Architecture, Firewall, Firmware and IoT

Overview of IoT threats in 2023

SecureList

SEPTEMBER 21, 2023

IoT devices (routers, cameras, NAS boxes, and smart home components) multiply every year. The first-ever large-scale malware attacks on IoT devices were recorded back in 2008, and their number has only been growing ever since. Telnet, the overwhelmingly popular unencrypted IoT text protocol, is the main target of brute-forcing.

IoT

IoT DDOS Passwords Malware

Silex malware bricks thousands of IoT devices in a few hours

Security Affairs

JUNE 26, 2019

Security experts warn of a new piece of the Silex malware that is bricking thousands of IoT devices, and the situation could rapidly go worse. Cashdollar explained that the Silex malware trashes the storage of the infected devices, drops firewall rules and wipe network configurations before halting the system. ” reported ZDnet.

IoT

IoT Malware Advertising Firmware

Multiple DDoS botnets were observed targeting Zyxel devices

Security Affairs

JULY 22, 2023

Fortinet FortiGuard Labs researchers warned of multiple DDoS botnets exploiting a vulnerability impacting multiple Zyxel firewalls. The cause of the vulnerability is the improper error message handling in Zyxel ZyWALL/USG series firmware versions 4.60 through 4.73, VPN series firmware versions 4.60 through 5.35. through 5.35.

DDOS

DDOS Firmware VPN Firewall

AT&T Alien Labs finds new Golang malware (BotenaGo) targeting millions of routers and IoT devices with more than 30 exploits

CyberSecurity Insiders

NOVEMBER 11, 2021

Deployed with more than 30 exploits, it has the potential of targeting millions of routers and IoT devices. However, there is a difference between the Mirai malware and the new malware variants using Go, including differences in the language in which it is written and the malware architectures. Ax with firmware 1.04b12 and earlier.

Malware

Malware IoT Firmware Authentication

The Internet of Things Is Everywhere. Are You Secure?

Security Boulevard

MARCH 18, 2021

The internet of things (IoT) describes the network of interconnected devices embedded with sensors, software, or other technology that exchange data with other devices and systems over the Internet. . This means that currently there are three IoT devices for every one human on the planet. The Technical Challenge of IoT Security.

Internet

Internet Internet IoT Software

Patch Management vs Vulnerability Management: What’s the Difference?

eSecurity Planet

APRIL 28, 2023

Third-party vendor systems include Operating Systems (OS), firmware (software installed on hardware), and applications. but also applies to firmware that controls equipment such as hard drives, network routers, and security cameras. The most common patch requirements will be for endpoint operating systems (macOS, Windows, etc.)

Penetration Testing

Penetration Testing IoT Firmware Software

Vulnerability Management Policy Template

eSecurity Planet

MAY 12, 2023

Similarly, the IT Department needs to evaluate the current environment, the current IT architecture, and the nature of the vulnerability to determine the likelihood of exploitation, which should also be evaluated on a scale from 1 (low likelihood) to 10 (high likelihood). Both direct and indirect risks should be considered.

Penetration Testing

Penetration Testing Risk Firmware Software

What is a Managed Security Service Provider? MSSPs Explained

eSecurity Planet

AUGUST 22, 2023

Expanding attack surfaces require additional skills to secure, maintain, and monitor an ever-expanding environment of assets such as mobile, cloud, and the internet of things (IoT). assets (endpoints, servers, IoT, routers, etc.), and installed software (operating systems, applications, firmware, etc.).

Telecommunications

Telecommunications Firewall Penetration Testing Cybersecurity

BotenaGo strikes again – malware source code uploaded to GitHub

CyberSecurity Insiders

JANUARY 26, 2022

Alien Labs expects to see new campaigns based on BotenaGo variants targeting routers and IoT devices globally. The Mirai botnet targets mostly routers and IoT devices, and it supports different architectures including Linux x64, different ARM versions, MIPS, PowerPC, and more. Figure 2 shows the initialization of 33 exploits.

Malware

Malware IoT Authentication Antivirus

Sample Patch Management Policy Template

eSecurity Planet

NOVEMBER 17, 2022

Some organizations do not attempt to update or monitor their employee’s devices connected to the network or ignore Internet of Things (IoT) devices. However, unintended consequences may be experienced for specific IT architectures or dependent systems. For firmware updates to critical systems (routers, servers, etc.),

Firmware

Firmware Software Backups Risk

FortiNAC: Network Access Control (NAC) Product Review

eSecurity Planet

MARCH 30, 2023

Although best known for their industry-leading firewall technology, Fortinet harnesses their knowledge of network protection to create a powerful network access control (NAC) solution. Founded in 2000 , Sunnyvale, California headquartered Fortinet’s flagship FortiGate provides enterprise-grade firewall solutions. Who is Fortinet?

IoT

IoT Firewall Wireless Mobile

Network Protection: How to Secure a Network

eSecurity Planet

MARCH 22, 2023

The tools also depend upon physical controls that should also be implemented against malicious physical access to destroy or compromise networking equipment such as routers, cables, switches, firewalls, and other networking appliances. connections to IoT, OT, and rogue wi-fi routers. Unauthorized devices may be blocked or quarantined.

Firewall

Firewall Network Security Penetration Testing Encryption

Vulnerability Patching: How to Prioritize and Apply Patches

eSecurity Planet

NOVEMBER 18, 2022

While this eliminates many headaches, it does not scan for misconfigurations and may not support other critical updates such as IT infrastructure (routers, firewalls, etc.), firmware (hard drives, drivers, etc.), Internet-of-Things (IoT) devices (security cameras, heart monitors, etc.),

Firmware

Firmware Firewall Passwords Risk

Check Point vs Palo Alto Networks: Top NGFWs Compared

eSecurity Planet

OCTOBER 11, 2022

Next-generation firewalls (NGFWs) from Check Point and Palo Alto Networks appear on eSecurity Planet ’s list of the top NGFW vendors. Check Point’s and Palo Alto’s NGFW solutions are highly rated by users and analysts alike, and Cyber Ratings gave both companies’ firewalls its highest rating. The Bottom Line. The Bottom Line.

Firewall

Firewall Architecture Software Firmware

2024 State of Cybersecurity: Reports of More Threats & Prioritization Issues

eSecurity Planet

MAY 2, 2024

Infrastructure Protection Defense against DDoS and DNS attacks starts with effective network security architecture. Deny-lists (aka: blacklist) : Blocks specific websites or IP addresses by adding them to a list for firewalls to ignore; very difficult to manage at scale. 20% of employee time is spent on company networks.

Cybersecurity

Cybersecurity DDOS Penetration Testing Passwords

Cyber Security Informer

Overview of IoT threats in 2023

Silex malware bricks thousands of IoT devices in a few hours

Trending Sources

Multiple DDoS botnets were observed targeting Zyxel devices

AT&T Alien Labs finds new Golang malware (BotenaGo) targeting millions of routers and IoT devices with more than 30 exploits

The Internet of Things Is Everywhere. Are You Secure?

Patch Management vs Vulnerability Management: What’s the Difference?

Vulnerability Management Policy Template

What is a Managed Security Service Provider? MSSPs Explained

BotenaGo strikes again – malware source code uploaded to GitHub

Sample Patch Management Policy Template

FortiNAC: Network Access Control (NAC) Product Review

Network Protection: How to Secure a Network

Vulnerability Patching: How to Prioritize and Apply Patches

Check Point vs Palo Alto Networks: Top NGFWs Compared

Top SD-WAN Solutions for Enterprise Security

2024 State of Cybersecurity: Reports of More Threats & Prioritization Issues

Stay Connected