Krebs on Security

APRIL 26, 2019

Although it may seem impossible to enumerate more than a million devices with just a six-digit ID, Marrapese notes that each ID begins with a unique alphabetic prefix that identifies which manufacturer produced the device, and there are dozens of companies that white-label the iLnkP2P software.

IoT 279

IoT Firewall Manufacturing Computers and Electronics 279

Security Affairs

MARCH 23, 2020

Experts observed multiple botnets exploiting zero-day vulnerabilities in DVRs for surveillance systems manufactured by Taiwan-based LILIN. Botnet operators are exploiting several zero-day vulnerabilities in digital video recorders (DVRs) for surveillance systems manufactured by Taiwan-based LILIN-. ” Netlab concludes.

Firmware 139

Firmware Surveillance Manufacturing Advertising 139

Security Affairs

JULY 10, 2020

Two security researchers have found undocumented Telnet admin account accounts in 29 FTTH devices from Chinese vendor C-Data. Two security researchers have discovered undocumented Telnet admin account accounts in 29 Fiber-To-The-Home (FTTH) devices from Chinese vendor C-Data.

Firmware 130

Firmware Accountability Advertising Manufacturing 130

SecureWorld News

JUNE 9, 2025

The onboard router that serves crew and passengers has been identified as one of the top cyber vulnerabilities , particularly if administrators neglect routine password changes and firmware updates. million passengers —including passport details, birth dates, frequent-flier numbers, phone numbers, and credit card information.

Cybersecurity 120

Cybersecurity Social Engineering Computers and Electronics Encryption 120

Security Affairs

MARCH 28, 2020

On February 10, 2020, the Taiwanese manufacturer DrayTek issued a security bulletin to address the vulnerability with the release of the firmware program 1.5.1. On the 6th Feb, we released an updated firmware to address this issue.” firmware or later. .” firmware or later. Vigor300B < v1.5.1

Firmware 124

Firmware VPN Accountability Advertising 124

SecureList

APRIL 25, 2025

With time, the vulnerabilities were patched, and restrictions were added to the firmware. Attackers are leveraging this by embedding malicious software into Android device firmware. Attackers are now embedding a sophisticated multi-stage loader directly into device firmware. oat ) located in the same directory.

Cryptocurrency 77

Cryptocurrency Malware Firmware Accountability 77

SC Magazine

MAY 27, 2021

Today’s columnist, Matt Wyckhouse of Finite State, says to lock down IoT devices, manufacturers have to build security in from the start. A recent Microsoft Security Signals survey found that just 29% of companies have any budget allocated to protect firmware at all. How device manufacturers can stem the tide.

Manufacturing 56

Manufacturing IoT Firmware Software 56

SecureWorld News

JULY 10, 2025

Manufacturing and logistics firms, increasingly digitized and AI-driven, are acutely at risk: state-aligned hackers are "infiltrating the digital arteries of commerce" from ports to payment systems. Organizations today utilize an average of 131 third-party APIs in their systems, and APIs now account for over 70% of all web traffic.

62

62

Security Affairs

OCTOBER 26, 2021

The victims include the construction subsector of the critical manufacturing sector, the academia subsector of the government facilities sector, the information technology sector, and the transportation sector.” Install updates/patch operating systems, software, and firmware as soon as updates/patches are released.

Ransomware 143

Ransomware Firmware Antivirus Accountability 143

Security Affairs

NOVEMBER 10, 2022

Flow computers are used to calculate volume and flow rates for oil and gas that are critical to electric power manufacturing and distribution. The industrial automation giant ABB addressed the flaw with the release of firmware updates on July 14, 2022. The critical systems are widely used by oil and gas organizations worldwide.

Firmware 145

Firmware Authentication Manufacturing Passwords 145

Security Affairs

AUGUST 27, 2020

Our selection was based on: Device location (to cover the entire globe) Device manufacturer Protocols used to access the printers. Taking this percentage into account, we can presume that out of 800,000 internet-connected printers across the world, at least 447,000 are unsecured. Update your printer firmware to the latest version.

Hacking 145

Hacking IoT Firmware Internet 145

Security Affairs

SEPTEMBER 6, 2021

The researchers analyzed the firmware and set up a 2G base station in order to intercept and analyze the devices’ communications. Itel it2160 – The device was spotted transferring some info to the domain asv.transsion.com (Country, Model, Firmware version, Language. And the manufacturer if you find any incomprehensible activity.

Mobile 141

Mobile Malware Firmware Manufacturing 141

SecureList

JUNE 20, 2023

The findings of the study reveal a number of serious security issues, including the use of hard-coded credentials, and an insecure firmware update process. We later managed to extract the firmware from the EEPROM for further static reverse engineering. Further hardware analysis of the circuit board helped us identify chips.

Firmware 106

Firmware Manufacturing Passwords Mobile 106

Security Affairs

OCTOBER 10, 2018

Security experts from security firm SEC Consult have identified over 100 companies that buy and re-brand video surveillance equipment (surveillance cameras, digital video recorders (DVRs), and network video recorders (NVRs)) manufactured by the Chinese firm Hangzhou Xiongmai Technology Co., Xiongmai hereinafter) that are open to hack.

Surveillance 108

Surveillance Hacking Firmware Manufacturing 108

Security Affairs

SEPTEMBER 19, 2022

The FXA3000 and FXA2000 Series are access points that are manufactured by Japan-based firm Contec that conform to IEEE 802.11n/a/b/g wireless. “It is found that our wireless products, FLEXLAN FX3000/2000 series, have a firmware vulnerability. ” reads the advisory published by Contec. ” continues the researchers.

Wireless 102

Wireless Firmware Passwords Engineering 102

Malwarebytes

SEPTEMBER 3, 2021

But manufacturers of agricultural equipment have spent the last few years locked in an automation arms race, and the side effects of this race are starting to show. Install updates/patch operating systems, software, and firmware as soon as they are released. Avoid reusing passwords for multiple accounts.

Ransomware 142

Ransomware Manufacturing Passwords Internet 142

Security Affairs

SEPTEMBER 6, 2019

600,000 GPS trackers left exposed online with a default password of ‘123456’ Avast researchers found at least 600,000 GPS trackers manufactured by a Chinese vendor that were exposed online with a default password of “123456.” The use of default passwords represents a serious problem also for the Chinese vendor.

Passwords 105

Passwords Manufacturing Advertising Firmware 105

Security Affairs

SEPTEMBER 3, 2021

Small farms, large producers, processors and manufacturers, and markets and restaurants are particularly exposed to ransomware attacks. Install updates/patch operating systems, software, and firmware as soon as they are released. Avoid reusing passwords for multiple accounts.

Ransomware 118

Ransomware Backups Passwords Firmware 118

Security Affairs

MARCH 19, 2022

. “AvosLocker is a Ransomware as a Service (RaaS) affiliate-based group that has targeted victims across multiple critical infrastructure sectors in the United States including, but not limited to, the Financial Services, Critical Manufacturing, and Government Facilities sectors. Avoid reusing passwords for multiple accounts.

Ransomware 118

Ransomware DDOS Backups Passwords 118

Security Boulevard

JANUARY 4, 2025

Vulnerabilities and Malware Primarily includes severe and exploited vulnerabilities in devices or software used by end users (ex: a major router firmware flaw). EOL devices should be replaced as soon as possible, as they are no longer supported by the manufacturer. Malware campaigns covered generally target/affect the end user.

Data breaches 52

Data breaches Firmware Healthcare Malware 52

Security Affairs

FEBRUARY 11, 2019

Users of the Network attached storage devices manufactured have reported a mystery string of malware attacks that disabled software updates by hijacking entries in host machines’ hosts file. “Since recent firmware updates, the ClamAV Antivirus fails to update due to 700+ clamav.net entries in /etc/hosts, all set to 0.0.0.0

Antivirus 111

Antivirus Firmware Advertising Manufacturing 111

Security Affairs

MARCH 26, 2021

According to the flash alert published by the FBI, the Mamba ransomware was employed in attacks against local governments, public transportation agencies, legal services, technology services, industrial, commercial, manufacturing, and construction businesses. hard drive, storage device, the cloud). Consider installing and using a VPN.

Ransomware 145

Ransomware Encryption Passwords Malware 145

Security Affairs

NOVEMBER 1, 2018

The affected chips are also used in access points and other networking devices manufactured by Cisco and Aruba Networks. “The chips are embedded in, among other devices, certain access points that deliver Wi-Fi to enterprise networks manufactured by Cisco, Meraki and Aruba. .” ” reads the post published by Armis.

Firmware 105

Firmware IoT Manufacturing Advertising 105

Thales Cloud Protection & Licensing

MAY 31, 2021

In our previous blog post , we discussed the challenges for securing IoT deployments, and how businesses and consumers benefit from authenticating and validating IoT software and firmware updates. Requirements also included that the firmware was to be signed by the manufacturer and verified by the pacemaker.

IoT 71

IoT Computers and Electronics Manufacturing Firmware 71

Security Affairs

MAY 16, 2023

Teltonika Networks is a leading manufacturer of networking solutions, widely adopted in industrial environments, including gateways, LTE routers, and modems. The study focuses on the RUT241 and RUT955 cellular routers manufactured by Teltonika, and on the Remote Management System (RMS) provided by the vendor.

Hacking 98

Hacking Manufacturing Internet Internet 98

Security Affairs

APRIL 7, 2023

Micro-Star International AKA MSI designs, manufactures, and sells motherboards and graphics cards for customers in the United States, Canada, and internationally. MSI is urging users to obtain firmware/BIOS updates only from its official website fearing that threat actors could circulate malware-laced versions of the company’s BIOS.

Ransomware 98

Ransomware Firmware Hacking Manufacturing 98

SecureList

FEBRUARY 27, 2024

Toy manufacturers are striving to keep up with these trends, releasing more and more models that can also be called “smart.” Possible attack vectors Parents app The robot needs to be linked to a parent’s account before it can be used. The ADB service is disabled.

Education 121

Education Manufacturing Firmware Internet 121

Security Affairs

FEBRUARY 28, 2024

“These operations have targeted various industries, including Aerospace & Defense, Education, Energy & Utilities, Governments, Hospitality, Manufacturing, Oil & Gas, Retail, Technology, and Transportation. Upgrade to the latest firmware version. .” reads the joint report. ” continues the report.

Energy and Utilities 132

Energy and Utilities Government Firewall Malware 132

CyberSecurity Insiders

DECEMBER 6, 2022

This analysis from Dirk Schrader, Vice President of Security Research, and Michael Paye, Vice President of Research and Development, is based on Netwrix’s global experience across a wide range of verticals, including technology, finance, manufacturing, government and healthcare. Understaffing will increase the role of channel partners.

Cybersecurity 116

Cybersecurity Cybercrime Social Engineering Firmware 116

Security Affairs

NOVEMBER 4, 2019

A new piece of malware dubbed QSnatch is infecting thousands of NAS devices manufactured by the Taiwanese vendor QNAP. “The original infection method remains unknown, but during that phase malicious code is injected to the firmware of the target system, and the code is then run as part of normal operations within the device.

Malware 77

Malware Firmware Advertising Encryption 77

Malwarebytes

AUGUST 16, 2022

While anyone can fall victim to these threat actors, the FBI noted that this malware has been used to target a wide range of businesses and critical infrastructure organizations, including defense contractors, educational institutions, manufacturers, technology companies, and especially organizations in the healthcare and medical industries.

Ransomware 97

Ransomware Backups Passwords Authentication 97

SecureWorld News

DECEMBER 18, 2020

Here are some recommendations for best network practices: "Patch operating systems, software, and firmware as soon as manufacturers release updates. Regularly change passwords to network systems and accounts and avoid reusing passwords for different accounts. Audit logs to ensure new accounts are legitimate.

Ransomware 94

Ransomware Backups Education Accountability 94

Pen Test Partners

SEPTEMBER 9, 2024

Manufacturers: Ring doorbell security SimpliSafe smart home security Swann smart home security Yale smart home security Ring doorbell security: What do you need to know? Enabling MFA in the Ring app is recommended for enhanced account protection. Back To Manufacturers▲ SimpliSafe smart home security: What do you need to know?

Firmware 64

Firmware Encryption Passwords Authentication 64

Malwarebytes

JANUARY 9, 2023

Sounding horns, disabling start up, reporting a vehicle as stolen, even accessing built in cameras are all possible for rogue entities should they manage to break into a manufacturer’s network. million vehicles (start engine, disable starter, unlock, read device location, flash and update firmware).

Manufacturing 90

Manufacturing Data collection Social Engineering Firmware 90

Security Affairs

AUGUST 13, 2022

The ransomware was involved in attacks aimed at technology and healthcare, defense contractors, educational institutions, manufacturers, companies across Europe, the United States, and Canada.

Ransomware 98

Ransomware Encryption Firmware Backups 98

Security Affairs

OCTOBER 8, 2018

There’s also the detailed account of Mark Frauenfelder, who owned a Trezor wallet and couldn’t access it for several traumatizing months after misplacing the PIN that served as recovery words for the software. Often, they involve unusual methods that exploit vulnerabilities the manufacturer never fathomed.

Cryptocurrency 104

Cryptocurrency Hacking Manufacturing Advertising 104

Security Affairs

NOVEMBER 16, 2018

The threats that are notable for the Asian region are represented by a significant number of attacks aimed at manufacturing of chips, microprocessors and system control boards of different IT vendors, whose principal manufacturing operations are located in Asia. million dumps, which cost as much as $567.8 About the author Group-IB.

Cybercrime 108

Cybercrime Hacking Banking Phishing 108