Advertising, Firmware, Information Security and Malware

QNAP urges users to update NAS firmware and app to prevent infections

Security Affairs

SEPTEMBER 29, 2020

While the AgeLocker ransomware continues to target QNAP NAS systems, the Taiwanese vendor urges customers to update the firmware and apps. Taiwanese vendor QNAP is urging its customers to update the firmware and apps installed on their network-attached storage (NAS) devices to prevent AgeLocker ransomware infections.

Firmware

Firmware Ransomware Encryption Advertising

Who and What is Behind the Malware Proxy Service SocksEscort?

Krebs on Security

JULY 25, 2023

Researchers this month uncovered a two-year-old Linux-based remote access trojan dubbed AVrecon that enslaves Internet routers into botnet that bilks online advertisers and performs password-spraying attacks. ” According to Kilmer, AVrecon is the malware that gives SocksEscort its proxies.

Malware

Malware VPN Internet Internet

T95 Android TV Box sold on Amazon hides sophisticated malware

Security Affairs

JANUARY 16, 2023

Expert discovered that the T95 Android TV box, available for sale on Amazon and AliExpress, came with sophisticated pre-installed malware. Security researcher, Daniel Milisic, discovered that the T95 Android TV box he purchased on Amazon was infected with sophisticated pre-installed malware. ” the expert wrote on Reddit.

Malware

Malware DNS Firmware Internet

xHelper, the Unkillable Android malware that re-Installs after factory reset

Security Affairs

APRIL 7, 2020

xHelper , a new strain of Android malware is able to re-install itself on infected devices even after victims delete it or force a factory reset. xHelper , a new strain of Android malware is able to re-install itself on infected devices even after victims delete it or force a factory reset. and Russia. ” continues the report.

Malware

Malware Firmware Manufacturing Mobile

QSnatch malware infected over 62,000 QNAP NAS Devices

Security Affairs

JULY 28, 2020

US and UK cybersecurity agencies issued a joint advisory about the spread of QSnatch Data-Stealing Malware that already infected over 62,000 QNAP NAS devices. The QSnatch malware implements multiple functionalities, such as: . The experts were alerted about the malware in October and immediately launched an investigation.

Malware

Malware Firmware Advertising Manufacturing

NSA publishes guidance on UEFI Secure Boot customization

Security Affairs

SEPTEMBER 16, 2020

The US National Security Agency (NSA) published guidance on the Unified Extensible Firmware Interface (UEFI) Secure Boot customization. The United States National Security Agency (NSA) has published guidance on how the Unified Extensible Firmware Interface (UEFI) Secure Boot feature that can be customized organizations.

Firmware

Firmware Advertising Manufacturing Malware

Tainted password-cracking software for industrial systems used to spread P2P Sality bot

Security Affairs

JULY 15, 2022

Dragos researchers uncovered a small-scale campaign targeting industrial engineers and operators with Sality malware. During a routine vulnerability assessment, Dragos researchers discovered a campaign targeting industrial engineers and operators with Sality malware. “Dragos only tested the DirectLogic-targeting malware.

Passwords

Passwords Software Firmware Malware

Second-ever UEFI rootkit used in North Korea-themed attacks

Security Affairs

OCTOBER 5, 2020

A China-linked threat actor used UEFI malware based on code from Hacking Team in attacks aimed at organizations with an interest in North Korea. Researchers from Kaspersky have spotted a UEFI malware that was involved in attacks on organizations with an interest in North Korea. ” concludes the report. Pierluigi Paganini.

Firmware

Firmware Spyware Surveillance Hacking

BootHole issue allows installing a stealthy and persistent malware

Security Affairs

JULY 29, 2020

Billions of Windows and Linux devices are affected by a serious GRUB2 bootloader issue, dubbed BootHole, that can be exploited to install a stealthy malware. According to researchers from the firmware security firm Eclypsium, which discovered the issue, the BootHole flaw affects any operating system that uses GRUB2 with Secure Boot. .

Malware

Malware Advertising Firmware Healthcare

Moobot botnet spreads by exploiting CVE-2021-36260 flaw in Hikvision products

Security Affairs

DECEMBER 8, 2021

The Moobot was first documented by Palo Alto Unit 42 researchers in February 2021, the recent attacks demonstrated that its authors are enhancing their malware. The expert pointed out that every firmware developed since 2016 has been tested and found to be vulnerable. ” reads the analysis published by Fortinet.

Firmware

Firmware DDOS Malware IoT

Silex malware bricks thousands of IoT devices in a few hours

Security Affairs

JUNE 26, 2019

Security experts warn of a new piece of the Silex malware that is bricking thousands of IoT devices, and the situation could rapidly go worse. Cashdollar explained that the Silex malware trashes the storage of the infected devices, drops firewall rules and wipe network configurations before halting the system.

IoT

IoT Malware Advertising Firmware

Multiple DDoS botnets were observed targeting Zyxel devices

Security Affairs

JULY 22, 2023

The cause of the vulnerability is the improper error message handling in Zyxel ZyWALL/USG series firmware versions 4.60 through 4.73, VPN series firmware versions 4.60 through 5.35, USG FLEX series firmware versions 4.60 through 5.35, and ATP series firmware versions 4.60 through 5.35.

DDOS

DDOS Firmware VPN Firewall

Interview With a Crypto Scam Investment Spammer

Krebs on Security

MAY 22, 2023

Since then, the same spammers have used this method to advertise more than 100 different crypto investment-themed domains. That user advertised a service called “ Quot Project ” which said they could be hired to write programming scripts in Python and C++. In May 2020, Zipper told another Lolzteam member that quot[.]pw

Scams

Scams DDOS Cryptocurrency Accountability

Security Affairs newsletter Round 284

Security Affairs

OCTOBER 4, 2020

Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini. SecurityAffairs – hacking, newsletter).

Ransomware

Ransomware Firmware Advertising Insurance

Lemon Group gang pre-infected 9 million Android devices for fraudulent activities

Security Affairs

MAY 19, 2023

The Lemon Group cybercrime ring has reportedly pre-installed malware known as Guerilla on almost 9 million Android devices. A cybercrime group tracked has Lemon Group has reportedly pre-installed malware known as Guerilla on almost 9 million Android devices. 231 banking malware. The threat actors infected at least 8.9

Mobile

Mobile Advertising Malware Cybercrime

New Ttint IoT botnet exploits two zero-days in Tenda routers

Security Affairs

OCTOBER 5, 2020

According to the experts, Tenda routers running a firmware version between AC9 to AC18 are vulnerable to the attack. “We recommend that Tenda router users check their firmware and make necessary update.” ” ~ Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

IoT

IoT Firmware DNS Advertising

BadPower attack could burn your device through fast charging

Security Affairs

JULY 21, 2020

Researchers devised a technique dubbed BadPower to alter the firmware of fast chargers to cause damage to connected systems or cause the device to catch fire. BadPower consists of corrupting the firmware of fast chargers. “Most BadPower problems can be fixed by updating the device firmware.” Pierluigi Paganini.

Firmware

Firmware Manufacturing Advertising Hacking

Tails OS version 4.5 supports the Secure Boot

Security Affairs

APRIL 10, 2020

The secure boot is a security mechanism used to secure the boot process by allowing the loading of drivers signed with an acceptable digital signature. The secure boot prevents that malware such as a rootkit will replace the boot loader staying completely invisible and undetectable on a target system.

Firmware

Firmware Advertising Encryption Internet

AMD is going to patch UEFI SMM callout privilege escalation flaw

Security Affairs

JUNE 22, 2020

AMD is going to release patches for a flaw affecting the System Management Mode (SMM) of the Unified Extensible Firmware Interface (UEFI). The vulnerability was discovered by the security researcher Danny Odler, it resides in the AMD’s Mini PC could allow attackers to manipulate secure firmware and execute arbitrary code.

Firmware

Firmware Architecture Advertising Manufacturing

QNAP addresses 2 critical flaws that can allow hackers to take over NASs

Security Affairs

OCTOBER 8, 2020

Recently QNAP published a security advisory urging its customers to update the firmware and apps installed on their network-attached storage (NAS) devices to prevent AgeLocker ransomware infections. Security experts are observing the new strain of ransomware that is targeting QNAP devices since June. The application is updated.

Encryption

Encryption Firmware Advertising Ransomware

Researchers found allegedly intentional backdoors in FTTH devices from Chinese vendor C-Data

Security Affairs

JULY 10, 2020

The backdoor accounts in the firmware of 29 FTTH Optical Line Termination (OLT) devices from popular vendor C-Data. The security duo, composed of Pierre Kim and Alexandre Torres, disclosed seven vulnerabilities in the firmware of FTTH OLT devices manufactured by C-Data. ” reads the analysis published by the experts.

Firmware

Firmware Accountability Advertising Manufacturing

D-Link addressed 5 flaws on some router models, some of them reached EoL

Security Affairs

JULY 25, 2020

The vendor pointed out that DAP-1522 and DIR-816L models that have reached their “end of support” phase, this means that these devices running firmware versions v1.42 (and below) and v12.06.B09 B09 (and below) will receive no security updates remaining vulnerable. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Firmware

Firmware Advertising Authentication Hacking

Updates provided by Red Hat for BootHole cause systems to hang

Security Affairs

JULY 31, 2020

This week, firmware security company Eclypsium reported that billions of Windows and Linux devices are affected by a serious GRUB2 bootloader issue (CVE-2020-10713), dubbed BootHole , that can be exploited to install a stealthy malware. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Firmware

Firmware Advertising Malware Hacking

‘Updates for Samsung’, the scam app with 10M+ downloads

Security Affairs

JULY 5, 2019

Experts discovered a malicious app on Google Play, named Updates for Samsung , that was downloaded by over ten million users that poses as firmware updates. Over ten million users have installed a fake Samsung app named “ Updates for Samsung ” that poses as firmware updates. com via HTTPS. Pierluigi Paganini.

Scams

Scams Firmware Advertising Software

Avoslocker ransomware gang targets US critical infrastructure

Security Affairs

MARCH 19, 2022

“As a result, AvosLocker indicators of compromise (IOCs) vary between indicators specific to AvosLocker malware and indicators specific to the individual affiliate responsible for the intrusion.” Install updates/patch operating systems, software, and firmware as soon as updates/patches are released.

Ransomware

Ransomware DDOS Passwords Backups

Hacking Wi-Fi networks by exploiting a flaw in Philips Smart Light Bulbs

Security Affairs

FEBRUARY 6, 2020

The bridge discovers the hacker-controlled bulb with updated firmware, and the user adds it back onto their network. The malware could move laterally and infect other systems in the target network. The company released firmware p atches for the device in January. Pierluigi Paganini.

Hacking

Hacking IoT Wireless Firmware

Experts uncovered hidden behavior in thousands of Android Apps

Security Affairs

APRIL 5, 2020

A group of security researchers has found thousands of Android apps containing hidden backdoors and blacklists. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. SecurityAffairs – malware, Android apps).

Mobile

Mobile Passwords Advertising Firmware

Infecting Canon EOS DSLR camera with ransomware over the air

Security Affairs

AUGUST 12, 2019

. “Our research shows how an attacker in close proximity (WiFi), or an attacker who already hijacked our PC (USB), can also propagate to and infect our beloved cameras with malware. The expert was able to access the keys for verifying the authenticity of the firmware and for encrypting it. Pierluigi Paganini.

Firmware

Firmware Ransomware Wireless Encryption

79 Netgear router models affected by a dangerous Zero-day

Security Affairs

JUNE 18, 2020

A whopping 79 Netgear router models are vulnerable to a severe security flaw that can let hackers take over devices remotely. Nichols discovered that the vulnerability affects 758 different firmware versions that run on 79 Netgear routers. Oldest firmware versions have been released as far back as 2007. Pierluigi Paganini.

Firmware

Firmware Internet Internet Advertising

Hacking IoT & RF Devices with BürtleinaBoard

Security Affairs

JULY 28, 2020

Flashing Firmware: Flashing BUSSide firmware inside the NodeMCU is quick and easy: # apt-get install esptool # git clone [link] # esptool --port /dev/ttyUSB0 write_flash 0x00000 BUSSide/FirmwareImages/*.bin. his majesty, the Firmware). In a couple of minutes you should get extracted the firmware. What do you do?

IoT

IoT Hacking Firmware Advertising

NCSC warns of a surge in ransomware attacks on education institutions

Security Affairs

SEPTEMBER 20, 2020

“They are also urged to read the NCSC’s newly-updated guidance on mitigating malware and ransomware attacks , and to develop an incident response plan which they regularly test.” Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. ” reads the advisory. Pierluigi Paganini.

Education

Education Ransomware Antivirus Backups

Pink Botnet infected over 1.6 Million Devices, it is one of the largest botnet ever seen

Security Affairs

NOVEMBER 1, 2021

The botnet was created to launch DDoS attacks and to insert advertisements in the legitimate HTTP traffic of the victims, most of which are in China (96%). This architecture was implemented to make the botnet resilient to takedowns by law enforcement and security firms with the support of the vendors of the infected devices.

Architecture

Architecture DDOS Advertising DNS

BlackCat Ransomware gang breached over 60 orgs worldwide

Security Affairs

APRIL 25, 2022

The BlackCat/ALPHV a Ransomware was first discovered in December by malware researchers from Recorded Future and MalwareHunterTeam. The malware is the first professional ransomware strain that was written in the Rust programming language. Install and regularly update antivirus and anti-malware software on all hosts.

Ransomware

Ransomware Antivirus Passwords Malware

Expert found multiple critical issues in MoFi routers

Security Affairs

SEPTEMBER 8, 2020

“Several firmware versions have been released, but some of the vulnerabilities have not been fully patched.” ” The vendor has released roughly 10 firmware updates since the vulnerabilities have been reported. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Firmware

Firmware Wireless Authentication Advertising

Mozi Botnet is responsible for most of the IoT Traffic

Security Affairs

SEPTEMBER 20, 2020

Mozi is an IoT botnet that borrows the code from Mirai variants and the Gafgyt malware , it appeared on the threat landscape in late 2019. The malware spreads by attempting to guess Telnet passwords of target devices and leveraging known exploits. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

IoT

IoT DDOS Architecture Passwords

Juniper Networks addressed many issues in its products

Security Affairs

JULY 10, 2020

The company published a list of security advisories to inform its customers of the vulnerabilities in its products. Some of the issues also affected third-party components, including OpenSSL, Intel firmware, Bouncy Castle, Java SE, Apache software, and others. Pierluigi Paganini. SecurityAffairs – hacking, Juniper).

Firmware

Firmware Advertising Firewall Internet

USBAnywhere BMC flaws expose Supermicro servers to hack

Security Affairs

SEPTEMBER 3, 2019

Researchers at firmware security firm Eclypsium discovered multiple vulnerabilities referred as USBAnywhere that could be exploited to potentially allow an attacker to take over the baseboard management controller (BMC) for three different models of Supermicro server boards: the X9, X10, and X11. Pierluigi Paganini.

Hacking

Hacking Firmware Media Authentication

Intel investigates security breach after the leak of 20GB of internal documents

Security Affairs

AUGUST 7, 2020

Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. The post Intel investigates security breach after the leak of 20GB of internal documents appeared first on Security Affairs. Pierluigi Paganini.

Firmware

Firmware Advertising Engineering Hacking

Maze ransomware operators claim to have breached LG Electronics

Security Affairs

JUNE 25, 2020

“One of the screenshots seems to consist of LG Electronics official firmware or software update releases that assist their hardware products to work more efficiently.” Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Computers and Electronics

Computers and Electronics Ransomware Mobile Telecommunications

For nearly a year, Brazilian users have been targeted with router attacks

Security Affairs

JULY 13, 2019

A router CSRF attack could be launched by tricking victims into visiting a compromised website with malicious advertising ( malvertising ) typically served through third-party ad networks to the site. “ Malware then guesses routers’ passwords , which new research from Avast shows are often weak. concludes Avast.

DNS

DNS Passwords Advertising Banking

IoT Cybersecurity: 5 Major Vulnerabilities and How to Tackle Them

Security Affairs

OCTOBER 13, 2020

This type of malware attack is called a botnet attack. It’s powered by hundreds of bots carrying malware and infecting thousands of IoT devices simultaneously. Malware, phishing, and web. Nowadays, malware is an indispensable part of the internet (even if we do not like it). Shadow IoT Devices. Pierluigi Paganini.

IoT

IoT Cybersecurity Manufacturing Internet

DarkHotel APT uses VPN zero-day in attacks on Chinese government agencies

Security Affairs

APRIL 6, 2020

The security firm reported the zero-day vulnerability to Sangfor on April 3, the vendor confirmed that Sangfor VPN servers running firmware versions M6.3R1 and M6.1 Sangfor plans to release a security patched within tomorrow. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. are vulnerable.

VPN

VPN Government Advertising Firmware

China-linked hackers target government agencies by exploiting flaws in Citrix, Pulse, and F5 systems, and MS Exchange

Security Affairs

SEPTEMBER 15, 2020

Below the list of patches that could be installed to prevent Chinese hackers and other threat actors from exploiting them: Vulnerability Patch Information CVE-2020-5902 F5 Security Advisory: K52145254: TMUI RCE vulnerability CVE-2020-5902 CVE-2019-19781 Citrix blog post: firmware updates for Citrix ADC and Citrix Gateway versions 11.1

Government

Government VPN Firmware Energy and Utilities

Android Botnet leverages ADB ports and SSH to spread

Security Affairs

JUNE 22, 2019

The ADB could be abused by malware to target Android phones through the port 5555. “We observed a new cryptocurrency-mining botnet malware that arrives via open ADB (Android Debug Bridge) ports and can spread via SSH. “This botnet malware also tries to block its competitor by modifying /etc/hosts. Pierluigi Paganini.

Cryptocurrency

Cryptocurrency Malware Advertising Firmware

QNAP urges users to update NAS firmware and app to prevent infections

Who and What is Behind the Malware Proxy Service SocksEscort?

Trending Sources

T95 Android TV Box sold on Amazon hides sophisticated malware

xHelper, the Unkillable Android malware that re-Installs after factory reset

QSnatch malware infected over 62,000 QNAP NAS Devices

NSA publishes guidance on UEFI Secure Boot customization

Tainted password-cracking software for industrial systems used to spread P2P Sality bot

Second-ever UEFI rootkit used in North Korea-themed attacks

BootHole issue allows installing a stealthy and persistent malware

Moobot botnet spreads by exploiting CVE-2021-36260 flaw in Hikvision products

Silex malware bricks thousands of IoT devices in a few hours

Multiple DDoS botnets were observed targeting Zyxel devices

Interview With a Crypto Scam Investment Spammer

Security Affairs newsletter Round 284

Lemon Group gang pre-infected 9 million Android devices for fraudulent activities

New Ttint IoT botnet exploits two zero-days in Tenda routers

BadPower attack could burn your device through fast charging

Tails OS version 4.5 supports the Secure Boot

AMD is going to patch UEFI SMM callout privilege escalation flaw

QNAP addresses 2 critical flaws that can allow hackers to take over NASs

Researchers found allegedly intentional backdoors in FTTH devices from Chinese vendor C-Data

D-Link addressed 5 flaws on some router models, some of them reached EoL

Updates provided by Red Hat for BootHole cause systems to hang

‘Updates for Samsung’, the scam app with 10M+ downloads

Avoslocker ransomware gang targets US critical infrastructure

Hacking Wi-Fi networks by exploiting a flaw in Philips Smart Light Bulbs

Experts uncovered hidden behavior in thousands of Android Apps

Infecting Canon EOS DSLR camera with ransomware over the air

79 Netgear router models affected by a dangerous Zero-day

Hacking IoT & RF Devices with BürtleinaBoard

NCSC warns of a surge in ransomware attacks on education institutions

Pink Botnet infected over 1.6 Million Devices, it is one of the largest botnet ever seen

BlackCat Ransomware gang breached over 60 orgs worldwide

Expert found multiple critical issues in MoFi routers

Mozi Botnet is responsible for most of the IoT Traffic

Juniper Networks addressed many issues in its products

USBAnywhere BMC flaws expose Supermicro servers to hack

Intel investigates security breach after the leak of 20GB of internal documents

Maze ransomware operators claim to have breached LG Electronics

For nearly a year, Brazilian users have been targeted with router attacks

IoT Cybersecurity: 5 Major Vulnerabilities and How to Tackle Them

DarkHotel APT uses VPN zero-day in attacks on Chinese government agencies

China-linked hackers target government agencies by exploiting flaws in Citrix, Pulse, and F5 systems, and MS Exchange

Android Botnet leverages ADB ports and SSH to spread

Stay Connected