Authentication, Firmware, Hacking and Passwords

Experts share details of five flaws that can be chained to hack Netgear RAX30 Routers

Security Affairs

MAY 11, 2023

Industrial and IoT cybersecurity firm Claroty disclosed technical details of five vulnerabilities that be exploited to hack some Netgear router models. “Team82 disclosed five vulnerabilities in NETGEAR’s Nighthawk RAX30 routers as part of its research and participation in last December’s Pwn2Own Toronto hacking competition.”

Hacking

Hacking Firmware Authentication DNS

DRAGONBLOOD flaws allow hacking WPA3 protected WiFi passwords

Security Affairs

AUGUST 3, 2019

Dragonblood researchers found two new weaknesses in WPA3 protocol that could be exploited to hack WPA3 protected WiFi passwords. passwords. We first met this team of experts in April when they discovered weaknesses in WPA3 that could be exploited to recover WiFi passwords by abusing timing or cache-based side-channel leaks.

Passwords

Passwords Hacking Wireless Authentication

Nine flaws in CyberPower and Dataprobe solutions expose data centers to hacking

Security Affairs

AUGUST 13, 2023

Multiple vulnerabilities in CyberPower PowerPanel Enterprise DCIM platform and Dataprobe PDU could expose data centers to hacking. CVE-2023-3267: OS Command Injection (Authenticated RCE; CVSS 7.5) CVE-2023-3260: OS Command Injection (Authenticated RCE; CVSS 7.2) CVE-2023-3267: OS Command Injection (Authenticated RCE; CVSS 7.5)

Hacking

Hacking Firmware Authentication Software

Hacker leaks passwords for 900+ Pulse Secure VPN enterprise servers

Security Affairs

AUGUST 5, 2020

ZDNet reported in exclusive that a list of passwords for 900+ enterprise VPN servers has been shared on a Russian-speaking hacker forum. ZDNet has reported in exclusive that a list of plaintext usernames and passwords for 900 Pulse Secure VPN enterprise servers, along with IP addresses, has been shared on a Russian-speaking hacker forum.

VPN

VPN Passwords Banking Advertising

Netgear addresses severe security flaws in 20 of its products

Security Affairs

SEPTEMBER 6, 2021

Netgear has released firmware updates to address high-severity vulnerabilities in more than a dozen of its smart switches used on businesses. The flaws affected multiple products including the following smart switches, below is the list of the impacted devices and related firmware fixes: GC108P fixed in firmware version 1.0.8.2

Firmware

Firmware Authentication Passwords Hacking

SonicWall warns of ‘imminent ransomware’ attacks on its EOL products

Security Affairs

JULY 15, 2021

x firmware in an imminent ransomware campaign using stolen credentials.” “The exploitation targets a known vulnerability that has been patched in newer versions of firmware.” The network equipment vendor is now urging customers to update the firmware of their devices as soon as possible. “If 34 or 9.0.0.10

Firmware

Firmware Ransomware Passwords Mobile

3.5m IP cameras exposed, with US in the lead

Security Affairs

DECEMBER 14, 2022

Some of the most popular brands don’t enforce a strong password policy, meaning anyone can peer into their owners’ lives. All too often, this gives them a false sense of security: when in fact, threat actors can not only access and watch your camera feed but exploit the unsecured device to hack into your network.

Surveillance

Surveillance Manufacturing Passwords Internet

Multiple flaws in CODESYS V3 SDK could lead to RCE or DoS?

Security Affairs

AUGUST 13, 2023

16 vulnerabilities in Codesys products could result in remote code execution and DoS attacks exposing OT environments to hacking. An attacker can trigger the flaw to gain remote code execution and conduct denial-of-service attacks under specific conditions, exposing operational technology (OT) environments to hacking.

Authentication

Authentication Firmware Hacking Passwords

TP-Link Archer routers allow remote takeover without passwords

Security Affairs

DECEMBER 17, 2019

TP-Link has addressed a critical vulnerability impacting some TP-Link Archer routers that could allow attackers to login without passwords. ” The flaw could allow unauthorized third-party access to the router with admin privileges without proper authentication. .” SecurityAffairs – TP-Link Archer, hacking).

Passwords

Passwords Advertising Firmware Authentication

Be aware of exposure of sensitive data on Wi-Fi settings for Canon inkjet printers

Security Affairs

AUGUST 1, 2023

The information stored in a Canon printer depends on the specific model, however, almost any model stores the network SSID, the password, network type (WPA3, WEP, etc.), Set up strong authentication mechanisms, such as complex passwords or use multi-factor authentication (MFA) for printer access.

Wireless

Wireless Firmware Passwords Authentication

D-Link issues beta hotfix for multiple flaws in DIR-3040 routers

Security Affairs

JULY 17, 2021

Network equipment vendor D-Link has released a firmware hotfix to fix multiple vulnerabilities in the DIR-3040 AC3000-based wireless internet router. Network equipment vendor D-Link has released a firmware hotfix to address multiple vulnerabilities affecting the DIR-3040 AC3000-based wireless internet router.

Firmware

Firmware Wireless Passwords Internet

Experts found multiple flaws in AudioCodes desk phones and Zoom’s Zero Touch Provisioning (ZTP)

Security Affairs

AUGUST 14, 2023

The procedures allow administrators to provide device information such as server addresses, account information, and firmware updates. The server is used to provide configurations and firmware updates to the devices. In this scenario, an attacker can act as a rogue server and distribute malicious firmware.

Firmware

Firmware Authentication Passwords Hacking

Multiple flaws in Netgear Nighthawk R6700v3 router are still unpatched

Security Affairs

DECEMBER 31, 2021

Researchers discovered multiple high-risk vulnerabilities affecting the latest firmware version for the Netgear Nighthawk R6700v3 router. Researchers from Tenable have discovered multiple vulnerabilities in the latest firmware version (version 1.0.4.120) of the popular Netgear Nighthawk R6700v3 WiFi router. ” states Tenable. .

Firmware

Firmware Encryption Authentication Passwords

A bug in ABB Totalflow flow computers exposed oil and gas companies to attack

Security Affairs

NOVEMBER 10, 2022

The industrial automation giant ABB addressed the flaw with the release of firmware updates on July 14, 2022. The researchers initially discovered an authentication bypass issue, then explored the systems looking at functionalities available to authenticated users such as uploading and downloading configuration files.

Firmware

Firmware Authentication Passwords Manufacturing

USBAnywhere BMC flaws expose Supermicro servers to hack

Security Affairs

SEPTEMBER 3, 2019

Researchers at firmware security firm Eclypsium discovered multiple vulnerabilities referred as USBAnywhere that could be exploited to potentially allow an attacker to take over the baseboard management controller (BMC) for three different models of Supermicro server boards: the X9, X10, and X11. ” reads the post published by Eclypsium.

Hacking

Hacking Firmware Media Authentication

10,000+ unpatched ABUS Secvest home alarms can be deactivated remotely

Security Affairs

APRIL 25, 2021

“The ABUS Secvest wireless alarm system FUAA50000 (v3.01.17) fails to properly authenticate some requests to its built-in HTTPS interface. Someone can use this vulnerability to obtain sensitive information from the system, such as usernames and passwords. ” reads the description of the vulnerability.

Firmware

Firmware Passwords Authentication Wireless

Expert found multiple critical issues in MoFi routers

Security Affairs

SEPTEMBER 8, 2020

Researchers found multiple vulnerabilities in MoFi Network routers, including critical flaws that can be exploited to remotely hack a device. “The authentication function contains undocumented code which provides the ability to authenticate as root without having to know the actual root password. Pierluigi Paganini.

Firmware

Firmware Wireless Authentication Advertising

Trend Micro fixes 3 flaws in Home Network Security Devices

Security Affairs

MAY 25, 2021

Trend Micro fixed some flaws in Trend Micro Home Network Security devices that could be exploited to elevate privileges or achieve arbitrary authentication. Trend Micro fixed three vulnerabilities in Home Network Security devices that could be exploited to elevate privileges or achieve arbitrary authentication. Pierluigi Paganini.

Network Security

Network Security Authentication Firmware Passwords

ZoomEye IoT search engine cached login passwords for tens of thousands of Dahua DVRs

Security Affairs

JULY 16, 2018

A security researcher discovered that the IoT search engine ZoomEye has cached login passwords for tens of thousands of Dahua DVRs. The IoT search engine ZoomEye has cached login passwords for tens of thousands of Dahua DVRs, the discovery was made by security researcher Ankit Anubhav, Principal Researcher at NewSky Security.

IoT

IoT Engineering Passwords Firmware

Hacking the Twinkly IoT Christmas lights

Security Affairs

DECEMBER 24, 2018

The communications are not encrypted, however the WiFi password is sent encrypted during set up (albeit trivial to decrypt).” ” Once the mobile app has discovered the IP address of the lights, it authenticates with them, receives an authentication token and retrieves information about the device. .”

IoT

IoT Hacking DNS Authentication

Attackers are hacking NSC Linear eMerge E3 building access systems to launch DDoS attacks

Security Affairs

FEBRUARY 3, 2020

“ Attackers can easily obtain default passwords and identify internet-connected target systems. Passwords can be found in p roduct documentation and compiled lists available on the Internet.” SecurityAffairs – NSC Linear eMerge E3 , hacking). ” reads the advisory p ublished by Applied Risk. 06 and older.

DDOS

DDOS Hacking Internet Internet

NGINX zero-day vulnerability: Check if you’re affected

Malwarebytes

APRIL 13, 2022

On April 9, hacking group BlueHornet tweeted about an experimental exploit for NGINX 1.18 Specifically, the NGINX LDAP reference implementation which uses LDAP to authenticate users of applications being proxied by NGINX. LDAP can also tackle authentication, so users can sign on just once and access many different files on the server.

Authentication

Authentication IoT Password Management Firmware

IoT Unravelled Part 3: Security

Troy Hunt

NOVEMBER 25, 2020

I also looked at custom firmware and soldering and why, to my mind, that was a path I didn't need to go down at this time. I can't blame this on the teddy bears themselves, rather the fact that the MongoDB holding all the collected data was left publicly facing without a password. IoT firmware should be self-healing.

IoT

IoT Firmware Risk Manufacturing

Russia-linked threats actors exploited default MFA protocol and PrintNightmare bug to compromise NGO cloud

Security Affairs

MARCH 16, 2022

In order to compromise the target network, the attackers conducted a brute-force password guessing attack against an un-enrolled and inactive account. Update software, including operating systems, applications, and firmware on IT network assets in a timely manner. Require all accounts with password logins (e.g.,

Accountability

Accountability Passwords Authentication Firmware

How to Configure a Router to Use WPA2 in 7 Easy Steps

eSecurity Planet

MARCH 3, 2023

The protocol protects your incoming and outgoing internet traffic and makes it difficult for cyber criminals to intercept your data or hack your device. The typical username and password for Wi-Fi routers is “admin” for both, but you may need to search online or contact your ISP if that doesn’t work.

Wireless

Wireless Encryption Passwords IoT

Millions of IoT Devices exposed to remote hacks due to iLnkP2P flaws

Security Affairs

APRIL 26, 2019

An attacker could chain the issues to steal password theft and possibly remotely compromise the devices, he only needs to know the IP address of the P2P server used by the device. Furthermore, even if software patches were issued, the likelihood of most users updating their device firmware is low. ” reported Brian Krebs.

IoT

IoT Hacking Manufacturing Advertising

MITRE, CISA Reveal Dangerous Hardware & Software Vulnerabilities

eSecurity Planet

NOVEMBER 4, 2021

CWE-1277 : Firmware Not Updateable – firmware exploitation exposes the victim to a permanent risk without any possibility to patch weaknesses. Hackers may use firmware exploitation to compromise the network, as the firmware links the operating system and the hardware. The most popular firmware is BIOS and UEFI.

Software

Software Firmware Computers and Electronics Risk

Router security in 2021

SecureList

JUNE 8, 2022

Routers are forever being hacked and infected, and used to infiltrate local networks. According to a survey by UK company Broadband Genie, 48% of users had not changed any of their router’s settings at all , even the control panel and Wi-Fi network passwords. search results for “default password” in June 2021.

DDOS

DDOS Passwords IoT Firmware

Fortinet removed hardcoded SSH keys and database backdoors from FortiSIEM

Security Affairs

JANUARY 27, 2020

An attacker with this key can successfully authenticate as this user to the FortiSIEM Supervisor.” While the user’s shell is limited to running the /opt/phoenix/phscripts/bin/tunnelshell script, SSH authentication still succeeds.”. SecurityAffairs – Fortinet, hacking). reads the security advisory. reads the advisory.

Firmware

Firmware Advertising Authentication Passwords

FBI warns of ransomware attacks targeting the food and agriculture sector

Security Affairs

SEPTEMBER 3, 2021

The FBI provided the following mitigations to protect against ransomware attacks: Regularly back up data, air gap, and password protect backup copies offline. Install updates/patch operating systems, software, and firmware as soon as they are released. Use multifactor authentication with strong pass phrases where possible.

Ransomware

Ransomware Passwords Backups Firmware

Avoslocker ransomware gang targets US critical infrastructure

Security Affairs

MARCH 19, 2022

Regularly back up data, password protect backup copies offline. Install updates/patch operating systems, software, and firmware as soon as updates/patches are released. Use multifactor authentication where possible. Avoid reusing passwords for multiple accounts. SecurityAffairs – hacking, AvosLocker ransomware).

Ransomware

Ransomware DDOS Passwords Backups

Experts released PoC exploits for severe flaws in Netgear Orbi routers

Security Affairs

MARCH 22, 2023

. “An attacker can make an authenticated HTTP request to trigger this vulnerability.” The user needs to authenticate into the mesh system first, meaning they’d need to access an unprotected network or the login credentials of a password-protected network, for this attack to be successful. on January 19, 2023.

Wireless

Wireless Firmware Authentication Passwords

Ranzy Locker ransomware hit tens of US companies in 2021

Security Affairs

OCTOBER 26, 2021

Below are the recommended mitigations included in the alert: Implement regular backups of all data to be stored as air gapped, password protected copies offline. Install updates/patch operating systems, software, and firmware as soon as updates/patches are released. Use double authentication when logging into accounts or services.

Ransomware

Ransomware Firmware Antivirus Accountability

BlackCat Ransomware gang breached over 60 orgs worldwide

Security Affairs

APRIL 25, 2022

Regularly back up data, air gap, and password-protect backup copies offline. Install updates/patch operating systems, software, and firmware as soon as updates/patches are released. Use multifactor authentication where possible. Implement the shortest acceptable timeframe for password changes. To nominate, please visit:?

Ransomware

Ransomware Antivirus Passwords Malware

"In our modern world, countless applications rely on radio frequency elements" - an Interview with Larbi Ouiyzme

Pen Test

OCTOBER 12, 2023

Countermeasures: To prevent drone signal hijacking, drone manufacturers and operators can implement encryption and authentication mechanisms for RF communication. What are the common firmware and software vulnerabilities in RF devices that can be exploited? Strong, complex passwords are essential to prevent unauthorized access.

Encryption

Encryption Firmware Surveillance Technology

Russia-linked APT28 compromised Ubiquiti EdgeRouters to facilitate cyber operations

Security Affairs

FEBRUARY 28, 2024

In April 2023, FortiGuard Labs researchers observed a hacking campaign targeting Cacti ( CVE-2022-46169 ) and Realtek ( CVE-2021-35394 ) vulnerabilities to spread ShellBot and Moobot malware. Attackers replaced binaries on compromised EdgeRouters with trojanized OpenSSH server binaries allowing remote attackers to bypass authentication.

Energy and Utilities

Energy and Utilities Government Firewall Malware

QSnatch malware infected over 62,000 QNAP NAS Devices

Security Affairs

JULY 28, 2020

CGI password logger This installs a fake version of the device admin login page, logging successful authentications and passing them to the legitimate login page. The experts observed that once a device has been infected, the malicious code can prevent the installation of firmware updates. Pierluigi Paganini.

Malware

Malware Firmware Advertising Manufacturing

New Qlocker ransomware infected hundreds of QNAP NAS devices in a few days

Security Affairs

APRIL 23, 2021

The malware moves all files stored on the device to password-protected 7zip archives and demand the payment of a $550 ransom. The vendor recommends the use of strong passwords and to modify the default network port 8080 for accessing the NAS operating interface. SecurityAffairs – hacking, QNAP NAS). “QNAP® Systems, Inc.

Ransomware

Ransomware Backups Media Malware

A bug in ABB Totalflow flow computers exposed oil and gas companies to attack

Security Boulevard

NOVEMBER 10, 2022

The industrial automation giant ABB addressed the flaw with the release of firmware updates on July 14, 2022. The researchers initially discovered an authentication bypass issue, then explored the systems looking at functionalities available to authenticated users such as uploading and downloading configuration files.

Firmware

Firmware Authentication Passwords Manufacturing

Yubico is replacing for free YubiKey FIPS devices due to security weakness

Security Affairs

JUNE 14, 2019

of the firmware. The weakness impacts PIV smart card applications, Universal 2nd Factor (U2F) authentication, OATH one-time passwords, and OpenPGP. “An issue exists in the YubiKey FIPS Series devices with firmware version 4.4.2 there is no released firmware version 4.4.3) SecurityAffairs – Yubico, hacking).

Firmware

Firmware Advertising Authentication Passwords

US gov agencies e private firms warn nation-state actors are targeting ICS & SCADA devices

Security Affairs

APRIL 14, 2022

According to the advisory that was issued with the help of leading cybersecurity firms (Dragos, Mandiant, Microsoft, Palo Alto Networks, and Schneider Electric), nation-state hacking groups were able to hack multiple industrial systems using a new ICS-focused malware toolkit dubbed PIPEDREAM that was discovered in early 2022.

Passwords

Passwords Architecture Backups Cyber Attacks

GhostDNS malware already infected over 100K+ devices and targets 70+ different types of home routers

Security Affairs

OCTOBER 1, 2018

Security experts from Qihoo 360 NetLab have uncovered an ongoing hacking campaign that leverages the GhostDNS malware. GhostDNS scans for the IP addresses used by routers that use weak or no password then accesses them and changes the DNS settings to a rogue DNS server operated by the attackers.

DNS

DNS Malware Firmware Phishing

Wireless Security: WEP, WPA, WPA2 and WPA3 Explained

eSecurity Planet

MARCH 1, 2023

To prevent unwanted access and protect data in transit, wireless connections must be secured with strong authentication procedures, encryption protocols, access control rules, intrusion detection and prevention systems, and other security measures. As a result, wireless networks are prone to eavesdropping, illegal access and theft.

Wireless

Wireless Encryption Authentication IoT

Expert released PoC exploit code for unpatched backdoor in HiSilicon chips

Security Affairs

FEBRUARY 5, 2020

More recent firmware versions had Telnet access and debug port (9527/ tcp ) disabled by default, but they had open port 9530/ tcp that could be exploited by attackers to send a special command to start telnet daemon and enable shell access with a static password ([ 1 ], [ 2 ], [ 3 ]). SecurityAffairs – HiSilicon chips, hacking).

Firmware

Firmware Encryption Advertising Passwords

Experts share details of five flaws that can be chained to hack Netgear RAX30 Routers

DRAGONBLOOD flaws allow hacking WPA3 protected WiFi passwords

Trending Sources

Nine flaws in CyberPower and Dataprobe solutions expose data centers to hacking

Hacker leaks passwords for 900+ Pulse Secure VPN enterprise servers

Netgear addresses severe security flaws in 20 of its products

SonicWall warns of ‘imminent ransomware’ attacks on its EOL products

3.5m IP cameras exposed, with US in the lead

Multiple flaws in CODESYS V3 SDK could lead to RCE or DoS?

TP-Link Archer routers allow remote takeover without passwords

Be aware of exposure of sensitive data on Wi-Fi settings for Canon inkjet printers

D-Link issues beta hotfix for multiple flaws in DIR-3040 routers

Experts found multiple flaws in AudioCodes desk phones and Zoom’s Zero Touch Provisioning (ZTP)

Multiple flaws in Netgear Nighthawk R6700v3 router are still unpatched

A bug in ABB Totalflow flow computers exposed oil and gas companies to attack

USBAnywhere BMC flaws expose Supermicro servers to hack

10,000+ unpatched ABUS Secvest home alarms can be deactivated remotely

Expert found multiple critical issues in MoFi routers

Trend Micro fixes 3 flaws in Home Network Security Devices

ZoomEye IoT search engine cached login passwords for tens of thousands of Dahua DVRs

Hacking the Twinkly IoT Christmas lights

Attackers are hacking NSC Linear eMerge E3 building access systems to launch DDoS attacks

NGINX zero-day vulnerability: Check if you’re affected

IoT Unravelled Part 3: Security

Russia-linked threats actors exploited default MFA protocol and PrintNightmare bug to compromise NGO cloud

How to Configure a Router to Use WPA2 in 7 Easy Steps

Millions of IoT Devices exposed to remote hacks due to iLnkP2P flaws

MITRE, CISA Reveal Dangerous Hardware & Software Vulnerabilities

Router security in 2021

Fortinet removed hardcoded SSH keys and database backdoors from FortiSIEM

FBI warns of ransomware attacks targeting the food and agriculture sector

Avoslocker ransomware gang targets US critical infrastructure

Experts released PoC exploits for severe flaws in Netgear Orbi routers

Ranzy Locker ransomware hit tens of US companies in 2021

BlackCat Ransomware gang breached over 60 orgs worldwide

"In our modern world, countless applications rely on radio frequency elements" - an Interview with Larbi Ouiyzme

Russia-linked APT28 compromised Ubiquiti EdgeRouters to facilitate cyber operations

QSnatch malware infected over 62,000 QNAP NAS Devices

New Qlocker ransomware infected hundreds of QNAP NAS devices in a few days

A bug in ABB Totalflow flow computers exposed oil and gas companies to attack

Yubico is replacing for free YubiKey FIPS devices due to security weakness

US gov agencies e private firms warn nation-state actors are targeting ICS & SCADA devices

GhostDNS malware already infected over 100K+ devices and targets 70+ different types of home routers

Wireless Security: WEP, WPA, WPA2 and WPA3 Explained

Expert released PoC exploit code for unpatched backdoor in HiSilicon chips

Stay Connected