Advertising, Authentication, Encryption and Firmware

CVE-2019-0090 flaw affects Intel Chips released in the last 5 years

Security Affairs

MARCH 7, 2020

The CVE-2019-0090 vulnerability affects the firmware running on the ROM of the Intel’s Converged Security and Management Engine (CSME). Intel CSME is responsible for initial authentication of Intel-based systems by loading and verifying all other firmware for modern platforms.” x, SPS_E3_05.00.04.027.0. .

Firmware

Firmware Technology Advertising Authentication

Researchers found allegedly intentional backdoors in FTTH devices from Chinese vendor C-Data

Security Affairs

JULY 10, 2020

The backdoor accounts in the firmware of 29 FTTH Optical Line Termination (OLT) devices from popular vendor C-Data. The security duo, composed of Pierre Kim and Alexandre Torres, disclosed seven vulnerabilities in the firmware of FTTH OLT devices manufactured by C-Data. ” reads the analysis published by the experts.

Firmware

Firmware Accountability Advertising Manufacturing

Infecting Canon EOS DSLR camera with ransomware over the air

Security Affairs

AUGUST 12, 2019

Searching online the expert first found an encrypted firmware, he found on a forum a Portable ROM Dumper , (a custom firmware update file that once loaded, dumps the memory of the camera into the SD Card) that allowed him to dump the camera’s firmware and load it into his disassembler (IDA Pro). Pierluigi Paganini.

Firmware

Firmware Ransomware Wireless Encryption

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

USBAnywhere BMC flaws expose Supermicro servers to hack

Security Affairs

SEPTEMBER 3, 2019

Researchers at firmware security firm Eclypsium discovered multiple vulnerabilities referred as USBAnywhere that could be exploited to potentially allow an attacker to take over the baseboard management controller (BMC) for three different models of Supermicro server boards: the X9, X10, and X11. ” reads the post published by Eclypsium.

Hacking

Hacking Firmware Media Authentication

QSnatch malware infected over 62,000 QNAP NAS Devices

Security Affairs

JULY 28, 2020

CGI password logger This installs a fake version of the device admin login page, logging successful authentications and passing them to the legitimate login page. These are encrypted with the actor’s public key and sent to their infrastructure over HTTPS. .”

Malware

Malware Firmware Advertising Manufacturing

Expert released PoC exploit code for unpatched backdoor in HiSilicon chips

Security Affairs

FEBRUARY 5, 2020

More recent firmware versions had Telnet access and debug port (9527/ tcp ) disabled by default, but they had open port 9530/ tcp that could be exploited by attackers to send a special command to start telnet daemon and enable shell access with a static password ([ 1 ], [ 2 ], [ 3 ]). This is a subject of actual disclosure.”

Firmware

Firmware Encryption Advertising Passwords

Avoslocker ransomware gang targets US critical infrastructure

Security Affairs

MARCH 19, 2022

The AvosLocker ransomware-as-a-service emerged in the threat landscape in September 2021, since January the group expanded its targets by implementing the support for encrypting Linux systems, specifically VMware ESXi servers. Install updates/patch operating systems, software, and firmware as soon as updates/patches are released.

Ransomware

Ransomware DDOS Passwords Backups

P2P Weakness Exposes Millions of IoT Devices

Krebs on Security

APRIL 26, 2019

But according to an in-depth analysis shared with KrebsOnSecurity by security researcher Paul Marrapese , iLnkP2P devices offer no authentication or encryption and can be easily enumerated, allowing potential attackers to establish a direct connection to these devices while bypassing any firewall restrictions.

IoT

IoT Firewall Manufacturing Computers and Electronics

Intel investigates security breach after the leak of 20GB of internal documents

Security Affairs

AUGUST 7, 2020

Several media outlets independently analyzed the data leak and verified the authenticity of the data. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. . Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Firmware

Firmware Advertising Engineering Hacking

DRAGONBLOOD flaws allow hacking WPA3 protected WiFi passwords

Security Affairs

AUGUST 3, 2019

The WPA Wireless security standard was designed to authenticate wireless devices using the Advanced Encryption Standard (AES) protocol and to establish secure connections that hackers cannot spy on. The Enterprise mode implements 192-bit encryption for networks that require extra security. Pierluigi Paganini.

Passwords

Passwords Hacking Wireless Authentication

A daily average of 80,000 printers exposed online via IPP

Security Affairs

JUNE 23, 2020

Unlike other printer management protocols, the IPP protocol supports multiple security features, including authentication and encryption, but evidently organizations don’t use them. This info includes printer names, locations, models, firmware versions, organization names, and even WiFi network names. Pierluigi Paganini.

Internet

Internet Internet Firmware Advertising

TP-Link Archer routers allow remote takeover without passwords

Security Affairs

DECEMBER 17, 2019

TP-Link addressed a critical zero-day vulnerability ( CVE-2017-7405 ) in its TP-Link Archer routers that could be exploited by attackers to remotely take their control over LAN via a Telnet connection without authentication. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Archer MR200v4: [link].

Passwords

Passwords Advertising Firmware Authentication

Key Reuse opens to attacks on IPsec IKE, Cisco, Huawei, ZyXEL products are affected

Security Affairs

AUGUST 14, 2018

Security researchers from the University of Opole in Poland and the Ruhr-University Bochum in Germany have devised a new attack technique that allows cracking encrypted communications. We exploit a Bleichenbacher oracle in an IKEv1 mode, where RSA encrypted nonces are used for authentication.” Many vendors are affected.

Encryption

Encryption Authentication Internet Internet

Using iPhones and AirTags to sneak data out of air-gapped networks

Malwarebytes

MAY 13, 2021

To demonstrate their point, they released an ESP32 firmware that turns the micro-controller into an (upload only) modem. The security solely lies in the encryption of those location reports: The location can only be decrypted with the correct private key, which is on the owner’s device. How AirTags are involved.

Internet

Internet Internet Firmware Mobile

Hacking the Twinkly IoT Christmas lights

Security Affairs

DECEMBER 24, 2018

The communications are not encrypted, however the WiFi password is sent encrypted during set up (albeit trivial to decrypt).” “As the communications are not encrypted, it is simple to Man-in-the-Middle the traffic and analyse the API.” Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

IoT

IoT Hacking DNS Authentication

Threat spotlight: Conti, the ransomware used in the HSE healthcare attack

Malwarebytes

MAY 28, 2021

The files are then held for ransom and the victim is threatened by data loss, because of the encryption, and leaking of the exfiltrated data. Files are encrypted with a combination of AES-256 and RSA-4096 via the Microsoft CryptoAPI , as per CrowdStrike. Earlier versions appended the.CONTI extension to encrypted files.

Healthcare

Healthcare Ransomware Encryption Passwords

IoT Cybersecurity: 5 Major Vulnerabilities and How to Tackle Them

Security Affairs

OCTOBER 13, 2020

As an example, we could use communications between systems that are not properly encrypted. Improper encryption. Hackers or other malicious sources can intercept poorly encrypted communications on the web. If such processes lack proper authentication steps, they could work as gateways for bigger problems.

IoT

IoT Cybersecurity Manufacturing Internet

VISA warns of cyber attacks on PoS systems of fuel dispenser merchants

Security Affairs

DECEMBER 13, 2019

EMV Chip, Pointto -Point Encryption, Tokenization, etc.) Secure remote access with strong passwords, ensure only the necessary individuals have permission for remote access, disable remote access when not in use, and use two-factor authentication for remote sessions. and non-compliance with PCI DSS.

Cyber Attacks

Cyber Attacks Malware Cybercrime Advertising

Flaws in several self-encrypting SSDs allows attackers to decrypt data they contain

Security Affairs

NOVEMBER 6, 2018

The encryption system implemented by popular solid-state drives (SSDs) is affected by critical vulnerabilities that could be exploited by a local attacker to decrypt data. “We have analyzed the hardware full-disk encryption of several SSDs by reverse engineering their firmware.

Encryption

Encryption Firmware Passwords Advertising

How to Prevent Malware: 15 Best Practices for Malware Prevention

eSecurity Planet

OCTOBER 24, 2023

Use Caution with Ads and Websites Website pop-ups and online advertising can be vectors for malware, phishing attempts, and other harmful actions. Secure practices like robust admin passwords and advanced encryption ensure control over traffic, safeguarding personal information and increasing the odds of a secure online experience.

Malware

Malware Antivirus Software Passwords

IoT Secure Development Guide

Pen Test Partners

OCTOBER 9, 2023

There is no concrete method to follow as it will rely on contents of the decomposed design from Step 2, but typical examples might include the following: Intellectual property in the device firmware. Deploy malicious firmware. Use AES encryption. link] [link] Have a software/firmware update mechanism. Encrypt in transit.

IoT

IoT Firmware Mobile Manufacturing

Vulnerability Patching: How to Prioritize and Apply Patches

eSecurity Planet

NOVEMBER 18, 2022

The first priority will be to collect the advertised vulnerabilities. firmware (hard drives, drivers, etc.), However, some patches, particularly for infrastructure, firmware, or less common software may not be automatable. Internet-of-Things (IoT) devices (security cameras, heart monitors, etc.),

Firmware

Firmware Firewall Passwords Risk

Types of Malware & Best Malware Protection Practices

eSecurity Planet

FEBRUARY 16, 2021

At its core, malware exploits existing network, device, or user vulnerabilities , posing as little a risk as annoying advertisements to the much more damaging demand for millions of dollars in ransom. Adware, also known as malvertising , is a type of malware that downloads or displays advertisements to the user interface.

Malware

Malware Adware Spyware Antivirus

Security Affairs newsletter Round 268

Security Affairs

JUNE 14, 2020

Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Firmware

Firmware Advertising Ransomware Hacking

IT threat evolution Q3 2022

SecureList

NOVEMBER 18, 2022

In July, we reported a rootkit that we found in modified Unified Extensible Firmware Interface (UEFI) firmware, the code that loads and initiates the boot process when the computer is turned on. The attackers compress stolen files into encrypted and password-protected ZIP archives. Mobile statistics. Targeted attacks.

Malware

Malware Computers and Electronics Adware Cryptocurrency

2024 State of Cybersecurity: Reports of More Threats & Prioritization Issues

eSecurity Planet

MAY 2, 2024

20% increase accesses of specific organizations advertised. Multi-factor authentication : Protects stolen credentials against use by requiring more than a simple username and password combination for access to resources. 583% increase in Kerberoasting [password hash cracking] attacks.

Cybersecurity

Cybersecurity DDOS Penetration Testing Passwords

Cyber Security Informer

CVE-2019-0090 flaw affects Intel Chips released in the last 5 years

Researchers found allegedly intentional backdoors in FTTH devices from Chinese vendor C-Data

Webinars

Trending Sources

Infecting Canon EOS DSLR camera with ransomware over the air

Webinars

USBAnywhere BMC flaws expose Supermicro servers to hack

QSnatch malware infected over 62,000 QNAP NAS Devices

Expert released PoC exploit code for unpatched backdoor in HiSilicon chips

Avoslocker ransomware gang targets US critical infrastructure

P2P Weakness Exposes Millions of IoT Devices

Intel investigates security breach after the leak of 20GB of internal documents

DRAGONBLOOD flaws allow hacking WPA3 protected WiFi passwords

A daily average of 80,000 printers exposed online via IPP

TP-Link Archer routers allow remote takeover without passwords

Key Reuse opens to attacks on IPsec IKE, Cisco, Huawei, ZyXEL products are affected

Using iPhones and AirTags to sneak data out of air-gapped networks

Hacking the Twinkly IoT Christmas lights

Threat spotlight: Conti, the ransomware used in the HSE healthcare attack

IoT Cybersecurity: 5 Major Vulnerabilities and How to Tackle Them

VISA warns of cyber attacks on PoS systems of fuel dispenser merchants

Flaws in several self-encrypting SSDs allows attackers to decrypt data they contain

How to Prevent Malware: 15 Best Practices for Malware Prevention

IoT Secure Development Guide

Vulnerability Patching: How to Prioritize and Apply Patches

Types of Malware & Best Malware Protection Practices

Security Affairs newsletter Round 268

IT threat evolution Q3 2022

2024 State of Cybersecurity: Reports of More Threats & Prioritization Issues

Stay Connected