SecureList

NOVEMBER 14, 2022

We polled our experts from the GReAT team and have gathered a small number of key insights about what APT actors are likely to focus on in 2023. In both cases, we described new UEFI firmware bootkits that managed to propagate malicious components from the deepest layers of the machine up to Windows’ user-land.

Firmware 129

Firmware Surveillance Mobile Telecommunications 129

Malwarebytes

NOVEMBER 8, 2023

CVE-2023-23368 The first vulnerability, CVE-2023-23368 ( CVSS score 9.8 Go to Control Panel > System > Firmware Update. CVE-2023-23369 The second vulnerability, CVE-2023-23369 (CVSS score 9 out of 10), is also an OS command injection vulnerability that reportedly affects several QNAP operating system versions.

Media 138

Media Firmware Ransomware Passwords 138

SecureWorld News

JUNE 18, 2025

Remediation: Implement unique, strong passwords per device. Disable default accounts entirely and require password changes during initial setup. Disable default accounts entirely and require password changes during initial setup. Use boot verification and firmware integrity checks to detect unauthorized modifications.

57

57

SecureList

JUNE 11, 2024

A CVE entry has been registered for each of the vulnerability types: CVE-2023-3938 , CVE-2023-3939 , CVE-2023-3940 , CVE-2023-3941 , CVE-2023-3942 , CVE-2023-3943. User-friendly: biometric identification does not require subjects to remember passwords or carry access cards.

Firmware 132

Firmware Authentication Passwords Risk 132

Security Affairs

JUNE 19, 2023

ASUS addressed critical vulnerabilities in multiple router models, urging customers to immediately install firmware updates. ASUS is warning customers to update some router models to the latest firmware to address critical vulnerabilities. “Update your router to the latest firmware.

Firmware 98

Firmware VPN Wireless Passwords 98

SecureList

JULY 19, 2023

On March 14, 2023, Microsoft published a blogpost describing an Outlook Client Elevation of Privilege Vulnerability (CVSS: 9.8 Perform offline cracking to extract the password. Below, we will highlight the key points and then focus on the initial use of this vulnerability by attackers before it became public.

Firmware 98

Firmware Internet Internet Government 98

SecureWorld News

JUNE 13, 2023

Critical Start today released its biannual Cyber Intelligence Report, featuring the top threats observed in the first half of 2023 and emerging cybersecurity trends impacting the healthcare, financial services, and state and local government industries. After a brief hiatus, Emotet threat actors resumed their operations in early March 2023.

Cyber threats 96

Cyber threats Malware Phishing Ransomware 96

Security Affairs

MAY 11, 2023

” The vulnerabilities, tracked as CVE-2023-27357 , CVE-2023-27367 , CVE-2023-27368 , CVE-2023-27369 , CVE-2023-27370 , were demonstrated by Claroty researchers during the 2022 Pwn2Own Toronto hacking contest as part of an exploit. “NETGEAR is aware of multiple security vulnerabilities on the RAX30.

Hacking 98

Hacking Firmware Authentication DNS 98

Security Affairs

MAY 31, 2023

Researchers from firmware security firm Eclypsium have discovered a suspected backdoor-like behavior within Gigabyte systems. The experts discovered that the firmware in Gigabyte systems drops and executes a Windows native executable during the system startup process. The executable resides in a UEFI firmware volume.

Firmware 98

Firmware Risk Software Passwords 98

SecureList

JUNE 20, 2023

The findings of the study reveal a number of serious security issues, including the use of hard-coded credentials, and an insecure firmware update process. We later managed to extract the firmware from the EEPROM for further static reverse engineering. Further hardware analysis of the circuit board helped us identify chips.

Firmware 106

Firmware Passwords Manufacturing Mobile 106

Security Affairs

SEPTEMBER 6, 2024

. * However SonicWall recommends youinstall the latest firmware. “SonicWall strongly advises that customers using GEN5 and GEN6 firewalls with SSLVPN users who have locally managed accounts immediately update their passwords to enhance security and prevent unauthorized access. ” concludes the advisory.

Firewall 128

Firewall Passwords Internet Internet 128

eSecurity Planet

MAY 18, 2023

“Cisco has not and will not release firmware updates to address the vulnerabilities described in the advisory for these devices,” the company stated. CVE-2023-20024, CVE-2023-20156, CVE-2023-20157, and CVE-2023-20158 – four vulnerabilities with a high CVSS score of 8.6

Small Business 104

Small Business Firmware Ransomware Cyber Attacks 104

Security Affairs

AUGUST 14, 2023

The procedures allow administrators to provide device information such as server addresses, account information, and firmware updates. The server is used to provide configurations and firmware updates to the devices. In this scenario, an attacker can act as a rogue server and distribute malicious firmware.

Firmware 98

Firmware Authentication Passwords Hacking 98

Pen Test Partners

OCTOBER 31, 2023

This has been given the ID CVE-2023-46327. This led him to reverse engineering the firmware to identify how the CipherValue (AKA the password) was derived. Take the remaining bytes of the decoded value, this is the encrypted password for the Address Book entry in blocks of 16 bytes AES CBC. Medium) CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N

Encryption 124

Encryption Passwords Firmware Engineering 124

Security Affairs

AUGUST 13, 2023

The nine vulnerabilities have received CVE between CVE-2023-3259 through CVE-2023-3267. Below is the list of flaws discovered by the researchers: CyberPower PowerPanel Enterprise: CVE-2023-3264: Use of Hard-coded Credentials (CVSS 6.7) CVE-2023-3266: Improperly Implemented Security Check for Standard (Auth Bypass; CVSS 7.5)

Hacking 98

Hacking Firmware Authentication Software 98

Security Affairs

FEBRUARY 28, 2024

In April 2023, FortiGuard Labs researchers observed a hacking campaign targeting Cacti ( CVE-2022-46169 ) and Realtek ( CVE-2021-35394 ) vulnerabilities to spread ShellBot and Moobot malware. APT28 was also observed exploiting the critical privilege escalation vulnerability CVE-2023-23397 (CVSS score: 9.8)

Energy and Utilities 134

Energy and Utilities Government Firewall Malware 134

Security Affairs

APRIL 15, 2024

The site also hosts password dumps allegedly stolen from the Russian company. Below is the timeline of the attack published on ruexfil.com: Initial access June 2023. Fuxnet (stuxnet on steroids) was deployed earlier to slowly and physically destroy sensory equipment (by NAND/SSD exhaustion and introducing bad CRC into the firmware).

Malware 144

Malware Firmware IoT Hacking 144

SecureWorld News

NOVEMBER 2, 2023

Citrix Bleed, officially identified as CVE-2023-4966, is a sensitive information disclosure vulnerability affecting NetScaler ADC and NetScaler Gateway appliances. Exploiting this flaw allows threat actors to hijack legitimate user sessions, bypassing authentication protocols such as passwords and multi-factor authentication.

Authentication 108

Authentication Data breaches Passwords Firmware 108

eSecurity Planet

MAY 2, 2024

The 2023 vendor surveys arriving this quarter paint a picture of a cybersecurity landscape under attack, with priority issues affecting deployment, alert response, and exposed vulnerabilities. Sophos: Noted that 43% of all 2023 malware signature updates are for stealers, spyware, and keyloggers often used to steal credentials from devices.

Cybersecurity 121

Cybersecurity DDOS Penetration Testing Ransomware 121

Security Affairs

MAY 21, 2023

X Master Password Dumper (CVE-2023-32784) Malware RapperBot DDoS Botnet Expands into Cryptojacking Newly identified RA Group compromises companies in U.S. X Master Password Dumper (CVE-2023-32784) Malware RapperBot DDoS Botnet Expands into Cryptojacking Newly identified RA Group compromises companies in U.S.

Data breaches 98

Data breaches Cybercrime Ransomware Hacking 98

Security Boulevard

FEBRUARY 17, 2025

Introducing Bitwarden Cupid Vault to securely share (and unshare) passwords with loved ones Bitwarden Bitwarden has already had the ability to securely share passwords. Vulnerabilities and Malware Primarily includes severe and exploited vulnerabilities in devices or software used by end users (ex: a major router firmware flaw).

Surveillance 52

Surveillance Data breaches VPN Malware 52

Zero Day

JUNE 11, 2025

Here's how to buy one Nintendo Switch 2 revealed: Specs, pricing, release date (out now), and more official details The $700 Android phone that made me forget about my Pixel 9 Pro Best small business web hosting services of 2025 Memorial Day headphone sales 2025 Best Linux VPNs of 2025 Best online video editors of 2025 Best CRM software of 2025 (..)

Malware 80

Malware Password Management Small Business Artificial Intelligence 80

SecureList

FEBRUARY 27, 2024

However, we decided not to update the toy immediately in order to explore what could be extracted from the older firmware version. login_user request to get access_token with an incorrect password The next request returns configuration parameters for the specific toy based on its unique identifier, consisting of nine characters.

Education 123

Education Manufacturing Internet Internet 123

Security Affairs

MARCH 22, 2023

The user needs to authenticate into the mesh system first, meaning they’d need to access an unprotected network or the login credentials of a password-protected network, for this attack to be successful. Netgear addressed the flaws with the release of the firmware version 4.6.14.3 on January 19, 2023.

Wireless 98

Wireless Firmware Authentication Passwords 98

SecureList

JUNE 3, 2024

In late December, in a presentation at the 37th Chaos Communication Congress (37C3), experts from our Global Research and Analysis Team (GReAT) described the attack chain in detail , including – for the first time – how the attackers exploited the CVE-2023-38606 hardware vulnerability. You can read the full analysis here.

Banking 117

Banking Malware Computers and Electronics Mobile 117

Jane Frankland

MAY 3, 2025

With over 100 attacks attributed to them since 2022, including high-profile breaches like MGM Resorts and Caesars Entertainment in 2023, their reach and ambition continue to grow. Using strong, unique passwords and enabling multi-factor authentication (MFA) or preferably passkeys wherever possible remains vital.

Cyber Attacks 100

Cyber Attacks Retail Cyber threats Backups 100

Security Affairs

MAY 14, 2023

ransom Dragon Breath APT uses double-dip DLL sideloading strategy International Press Cybercrime San Bernardino County pays $1.1-million ransom Dragon Breath APT uses double-dip DLL sideloading strategy International Press Cybercrime San Bernardino County pays $1.1-million

Data breaches 98

Data breaches DDOS Ransomware Hacking 98

Zero Day

JUNE 14, 2025

Here's how to buy one Nintendo Switch 2 revealed: Specs, pricing, release date (out now), and more official details The $700 Android phone that made me forget about my Pixel 9 Pro Best small business web hosting services of 2025 Memorial Day headphone sales 2025 Best Linux VPNs of 2025 Best online video editors of 2025 Best CRM software of 2025 (..)

Password Management 75

Password Management Small Business Software Artificial Intelligence 75

eSecurity Planet

APRIL 5, 2023

Tens of thousands of new security vulnerabilities are discovered each year; the value of CISA’s KEV catalog is that it helps organizations prioritize the software and firmware flaws that threat groups are actively exploiting — and many of those exploited flaws are older ones that users have failed to apply patches for.

Ransomware 128

Ransomware Firmware Cybersecurity Healthcare 128

Zero Day

JUNE 14, 2025

Here's how to buy one Nintendo Switch 2 revealed: Specs, pricing, release date (out now), and more official details The $700 Android phone that made me forget about my Pixel 9 Pro Best small business web hosting services of 2025 Memorial Day headphone sales 2025 Best Linux VPNs of 2025 Best online video editors of 2025 Best CRM software of 2025 (..)

Wireless 90

Wireless Banking Password Management Small Business 90

Pen Test Partners

SEPTEMBER 9, 2024

Privacy and Passwords: Two-step verification is done by default, but multi-factor authentication (MFA) is recommended. FTC Settlement (2023): The FTC addressed problems where Ring staff could access user footage without proper controls. However, creating passwords that are complex and unique to your Ring account is still crucial.

Firmware 64

Firmware Encryption Passwords Authentication 64

eSecurity Planet

JUNE 30, 2023

Cymulate ran 3,107 assessments across 340 organizations recently to see if security controls were adequate against the Clop (sometimes called “Cl0p” with a zero) ransomware group’s exploitation of a MOVEit software vulnerability ( CVE-2023-34362 ). Patch operating systems, software, and firmware on a regular basis.

Ransomware 104

Ransomware Backups Software Passwords 104

Security Boulevard

SEPTEMBER 20, 2024

1 - CISA: Critical infrastructure orgs susceptible to common attacks After assessing the security of 143 critical infrastructure organizations in 2023, the U.S. To get more details, read the 24-page “ CISA Analysis: Fiscal Year 2023 Risk and Vulnerability Assessments ” report and complementary charts.

Cybersecurity 97

Cybersecurity IoT Hacking Risk 97

eSecurity Planet

MARCH 4, 2024

The fix: To eliminate malware infections, perform a factory reset, upgrade to the latest firmware, change all default usernames and passwords, and adjust firewall rules to block exposure to unwanted remote management services. The fix: Patch or isolated vulnerable Windows systems.

IoT 117

IoT Internet Internet Ransomware 117

SecureList

OCTOBER 23, 2024

Because of this, in Chrome 117 (released in Q4 2023), the developers introduced a new optimizing compiler, Maglev, whose goal is to generate good enough code fast enough by performing optimizations based solely on feedback from the interpreter. Is that really all this game has to offer?

Engineering 145

Engineering Social Engineering Accountability Cryptocurrency 145

Kali Linux

DECEMBER 4, 2023

With 2023 coming to an end and before the holiday season starts, we thought today would be a good time to release Kali 2023.4. 1kali1 (2023-10-09) ┌──(kali㉿kali)-[~] └─$ uname -r 6.5.0-kali3-amd64 Unfortunately, the project has been unmaintained since 2015, and so after 10 years in production, it was really time to say good-bye.

Architecture 145

Architecture Passwords Firmware Software 145

SecureList

OCTOBER 25, 2023

This archive is discreetly hosted on legitimate websites, cleverly disguised as firmware binaries for enigmatic devices labeled “m100” The Bitbucket repository was created on June 21, 2018, under the account of Julie Heilman, and it remains the sole repository associated with this profile. As of 2023, it is trading at around $150.

Malware 145

Malware DNS Encryption Cryptocurrency 145