2023, Blog, Firmware and Information Security

Zyxel fixed a critical RCE flaw in its firewall devices and urges customers to install the patches

Security Affairs

APRIL 28, 2023

A vulnerability impacting Zyxel firewalls, tracked as CVE-2023-28771, can be exploited to execute arbitary code on vulnerable devices. Researchers from TRAPA Security have discovered a critical remote code execution vulnerability, tracked as CVE-2023-28771 (CVSS score 9.8), impacting Zyxel Firewall. through 5.35. through 5.35.

Firewall

Firewall Firmware VPN Authentication

HP would take up to 90 days to fix a critical bug in some business-grade printers

Security Affairs

APRIL 5, 2023

HP would take up to 90 days to address a critical flaw, tracked as CVE-2023-1707, that resides in the firmware of some business-grade printers. HP is aware of a critical vulnerability, tracked as CVE-2023-1707 (CVSS v3.1 The vendor has released temporary firmware mitigation for customers currently running FutureSmart 5.6

Firmware

Firmware Education Media Hacking

Cisco EoL SPA112 2-Port Phone Adapters are affected by critical RCE

Security Affairs

MAY 4, 2023

Cisco is warning of a critical remote code execution (RCE) vulnerability, tracked as CVE-2023-20126 (CVSS score of 9.8), impacting SPA112 2-Port phone adapters. “An attacker could exploit this vulnerability by upgrading an affected device to a crafted version of firmware. The company product has reached end-of-life (EoL).

Firmware

Firmware Education Media Authentication

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

Experts share details of five flaws that can be chained to hack Netgear RAX30 Routers

Security Affairs

MAY 11, 2023

An attacker could also use these vulnerabilities to access and control networked smart devices (security cameras, thermostats, smart locks), change router settings including credentials or DNS settings, or use a compromised network to launch attacks against other devices or networks.” for the RAX30 router family.

Hacking

Hacking Firmware Authentication DNS

D-Link fixes two critical flaws in D-View 8 network management suite

Security Affairs

MAY 25, 2023

The first vulnerability, tracked as CVE-2023-32165 , is a D-View TftpReceiveFileHandler Directory Traversal Remote Code Execution flaw. “Please note that this is a device beta software, beta firmware, or hot-fix release which is still undergoing final testing before its official release. ” We are in the final!

Firmware

Firmware Authentication Software Hacking

MSI confirms security breach after Money Message ransomware attack

Security Affairs

APRIL 7, 2023

The group published a series of screenshots of the company’s CTMS and ERP databases The Money Message group threatens to publish the stolen files by Wednesday, April 12, 2023, if the company will not pay the ransom. Today MSI confirmed the security breach, it confirmed that threat actors had access to some of its information service systems.

Ransomware

Ransomware Firmware Hacking Manufacturing

A new Mirai botnet variant targets TP-Link Archer A21

Security Affairs

APRIL 25, 2023

Mirai botnet started exploiting the CVE-2023-1389 vulnerability (aka ZDI-CAN-19557/ZDI-23-451 ) in TP-Link Archer A21 in recent attacks. Last week, the Zero Day Initiative (ZDI) threat-hunting team observed the Mirai botnet attempting to exploit the CVE-2023-1389 vulnerability (aka ZDI-CAN-19557/ZDI-23-451, CVSS v3: 8.8)

DDOS

DDOS Engineering Firmware Architecture

Critical fixed critical flaws in Cisco Small Business Switches

Security Affairs

MAY 18, 2023

Please vote for Security Affairs ( [link] ) as the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS Vote for me in the sections where is reported Securityaffairs or my name Pierluigi Paganini Please nominate Security Affairs as your favorite blog.

Small Business

Small Business Firmware Hacking Cybersecurity

Russia-linked APT28 compromised Ubiquiti EdgeRouters to facilitate cyber operations

Security Affairs

FEBRUARY 28, 2024

In April 2023, FortiGuard Labs researchers observed a hacking campaign targeting Cacti ( CVE-2022-46169 ) and Realtek ( CVE-2021-35394 ) vulnerabilities to spread ShellBot and Moobot malware. APT28 was also observed exploiting the critical privilege escalation vulnerability CVE-2023-23397 (CVSS score: 9.8)

Energy and Utilities

Energy and Utilities Government Firewall Malware

Money Message gang leaked private code signing keys from MSI data breach

Security Affairs

MAY 8, 2023

The Money Message group initially threatened to publish the stolen files by April 12, 2023, if the company will not pay the ransom. The authenticity of the leaked private key was confirmed by Alex Matrosov, founder of firmware security firm Binarly. Previously we already described the BG pkeys leak impact.

Data breaches

Data breaches Ransomware Firmware Manufacturing

Security Affairs newsletter Round 419 by Pierluigi Paganini – International edition

Security Affairs

MAY 14, 2023

Please vote for Security Affairs ( [link] ) as the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS Vote for me in the sections where is reported Securityaffairs or my name Pierluigi Paganini Please nominate Security Affairs as your favorite blog.

Data breaches

Data breaches DDOS Artificial Intelligence Ransomware

Security Affairs newsletter Round 420 by Pierluigi Paganini – International edition

Security Affairs

MAY 21, 2023

Please vote for Security Affairs ( [link] ) as the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS Vote for me in the sections where is reported Securityaffairs or my name Pierluigi Paganini Please nominate Security Affairs as your favorite blog.

Data breaches

Data breaches Cybercrime Ransomware Passwords

Kali Linux 2023.4 Release (Cloud ARM64, Vagrant Hyper-V & Raspberry Pi 5)

Kali Linux

DECEMBER 4, 2023

With 2023 coming to an end and before the holiday season starts, we thought today would be a good time to release Kali 2023.4. Much more could be written on the topic, and we plan a longer blog post dedicated to it. If you want our blog posts, and only that, in your inbox, sign up! Today, we are now using Mirrorbits.

Architecture

Architecture Passwords Firmware Software

Kali Linux 2024.1 Release (Micro Mirror)

Kali Linux

FEBRUARY 27, 2024

As it turns out, Kenneth operates a network of mirrors, which was officially announced back in May 2023 on his blog: Building the Micro Mirror Free Software CDN. For anyone interested in Internet infrastructure, we encourage you to read it, that’s a well-written blog post right there, waiting for you. Automate it!

Software

Software Firmware VPN Internet

China-linked APT Mustang Panda targets TP-Link routers with a custom firmware implant

Security Affairs

MAY 16, 2023

China-linked APT group Mustang Panda employed a custom firmware implant targeting TP-Link routers in targeted attacks since January 2023. In most recent attacks observed by Check Point, the threat actors employed custom firmware implant designed explicitly for TP-Link routers. ” reads the report published by Check point.

Firmware

Firmware Encryption Government Malware

Google TAG shares details about exploit chains used to install commercial spyware

Security Affairs

MARCH 29, 2023

This was recently highlighted by blog posts from Project Zero and Github Security Lab.” At the time of delivery, the latest Samsung firmware had not included a fix for this vulnerability. CVE-2022-22706 , a vulnerability in Mali GPU Kernel Driver fixed by ARM in January 2022 and marked as being used in the wild.

Spyware

Spyware Surveillance Firmware Internet

Lemon Group gang pre-infected 9 million Android devices for fraudulent activities

Security Affairs

MAY 19, 2023

The network of compromised devices was discovered by Trend Micro which shared details of its investigation at the Black Hat Asia 2023 conference in May. Threat actors compromised third-party software or the installation of malware-laced firmware. Please nominate Security Affairs as your favorite blog.

Mobile

Mobile Advertising Malware Cybercrime

Kali Linux 2023.3 Release (Internal Infrastructure & Kali Autopilot)

Kali Linux

AUGUST 22, 2023

This release blog post does not have the most features in it, as a lot of the changes have been behind-the-scenes, which brings a huge benefit to us and an indirect positive effect to you as end-users. This is when anyone can ask questions (hopefully relating to Kali or the information security industry) to us. Automate it!

Architecture

Architecture Firmware Firewall Software

The Hacker Mind Podcast: The Hacker Revolution Will Be Televised

ForAllSecure

FEBRUARY 22, 2023

There's the you know, these little ESP chips that have like, all in one Wi Fi and a little Linux or a little you know that OS that's just trivial and you download the firmware, you tweak a few things and you've got blinky lights, the magic can talk to other things and like do all sorts of cool stuff. Everybody's building their own badges.

Engineering

Engineering Hacking Wireless Marketing

Cyber Security Informer

Zyxel fixed a critical RCE flaw in its firewall devices and urges customers to install the patches

HP would take up to 90 days to fix a critical bug in some business-grade printers

Webinars

Trending Sources

Cisco EoL SPA112 2-Port Phone Adapters are affected by critical RCE

Webinars

Experts share details of five flaws that can be chained to hack Netgear RAX30 Routers

D-Link fixes two critical flaws in D-View 8 network management suite

MSI confirms security breach after Money Message ransomware attack

A new Mirai botnet variant targets TP-Link Archer A21

Critical fixed critical flaws in Cisco Small Business Switches

Russia-linked APT28 compromised Ubiquiti EdgeRouters to facilitate cyber operations

Money Message gang leaked private code signing keys from MSI data breach

Security Affairs newsletter Round 419 by Pierluigi Paganini – International edition

Security Affairs newsletter Round 420 by Pierluigi Paganini – International edition

Kali Linux 2023.4 Release (Cloud ARM64, Vagrant Hyper-V & Raspberry Pi 5)

Kali Linux 2024.1 Release (Micro Mirror)

China-linked APT Mustang Panda targets TP-Link routers with a custom firmware implant

Google TAG shares details about exploit chains used to install commercial spyware

Lemon Group gang pre-infected 9 million Android devices for fraudulent activities

Kali Linux 2023.3 Release (Internal Infrastructure & Kali Autopilot)

The Hacker Mind Podcast: The Hacker Revolution Will Be Televised

Stay Connected