Security Affairs

JANUARY 6, 2021

The Taiwanese vendor Zyxel has recently addressed a critical vulnerability in its firmware, tracked as CVE-2020-29583 , related to the presence of a hardcoded undocumented secret account. Firmware version 4.60 of Zyxel USG devices contains an undocumented account (zyfwp) with an unchangeable password.

Firmware 106

Firmware Passwords Accountability VPN 106

Daniel Miessler

MAY 14, 2020

In that piece I wanted to link to some safe internet practices—which some used to call Safe Hex—but I couldn’t find anything newer than nine years old. Use unique, strong passwords, and store them in a password manager. Many people get hacked from having guessable or previously compromised passwords.

Risk 345

Risk Password Management Passwords Accountability 345

Malwarebytes

AUGUST 1, 2022

This web server is present in Arris firmware which can be found in several router models. ISP customer premise equipment (CPE) often uses this web server, and ISP subscribers will typically get these routers in loan for telephony and Internet access. Unfortunately the Arris firmware is based on the vulnerable version of muhttpd.

Firmware 144

Firmware Internet Internet Passwords 144

SecureList

JUNE 20, 2023

Introduction In today’s interconnected world, more and more devices are being connected to the internet, including everyday household items like pet feeders that are becoming smart by virtue of this simple fact. We later managed to extract the firmware from the EEPROM for further static reverse engineering.

Firmware 91

Firmware Passwords Manufacturing Mobile 91

Security Affairs

SEPTEMBER 19, 2022

These devices are installed in airplanes to offer internet connectivity to the passengers, the above vulnerabilities can be exploited by an attacker to compromise the inflight entertainment system and potentially conduct other malicious activities. “[CVE-2022-36159] – Use of weak Hard-coded Cryptographic Keys and backdoor account.

Wireless 86

Wireless Firmware Passwords Engineering 86

Krebs on Security

MARCH 30, 2021

NYSE:UI] — a major vendor of cloud-enabled Internet of Things (IoT) devices such as routers, network video recorders and security cameras — disclosed that a breach involving a third-party cloud provider had exposed customer account credentials. 11, Ubiquiti Inc. 11 this year, now would be a good time to care of that. .”

Accountability 364

Accountability IoT Passwords Firmware 364

SecureWorld News

OCTOBER 8, 2023

Turn off the internet connection if you will not be using it for an extended period. Periodically, at least once a quarter, review the security settings of your social media accounts and the apps linked to them. Even harmless details, such as pet names or birthplaces, can be used by hackers to reset passwords.

Firmware 84

Firmware IoT Accountability Passwords 84

Security Affairs

SEPTEMBER 6, 2019

600,000 GPS trackers left exposed online with a default password of ‘123456’ Avast researchers found at least 600,000 GPS trackers manufactured by a Chinese vendor that were exposed online with a default password of “123456.” The use of default passwords represents a serious problem also for the Chinese vendor.

Passwords 79

Passwords Manufacturing Advertising Firmware 79

Security Affairs

AUGUST 27, 2020

To perform the experiment, we used Internet of Things (IoT) search engines to search for open devices that utilized common printer ports and protocols. After filtering out most of the false positives, we were left with more than 800,000 printers that had network printing features enabled and were accessible over the internet.

Hacking 142

Hacking IoT Firmware Internet 142

Security Affairs

JULY 8, 2022

The Taiwanese vendor QNAP is warning of a new family of ransomware targeting its NAS devices using weak passwords. Threat actors are targeting devices exposed online with the SMB service enabled, they perform brute-force attacks against accounts using weak passwords. Go to Control Panel > System > Firmware Update.

Ransomware 88

Ransomware Encryption Passwords Internet 88

Security Affairs

JANUARY 21, 2021

The malware targets QNAP NAS devices exposed online that use weak passwords. “According to analysis, QNAP NAS can become infected when they are connected to the Internet with weak user passwords.” Enable Network Access Protection to protect accounts from brute force attacks. Use stronger admin passwords.

Cryptocurrency 112

Cryptocurrency Firmware Malware Passwords 112

SecureList

FEBRUARY 27, 2024

” For instance, educational robots that connect to the internet and support video calls. ” Interactive features include gaming and educational applications for children, a voice assistant, internet access and connection to the parent app for smartphones. This was the first security-related issue we discovered.

Education 88

Education Manufacturing Firmware Internet 88

Security Affairs

MARCH 16, 2022

As early as May 2021, the attackers took advantage of a misconfigured account set to default MFA protocols at a non-governmental organization (NGO), allowing them to enroll a new device for MFA and access the victim network. Contrary to best practices recommended, the account was still active in the organization’s Active Directory.

Accountability 88

Accountability Passwords Authentication Firmware 88

Krebs on Security

APRIL 26, 2019

A map showing the distribution of some 2 million iLinkP2P-enabled devices that are vulnerable to eavesdropping, password theft and possibly remote compromise, according to new research. Furthermore, even if software patches were issued, the likelihood of most users updating their device firmware is low.

IoT 269

IoT Firewall Manufacturing Computers and Electronics 269

Security Affairs

DECEMBER 29, 2018

The vulnerability lies within the design and implementation of Amazon Simple Storage Service (S3) credentials inside the Guardzilla Security Camera firmware.” It has a CVSSv3 base score of 8.6 , since once the password is known, any unauthenticated user can collect the data from any affected system over the internet.”

Firmware 82

Firmware Surveillance IoT Passwords 82

Malwarebytes

SEPTEMBER 3, 2021

.” Internet of Things. Agriculture may not be the first industry you associate with cybersecurity problems, but we all need to aware of the risks created by connecting this ancient part of our food supply chain to the Internet. Install updates/patch operating systems, software, and firmware as soon as they are released.

Ransomware 138

Ransomware Manufacturing Passwords Internet 138

Troy Hunt

NOVEMBER 25, 2020

I also looked at custom firmware and soldering and why, to my mind, that was a path I didn't need to go down at this time. Back to the bit about risks impacting data collected by IoT devices and back again to CloudPets, Context Security's piece aligned with my own story about kids' CloudPets messages being left exposed to the internet.

IoT 357

IoT Firmware Risk Manufacturing 357

Hacker Combat

JUNE 3, 2021

Industrial switches are made using universal firmware developed by Korenix Technology, a leading provider for industrial networking solutions based in Taiwan. Korenix has developed another firmware that the organization incorporates in its JetNet industrial switches. These vulnerabilities include: Backdoor account.

Firmware 78

Firmware Energy and Utilities Cyber Attacks Surveillance 78

Malwarebytes

AUGUST 1, 2022

This web server is present in Arris firmware which can be found in several router models. ISP customer premise equipment (CPE) often uses this web server, and ISP subscribers will typically get these routers in loan for telephony and Internet access. Unfortunately the Arris firmware is based on the vulnerable version of muhttpd.

Firmware 55

Firmware Internet Internet Passwords 55

Adam Levin

FEBRUARY 10, 2020

If you have doubts, check it out–go directly to your account or to the source, which you should always independently verify, if the communication refers to anything service or finance related. You go online and you can’t access your cloud account, or you can’t find data stored on a device or in a specific service.

Passwords 245

Passwords Phishing Password Management Accountability 245

Security Affairs

SEPTEMBER 3, 2021

. “Cyber criminal threat actors exploit network vulnerabilities to exfiltrate data and encrypt systems in a sector that is increasingly reliant on smart technologies, industrial control systems, and internet-based automation systems. Install updates/patch operating systems, software, and firmware as soon as they are released.

Ransomware 91

Ransomware Passwords Backups Firmware 91

Security Affairs

MARCH 23, 2020

Netlab shared its findings with LILIN on January 19, 2020, and the vendor addressed the issues with the release of the firmware update (version 2.0b60_20200207). The new firmware released by the vendors validated the hostname passed as input to prevent command execution. ” reads the advisory published by Netlab.

Firmware 103

Firmware Surveillance Manufacturing Advertising 103

Security Affairs

JULY 16, 2018

A security researcher discovered that the IoT search engine ZoomEye has cached login passwords for tens of thousands of Dahua DVRs. The IoT search engine ZoomEye has cached login passwords for tens of thousands of Dahua DVRs, the discovery was made by security researcher Ankit Anubhav, Principal Researcher at NewSky Security.

IoT 55

IoT Engineering Passwords Firmware 55

eSecurity Planet

SEPTEMBER 11, 2023

The fix: ASUS released firmware updates to address the vulnerabilities. W3LL Phishing Tool Steals Thousands of Microsoft 365 Accounts Type of attack: W3LL, a threat actor, created a phishing kit that can defeat multi-factor authentication (MFA) , which allowed it to infiltrate over 8,000 corporate Microsoft 365 accounts.

VPN 111

VPN Firmware Authentication Phishing 111

Spinone

MARCH 17, 2018

The Internet of Things (IoT) is a term used to describe the network of interconnected electronic devices with “smart” technology. billion “things” connected to the Internet , a 30% increase from 2015. There are several reasons why the Internet of Things is such a threat to our digital security.

Internet 40

Internet Internet Risk Computers and Electronics 40

eSecurity Planet

MARCH 21, 2022

Inactive Accounts and Default Configurations. Hackers gained initial access by brute-forcing an existing account via “a simple, predictable password” to enroll a new device in the MFA procedures, the agencies said. MFA was automatically disabled because the account was inactive for a long period.

VPN 114

VPN Accountability Authentication Passwords 114

Malwarebytes

SEPTEMBER 7, 2022

The CSA also mentions the gang exploiting internet-facing applications without providing details. Require all accounts with password logins to meet the required standards for developing and managing password policies: Require multifactor authentication wherever you can—particularly for webmail, VPNs, and critical systems.

Education 87

Education Ransomware Backups Passwords 87

Security Boulevard

MAY 9, 2022

Either way, this ransomware-for-hire has been around far longer (in internet terms) than the bulletin may have some believe, having been first seen in September 2021. Regularly back up data, air gap, and password protect backup copies offline. Implement the shortest acceptable timeframe for password changes.

Ransomware 98

Ransomware Antivirus Backups Passwords 98

SiteLock

AUGUST 27, 2021

Simply defined, the internet of things (IoT) is a network of Internet-connected objects able to collect and exchange data. Cybercriminals were able to exploit the default password on thousands of these innocuous devices to carry out this nefarious attack. Your home systems are more vulnerable than you think. Think again.

IoT 98

IoT Spyware VPN Passwords 98

Krebs on Security

OCTOBER 9, 2018

What do we do with a company that regularly pumps metric tons of virtual toxic sludge onto the Internet and yet refuses to clean up their act? no password). The admin account can be used to do anything to the device, such as changing its settings or uploading software — including malware like Mirai. BLANK TO BANK.

Computers and Electronics 202

Computers and Electronics IoT Passwords Internet 202

Malwarebytes

MARCH 3, 2022

In the case of the Nvidia breach, LAPSUS$ claimed it was mainly after the removal of the lite hast rate (LHR) limitations in all GeForce 30 series firmware—apparently all to help out gamers and the mining community. The passwords and email addresses of some 70k employees were involved. Password managers save time. Hacked back?

Ransomware 88

Ransomware Password Management Passwords Hacking 88

Security Affairs

OCTOBER 22, 2022

“The actors have leveraged privileged accounts to gain access to VMware vCenter Server and reset account passwords [ T1098 ] for ESXi servers in the environment. Below are the mitigations provided in the alert: Install updates for operating systems, software, and firmware as soon as they are released.

Ransomware 65

Ransomware VPN Cybercrime Accountability 65

Security Affairs

FEBRUARY 14, 2022

The report includes MD5 hashes of suspicious ASPX files discovered on compromised Microsoft Internet Information Services (IIS) servers and a list of commands used by ransomware operators observed by the researchers. Install updates/patch operating systems, software, and firmware as soon as updates/patches are released.

Ransomware 84

Ransomware Accountability Firmware Antivirus 84

Hot for Security

MARCH 17, 2021

The notice also includes mitigation steps like: Regularly back up data, air gap and password-protect backup copies offline. Install updates/patch operating systems, software, and firmware as soon as they are released. Ensure copies of critical data are not accessible for modification or deletion from the system where the data resides.

Education 111

Education Healthcare Government Ransomware 111

Security Affairs

AUGUST 13, 2023

of PowerPanel Enterprise software and version 1.44.08042023 of the Dataprobe iBoot PDU firmware. Experts recommend to; Ensure that your PowerPanel Enterprise or iBoot PDU are not exposed to the wider Internet. CVE-2023-3265: Improper Neutralization of Escape, Meta, or Control Sequences (Auth Bypass; CVSS 7.2)

Hacking 81

Hacking Firmware Authentication Software 81

Pen Test Partners

OCTOBER 9, 2023

Threat modeling can be applied to a wide range of things, including software, applications, systems, networks, distributed systems, Internet of Things (IoT) devices, and business processes. Deploy malicious firmware. In essence, it is a view of the application and its environment through the lens of security. Frameworks 2.1.

IoT 52

IoT Firmware Mobile Manufacturing 52

eSecurity Planet

MARCH 16, 2023

Definition, Threats & Protections Public Internet Threats If your enterprise network is connected to the public internet, every single threat on the internet can render your business vulnerable too. These threaten enterprise networks because malicious traffic from the internet can travel between networks.

Network Security 107

Network Security Firewall Internet Internet 107