SecureList

JUNE 20, 2023

The findings of the study reveal a number of serious security issues, including the use of hard-coded credentials, and an insecure firmware update process. We later managed to extract the firmware from the EEPROM for further static reverse engineering. Further hardware analysis of the circuit board helped us identify chips.

Firmware 106

Firmware Passwords Manufacturing Mobile 106

Security Affairs

MAY 20, 2022

At the end of January, QNAP forced the firmware update for its Network Attached Storage (NAS) devices to protect its customers against the DeadBolt ransomware. QNAP QVR is a video surveillance solution of the Taiwanese vendor which is hosted on its NAS devices and doesn’t require any extra software. To nominate, please visit:?

Ransomware 111

Ransomware Internet Internet Firmware 111

Security Affairs

APRIL 13, 2022

An attacker can hijack the robots to crash them into people and objects, use them to harass patients and staff, for surveillance purposes, to interfere with the delivery of critical patient medication, access patient medical records in violation of HIPAA, and more.

Mobile 111

Mobile Hacking Firmware Surveillance 111

eSecurity Planet

FEBRUARY 22, 2022

Also read: Best Patch Management Software for 2022. It can even access the chip’s firmware to gain root access on the device, a significant privilege escalation. Also read: Top Vulnerability Management Tools for 2022. Read next: Top Endpoint Detection & Response (EDR) Solutions for 2022.

Spyware 125

Spyware Software Government Social Engineering 125

Security Affairs

MAY 14, 2023

Please vote for Security Affairs ( [link] ) as the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS Vote for me in the sections where is reported Securityaffairs or my name Pierluigi Paganini Please nominate Security Affairs as your favorite blog. We are in the final !

Data breaches 98

Data breaches DDOS Ransomware Hacking 98

SecureWorld News

AUGUST 8, 2022

Remcos, short for Remote Control and Surveillance, was leveraged by malicious cyber actors conducting mass phishing campaigns during the COVID-19 pandemic to steal personal data and credentials. Based on information from trusted third parties, TrickBot's infrastructure is still active in July 2022. Mitigations for top malware strains.

Malware 98

Malware Banking Penetration Testing Healthcare 98

SecureList

JUNE 3, 2024

The attackers were able to bypass this hardware-based security protection using another hardware feature of Apple-designed SoCs (System on a Chip): they did this by writing the data, destination address and data hash to unknown hardware registers of the chip that are not used by the firmware.

Banking 117

Banking Malware Computers and Electronics Mobile 117

SecureList

SEPTEMBER 21, 2023

DeadBolt, which affected thousands of QNAP NAS devices in 2022, is a prominent example of IoT ransomware. The attack took advantage of CVE-2022-27593 , a vulnerability that allowed bad actors to modify system files on the box. BTC to recover the data. The practice has not become widespread due to relative inefficiency.

IoT 137

IoT DDOS Passwords Malware 137

SecureList

NOVEMBER 14, 2023

In June, Microsoft published a report on a threat actor named Cadet Blizzard, responsible for WhisperGate and other wipers targeting Ukrainian government agencies early in 2022. To sum up, although we did not see the same volume as we had in 2022, clearly there were some significant attacks. Verdict: prediction fulfilled ✅ 8.

Hacking 141

Hacking Energy and Utilities Malware Media 141

SecureList

APRIL 27, 2022

This is our latest installment, focusing on activities that we observed during Q1 2022. In late February 2022, we identified two archives submitted from network addresses in Ukraine to an online multi-scanner service. In December we were made aware of a UEFI firmware-level compromise through logs from our firmware scanning technology.

Malware 145

Malware Firmware Government Phishing 145

eSecurity Planet

OCTOBER 21, 2022

Since 2008, antivirus and cybersecurity software testers AV-TEST have kept track of the number of newly-developed malware worldwide, totaling at nearly 1 billion as of September 2022. An August 2022 Statista report counted 2.8 billion malware attacks worldwide in the first half of 2022 alone.

Malware 75

Malware Adware Spyware Antivirus 75