Security Affairs

OCTOBER 5, 2020

The experts were investigating several suspicious UEFI firmware images when discovered four components, some of which were borrowing the source code a Hacking Team spyware. The firmware malware is based on code associated with HackingTeam’s VectorEDK bootkit, with minor changes. ” concludes the report. Pierluigi Paganini.

Firmware 130

Firmware Spyware Surveillance Hacking 130

Security Affairs

JULY 21, 2020

Researchers devised a technique dubbed BadPower to alter the firmware of fast chargers to cause damage to connected systems or cause the device to catch fire. BadPower consists of corrupting the firmware of fast chargers. “Most BadPower problems can be fixed by updating the device firmware.” Pierluigi Paganini.

Firmware 109

Firmware Manufacturing Advertising Hacking 109

Security Affairs

OCTOBER 5, 2020

According to the experts, Tenda routers running a firmware version between AC9 to AC18 are vulnerable to the attack. “We recommend that Tenda router users check their firmware and make necessary update.” ” ~ Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

IoT 139

IoT Firmware DNS Advertising 139

Security Affairs

JULY 15, 2022

Threat actors behind the campaign used multiple accounts across several social media platforms to advertise password-cracking software for Programmable Logic Controller (PLC), Human-Machine Interface (HMI), and project files. The password cracking software also acts as a dropper for the Sality P2P bot.

Passwords 112

Passwords Software Firmware Malware 112

Security Affairs

JUNE 22, 2020

AMD is going to release patches for a flaw affecting the System Management Mode (SMM) of the Unified Extensible Firmware Interface (UEFI). The vulnerability was discovered by the security researcher Danny Odler, it resides in the AMD’s Mini PC could allow attackers to manipulate secure firmware and execute arbitrary code.

Firmware 93

Firmware Architecture Advertising Manufacturing 93

Security Affairs

JANUARY 16, 2023

Milisic discovered pre-loaded malware into its firmware. Milisic purchased the T95 Android TV box to run Pi-hole , which is a Linux network-level advertisement and Internet tracker blocking application. The malicious code embedded in the firmware of the device acts like the Android CopyCat malware. ” Milisic concludes.

Malware 97

Malware Firmware DNS Internet 97

Security Affairs

JULY 22, 2023

The cause of the vulnerability is the improper error message handling in Zyxel ZyWALL/USG series firmware versions 4.60 through 4.73, VPN series firmware versions 4.60 through 5.35, USG FLEX series firmware versions 4.60 through 5.35, and ATP series firmware versions 4.60 through 5.35.

DDOS 97

DDOS Firmware VPN Firewall 97

Krebs on Security

MAY 22, 2023

Since then, the same spammers have used this method to advertise more than 100 different crypto investment-themed domains. That user advertised a service called “ Quot Project ” which said they could be hired to write programming scripts in Python and C++. In May 2020, Zipper told another Lolzteam member that quot[.]pw

Scams 239

Scams DDOS Cryptocurrency Accountability 239

Security Affairs

APRIL 7, 2020

Upon the installation, the malicious app registers itself as a foreground service and extracts an encrypted payload that gathers information about the victim’s device (android_id, manufacturer, model, firmware version, etc.) In this case, reflashing is pointless, so it would be worth considering alternative firmwares for your device.

Malware 123

Malware Firmware Manufacturing Mobile 123

Security Affairs

JULY 10, 2020

The backdoor accounts in the firmware of 29 FTTH Optical Line Termination (OLT) devices from popular vendor C-Data. The security duo, composed of Pierre Kim and Alexandre Torres, disclosed seven vulnerabilities in the firmware of FTTH OLT devices manufactured by C-Data. ” reads the analysis published by the experts.

Firmware 98

Firmware Accountability Advertising Manufacturing 98

Security Affairs

JULY 25, 2020

The vendor pointed out that DAP-1522 and DIR-816L models that have reached their “end of support” phase, this means that these devices running firmware versions v1.42 (and below) and v12.06.B09 B09 (and below) will receive no security updates remaining vulnerable. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Firmware 99

Firmware Advertising Authentication Hacking 99

Security Affairs

DECEMBER 8, 2021

The vulnerability is an unauthenticated Remote Code Execution (RCE) vulnerability in Hikvision IP camera/NVR firmware, it was discovered by a security researcher that goes online with the moniker “Watchful IP.”. The expert pointed out that every firmware developed since 2016 has been tested and found to be vulnerable.

Firmware 122

Firmware DDOS Malware IoT 122

Security Affairs

OCTOBER 4, 2020

Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. The post Security Affairs newsletter Round 284 appeared first on Security Affairs. Pierluigi Paganini. SecurityAffairs – hacking, newsletter).

Ransomware 89

Ransomware Firmware Advertising Insurance 89

Security Affairs

APRIL 10, 2020

The secure boot prevents that malware such as a rootkit will replace the boot loader staying completely invisible and undetectable on a target system. The security feature is part of the UEFI 2.3.1 Errata C specification (or higher), when the Secure Boot is enabled the OS is loaded only after all the firmware checks pass.

Firmware 100

Firmware Advertising Encryption Internet 100

Security Affairs

JUNE 18, 2020

A whopping 79 Netgear router models are vulnerable to a severe security flaw that can let hackers take over devices remotely. Nichols discovered that the vulnerability affects 758 different firmware versions that run on 79 Netgear routers. Oldest firmware versions have been released as far back as 2007. Pierluigi Paganini.

Firmware 136

Firmware Internet Internet Advertising 136

Security Affairs

JULY 28, 2020

Flashing Firmware: Flashing BUSSide firmware inside the NodeMCU is quick and easy: # apt-get install esptool # git clone [link] # esptool --port /dev/ttyUSB0 write_flash 0x00000 BUSSide/FirmwareImages/*.bin. his majesty, the Firmware). In a couple of minutes you should get extracted the firmware. What do you do?

IoT 129

IoT Hacking Firmware Advertising 129

Security Affairs

JULY 11, 2019

The second vulnerability addressed by Intel affects SSD DC S4500/S4600 series firmware, it could be exploited by an attacker with physical access for privilege escalation. The flaw has been classified as “medium severity,” it affects firmware versions prior to SCV10150. ” reads the analysis published by Intel. Pierluigi Paganini.

Firmware 77

Firmware Advertising Authentication Hacking 77

Security Affairs

MARCH 28, 2020

On February 10, 2020, the Taiwanese manufacturer DrayTek issued a security bulletin to address the vulnerability with the release of the firmware program 1.5.1. On the 6th Feb, we released an updated firmware to address this issue.” ” reads the security bulletin. firmware or later. .”

Firmware 81

Firmware VPN Accountability Advertising 81

Security Affairs

JULY 5, 2019

Experts discovered a malicious app on Google Play, named Updates for Samsung , that was downloaded by over ten million users that poses as firmware updates. Over ten million users have installed a fake Samsung app named “ Updates for Samsung ” that poses as firmware updates. com via HTTPS. Pierluigi Paganini.

Scams 68

Scams Firmware Advertising Software 68

Security Affairs

JULY 28, 2020

The experts observed that once a device has been infected, the malicious code can prevent the installation of firmware updates. According to the alert, the malware is relatively sophisticated and attackers demonstrate an awareness of operational security. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Malware 104

Malware Firmware Advertising Manufacturing 104

Security Affairs

AUGUST 10, 2019

. “We were able to find the presence of a Remote Code Execution (RCE) vulnerability in a piece of open source software that Avaya likely copied and modified 10 years ago, and then failed to apply subsequent security patches to.” Avaya addressed the issue with the release of new firmware on June 25. Only the H.323

Firmware 85

Firmware IoT Advertising Software 85

Security Affairs

SEPTEMBER 8, 2020

“Several firmware versions have been released, but some of the vulnerabilities have not been fully patched.” ” The vendor has released roughly 10 firmware updates since the vulnerabilities have been reported. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Firmware 87

Firmware Wireless Authentication Advertising 87

Security Affairs

JUNE 14, 2019

The security advisory published by the company states that the issue impacts YubiKey series devices running versions 4.4.2 of the firmware. “An issue exists in the YubiKey FIPS Series devices with firmware version 4.4.2 there is no released firmware version 4.4.3) that was certified at the end of April.

Firmware 73

Firmware Advertising Authentication Passwords 73

Security Affairs

NOVEMBER 17, 2019

The Siemens S7 is considered one of the most secure controllers in the industry, it is used in power plants, traffic lights, water pumps, building control, production lines, aviation systems, and many other critical infrastructures. . Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Firmware 89

Firmware Advertising Manufacturing Risk 89

Security Affairs

AUGUST 12, 2019

Searching online the expert first found an encrypted firmware, he found on a forum a Portable ROM Dumper , (a custom firmware update file that once loaded, dumps the memory of the camera into the SD Card) that allowed him to dump the camera’s firmware and load it into his disassembler (IDA Pro). Pierluigi Paganini.

Firmware 88

Firmware Ransomware Wireless Encryption 88

Security Affairs

JULY 31, 2020

This week, firmware security company Eclypsium reported that billions of Windows and Linux devices are affected by a serious GRUB2 bootloader issue (CVE-2020-10713), dubbed BootHole , that can be exploited to install a stealthy malware. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Firmware 82

Firmware Advertising Malware Hacking 82

Security Affairs

JUNE 13, 2019

The company has already fixed the issues with the release of firmware versions 1.2.2.S0, “The industrial managed switch series 852 from WAGO is affected by multiple vulnerabilities such as old software components embedded in the firmware. ” reads the security advisory. ” reads the security advisory.

Firmware 65

Firmware Passwords Advertising IoT 65

Security Affairs

APRIL 5, 2020

A group of security researchers has found thousands of Android apps containing hidden backdoors and blacklists. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. the researchers conclude. Pierluigi Paganini.

Mobile 117

Mobile Passwords Advertising Firmware 117

Security Affairs

DECEMBER 14, 2022

Hikvision’s website advertised optional demographic profiling facial analysis algorithms, including gender, race, ethnicity, and age. Most analyzed brands (96.44% of the discovered cameras) force users to set passwords or generate unique default passwords on the newest models and firmware versions.

Surveillance 130

Surveillance Manufacturing Passwords Internet 130

Security Affairs

JULY 10, 2020

The company published a list of security advisories to inform its customers of the vulnerabilities in its products. Some of the issues also affected third-party components, including OpenSSL, Intel firmware, Bouncy Castle, Java SE, Apache software, and others. Pierluigi Paganini. SecurityAffairs – hacking, Juniper).

Firmware 82

Firmware Advertising Firewall Internet 82

Security Affairs

OCTOBER 8, 2020

Recently QNAP published a security advisory urging its customers to update the firmware and apps installed on their network-attached storage (NAS) devices to prevent AgeLocker ransomware infections. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. The application is updated. Pierluigi Paganini.

Encryption 100

Encryption Firmware Advertising Ransomware 100

Security Affairs

FEBRUARY 6, 2020

The bridge discovers the hacker-controlled bulb with updated firmware, and the user adds it back onto their network. The company released firmware p atches for the device in January. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Hacking 119

Hacking IoT Wireless Firmware 119

Security Affairs

AUGUST 7, 2020

Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. The post Intel investigates security breach after the leak of 20GB of internal documents appeared first on Security Affairs. Pierluigi Paganini.

Firmware 64

Firmware Advertising Engineering Hacking 64

Security Affairs

DECEMBER 8, 2019

Both, the firmware and hardware of the tools are completely open-source, this means that researchers can extend their functionalities according to their needs. . Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. NAND chips).

Firmware 70

Firmware Advertising Marketing Hacking 70

Security Affairs

SEPTEMBER 9, 2019

The firewall manufacturer offered a firmware update to address the issue, then the entity first tested the patch on a firewall within a non-critical environment, then after verifying that no problems were observed, the entity deployed the firmware patch at an operational generation site. ” continues the document.

Energy and Utilities 84

Energy and Utilities Firewall Firmware Advertising 84

Security Affairs

NOVEMBER 1, 2021

The botnet was created to launch DDoS attacks and to insert advertisements in the legitimate HTTP traffic of the victims, most of which are in China (96%). This architecture was implemented to make the botnet resilient to takedowns by law enforcement and security firms with the support of the vendors of the infected devices.

Architecture 124

Architecture DDOS Advertising Firmware 124

Security Affairs

MARCH 19, 2022

AvosLocker operators already advertised in the past a Linux variant, dubbed AvosLinux, of their malware claiming it was able to support Linux and ESXi servers. Install updates/patch operating systems, software, and firmware as soon as updates/patches are released. Only use secure networks and avoid using public Wi-Fi networks.

Ransomware 99

Ransomware DDOS Passwords Backups 99