Authentication, Cybersecurity, Firmware and Information Security

CISA adds D-Link DIR router flaws to its Known Exploited Vulnerabilities catalog

Security Affairs

MAY 17, 2024

Cybersecurity and Infrastructure Security Agency (CISA) added the following D-Link router vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog : CVE-2014-100005 Multiple cross-site request forgery (CSRF) vulnerabilities in D-Link DIR-600 router (rev.

Firmware

Firmware Authentication Passwords Hacking

Intel addresses High-Severity flaws in NUC Firmware and other tools

Security Affairs

AUGUST 18, 2019

Intel released security updates to address high-severity vulnerabilities in NUC firmware, the Processor Identification Utility, and the Computing Improvement Program. Intel Patch Tuesday for August 2019 addressed high-severity vulnerabilities in NUC firmware, Processor Identification Utility, and Computing Improvement Program.

Firmware

Firmware Authentication Advertising Hacking

D-Link fixes two critical flaws in D-View 8 network management suite

Security Affairs

MAY 25, 2023

D-Link fixed two critical flaws in its D-View 8 network management suite that could lead to authentication bypass and arbitrary code execution. in its D-View 8 network management suite that could be exploited by remote attackers to bypass authentication and execute arbitrary code. ” reads the advisory published by ZDI.

Firmware

Firmware Authentication Software Hacking

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

News alert: Sternum and ChargePoint collaborate to enhance ChargePoint Home Flex Security

The Last Watchdog

JANUARY 22, 2024

ChargePoint, with its last firmware update, has disabled the HTTP server and updated the NTP client to address the issues. Thanks to the analysis and help of Sternum IoT, ChargePoint was able to correct weaknesses in CPH50, reduce the attack surface and thus improve the security of the product.

IoT

IoT InfoSec Firmware Manufacturing

Experts share details of five flaws that can be chained to hack Netgear RAX30 Routers

Security Affairs

MAY 11, 2023

Industrial and IoT cybersecurity firm Claroty disclosed technical details of five vulnerabilities that be exploited to hack some Netgear router models. ” reads the advisory published by the security firm. “NETGEAR strongly recommends that you download the latest firmware as soon as possible.”

Hacking

Hacking Firmware Authentication DNS

Netgear addresses severe security flaws in 20 of its products

Security Affairs

SEPTEMBER 6, 2021

Netgear has released security updates to address high-severity vulnerabilities affecting several of its smart switches used by businesses. Netgear has released firmware updates to address high-severity vulnerabilities in more than a dozen of its smart switches used on businesses. GC108PP fixed in firmware version 1.0.8.2

Firmware

Firmware Authentication Passwords Hacking

Microsoft found auth bypass, system hijack flaws in Netgear routers

Security Affairs

JULY 1, 2021

Microsoft experts have disclosed a series of vulnerabilities in the firmware of Netgear routers which could lead to data leaks and full system takeover. “In our research, we unpacked the router firmware and found three vulnerabilities that can be reliably exploited.” html) and the firmware image itself (.chk

Firmware

Firmware Authentication Encryption Passwords

Dark Mirai botnet spreads targeting RCE on TP-Link routers

Security Affairs

DECEMBER 9, 2021

. “The PING function on the TP-Link TL-WR840N EU v5 router with firmware through TL-WR840N(EU)_V5_171211 is vulnerable to remote code execution via a crafted payload in an IP address input field.” TP-Link addressed the flaw on November 12, 2021 with the release of the firmware update TL-WR840N(EU)_V5_211109.

Firmware

Firmware Architecture Malware Hacking

Cisco EoL SPA112 2-Port Phone Adapters are affected by critical RCE

Security Affairs

MAY 4, 2023

In order to exploit the flaw, an attacker has to upgrade an affected device to a crafted version of the firmware. “This vulnerability is due to a missing authentication process within the firmware upgrade function.” “Cisco has not released firmware updates to address this vulnerability.

Firmware

Firmware Education Media Authentication

CVE-2021-20090 actively exploited to target millions of IoT devices worldwide

Security Affairs

AUGUST 7, 2021

Threat actors are actively exploiting a critical authentication bypass issue (CVE-2021-20090 ) affecting home routers with Arcadyan firmware. Threat actors actively exploit a critical authentication bypass vulnerability, tracked as CVE-2021-20090 , impacting home routers with Arcadyan firmware to deploy a Mirai bot.

IoT

IoT Firmware Authentication Wireless

HID Mercury Access Controller flaws could allow to unlock Doors

Security Affairs

JUNE 12, 2022

By using the manufacturer’s built-in ports, we were able to manipulate on-board components and interact with the device.Combining both known and novel techniques, we were able to achieve root access to the device’s operating system and pull its firmware for emulation and vulnerability discovery.” Overall 4.8. Overall 4.8.

Firmware

Firmware Penetration Testing Manufacturing Authentication

SonicWall warns of ‘imminent ransomware’ attacks on its EOL products

Security Affairs

JULY 15, 2021

. “Through the course of collaboration with trusted third parties, SonicWall has been made aware of threat actors actively targeting Secure Mobile Access (SMA) 100 series and Secure Remote Access (SRA) products running unpatched and end-of-life (EOL) 8.x x firmware in an imminent ransomware campaign using stolen credentials.”

Firmware

Firmware Ransomware Passwords Mobile

Decoding Security 127: We Got Conned

SiteLock

AUGUST 27, 2021

Breaking news last week, the NIST (National Institute of Standards and Technology) Small Business Cybersecurity Act was signed into law. The bill will provide an avenue of resources and guidelines for small businesses to reduce their cybersecurity risks. Does your financial institution respect your 2-factor authentication?

Small Business

Small Business Artificial Intelligence Firmware IoT

D-Link issues beta hotfix for multiple flaws in DIR-3040 routers

Security Affairs

JULY 17, 2021

Network equipment vendor D-Link has released a firmware hotfix to fix multiple vulnerabilities in the DIR-3040 AC3000-based wireless internet router. Network equipment vendor D-Link has released a firmware hotfix to address multiple vulnerabilities affecting the DIR-3040 AC3000-based wireless internet router. ” states the vendor.

Firmware

Firmware Wireless Passwords Internet

An RCE in Annke video surveillance product allows hacking the device

Security Affairs

AUGUST 27, 2021

Researchers at industrial and IoT cybersecurity firm Nozomi Networks have discovered a critical flaw affecting a video surveillance product made by Annke, a popular manufacturer of surveillance systems and solutions. ” reads the security advisory published by Nozomi Networks Labs. The mainboard of the Annke N48PBB.

Surveillance

Surveillance Hacking Firmware Manufacturing

How to hack Wincor Cineo ATMs to bypass black-box attack protections and withdraw cash

Security Affairs

NOVEMBER 1, 2021

An attacker with access to the dispenser controller’s USB port can install an outdated or modified firmware version to bypass the encryption and make cash withdrawals. ” explained Vladimir Kononovich, Senior Specialist of ICS Security at Positive Technologies. Both issues received a CVSSv3.0 score of 6.8.

Hacking

Hacking Firmware Encryption Manufacturing

Zyxel warns customers of attacks on its enterprise firewall and VPN devices

Security Affairs

JUNE 24, 2021

The threat actors are targeting the USG, ZyWALL, USG FLEX, ATP, and VPN series running on-premise ZLD firmware. Upon accessing the devices, attackers then bypass authentication and establish SSL VPN tunnels with unknown user accounts (i.e. The company states that devices running the Nebula cloud management mode are not impacted.

VPN

VPN Firewall Firmware Authentication

Nine flaws in CyberPower and Dataprobe solutions expose data centers to hacking

Security Affairs

AUGUST 13, 2023

CVE-2023-3266: Improperly Implemented Security Check for Standard (Auth Bypass; CVSS 7.5) CVE-2023-3267: OS Command Injection (Authenticated RCE; CVSS 7.5) CVE-2023-3260: OS Command Injection (Authenticated RCE; CVSS 7.2) CVE-2023-3263: Authentication Bypass by Alternate Name (Auth Bypass; CVSS 7.5)

Hacking

Hacking Firmware Authentication Software

NI CompactRIO controller flaw could allow disrupting production

Security Affairs

DECEMBER 12, 2020

Cybersecurity and Infrastructure Security Agency (CISA) published a security advisory to warn organizations about the flaw. “Incorrect permissions are set by default for an API entry-point of a specific service, allowing a non-authenticated user to trigger a function that could reboot the device remotely.”

Firmware

Firmware Manufacturing Software Authentication

IoT Cybersecurity: 5 Major Vulnerabilities and How to Tackle Them

Security Affairs

OCTOBER 13, 2020

IoT devices are exposed to cybersecurity vulnerabilities. However, if you know where the dangers lurk, there is a way to minimize the cybersecurity risks. Here are five significant cybersecurity vulnerabilities with IoT in 2020. A hacker managed to identify a weak spot in a security camera model. Poor credentials.

IoT

IoT Cybersecurity Manufacturing Internet

Bad News: AI and 5G Are Expected to Worsen Cybersecurity Risks

Security Affairs

NOVEMBER 10, 2019

Experts believe Artificial intelligence (AI) could introduce new cybersecurity concerns, and that the upcoming 5G network could pose new risks as well. Information Risk Management (IRM) recently published its 2019 Risky Business Report. Here’s a look at how the report frames AI and 5G in cybersecurity.

Risk

Risk Cybersecurity Artificial Intelligence Education

Netgear is releasing fixes for ten issues affecting 79 products

Security Affairs

JULY 1, 2020

Four of flaws have been rated high severity , they can be exploited by an unauthenticated attacker with network access to the vulnerable Netgear device to execute arbitrary code with admin or root privileges, and to bypass authentication. Authentication is not required to exploit this vulnerability.” ” states the CERT/CC.

Authentication

Authentication Firmware Hacking Mobile

Experts found backdoors in a popular Auerswald VoIP appliance

Security Affairs

DECEMBER 27, 2021

The researchers performed reverse engineering of the firmware image for the COMpact 5500, version 7.8A The researchers used Ghidra for their analysis, it is the open-source reverse engineering tool developed by the US National Security Agency (NSA). . “Equipped with this password we then could authenticate successfully.

Firmware

Firmware Manufacturing Passwords Penetration Testing

NSA, CISA release guidance on hardening remote access via VPN solutions

Security Affairs

SEPTEMBER 29, 2021

CISA and the NSA agencies have published guidance for securely using virtual private network (VPN) solutions. Cybersecurity and Infrastructure Security Agency (CISA) and the National Security Agency (NSA) have released guidance for increasing the security of virtual private network (VPN) solutions.

VPN

VPN Government Firmware Authentication

QSnatch malware infected over 62,000 QNAP NAS Devices

Security Affairs

JULY 28, 2020

US and UK cybersecurity agencies issued a joint advisory about the spread of QSnatch Data-Stealing Malware that already infected over 62,000 QNAP NAS devices. CGI password logger This installs a fake version of the device admin login page, logging successful authentications and passing them to the legitimate login page.

Malware

Malware Firmware Advertising Manufacturing

Trusted Platform Module (TPM) 2.0 flaws could impact billions of devices

Security Affairs

MARCH 3, 2023

Both vulnerabilities were reported in November 2022 by cybersecurity firm Quarkslab. “An authenticated, local attacker could send maliciously crafted commands to a vulnerable TPM allowing access to sensitive data. In some cases, the attacker can also overwrite protected data in the TPM firmware.

Firmware

Firmware IoT Authentication Hacking

Avoslocker ransomware gang targets US critical infrastructure

Security Affairs

MARCH 19, 2022

The Federal Bureau of Investigation (FBI) published a joint cybersecurity advisory warning of AvosLocker ransomware attacks targeting multiple US critical infrastructure. Install updates/patch operating systems, software, and firmware as soon as updates/patches are released. Use multifactor authentication where possible.

Ransomware

Ransomware DDOS Passwords Backups

Spotlight: CTIA’s IoT Cybersecurity Certification is a Big Deal. Here’s why.

The Security Ledger

MARCH 13, 2019

The post Spotlight: CTIA’s IoT Cybersecurity Certification is a Big Deal. » Related Stories Podcast Episode 129: Repair Eye on the CES Guy and Sensor Insecurity EU calls for End to Default Passwords on Internet of Things Podcast Episode 134: The Deep Fake Threat to Authentication and analyzing the PEAR Compromise.

IoT

IoT Cybersecurity Internet Internet

FBI warns of ransomware attacks targeting the food and agriculture sector

Security Affairs

SEPTEMBER 3, 2021

Implement a recovery plan to maintain and retain multiple copies of sensitive or proprietary data and servers in a physically separate, segmented, secure location (i.e., Install updates/patch operating systems, software, and firmware as soon as they are released. Use multifactor authentication with strong pass phrases where possible.

Ransomware

Ransomware Passwords Backups Firmware

Top 6 Rootkit Threats and How to Protect Yourself

eSecurity Planet

NOVEMBER 7, 2022

Firmware Rootkit. A firmware rootkit uses device or platform firmware to create a persistent malware image in the router, network card, hard drive or the basic input/output system (BIOS). The rootkit is able to remain hidden because firmware is not usually inspected for code integrity. using strong authentication.

Firmware

Firmware Malware Antivirus Firewall

Trend Micro fixes 3 flaws in Home Network Security Devices

Security Affairs

MAY 25, 2021

Trend Micro fixed some flaws in Trend Micro Home Network Security devices that could be exploited to elevate privileges or achieve arbitrary authentication. Trend Micro fixed three vulnerabilities in Home Network Security devices that could be exploited to elevate privileges or achieve arbitrary authentication.

Network Security

Network Security Authentication Firmware Passwords

Experts show how to bypass Windows Hello feature to login on Windows 10 PCs

Security Affairs

JULY 19, 2021

Security researchers demonstrated how to bypass the Windows Hello facial recognition that is used in Windows 10 as a login mechanism. Microsoft already fixed the vulnerability with the release of July Patch Tuesday security updates. Please contact your device manufacturers for the state of Enhanced Sign-in Security on your device.

Manufacturing

Manufacturing Authentication Firmware Hacking

Russia-linked threats actors exploited default MFA protocol and PrintNightmare bug to compromise NGO cloud

Security Affairs

MARCH 16, 2022

As Duo’s default configuration settings allow for the re-enrollment of a new device for dormant accounts, the actors were able to enroll a new device for this account, complete the authentication requirements, and obtain access to the victim network.” ” reads the joint advisory. ” continues the analysis.

Accountability

Accountability Passwords Authentication Firmware

PoC exploit code for critical Realtek RCE flaw released online

Security Affairs

AUGUST 18, 2022

The issue resides in the Realtek’s SDK for the open-source eCos operating system, it was discovered by researchers from cybersecurity firm Faraday Security. A remote attacker can exploit the flaw to execute arbitrary code without authentication by sending to the vulnerable devices specially crafted SIP packets with malicious SDP data.

Firmware

Firmware IoT Hacking Authentication

BlackByte ransomware breached at least 3 US critical infrastructure organizations

Security Affairs

FEBRUARY 14, 2022

The US Federal Bureau of Investigation (FBI) published a joint cybersecurity advisory with the US Secret Services which revealed that the BlackByte ransomware group has breached at least three organizations from US critical infrastructure sectors in the last three months. Use double authentication when logging into accounts or services.

Ransomware

Ransomware Accountability Firmware Antivirus

Russia-linked APT28 compromised Ubiquiti EdgeRouters to facilitate cyber operations

Security Affairs

FEBRUARY 28, 2024

The Federal Bureau of Investigation (FBI), National Security Agency (NSA), US Cyber Command, and international partners released a joint Cybersecurity Advisory (CSA) to warn that Russia-linked threat actors are using compromised Ubiquiti EdgeRouters (EdgeRouters) to evade detection in cyber operations worldwide.

Energy and Utilities

Energy and Utilities Government Firewall Malware

Flaws in Wyze cam devices allow their complete takeover

Security Affairs

MARCH 31, 2022

Bitdefender researchers discovered three security vulnerabilities in the popular Wyze Cam devices that can be exploited by threat actors to execute arbitrary code and access camera feeds. The vendor addressed the unauthenticated access to the content of the SD card with the release of firmware updates on January 29, 2022.

IoT

IoT Firmware Marketing Authentication

CISA, FBI shared a joint advisory to warn of Zeppelin ransomware attacks

Security Affairs

AUGUST 13, 2022

The US Cybersecurity and Infrastructure Security Agency (CISA) and the FBI are warning of Zeppelin ransomware attacks. The US Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) have published a joint advisory to warn of Zeppelin ransomware attacks.

Ransomware

Ransomware Encryption Firmware Backups

Money Message gang leaked private code signing keys from MSI data breach

Security Affairs

MAY 8, 2023

The authenticity of the leaked private key was confirmed by Alex Matrosov, founder of firmware security firm Binarly. The availability of code signing keys can allow threat actors to sign malicious code that can be executed on targeted systems bypassing security measures in place. We are in the final!

Data breaches

Data breaches Ransomware Firmware Manufacturing

FBI warns of increase in PYSA ransomware attacks targeting education

Malwarebytes

MARCH 17, 2021

To prevent attacks: Install security updates for operating systems, software, and firmware as soon as they are released. Use multi-factor authentication wherever possible. Provide users with training on information security principles and techniques as well as emerging cybersecurity risks.

Education

Education Ransomware Phishing Passwords

Vulnerability Recap 5/20/24 – Patch Tuesday, Chrome & D-Link

eSecurity Planet

MAY 20, 2024

doesn’t always require authentication for SSID during a Wi-Fi session. Note that some DIR-600 devices are end of life, so D-Link won’t release any firmware updates for these. The Central Information Security Agency (CISA) has given federal agencies a deadline of June 6 to patch their routers.

VPN

VPN Firmware Malware Software

CISA is warning of vulnerabilities in GE Power Management Devices

Security Affairs

MARCH 23, 2021

Cybersecurity & Infrastructure Security Agency (CISA) warns of flaws in GE Power Management Devices that could allow an attacker to conduct multiple malicious activities on vulnerable systems. GE provides additional mitigations and information about these vulnerabilities in GE Publication Number: GES-2021-004 (login required).”

Firmware

Firmware VPN Firewall Risk

FBI warns of ransomware threat to food and agriculture

Malwarebytes

SEPTEMBER 3, 2021

Agriculture may not be the first industry you associate with cybersecurity problems, but we all need to aware of the risks created by connecting this ancient part of our food supply chain to the Internet. Install updates/patch operating systems, software, and firmware as soon as they are released. ” Internet of Things.

Ransomware

Ransomware Manufacturing Passwords Internet

Thousands of Xiaomi FURRYTAIL pet feeders exposed to hack

Security Affairs

OCTOBER 30, 2019

A Russian security researcher accidentally discovered API and firmware issues that allowed her to take over all Xiaomi FurryTail pet feeders. The Russian security researcher Anna Prosvetova, from Saint Petersburg, has accidentally discovered API and firmware issues that allowed her to take over all Xiaomi FurryTail pet feeders.

Hacking

Hacking Firmware Advertising DDOS

CISA adds D-Link DIR router flaws to its Known Exploited Vulnerabilities catalog

Intel addresses High-Severity flaws in NUC Firmware and other tools

Webinars

Trending Sources

D-Link fixes two critical flaws in D-View 8 network management suite

Webinars

News alert: Sternum and ChargePoint collaborate to enhance ChargePoint Home Flex Security

Experts share details of five flaws that can be chained to hack Netgear RAX30 Routers

Netgear addresses severe security flaws in 20 of its products

Microsoft found auth bypass, system hijack flaws in Netgear routers

Dark Mirai botnet spreads targeting RCE on TP-Link routers

Cisco EoL SPA112 2-Port Phone Adapters are affected by critical RCE

CVE-2021-20090 actively exploited to target millions of IoT devices worldwide

HID Mercury Access Controller flaws could allow to unlock Doors

SonicWall warns of ‘imminent ransomware’ attacks on its EOL products

Decoding Security 127: We Got Conned

D-Link issues beta hotfix for multiple flaws in DIR-3040 routers

An RCE in Annke video surveillance product allows hacking the device

How to hack Wincor Cineo ATMs to bypass black-box attack protections and withdraw cash

Zyxel warns customers of attacks on its enterprise firewall and VPN devices

Nine flaws in CyberPower and Dataprobe solutions expose data centers to hacking

NI CompactRIO controller flaw could allow disrupting production

IoT Cybersecurity: 5 Major Vulnerabilities and How to Tackle Them

Bad News: AI and 5G Are Expected to Worsen Cybersecurity Risks

Netgear is releasing fixes for ten issues affecting 79 products

Experts found backdoors in a popular Auerswald VoIP appliance

NSA, CISA release guidance on hardening remote access via VPN solutions

QSnatch malware infected over 62,000 QNAP NAS Devices

Trusted Platform Module (TPM) 2.0 flaws could impact billions of devices

Avoslocker ransomware gang targets US critical infrastructure

Spotlight: CTIA’s IoT Cybersecurity Certification is a Big Deal. Here’s why.

FBI warns of ransomware attacks targeting the food and agriculture sector

Top 6 Rootkit Threats and How to Protect Yourself

Trend Micro fixes 3 flaws in Home Network Security Devices

Experts show how to bypass Windows Hello feature to login on Windows 10 PCs

Russia-linked threats actors exploited default MFA protocol and PrintNightmare bug to compromise NGO cloud

PoC exploit code for critical Realtek RCE flaw released online

BlackByte ransomware breached at least 3 US critical infrastructure organizations

Russia-linked APT28 compromised Ubiquiti EdgeRouters to facilitate cyber operations

Flaws in Wyze cam devices allow their complete takeover

CISA, FBI shared a joint advisory to warn of Zeppelin ransomware attacks

Money Message gang leaked private code signing keys from MSI data breach

FBI warns of increase in PYSA ransomware attacks targeting education

Vulnerability Recap 5/20/24 – Patch Tuesday, Chrome & D-Link

CISA is warning of vulnerabilities in GE Power Management Devices

FBI warns of ransomware threat to food and agriculture

Thousands of Xiaomi FURRYTAIL pet feeders exposed to hack

Stay Connected