Digital Shadows

JANUARY 14, 2025

Key Findings The last quarter of 2024 proved to be a pivotal period for ransomware activity, marked by emerging threats and unexpected shifts among established groups. In our Q3 2024 ransomware report , we predicted activity would reach its peak in the last quarter of the year.

Ransomware 126

Ransomware Social Engineering Phishing Manufacturing 126

SecureWorld News

JUNE 9, 2025

The onboard router that serves crew and passengers has been identified as one of the top cyber vulnerabilities , particularly if administrators neglect routine password changes and firmware updates. An orchestrated DDoS campaign by the pro-Russia group Killnet in 2022 rendered the public websites of more than a dozen U.S.

Cybersecurity 118

Cybersecurity Social Engineering Computers and Electronics Risk 118

SecureList

OCTOBER 23, 2024

On May 13, 2024, our consumer-grade product Kaspersky Total Security detected a new Manuscrypt infection on the personal computer of a person living in Russia. According to the blog, Microsoft had also been tracking the campaign and associated websites since February 2024.

Engineering 145

Engineering Social Engineering Accountability Cryptocurrency 145

SecureList

JUNE 3, 2024

IT threat evolution Q1 2024 IT threat evolution Q1 2024. Mobile statistics IT threat evolution Q1 2024. Since it is not used by the firmware, we have no idea how the attackers learned to use it. Recently, we found a new macOS malware family that was piggybacking the cracked software in order to steal crypto wallets.

Banking 117

Banking Malware Computers and Electronics Mobile 117

Security Affairs

MAY 17, 2024

CVE-2021-40655 An informtion disclosure issue exists in D-LINK-DIR-605 B2 Firmware Version : 2.01MT. CISA orders federal agencies to fix these vulnerabilities by June 6, 2024. Experts recommend also private organizations review the Catalog and address the vulnerabilities in their infrastructure.

Firmware 131

Firmware Authentication Passwords Hacking 131

eSecurity Planet

MAY 2, 2024

Most organizations express confidence in their current status and budgets, but also expect to experience at least one data breach in 2024. Compromised Credentials Compromised identities from phishing, info stealers, keyloggers, and bad password habits provide the entry point for most ransomware attacks and data breaches.

Cybersecurity 121

Cybersecurity DDOS Penetration Testing Ransomware 121

SecureWorld News

JUNE 18, 2025

Remediation: Implement unique, strong passwords per device. Disable default accounts entirely and require password changes during initial setup. Disable default accounts entirely and require password changes during initial setup. Use boot verification and firmware integrity checks to detect unauthorized modifications.

57

57

Security Affairs

SEPTEMBER 6, 2024

Recently fixed access control SonicOS vulnerability, tracked as CVE-2024-40766, is potentially exploited in attacks in the wild, SonicWall warns. SonicWall warns that a recently fixed access control flaw, tracked as CVE-2024-40766 (CVSS v3 score: 9.3), in SonicOS is now potentially exploited in attacks. 5035 and older versions. .

Firewall 128

Firewall Passwords Internet Internet 128

Security Boulevard

MARCH 24, 2025

Vulnerabilities and Malware Primarily includes severe and exploited vulnerabilities in devices or software used by end users (ex: a major router firmware flaw). Specifically, it was fetching account icons and defaulted to opening password reset pages over HTTP. Malware campaigns covered generally target/affect the end user.

Surveillance 75

Surveillance Telecommunications Data breaches Malware 75

eSecurity Planet

JUNE 18, 2024

June 6, 2024 NVIDIA Patches 10 Vulnerabilities in GPU Products Type of vulnerability: Multiple, including code execution and elevation of privilege. June 7, 2024 Ransomware Exploiting PHP Flaw Type of vulnerability: Argument injection vulnerability leading to ransomware exploits. It’s tracked as CVE-2024-29824.

Firmware 113

Firmware Authentication Ransomware Software 113

Hacker's King

OCTOBER 7, 2024

Cybersecurity has rapidly evolved over the past decade, and in 2024, this evolution has seen an even greater focus on securing system boot processes, particularly through Initial Program Load (IPL). Firmware Integrity Checks: Firmware sits between the hardware and software, making it an attractive target for attackers.

Firmware 52

Firmware Cybersecurity IoT Passwords 52

Security Boulevard

JANUARY 4, 2025

This is a news item roundup of privacy or privacy-related news items for 29 DEC 2024 - 4 JAN 2024. Vulnerabilities and Malware Primarily includes severe and exploited vulnerabilities in devices or software used by end users (ex: a major router firmware flaw). Malware campaigns covered generally target/affect the end user.

Data breaches 52

Data breaches Firmware Healthcare Malware 52

Security Boulevard

MARCH 3, 2025

Vulnerabilities and Malware Primarily includes severe and exploited vulnerabilities in devices or software used by end users (ex: a major router firmware flaw). Anyone with this default password could access these "locked" apartment complexes. While it could be changed, the device does not prompt end users to change the password.

Surveillance 52

Surveillance Data breaches Firmware Encryption 52

eSecurity Planet

JUNE 24, 2024

Fortra remedied a hard-coded password issue in the FileCatalyst software. Cybersecurity researchers discovered a buffer overflow flaw in Intel Core processor firmware causing Phoenix Technology to release patches. The problem: Microsoft patched a critical vulnerability ( CVE-2024-30078 ) with a severity score of 8.8

Firmware 62

Firmware Passwords Software Risk 62

eSecurity Planet

AUGUST 13, 2024

August 5, 2024 Another Apache OfBiz Vulnerability to Watch Type of vulnerability: Remote code execution. It’s tracked as CVE-2024-38856 and allows a threat actor to use a specifically created request to execute code on endpoints without authorization. The vulnerability is tracked as CVE-2024-7589 and has a CVSS score of 7.4.

Firmware 109

Firmware Software Wireless Security Defenses 109

eSecurity Planet

AUGUST 20, 2024

District Court claims that NPD experienced a data breach around April 2024, alleging the following: Sensitive data , such as full names, current and previous addresses (going back at least 30 years), Social Security numbers, and details about family members, including some who have been deceased for nearly two decades, were compromised.

Identity Theft 130

Identity Theft Data breaches Passwords Encryption 130

eSecurity Planet

AUGUST 20, 2024

August 12, 2024 Ivanti Runs Into Snag With Virtual Traffic Manager Type of vulnerability: Authentication bypass. The flaw is tracked as CVE-2024-7593 and has a CVSS score of 9.8, August 13, 2024 Microsoft Patch Tuesday Sees Elevation of Privilege Vulnerability Type of vulnerability: Multiple, including elevation of privilege.

Authentication 106

Authentication Firmware Technology Software 106

eSecurity Planet

AUGUST 13, 2024

August 5, 2024 Another Apache OfBiz Vulnerability to Watch Type of vulnerability: Remote code execution. It’s tracked as CVE-2024-38856 and allows a threat actor to use a specifically created request to execute code on endpoints without authorization. The vulnerability is tracked as CVE-2024-7589 and has a CVSS score of 7.4.

Firmware 104

Firmware Software Wireless Security Defenses 104

Security Boulevard

JANUARY 11, 2024

Vulnerabilities in router firmware, weak passwords, and unpatched software serve as easy entry points for attackers looking to compromise these devices. The post Securing Public Sector Against IoT Malware in 2024 appeared first on Security Boulevard. Adding urgency to this imperative for U.S.

IoT 75

IoT Malware Education Government 75

Kali Linux

SEPTEMBER 10, 2024

Check out “HnLVIP NetHunter” (1st August 2024), in this podcast by @hackeslangos featuring @yesimxev , talking about getting into NetHunter, an OffSec journey and more! 1kali2 (2024-05-30) ┌──(kali㉿kali)-[~] └─$ uname -r 6.8.11-amd64 There is also good news for Hungarian NetHunters! " VERSION_ID="2024.3"

Firmware 144

Firmware Architecture Education Passwords 144

eSecurity Planet

MARCH 4, 2024

February 26, 2024 FCKeditor Used for SEO Poisoning on Government, University Sites Type of vulnerability: Malicious URL redirect. February 27, 2024 Ransomware Gangs Target Unpatched ScreenConnect Servers Type of vulnerability: Authentication bypass and path traversal. The fix: Apply Windows patches ASAP.

IoT 117

IoT Internet Internet Ransomware 117

Security Affairs

FEBRUARY 28, 2024

” In February 2024, a court order allowed US authorities to neutralize the Moobot botnet, a network of hundreds of small office/home office (SOHO) routers under the control of the Russia-linked group APT28. Upgrade to the latest firmware version. Change any default usernames and passwords.

Energy and Utilities 134

Energy and Utilities Government Firewall Malware 134

SecureList

NOVEMBER 25, 2024

In this article in the KSB series, we review the trends of the past year, reflect on the predictions we made for 2024 , and offer insights into what we can expect in 2025. As expected, we continued to observe attacks in 2024 involving exploits for Apple devices. For instance, in Q2 2024, we saw a 23% increase in BYOVD usage.

IoT 119

IoT Energy and Utilities Phishing Cryptocurrency 119

eSecurity Planet

SEPTEMBER 2, 2024

August 26, 2024 SonicWall Identifies Access Control Vulnerability Type of vulnerability: Improper access control. The problem: CVE-2024-40766 , a critical access control vulnerability with a 9.3 The fix: Upgrade to SonicWall’s firmware updates for Gen 5 (to version 5.9.2.14-13o),

Risk 57

Risk Firewall Firmware Engineering 57

SecureList

FEBRUARY 27, 2024

However, we decided not to update the toy immediately in order to explore what could be extracted from the older firmware version. login_user request to get access_token with an incorrect password The next request returns configuration parameters for the specific toy based on its unique identifier, consisting of nine characters.

Education 123

Education Manufacturing Internet Internet 123

Pen Test Partners

SEPTEMBER 18, 2024

AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Product: H685t-w Vulnerable Firmware Version: 3.2.334 Links: CVE-2024-45682 icsa-24-261-02 Proroute changelogs Description Two authenticated command injection vulnerabilities have been identified in the H685t-w-P2 Compact 4G router running firmware version 3.2.334. High) CVSS: 3.1/

Firmware 69

Firmware VPN Mobile Passwords 69

eSecurity Planet

JUNE 10, 2024

June 3, 2024 Exploit Chain Enables RCE in Progress Telerik Report Servers Type of vulnerability: Chained remote code execution. The exploit combines an authentication bypass ( CVE-2024-4358 ) with a deserialization issue ( CVE-2024-1800 ). Users should upgrade to the most recent Confluence versions to address CVE-2024-21683.

Malware 80

Malware Authentication Software Telecommunications 80

Security Boulevard

SEPTEMBER 20, 2024

Source: MITRE Engenuity, September 2024) With the TIE results in hand, cybersecurity teams can, among other things, do the following: Prioritize techniques to look for while triaging an event. Keep software and firmware patched and updated. Replace default passwords with strong passwords.

Cybersecurity 97

Cybersecurity IoT Hacking Risk 97

Security Boulevard

APRIL 18, 2025

National Institute of Standards and Technology (NIST) released a draft update of its Privacy Framework (PFW) that more closely interconnects it with the popular Cybersecurity Framework (CSF) , which was updated in 2024. Keep firmware updated. As of the end of 2024, the CVE program had published more than 250,000 CVEs.

Risk 59

Risk Cybersecurity Data privacy Software 59

eSecurity Planet

NOVEMBER 1, 2021

Once in place, manufacturers will have 30 months to begin meeting the new legal requirements, giving them until mid-2024 to bring the devices into compliance. New vulnerabilities are created every day by cybercriminals, leading to many IoT devices being installed with out-of-date firmware and other exploitable vulnerabilities.”.

Wireless 109

Wireless IoT Manufacturing Mobile 109

Centraleyes

JUNE 11, 2024

12 Risk Mitigation Measures for 2024 In the next section, we draw upon insights from the National Security Agency (NSA) to explore top-tier risk reduction strategies. Regularly update hardware firmware and retire outdated devices to maintain a secure computing environment. Internal controls ensure that risk is managed at its inception.

Risk 52

Risk Cyber Insurance Insurance Authentication 52

Pen Test Partners

MAY 28, 2025

A default password is set on the device’s VNC server which can be extracted from the VNC binary. This password is static and cannot be changed. The script contained the username and password used to login to the panel. Attempting to connect required a password. AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H (9.8

Passwords 52

Passwords Accountability Risk Firmware 52

Webroot

OCTOBER 31, 2024

Steam the Webinar on demand HERE As we look back on the cybersecurity landscape of 2024, it’s clear that the world of digital threats continues to evolve at an alarming pace in parallel with AI. The saga of LockBit in 2024 exemplifies the resilience and adaptability of these cybercriminal groups.

Malware 117

Malware Ransomware Passwords Healthcare 117

Security Boulevard

JANUARY 27, 2025

Vulnerabilities and Malware Primarily includes severe and exploited vulnerabilities in devices or software used by end users (ex: a major router firmware flaw). Vulnerabilities 7-Zip fixes bug that bypasses Windows MoTW security warnings, patch now Bleeping Computer This vulnerability is tracked as CVE-2024-38213.

Surveillance 52

Surveillance Data breaches Backups Malware 52

SecureWorld News

OCTOBER 31, 2024

Warding off zombies : Regularly update device firmware, patch IoT devices, and monitor for unusual traffic patterns. Spooky fact : Sophos says the average ransom in 2024 is $2.73 Phishing phantoms: masters of disguise Phishing scams have become more sophisticated.

IoT 120

IoT Phishing DDOS Backups 120

Security Boulevard

AUGUST 14, 2024

While it is not reasonable or feasible to expect firmware and software to be completely free of security issues, perhaps in the modern age some shouldn't be as prevalent as they are (ex: failing to sanitize input or straight up broken security controls).

Firmware 64

Firmware Manufacturing Malware Passwords 64

Pen Test Partners

OCTOBER 9, 2023

There is no concrete method to follow as it will rely on contents of the decomposed design from Step 2, but typical examples might include the following: Intellectual property in the device firmware. Deploy malicious firmware. The CoP includes the following recommendations for manufacturers: No default passwords.

IoT 52

IoT Firmware Mobile Manufacturing 52