Security Affairs

JANUARY 6, 2021

The Taiwanese vendor Zyxel has recently addressed a critical vulnerability in its firmware, tracked as CVE-2020-29583 , related to the presence of a hardcoded undocumented secret account. Firmware version 4.60 of Zyxel USG devices contains an undocumented account (zyfwp) with an unchangeable password.

Firmware 112

Firmware Passwords Accountability VPN 112

Adam Levin

MARCH 23, 2020

Update your camera’s firmware and software: Whether it’s an external camera or one built into your laptop or tablet, check for manufacturer updates and always keep your camera’s software and firmware fully up to date because patches are often released specifically to patch security vulnerabilities.

Firmware 219

Firmware Manufacturing Passwords Software 219

Krebs on Security

JANUARY 11, 2021

The company says an incident at a third-party cloud provider may have exposed customer account information and credentials used to remotely manage Ubiquiti gear. This data may include your name, email address, and the one-way encrypted password to your account (in technical terms, the passwords are hashed and salted).

Passwords 343

Passwords Authentication Firmware Accountability 343

Schneier on Security

JANUARY 28, 2019

Hackers can also build botnets with the help of exploits and vulnerabilities in router firmware, but the easiest way to assemble a botnet is by collecting the ones that users have failed to secure with custom passwords. I am interested in the results of this survey.

IoT 227

IoT Government Firmware Hacking 227

Security Affairs

APRIL 5, 2023

HP would take up to 90 days to address a critical flaw, tracked as CVE-2023-1707, that resides in the firmware of some business-grade printers. The company pointed out that the information disclosure can be achieved only by exploiting the flaw on vulnerable devices running FutureSmart firmware version 5.6 and having IPsec enabled.

Firmware 89

Firmware Education Media Hacking 89

Security Affairs

JULY 15, 2021

x firmware in an imminent ransomware campaign using stolen credentials.” “The exploitation targets a known vulnerability that has been patched in newer versions of firmware.” The network equipment vendor is now urging customers to update the firmware of their devices as soon as possible. “If 34 or 9.0.0.10

Firmware 110

Firmware Ransomware Passwords Mobile 110

Security Affairs

MAY 4, 2023

In order to exploit the flaw, an attacker has to upgrade an affected device to a crafted version of the firmware. “This vulnerability is due to a missing authentication process within the firmware upgrade function.” “Cisco has not released firmware updates to address this vulnerability.

Firmware 86

Firmware Education Media Authentication 86

Heimadal Security

OCTOBER 10, 2022

On Friday, a Twitter account going by the handle “freak” shared links to what they claimed to be the UEFI firmware source code for Intel Alder Lake, which they claim was made available by 4chan. Intel confirms the source code leak for the UEFI BIOS is authentic. Alder Lake is the name of the company’s […].

Authentication 87

Authentication Firmware Accountability Cybersecurity 87

Security Affairs

JULY 10, 2020

Two security researchers have found undocumented Telnet admin account accounts in 29 FTTH devices from Chinese vendor C-Data. Two security researchers have discovered undocumented Telnet admin account accounts in 29 Fiber-To-The-Home (FTTH) devices from Chinese vendor C-Data.

Firmware 99

Firmware Accountability Advertising Manufacturing 99

Security Affairs

SEPTEMBER 19, 2022

“It is found that our wireless products, FLEXLAN FX3000/2000 series, have a firmware vulnerability. The CVE–2022–36158 flaw is a hidden system command web page that was discovered performing reverse engineering of the firmware used by the device. ” reads the advisory published by Contec. ” continues the researchers.

Wireless 92

Wireless Firmware Passwords Engineering 92

SecureWorld News

JULY 14, 2021

x firmware in an imminent ransomware campaign using stolen credentials. The exploitation targets a known vulnerability that has been patched in newer versions of firmware.". x firmware should continue to follow best security practices. x firmware are past temporary mitigations.

Risk 95

Risk Ransomware Firmware Mobile 95

Security Affairs

JUNE 24, 2021

The threat actors are targeting the USG, ZyWALL, USG FLEX, ATP, and VPN series running on-premise ZLD firmware. Upon accessing the devices, attackers then bypass authentication and establish SSL VPN tunnels with unknown user accounts (i.e. The company states that devices running the Nebula cloud management mode are not impacted.

VPN 112

VPN Firewall Firmware Authentication 112

Troy Hunt

NOVEMBER 25, 2020

I also looked at custom firmware and soldering and why, to my mind, that was a path I didn't need to go down at this time. Let's got through the options: Firmware Patching I'll start with the devices themselves and pose a question to you: can you remember the last time you patched the firmware in your light globes? Or vibrator.

IoT 358

IoT Firmware Risk Manufacturing 358

Security Affairs

AUGUST 14, 2023

The procedures allow administrators to provide device information such as server addresses, account information, and firmware updates. The server is used to provide configurations and firmware updates to the devices. In this scenario, an attacker can act as a rogue server and distribute malicious firmware.

Firmware 89

Firmware Authentication Passwords Hacking 89

Krebs on Security

MAY 22, 2023

Social networks are constantly battling inauthentic bot accounts that send direct messages to users promoting scam cryptocurrency investment platforms. Chaput said that at one point last week the volume of bot accounts being registered for the crypto spam campaign started overwhelming the servers that handle new signups at Mastodon.social.

Scams 243

Scams DDOS Cryptocurrency Accountability 243

SecureWorld News

OCTOBER 8, 2023

Periodically, at least once a quarter, review the security settings of your social media accounts and the apps linked to them. Be vigilant about duplicate accounts of people you know. Some people register several accounts, for example, to avoid losing contact with the network in case of temporary blocking.

Firmware 87

Firmware IoT Accountability Passwords 87

Security Affairs

JULY 15, 2022

Threat actors behind the campaign used multiple accounts across several social media platforms to advertise password-cracking software for Programmable Logic Controller (PLC), Human-Machine Interface (HMI), and project files. Several websites and multiple social media accounts exist all touting their password “crackers.””

Passwords 113

Passwords Software Firmware Malware 113

Security Affairs

MARCH 28, 2020

On February 10, 2020, the Taiwanese manufacturer DrayTek issued a security bulletin to address the vulnerability with the release of the firmware program 1.5.1. On the 6th Feb, we released an updated firmware to address this issue.” firmware or later. .” firmware or later. ” reads the security bulletin.

Firmware 83

Firmware VPN Accountability Advertising 83

Hacker Combat

JUNE 3, 2021

Industrial switches are made using universal firmware developed by Korenix Technology, a leading provider for industrial networking solutions based in Taiwan. Korenix has developed another firmware that the organization incorporates in its JetNet industrial switches. These vulnerabilities include: Backdoor account.

Firmware 78

Firmware Energy and Utilities Cyber Attacks Surveillance 78

Security Affairs

MARCH 23, 2020

Netlab shared its findings with LILIN on January 19, 2020, and the vendor addressed the issues with the release of the firmware update (version 2.0b60_20200207). The new firmware released by the vendors validated the hostname passed as input to prevent command execution. ” reads the advisory published by Netlab.

Firmware 106

Firmware Surveillance Manufacturing Advertising 106

Security Boulevard

AUGUST 17, 2021

But Zero Trust Architecture is incomplete without device firmware and hardware verification. While adding context-aware checks on user activities does help, it cannot account for the many functions that occur inside a device, below the operating system. Three simple checks on device […].

Architecture 59

Architecture Firmware Accountability 59

eSecurity Planet

JANUARY 16, 2024

The problem: WordPress plugin Popup Builder is vulnerable to exploitation through a flaw that allows attackers to perform administrator-level actions like installing new rogue plugins or creating new admin accounts. According to Bitdefender, the thermostat does not validate the authenticity of a new firmware update.

Firewall 97

Firewall Firmware IoT Authentication 97

CyberSecurity Insiders

OCTOBER 28, 2021

Taking regular backups that can be efficiently used to data continuity when the need arises, implementing network segmentation, installing regular software and firmware updates, auditing user accounts at regular intervals, limiting access to RDPs, deploying email threat monitoring solutions on network servers and disabling links embedded in the mail (..)

Ransomware 142

Ransomware Firmware Backups Encryption 142

SecureWorld News

JULY 14, 2021

x firmware in an imminent ransomware campaign using stolen credentials. The exploitation targets a known vulnerability that has been patched in newer versions of firmware.". x firmware should continue to follow best security practices. x firmware are past temporary mitigations.

Risk 52

Risk Ransomware Firmware Mobile 52

SC Magazine

MAY 27, 2021

A recent Microsoft Security Signals survey found that just 29% of companies have any budget allocated to protect firmware at all. The Security Signals research said that attacks on firmware increased five-fold in four years. Yet security spending doesn’t match the tremendous impact of these devices. Threat actors have noticed.

Manufacturing 56

Manufacturing IoT Firmware Software 56

Malwarebytes

FEBRUARY 24, 2022

But the NCSC warns that it is likely that Sandworm is capable of compiling the same or very similar malware for other architectures and firmware. When it comes to infected appliances, Cyclops Blink persists on reboot and throughout the legitimate firmware update process.

Malware 145

Malware Firewall Firmware DDOS 145

Security Affairs

OCTOBER 26, 2021

Install updates/patch operating systems, software, and firmware as soon as updates/patches are released. Review domain controllers, servers, workstations, and active directories for new or unrecognized user accounts. Audit user accounts with administrative privileges and configure access controls with least privilege in mind.

Ransomware 130

Ransomware Firmware Antivirus Accountability 130

Security Affairs

MARCH 10, 2021

One of the members of the group, Tillie Kottmann, revealed that they have gained access to these surveillance cameras using a super admin account for the surveillance company Verkada. Once Verkada became aware of the hack, it has disabled all internal administrator accounts to prevent any unauthorised access.

Surveillance 121

Surveillance Hacking Banking Firmware 121

Security Affairs

DECEMBER 29, 2018

The vulnerability lies within the design and implementation of Amazon Simple Storage Service (S3) credentials inside the Guardzilla Security Camera firmware.” Embedded S3 credentials have unlimited access to all S3 buckets provisioned for that account,” continues the analysis. ” read a post published by 0dayallday.org.

Firmware 84

Firmware Surveillance IoT Passwords 84

Security Affairs

MARCH 16, 2022

As early as May 2021, the attackers took advantage of a misconfigured account set to default MFA protocols at a non-governmental organization (NGO), allowing them to enroll a new device for MFA and access the victim network. Contrary to best practices recommended, the account was still active in the organization’s Active Directory.

Accountability 93

Accountability Passwords Authentication Firmware 93

Security Affairs

NOVEMBER 10, 2022

The industrial automation giant ABB addressed the flaw with the release of firmware updates on July 14, 2022. “We chose the simplest approach, reading /etc/shadow and using hashcat cracking the root account password (which turned out to be root:root). ” reads an advisory published by Claroty.

Firmware 131

Firmware Authentication Passwords Manufacturing 131

SecureList

JANUARY 20, 2022

At the end of 2021, we were made aware of a UEFI firmware-level compromise through logs from our Firmware Scanner , which has been integrated into Kaspersky products since the beginning of 2019. In the last year, there have been several public accounts on the ongoing trend of UEFI threats. What happened?

Firmware 145

Firmware Malware Encryption Passwords 145

Troy Hunt

MARCH 12, 2020

(ok, not so much, but I'll get creative later on) Next, let's choose who's going to admin the unit based on their Ubiquiti account. I'm already signed into the app so I pop up straight away: I later get Raf to set up his own Ubiquiti account and give him read access to everything. It was like "here's your router, uh, good luck!"

Wireless 347

Wireless Firmware Accountability Mobile 347

Security Affairs

JUNE 5, 2022

Anonymous: Operation Russia after 100 days of war GitLab addressed critical account take over via SCIM email change LuoYu APT delivers WinDealer malware via man-on-the-side attacks Clipminer Botnet already allowed operators to make at least $1.7 If you want to also receive for free the newsletter with the international press subscribe here.

Spyware 102

Spyware Firmware Ransomware Scams 102

eSecurity Planet

APRIL 30, 2024

Set Secure Firewall Rules & ACLs To prevent unwanted access and ensure effective traffic management, secure your firewall through updating firmware to resolve vulnerabilities and adopting proper configurations prior to installing firewalls in production. Create administrative accounts with read-only access to logs for auditing.

Firewall 62

Firewall Architecture Firmware Risk 62

Security Affairs

APRIL 25, 2021

Soliton addressed both flaws in FileZen solutions with the release of firmware versions V4.2.8 The vendor recommended changing system administrator account, reset access control, and installing the latest available version. and V5.0.3. If you want to receive the weekly Security Affairs Newsletter for free subscribe here.

System Administration 117

System Administration Firmware Government Hacking 117

Security Affairs

DECEMBER 17, 2020

Audit user accounts regularly, particularly Remote Monitoring and Management accounts that are publicly accessible. Patch operating systems, software, firmware, and endpoints. Monitor inbound and outbound network traffic; set alerts for data exfiltration. Pierluigi Paganini. SecurityAffairs – hacking, FBI).

Ransomware 139

Ransomware Backups Firmware Accountability 139