-authorized operation, conducted in March 2022, to disrupt a two-tiered global botnet of thousands of infected network hardware devices under the control of a threat actor known to security researchers as Sandworm, which the U.S. ” reads the press release published by DoJ.

Malware 78

Malware Government Firmware Firewall 78

Security Affairs

MAY 21, 2023

Please vote for Security Affairs ( [link] ) as the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS Vote for me in the sections where is reported Securityaffairs or my name Pierluigi Paganini Please nominate Security Affairs as your favorite blog.

Data breaches 86

Data breaches Cybercrime Ransomware Passwords 86

Security Boulevard

MARCH 15, 2022

Tue, 03/15/2022 - 17:20. Code signing certificates assign a digital signature on executable software and firmware to allow them and mark them as trusted. Lapsus$: The New Name in Ransomware Gangs. brooke.crothers. Lapsus$ arrives. Impresa owns the country's largest TV channel and newspaper, SIC and Expresso. But first things first.

Ransomware 128

Ransomware Telecommunications Firmware Media 128

Security Affairs

APRIL 13, 2022

Cynerio ethically disclosed the issues to Aethon and the vendor addressed it with the release of firmware updates.

Mobile 128

Mobile Hacking Firmware Surveillance 128

Security Affairs

MAY 18, 2023

Please vote for Security Affairs ( [link] ) as the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS Vote for me in the sections where is reported Securityaffairs or my name Pierluigi Paganini Please nominate Security Affairs as your favorite blog.

Small Business 85

Small Business Firmware Hacking Cybersecurity 85

Security Affairs

APRIL 14, 2022

According to the advisory that was issued with the help of leading cybersecurity firms (Dragos, Mandiant, Microsoft, Palo Alto Networks, and Schneider Electric), nation-state hacking groups were able to hack multiple industrial systems using a new ICS-focused malware toolkit dubbed PIPEDREAM that was discovered in early 2022.

Passwords 114

Passwords Architecture Backups Cyber Attacks 114

Security Affairs

MAY 14, 2023

Please vote for Security Affairs ( [link] ) as the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS Vote for me in the sections where is reported Securityaffairs or my name Pierluigi Paganini Please nominate Security Affairs as your favorite blog.

Data breaches 87

Data breaches DDOS Artificial Intelligence Ransomware 87