Architecture, Firmware, Information Security and IoT

Architecture

Firmware

Information Security

IoT

Western Digital customers have to update their My Cloud devices to latest firmware version

Security Affairs

DECEMBER 18, 2021

My Cloud OS firmware is reaching the end of support, Western Digital customers have to update their WD My Cloud devices to the latest version. Devices on these older firmware versions will not receive security fixes or technical support.” Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini.

Firmware

Firmware Architecture Internet Internet

Mozi Botnet is responsible for most of the IoT Traffic

Security Affairs

SEPTEMBER 20, 2020

The Mozi botnet accounted for 90% of the IoT network traffic observed between October 2019 and June 2020, IBM reported. Mozi is an IoT botnet that borrows the code from Mirai variants and the Gafgyt malware , it appeared on the threat landscape in late 2019. ” reads the report published by IBM. ” continues the analysis.

IoT

IoT DDOS Architecture Passwords

Join 29,000+

Insiders

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

Trending Sources

Silex malware bricks thousands of IoT devices in a few hours

Security Affairs

JUNE 26, 2019

Security experts warn of a new piece of the Silex malware that is bricking thousands of IoT devices, and the situation could rapidly go worse. The only way to recover infected devices is to manually reinstall the device’s firmware. pic.twitter.com/Ue661ku0fy — Larry W. Cashdollar (@_larry0) June 25, 2019.

IoT

IoT Malware Advertising Firmware

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

A new Zerobot variant spreads by exploiting Apache flaws

Security Affairs

DECEMBER 22, 2022

Microsoft Threat Intelligence Center (MSTIC) researchers discovered a new variant of the Zerobot botnet (aka ZeroStresser) that was improved with the capabilities to target more Internet of Things (IoT) devices. Adopt a comprehensive IoT security solution. The IT giant is tracking this cluster of threat activity as DEV-1061.

IoT

IoT DDOS Malware Firmware

Multiple DDoS botnets were observed targeting Zyxel devices

Security Affairs

JULY 22, 2023

The cause of the vulnerability is the improper error message handling in Zyxel ZyWALL/USG series firmware versions 4.60 through 4.73, VPN series firmware versions 4.60 through 5.35, USG FLEX series firmware versions 4.60 through 5.35, and ATP series firmware versions 4.60 through 5.35. ” concludes the report.

DDOS

DDOS Firmware VPN Firewall

Expert found a critical RCE zero-day in TP-Link Wi-Fi Extenders

Security Affairs

JUNE 18, 2019

.” The RCE flaw affects TP-Link Wi-Fi Extender models RE365, RE650, RE350 and RE500 running firmware version 1.0.2, The extender operates on the MIPS architecture, like many routers, the zero-day flaw can be triggered. The extender operates on the MIPS architecture, like many routers, the zero-day flaw can be triggered.

Architecture

Architecture Advertising Firmware IoT

Mirai code re-use in Gafgyt

Security Affairs

APRIL 16, 2021

Gafgyt (also known as Bashlite) is a prominent malware family for *nix systems, which mainly target vulnerable IoT devices like Huawei routers, Realtek routers and ASUS devices. Gafgyt uses existing vulnerabilities in IoT devices to turn them into bots and later perform DDoS attacks on specifically targeted IP addresses.

Malware

Malware DDOS IoT Firmware

IoT Secure Development Guide

Pen Test Partners

OCTOBER 9, 2023

Business decisions will need to be made as to whether extra costs are worthwhile in a secure software development life cycle. IoT Design Frameworks 2.2. Transport Layer Security (TLS) 3.2. Secure Boot 3.5. In essence, it is a view of the application and its environment through the lens of security. Frameworks 2.1.

IoT

IoT Firmware Mobile Manufacturing

Vulnerability Management Policy Template

eSecurity Planet

MAY 12, 2023

Cybersecurity and Infrastructure Security Agency (CISA) maintains a list of known exploited vulnerabilities that can be referenced to check for active exploitation. Broader vulnerability management will require more customization of settings, IT architecture adjustments, and the installation of additional security tools or controls.

Penetration Testing

Penetration Testing Risk Firmware Software

Android Botnet leverages ADB ports and SSH to spread

Security Affairs

JUNE 22, 2019

In September 2018, researchers observed the Hide and Seek (HNS) IoT botnet targeting Android devices with ADB option enabled. In order to determine what miner to deliver, the bot collects system information, such as manufacturer, hardware details, and processor architecture. The script for a.

Cryptocurrency

Cryptocurrency Malware Advertising Firmware

Mukashi, the new Mirai variant that targets Zyxel NAS

Security Affairs

MARCH 21, 2020

. “ Mukashi brute forces the logins using different combinations of default credentials, while informing its command and control (C2) server of the successful login attempts. Multiple, if not all, Zyxel NAS products running firmware versions up to 5.21 are vulnerable to this pre-authentication command injection vulnerability.

DDOS

DDOS Authentication Advertising Firmware

Y2k + 20: risk, COVID and "the Internet issue"

Notice Bored

JANUARY 9, 2021

So, egged-on by information security pro's and IT auditors (me, for instance), management took the risk seriously and invested significant resources into solving "the Y2k issue". Go ahead, show me the associated risk profiles and documented security architectures. It was almost as if they had been deliberately hidden.

Internet

Internet Internet Risk InfoSec

What is Incident Response? Ultimate Guide + Templates

eSecurity Planet

JULY 25, 2023

Firmware attacks: Attackers target vulnerabilities in the simplified software that runs computer hard drives, printers, medical devices, and other Internet of Things (IoT) or operational technology (OT) devices to gain unauthorized access, control the devices, or use them as a launching pad for other attacks.

Software

Software Data breaches DDOS Ransomware

Cyber Security Roundup for March 2021

Security Boulevard

FEBRUARY 28, 2021

roundup of UK focused Cyber and Information Security News, Blog Posts, Reports and general Threat Intelligence from the previous calendar month, February 2021. I wrote a blog post about my concerns given Linux is embedded everywhere, yet many of these systems are rarely, and even never updated with security updates.

Energy and Utilities

Energy and Utilities Ransomware DDOS Accountability

Cyber Security Informer

Western Digital customers have to update their My Cloud devices to latest firmware version

Mozi Botnet is responsible for most of the IoT Traffic

Webinars

Trending Sources

Silex malware bricks thousands of IoT devices in a few hours

Webinars

A new Zerobot variant spreads by exploiting Apache flaws

Multiple DDoS botnets were observed targeting Zyxel devices

Expert found a critical RCE zero-day in TP-Link Wi-Fi Extenders

Mirai code re-use in Gafgyt

IoT Secure Development Guide

Vulnerability Management Policy Template

Android Botnet leverages ADB ports and SSH to spread

Mukashi, the new Mirai variant that targets Zyxel NAS

Y2k + 20: risk, COVID and "the Internet issue"

What is Incident Response? Ultimate Guide + Templates

Cyber Security Roundup for March 2021

Stay Connected