2022, DDOS, Firmware and Hacking - Cyber Security Informer

Reassessing cyberwarfare. Lessons learned in 2022

SecureList

DECEMBER 14, 2022

At this point, it has become cliché to say that nothing in 2022 turned out the way we expected. Similarly, at the beginning of February 2022, we noticed a huge spike in the amount of activity related to Gamaredon C&C servers. It directly affected satellite modems firmwares , but was still to be understood as of mid-March.

DDOS

DDOS Ransomware Government Energy and Utilities

Over 80,000 Hikvision cameras can be easily hacked

Security Affairs

AUGUST 23, 2022

The vulnerability is an unauthenticated Remote Code Execution (RCE) vulnerability in Hikvision IP camera/NVR firmware, it was discovered by a security researcher that goes online with the moniker “Watchful IP.”. The expert confirmed that every firmware developed since 2016 has been tested and found to be vulnerable.

Hacking

Hacking Firmware Internet Internet

IT threat evolution Q1 2022

SecureList

MAY 27, 2022

IT threat evolution in Q1 2022. IT threat evolution in Q1 2022. IT threat evolution in Q1 2022. MoonBounce: the dark side of UEFI firmware. Late last year, we became aware of a UEFI firmware-level compromise through logs from our firmware scanner (integrated into Kaspersky products at the start of 2019).

Phishing

Phishing Spyware Firmware Malware

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

InfectedSlurs botnet targets QNAP VioStor NVR vulnerability

Security Affairs

DECEMBER 17, 2023

In November, Akamai warned of a new Mirai -based DDoS botnet, named InfectedSlurs , actively exploiting two zero-day vulnerabilities to infect routers and video recorder (NVR) devices. The researchers discovered the botnet in October 2023, but they believe it has been active since at least 2022. and earlier. and earlier (5.0.0

Firmware

Firmware Wireless DDOS IoT

Beastmode Mirai botnet now includes exploits for Totolink routers

Security Affairs

APRIL 2, 2022

Operators behind the Mirai-based distributed denial-of-service (DDoS) botnet Beastmode (aka B3astmode) added exploits for Totolink routers. The Mirai -based distributed denial-of-service (DDoS) botnet Beastmode (aka B3astmode) now includes exploits for Totolink routers. CVE-2022-26186 targets TOTOLINK N600R and A7100RU.

DDOS

DDOS Firmware Surveillance IoT

APT trends report Q2 2022

SecureList

JULY 28, 2022

This is our latest installment, focusing on activities that we observed during Q2 2022. In late 2021, we encountered a malicious DXE driver incorporated into several UEFI firmware images that were flagged by our firmware scanner (integrated into Kaspersky products at the start of 2019). The most remarkable findings.

Malware

Malware Firmware Phishing Cryptocurrency

Unauthenticated RCE can allow hacking DrayTek Vigor routers without user interaction

Security Affairs

AUGUST 4, 2022

Tens of router models from Taiwanese SOHO manufacturer DrayTek are affected by a critical, unauthenticated, remote code execution vulnerability, tracked as CVE-2022-32548, that can be exploited to fully compromise a vulnerable device and gain unauthorized access to the broader network. SecurityAffairs – hacking, DrayTek Vigor).

Hacking

Hacking Internet Internet Passwords

Router security in 2021

SecureList

JUNE 8, 2022

Routers are forever being hacked and infected, and used to infiltrate local networks. Number of router vulnerabilities according to cve.mitre.org, 2010–2022 ( download ). Number of router vulnerabilities according to nvd.nist.gov, 2010–2022 ( download ). search results for “default password” in April 2022.

DDOS

DDOS Passwords IoT Firmware

A new Zerobot variant spreads by exploiting Apache flaws

Security Affairs

DECEMBER 22, 2022

com) with links to the bot was among the 48 domains associated with DDoS-for-hire services seized by the FBI in December. The Zerobot botnet first appeared in the wild in November 2022 targeting devices running on Linux operating system. SecurityAffairs – hacking, botnet). “Since the release of Zerobot 1.1,

IoT

IoT DDOS Malware Firmware

A new Mirai botnet variant targets TP-Link Archer A21

Security Affairs

APRIL 25, 2023

The vulnerability was first reported to ZDI during the Pwn2Own Toronto 2022 event. In March, TP-Link released a firmware update to address multiple issues, including this vulnerability. This can be used to launch a Valve Source Engine (VSE) distributed denial-of-service (DDoS) attack against game servers.”

DDOS

DDOS Engineering Firmware Architecture

Interview With a Crypto Scam Investment Spammer

Krebs on Security

MAY 22, 2023

Shortly after that, those same servers came under a sustained distributed denial-of-service (DDoS) attack. Chaput said whoever was behind the DDoS was definitely not using point-and-click DDoS tools, like a booter or stresser service. In May 2020, Zipper told another Lolzteam member that quot[.]pw pw was their domain.

Scams

Scams DDOS Cryptocurrency Accountability

Security Affairs newsletter Round 384

Security Affairs

SEPTEMBER 18, 2022

billion Cisco confirms that data leaked by the Yanluowang ransomware gang were stolen from its systems Some firmware bugs in HP business devices are yet to be fixed Albania was hit by a new cyberattack and blames Iran Iran-linked APT42 is behind over 30 espionage attacks. SecurityAffairs – hacking, newsletter). Pierluigi Paganini.

Firmware

Firmware DDOS Healthcare Hacking

Security Affairs newsletter Round 357 by Pierluigi Paganini

Security Affairs

MARCH 13, 2022

CVE-2022-0492 flaw in Linux Kernel cgroups feature allows container escape Charities and NGOs providing support in Ukraine hit by malware. CVE-2022-0492 flaw in Linux Kernel cgroups feature allows container escape Charities and NGOs providing support in Ukraine hit by malware. SecurityAffairs – hacking, newsletter).

Data breaches

Data breaches Firmware Hacking Ransomware

Security Affairs newsletter Round 419 by Pierluigi Paganini – International edition

Security Affairs

MAY 14, 2023

Please vote for Security Affairs ( [link] ) as the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS Vote for me in the sections where is reported Securityaffairs or my name Pierluigi Paganini Please nominate Security Affairs as your favorite blog. We are in the final !

Data breaches

Data breaches DDOS Artificial Intelligence Ransomware

Security Affairs newsletter Round 362 by Pierluigi Paganini

Security Affairs

APRIL 24, 2022

Please vote for Security Affairs as the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS Vote for me in the sections “The Underdogs – Best Personal (non-commercial) Security Blog” and “The Tech Whizz – Best Technical Blog” and others of your choice. To nominate, please visit:?

Cyber Insurance

Cyber Insurance Spyware Firmware Insurance

Overview of IoT threats in 2023

SecureList

SEPTEMBER 21, 2023

We conducted an analysis of the IoT threat landscape for 2023, as well as the products and services offered on the dark web related to hacking connected devices. Dark web services: DDoS attacks, botnets, and zero-day IoT vulnerabilities Of all IoT-related services offered on the dark web, DDoS attacks are worth examining first.

IoT

IoT DDOS Passwords Malware

Security Affairs newsletter Round 420 by Pierluigi Paganini – International edition

Security Affairs

MAY 21, 2023

Please vote for Security Affairs ( [link] ) as the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS Vote for me in the sections where is reported Securityaffairs or my name Pierluigi Paganini Please nominate Security Affairs as your favorite blog. We are in the final !

Data breaches

Data breaches Cybercrime Ransomware Passwords

STEPS FORWARD: Regulators are on the move to set much needed IoT security rules of the road

The Last Watchdog

SEPTEMBER 5, 2023

Here are a few takeaways: Minimum requirements A few years back, a spate of seminal IoT hacks grabbed the full attention of governments worldwide. Mirai then carried out a massive distributed denial-of-service (DDoS) attacks that knocked down Twitter, Netflix, PayPal and other major web properties.

IoT

IoT Government Internet Internet

Who and What is Behind the Malware Proxy Service SocksEscort?

Krebs on Security

JULY 25, 2023

Now new findings reveal that AVrecon is the malware engine behind a 12-year-old service called SocksEscort , which rents hacked residential and small business devices to cybercriminals looking to hide their true location online. Image: Lumen’s Black Lotus Labs. Usually, these users have no idea their systems are compromised.

Malware

Malware VPN Internet Internet

Webinar on cyberattacks in Ukraine – summary and Q&A

SecureList

MARCH 14, 2022

On March 10, 2022 Kaspersky’s Global Research and Analysis Team (GReAT) shared their insights into the current (and past) cyberattacks in Ukraine. We advise organizations to: Take typical measures against DDoS attacks, ransomware and destructive malware, phishing, targeted attacks, supply-chain attacks and firmware attacks.

DDOS

DDOS Firmware Internet Internet

Advanced threat predictions for 2024

SecureList

NOVEMBER 14, 2023

In June, Microsoft published a report on a threat actor named Cadet Blizzard, responsible for WhisperGate and other wipers targeting Ukrainian government agencies early in 2022. To sum up, although we did not see the same volume as we had in 2022, clearly there were some significant attacks. Drone hacking!

Hacking

Hacking Energy and Utilities Media Malware

Why Healthcare IoT Requires Strong Machine Identity Management

Security Boulevard

MAY 30, 2022

Mon, 05/30/2022 - 12:04. IoT Business News has also published a list of four types of medical devices that are susceptible to hacking which include: wireless infusion pumps, implanted devices, smartpens, and vital sign monitors. Secure IoT firmware and authenticated devices offer benefits that extend to the entire healthcare ecosystem.

Healthcare

Healthcare IoT Manufacturing Risk

Cyber Security Informer

Reassessing cyberwarfare. Lessons learned in 2022

Over 80,000 Hikvision cameras can be easily hacked

Webinars

Trending Sources

IT threat evolution Q1 2022

Webinars

InfectedSlurs botnet targets QNAP VioStor NVR vulnerability

Beastmode Mirai botnet now includes exploits for Totolink routers

APT trends report Q2 2022

Unauthenticated RCE can allow hacking DrayTek Vigor routers without user interaction

Router security in 2021

A new Zerobot variant spreads by exploiting Apache flaws

A new Mirai botnet variant targets TP-Link Archer A21

Interview With a Crypto Scam Investment Spammer

Security Affairs newsletter Round 384

Security Affairs newsletter Round 357 by Pierluigi Paganini

Security Affairs newsletter Round 419 by Pierluigi Paganini – International edition

Security Affairs newsletter Round 362 by Pierluigi Paganini

Overview of IoT threats in 2023

Security Affairs newsletter Round 420 by Pierluigi Paganini – International edition

STEPS FORWARD: Regulators are on the move to set much needed IoT security rules of the road

Who and What is Behind the Malware Proxy Service SocksEscort?

Webinar on cyberattacks in Ukraine – summary and Q&A

Advanced threat predictions for 2024

Why Healthcare IoT Requires Strong Machine Identity Management

Stay Connected