Security Affairs

JUNE 21, 2024

A serious vulnerability (CVE-2024-0762) in the Phoenix SecureCore UEFI firmware potentially impacts hundreds of PC and server models. Firmware security firm Eclypsium discovered a vulnerability, tracked as CVE-2024-0762 (CVSS of 7.5), in the Phoenix SecureCore UEFI firmware. ” concludes the report.

Firmware 140

Firmware Mobile Technology Hacking 140

Security Affairs

JUNE 13, 2024

Google is warning of a security vulnerability impacting its Pixel Firmware that has been actively exploited in the wild as a zero-day. Google warned of an elevation of privilege vulnerability, tracked as CVE-2024-32896, in the Pixel Firmware, which has been exploited in the wild as a zero-day. ” reads the advisory.

Firmware 136

Firmware Spyware Hacking Information Security 136

Security Affairs

DECEMBER 3, 2024

The ‘Bootkitty’ Linux UEFI bootkit exploits the LogoFAIL flaws (CVE-2023-40238) to target systems using vulnerable firmware. A previously unknown UEFI application, named bootkit.efi, was uploaded to VirusTotal in November 2024. reads the advisory published by ESET. Vulnerable models include IdeaPad, Legion, and Yoga series.

Firmware 121

Firmware Manufacturing Malware Authentication 121

Security Affairs

JANUARY 19, 2025

” The firmware analysis performed by the experts revealed vulnerabilities in the dispatcher.cgi interface of WGS-804HPT switches’ web service. CVE-2024-48871 (CVSS score: 9.8) – Stack-based buffer overflow lets unauthenticated attackers execute remote code via malicious HTTP requests. ” concludes the report.

Firmware 84

Firmware IoT Wireless Surveillance 84

Security Affairs

DECEMBER 19, 2024

Juniper Networks warns that a Mirai botnet is targeting SSR devices with default passwords after unusual activity was reported on December 11, 2024. Multiple customers reported anomalous activity on their Session Smart Network (SSN) platforms on December 11, 2024. ” read the report published by Juniper Networks.

DDOS 81

DDOS Firmware Firewall Passwords 81

Security Affairs

FEBRUARY 18, 2025

The vulnerabilities are: CVE-2024-12511: SMB / FTP pass-back vulnerability CVE-2024-12510: LDAP pass-back vulnerability The vulnerabilities impact Xerox Versalink MFPs and Firmware Version: 57.69.91 ” Organizations using Xerox VersaLink C7025 Multifunction printers should update to the latest firmware. and earlier.

Firmware 81

Firmware Authentication Accountability Passwords 81

Security Affairs

JUNE 9, 2025

A new variant of the Mirai botnet exploits CVE-2024-3721 to target DVR systems, using a new infection method. Researchers from Russian cybersecurity firm Kaspersky discovered a new variant of the Mirai botnet that exploits a command injection vulnerability ( CVE-2024-3721 ) in TBK DVR-4104 and DVR-4216 digital video recording devices.

Internet 52

Internet Encryption 52

Security Affairs

FEBRUARY 4, 2025

AMD released security patches to fix a flaw that could bypass SEV protection, letting attackers load malicious microcode. Researchers from Google disclosed an improper signature verification vulnerability, tracked asCVE-2024-56161 (CVSS score of 7.2), in AMD’s Secure Encrypted Virtualization (SEV).

Encryption 109

Encryption Firmware Hacking Information Security 109

Security Affairs

SEPTEMBER 4, 2024

Google addressed a security vulnerability in its Android operating system that is actively exploited in attacks in the wild. Google addressed a high-severity vulnerability, tracked as CVE-2024-32896 (CVSS score: 7.8), in its Android operating system that is under active exploitation in the wild. reads the advisory.

Firmware 136

Firmware Mobile Hacking Information Security 136

Security Affairs

MAY 1, 2025

SonicWall confirmed that threat actors actively exploited two vulnerabilities impacting its SMA100 Secure Mobile Access (SMA) appliances. SonicWall revealed that attackers actively exploited two security vulnerabilities, tracked as CVE-2023-44221 and CVE-2024-38475 , in its SMA100 Secure Mobile Access appliances.

Firmware 83

Firmware Mobile VPN Authentication 83

Security Affairs

DECEMBER 30, 2024

Cybersecurity firm VulnCheck warns that a high-severity flaw, tracked as CVE-2024-12856 (CVSS score: 7.2), in Four-Faith routers is actively exploited in the wild. “At least firmware version 2.0 “At least firmware version 2.0 ” reads the advisory. ” reads the report published by VulnCheck.

Firmware 80

Firmware Authentication Hacking Cybersecurity 80

Security Affairs

JANUARY 14, 2025

The campaign likely began in November 2024, the campaign unfolded in four phases: vulnerability scanning (Nov 1623, 2024), reconnaissance (Nov 2227), SSL VPN setup (Dec 47), and lateral movement (Dec 1627). ” The researchers noticed that the attack targeted firmware versions of devices ranging between 7.0.14

Firewall 92

Firewall VPN Accountability Firmware 92

Security Affairs

JANUARY 29, 2025

The bot targets the command injection vulnerability CVE-2024-41710 that impacts Mitel models. ” The malware targets the flaw CVE-2024-41710 that affects Mitel 6800, 6900, and 6900w series SIP phones, including the 6970 Conference Unit through R6.4.0.HF1 Named after the Aqua filename, it was first reported in November 2023.

DDOS 83

DDOS Firmware Malware Firewall 83

Security Affairs

MAY 2, 2025

CVE-2024-38475 (CVSS score: 9.8) During further analysis, SonicWall and trusted security partners identified an additional exploitation technique using CVE-2024-38475, through which unauthorized access to certain files could enable session hijacking. SMA100 devices updated with the fixed firmware version 10.2.1.14-75sv

Firmware 84

Firmware Authentication VPN Mobile 84

Security Affairs

FEBRUARY 12, 2025

CVE-2024-40891 is very similar to CVE-2024-40890 ( observed authentication attempts , observed command injection attempts ), with the main difference being that the former is telnet-based while the latter is HTTP-based. reads the advisory published by GreyNoise. 4)C0_20170615.

Authentication 85

Authentication Firmware Cybersecurity Hacking 85

Security Affairs

DECEMBER 26, 2024

In November 2024, the Akamai Security Intelligence Research Team (SIRT) observed increased activity targeting the URI /cgi-bin/cgi_main.cgi , linked to a Mirai-based malware campaign exploiting an unassigned RCE vulnerability in DVR devices, including DigiEver DS-2105 Pro. ” reads the analysis published by Akamai. in newer ones.

Manufacturing 95

Manufacturing Malware Firmware IoT 95

Security Affairs

SEPTEMBER 16, 2024

D-Link has addressed three critical vulnerabilities, tracked as CVE-2024-45694 , CVE-2024-45695 , CVE-2024-45697 , impacting three wireless router models. The manufacturer also addressed two high-severity vulnerabilities, tracked as CVE-2024-45696 and CVE-2024-45698. DIR-X4860 A1 firmware version 1.00, 1.04

Wireless 139

Wireless Firmware Manufacturing Hacking 139

Security Affairs

APRIL 2, 2024

Researchers from the firmware security firm Binarly released a free online scanner to detect the CVE-2024-3094 Backdoor Last week, Microsoft engineer Andres Freund discovered a backdoor issue in the latest versions of the “xz” tools and libraries. The vulnerability was tracked as CVE-2024-3094 and received a CVSS score of 10.

Firmware 141

Firmware Authentication Engineering Hacking 141

Security Affairs

FEBRUARY 28, 2025

In September 2024, Doctor Web researchers uncovered a malware, tracked as Vo1d , that infected nearly 1.3 In August 2024, several users reported that Dr.Web antivirus detected changes in their TV box system files. In May 2024, an international law enforcement operation led by the U.S.

Antivirus 80

Antivirus Firmware Encryption Manufacturing 80

Security Affairs

JUNE 25, 2024

Researchers at the Shadowserver Foundation warn that a Mirai -based botnet has started exploiting a recently disclosed vulnerability tracked as CVE-2024-29973 (CVSS score 9.8) The flaw is a command injection vulnerability in the “setCookie” parameter in Zyxel NAS326 firmware versions before V5.21(AAZF.17)C0 13)C0 and older.

Firmware 136

Firmware Hacking Cybercrime Information Security 136

Security Affairs

AUGUST 6, 2024

Google addressed an actively exploited high-severity vulnerability, tracked as CVE-2024-36971, impacting the Android kernel. Google fixed a high-severity flaw, tracked as CVE-2024-36971, impacting the Android kernel. “There are indications that CVE-2024-36971 may be under limited, targeted exploitation.”

Firmware 139

Firmware Spyware Hacking Technology 139

Security Affairs

NOVEMBER 27, 2024

ESET discovered the first Unified Extensible Firmware Interface (UEFI) bootkit specifically designed for Linux systems, named Bootkitty. A previously unknown UEFI application, named bootkit.efi, was uploaded to VirusTotal in November 2024. ” reads the advisory published by ESET. ” concludes the report.

Firmware 78

Firmware Authentication Malware Hacking 78

Security Affairs

JUNE 14, 2024

CVE-2024-26169 is an elevation of privilege issue in the Microsoft Windows Error Reporting Service that can be exploited to could gain SYSTEM privileges. CVE-2024-4358 is an authentication bypass vulnerability that an unauthenticated attacker can exploit to gain access to Telerik Report Server restricted functionality.

Firmware 139

Firmware Authentication Hacking Cybersecurity 139

Security Affairs

JUNE 16, 2024

ASUS addresses a critical remote authentication bypass vulnerability, tracked as CVE-2024-3080 (CVSS v3.1 Some impacted models will not receive the firmware updates because they have reached the end-of-life (EoL). score: 9.8), impacting seven router models. impacting multiple devices. impacting multiple devices.

Authentication 139

Authentication Firmware VPN Manufacturing 139

Security Affairs

JUNE 5, 2024

Below is the list impacting the Zyxel NAS devices: CVE-2024-29972 : This command injection vulnerability in the CGI program “remote_help-cgi” in Zyxel NAS326 and NAS542 devices could allow an unauthenticated attacker to execute some operating system (OS) commands by sending a crafted HTTP POST request. 13)C0 and older. 13)C0 and older.

Firmware 137

Firmware Authentication Manufacturing Hacking 137

Security Affairs

APRIL 3, 2024

Two issues fixed by the IT giant, tracked as CVE-2024-29745 and CVE-2024-29748, are actively exploited in the wild. “The most severe of these issues is a high security vulnerability in the System component that could lead to local escalation of privilege with no additional execution privileges needed.”

Spyware 141

Spyware Firmware Hacking Information Security 141

Security Affairs

AUGUST 26, 2024

SonicWall has released security updates to address a critical vulnerability, tracked as CVE-2024-40766 (CVSS score: 9.3), in its firewalls. However SonicWall recommends youinstall the latest firmware. .” However SonicWall recommends youinstall the latest firmware. ” reads the advisory published by the vendor.

Firewall 137

Firewall Firmware Malware Internet 137

Security Affairs

JANUARY 14, 2024

Apple addressed a recently disclosed Bluetooth keyboard injection vulnerability with the release of Magic Keyboard firmware. Apple released Magic Keyboard Firmware Update 2.0.6 to address a recently disclosed Bluetooth keyboard injection issue tracked as CVE-2024-0230.

Firmware 143

Firmware Hacking Information Security 143

Security Affairs

MAY 17, 2024

Cybersecurity and Infrastructure Security Agency (CISA) added the following D-Link router vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog : CVE-2014-100005 Multiple cross-site request forgery (CSRF) vulnerabilities in D-Link DIR-600 router (rev. CISA orders federal agencies to fix these vulnerabilities by June 6, 2024.

Firmware 138

Firmware Passwords Authentication Hacking 138

Security Boulevard

JANUARY 18, 2024

So, let’s explore what 2024 and beyond has in store for all of us in the digital world. I have concluded the increasing involvement of offensive nation-states directly supports most of the 2024 cybersecurity predictions. 2024 Cybersecurity Predictions 1. In 2024: 1. They will suffer disproportionately.

Risk 115

Risk Cybersecurity CISO Technology 115

Security Affairs

MAY 27, 2024

Researchers at OneKey discovered a a critical remote code execution (RCE) vulnerability, tracked as CVE-2024-5035 (CVSS score 10.0), in TP-Link Archer C5400X gaming router. The issue affects firmware versions, through 1.1.1.6, Below is the timeline for this flaw: 2024-02-16 –Report submitted to TP-Link PSIRT through encrypted email.

Firmware 140

Firmware Encryption Hacking Information Security 140

Security Affairs

SEPTEMBER 13, 2024

In August 2024, several users reported that Dr.Web antivirus detected changes in their TV box system files. Users may also mistakenly believe TV boxes are more secure than smartphones and are less likely to install antivirus software, increasing their risk when downloading third-party apps or unofficial firmware.

Malware 143

Malware Firmware Antivirus Manufacturing 143

Security Affairs

JUNE 16, 2024

Patch it now!

Data breaches 136

Data breaches Hacking Ransomware Malware 136

SecureList

JANUARY 31, 2024

We do not expect rapid changes in the industrial cyberthreat landscape in 2024. 1 scourge of industrial enterprises in 2024. In 2023, ransomware attacks consolidated their hold on the top of the ranking of information security threats to industrial enterprises. Ransomware Ransomware will remain the No.

Ransomware 116

Ransomware Energy and Utilities Marketing Backups 116

Security Affairs

DECEMBER 3, 2024

Attackers can use malformed XML requests to access arbitrary server files containing account information. Last week, VulnCheck researchers warned that ProjectSend vulnerability CVE-2024-11680 (CVSS score: 9.8) The vulnerability CVE-2024-11667 is a directory traversal flaw in Zyxel firmware (V5.00–V5.38)

Firewall 128

Firewall Authentication Accountability Firmware 128

Security Affairs

AUGUST 29, 2024

Akamai’s Security Intelligence and Response Team (SIRT) has detected a botnet campaign exploiting multiple previously known vulnerabilities and a newly discovered zero-day, tracked as CVE-2024-7029 (CVSS score: 8.7), in AVTECH CCTV cameras. This can be executed remotely with elevated privileges (running process owner.)”

Firmware 137

Firmware Malware Security Intelligence Authentication 137

Security Affairs

SEPTEMBER 14, 2024

CISA adds SonicWall SonicOS, ImageMagick and Linux Kernel bugs to its Known Exploited Vulnerabilities catalog Electronic payment gateway Slim CD disclosed a data breach impacting 1.7M

Data breaches 135

Data breaches Computers and Electronics Spyware Cybercrime 135