Security Affairs

SEPTEMBER 7, 2022

flaw is classified as a format string vulnerability that resides in Zyxel NAS326 firmware versions prior to V5.21(AAZF.12)C0. Below is the list of affected models and the firmware patches released by the company. Zyxel addressed a critical vulnerability, tracked as CVE-2022-34747 , impacting its network-attached storage (NAS) devices.

Firewall 84

Firewall Firmware Authentication VPN 84

Security Affairs

JULY 15, 2021

x firmware in an imminent ransomware campaign using stolen credentials.” “The exploitation targets a known vulnerability that has been patched in newer versions of firmware.” The network equipment vendor is now urging customers to update the firmware of their devices as soon as possible. “If 34 or 9.0.0.10

Firmware 109

Firmware Ransomware Passwords Mobile 109

eSecurity Planet

JANUARY 16, 2024

The problem: Ivanti announced two vulnerabilities that affect Ivanti Connect Secure VPN and Ivanti Policy Secure products. Potential results of the exploits include authentication bypass and command injection. According to Bitdefender, the thermostat does not validate the authenticity of a new firmware update. Versions 9.x

Firewall 109

Firewall Firmware IoT Authentication 109

Security Affairs

JANUARY 3, 2020

Experts disclosed PoC exploits for remote command execution and information disclosure vulnerabilities affecting many D-Link routers. ”” D-Link, was informed about the flaw by a third-party company in mid-October, but its initial security advisory only identified the DIR-859 router family as being vulnerable.

Advertising 63

Advertising Firmware VPN Authentication 63

Security Affairs

JUNE 13, 2023

“A heap-based buffer overflow vulnerability [CWE-122] in FortiOS and FortiProxy SSL-VPN may allow a remote attacker to execute arbitrary code or commands via specifically crafted requests.” If the customer is not operating SSL-VPN the risk of this issue is mitigated – however, Fortinet still recommends upgrading.”

Firewall 85

Firewall VPN Firmware Manufacturing 85

eSecurity Planet

MAY 20, 2024

4 VMware Vulnerabilities Affect Workstation & Fusion Type of vulnerability: Multiple, including information disclosure and use-after-free. CVE-2024-22269 : Information disclosure vulnerability in the vbluetooth device allows threat actors with admin privileges on a VM to view privileged data in hypervisor memory.

VPN 62

VPN Firmware Malware Software 62

Security Affairs

OCTOBER 22, 2022

The group focused on the HPH Sector with ransomware operations that aimed at deploying ransomware and exfiltrating personal identifiable information (PII) and patient health information (PHI) threatening to release the stolen data if a ransom is not paid. The threat actors obtained the VPN credentials through phishing attacks.

Ransomware 69

Ransomware VPN Cybercrime Accountability 69

Security Affairs

JUNE 23, 2021

A critical vulnerability, tracked as CVE-2021-20019 , in SonicWall VPN appliances was only partially patched last year and could allow a remote attacker to steal sensitive data. The flaw resides in the HTTP/HTTPS service used for product management as well as SSL VPN remote access. “An reads the analysis published by Tripwire.

VPN 84

VPN Firewall Firmware Authentication 84

SecureWorld News

OCTOBER 8, 2023

Armed with this information, hackers often try to exploit vulnerabilities in home devices and networks to breach corporate networks. Here are some key safety guidelines to consider: Restrict who can view your personal information. Use the administrator account only for maintenance, software installation, or firmware updates.

Firmware 85

Firmware IoT Accountability Passwords 85

Security Affairs

SEPTEMBER 3, 2021

“Companies may also experience the loss of proprietary information and personally identifiable information (PII) and may suffer reputational damage resulting from a ransomware attack.” Install updates/patch operating systems, software, and firmware as soon as they are released. Consider installing and using a VPN.

Ransomware 97

Ransomware Passwords Backups Firmware 97

Security Affairs

MARCH 23, 2021

The flaws could be exploited to access sensitive information, reboot the device, trigger a denial-of-service condition, and gain privileged access. “Successful exploitation of these vulnerabilities could allow an attacker to access sensitive information, reboot the UR, gain privileged access, or cause a denial-of-service condition.”

Firmware 79

Firmware VPN Firewall Risk 79

Kali Linux

NOVEMBER 27, 2022

To enable wireless support, we need to find: The kernel Wi-Fi modules that need to be in the initramfs (Depends on hardware) The Wi-Fi firmware files that need to be in the initramfs (Depends on hardware) The Wireless interface name (Kali defaults to: wlan0 ) Additional packages to increase functionally. bin firmware: brcm/brcmfmac*-sdio.*.txt

Firmware 52

Firmware Wireless Passwords VPN 52

Security Boulevard

MARCH 15, 2022

The gang also claimed to have deleted the data that held the information needed to issue Covid vaccination certificates. The ransomware group specified that “they are not looking for data” but rather to buy remote VPN access to the corporate network. However, the most advanced attacks were the ones targeting Nvidia and Samsung.

Ransomware 126

Ransomware Telecommunications Firmware Media 126

NopSec

JANUARY 30, 2019

It is an information disclosure vulnerability affecting web-based management interface of Cisco Small Business RV320 and RV325 routers. It could allow an unauthenticated, remote attacker to retrieve sensitive information. This week’s most talked about vulnerability is CVE-2019-1653. and 1.4.2.17. through 1.4.2.19.

Small Business 40

Small Business Firmware VPN Authentication 40

Security Affairs

JUNE 27, 2022

CODESYS addressed 11 security flaws in the ICS Automation Software that could lead to information disclosure and trigger a denial-of-service (DoS) condition. An attacker could exploit the flaw to trigger a denial-of-service (DoS) condition, disclose information, execute arbitrary code, and conduct other malicious activities.

Software 84

Software Manufacturing Firmware Risk 84

Malwarebytes

MARCH 17, 2021

The FBI report also reveals a possible double extortion tactic that might occur against victims: “In previous incidents, cyber actors exfiltrated employment records that contained personally identifiable information (PII), payroll tax information, and other data that could be used to extort victims to pay a ransom.”

Education 105

Education Ransomware Phishing Passwords 105

Security Affairs

MARCH 19, 2022

Install updates/patch operating systems, software, and firmware as soon as updates/patches are released. Use multifactor authentication where possible. Consider installing and using a VPN. Ensure copies of critical data are not accessible for modification or deletion from the system where the data resides. Disable unused ports.

Ransomware 98

Ransomware DDOS Passwords Backups 98

Security Affairs

MARCH 16, 2022

As Duo’s default configuration settings allow for the re-enrollment of a new device for dormant accounts, the actors were able to enroll a new device for this account, complete the authentication requirements, and obtain access to the victim network.” ” reads the joint advisory. ” continues the analysis.

Accountability 93

Accountability Passwords Authentication Firmware 93

Security Affairs

APRIL 25, 2022

The FBI is seeking any information that can be shared related to the operations of the BlackCat ransomware operation. Install updates/patch operating systems, software, and firmware as soon as updates/patches are released. Use multifactor authentication where possible. hard drive, storage device, the cloud).

Ransomware 105

Ransomware Antivirus Passwords Malware 105

eSecurity Planet

MARCH 1, 2023

To prevent unwanted access and protect data in transit, wireless connections must be secured with strong authentication procedures, encryption protocols, access control rules, intrusion detection and prevention systems, and other security measures. As a result, wireless networks are prone to eavesdropping, illegal access and theft.

Wireless 98

Wireless Encryption Authentication IoT 98

Security Affairs

MARCH 26, 2021

The ransom note includes information such as host system name, the threat actor’s email address, the ransomware file name, and indications on where to enter the decryption key. Furthermore, victims are told to contact the attackers by email to receive information on how they can pay a ransom to receive the decryption key.

Ransomware 144

Ransomware Encryption Passwords Malware 144

Malwarebytes

SEPTEMBER 21, 2021

Enable multi-factor authentication (MFA). Multi-factor authentication is a great step to add in on every service that offers it. This could be a one-time login code sent via text, a code on an authenticator app, or a push notification, among others. Update your child’s device’s firmware.

Internet 105

Internet Internet Passwords Password Management 105

Malwarebytes

SEPTEMBER 3, 2021

Install updates/patch operating systems, software, and firmware as soon as they are released. Use multi-factor authentication with strong pass phrases where possible. Consider installing and using a VPN. ” Internet of Things. hard drive, storage device, the cloud). Disable hyperlinks in received emails.

Ransomware 135

Ransomware Manufacturing Passwords Internet 135

Security Affairs

JULY 31, 2019

The list of flaws includes OS Command Injection, Unrestricted Upload of File with Dangerous Type, Cross-site Request Forgery, Small Space of Random Values, Cross-site Scripting, Exposure of Backup file to Unauthorized Control Sphere, Improper Authentication, and Use of Hard-coded Credentials. “Prima Systems FlexAir, Versions 2.3.38

Backups 57

Backups Authentication Advertising Firmware 57

Security Affairs

MAY 13, 2021

Require multi-factor authentication for remote access to OT and IT networks. Update software , including operating systems, applications, and firmware on IT network assets, in a timely manner. After assessing risks, if RDP is deemed operationally necessary, restrict the originating sources and require multi-factor authentication.

Ransomware 109

Ransomware Healthcare Phishing Risk 109

Security Affairs

OCTOBER 20, 2018

Meaning, authentication bypasses weren’t enough. CVE-2018-18472 – XXE and Unauthenticated Remote Command Execution in Axentra Hipserv NAS firmware. . It’s used in different devices from different vendors, the affected devices sharing the firmware are: Netgear Stora. Firmware Analysis. Summary of Our Findings.

Firmware 60

Firmware IoT VPN Authentication 60

Security Affairs

APRIL 2, 2021

Install updates/patch operating systems, software, and firmware as soon as updates/patches are released. • Use multifactor authentication where possible. Provide users with training on information security principles and techniques, particularly on recognizing and avoiding phishing emails. hard drive, storage device, the cloud).

Passwords 66

Passwords Government Firmware Accountability 66

eSecurity Planet

SEPTEMBER 11, 2023

Network security is another big theme this week: Whether it’s a VPN connection or an enterprise-grade networking platform, patch management solutions typically won’t update network devices, so admins may need to keep an eye on any flaws there too. of the Atlas VPN Linux client. via port 8076. score of 9.8 out of 10.0,

VPN 113

VPN Firmware Authentication Phishing 113

Security Affairs

OCTOBER 13, 2020

For instance, crooks can take confidential information or spread false information across departments. If such processes lack proper authentication steps, they could work as gateways for bigger problems. It can be prevented through the use of an online VPN. Zero-day vulnerabilities and other flaws. Shadow IoT Devices.

IoT 132

IoT Cybersecurity Manufacturing Internet 132

Malwarebytes

MAY 28, 2021

Install updates/patch operating systems, software, and firmware as soon as they are released. Use multi-factor authentication where possible. Consider installing and using a VPN. hard drive, storage device, the cloud). Only use secure networks and avoid using public Wi-Fi networks. Disable hyperlinks in received emails.

Healthcare 105

Healthcare Ransomware Encryption Passwords 105

Security Affairs

DECEMBER 27, 2021

The researchers performed reverse engineering of the firmware image for the COMpact 5500, version 7.8A “So the only secret information an attacker needs to know to generate the password for the user Schandelah is the serial number of the PBX. “Equipped with this password we then could authenticate successfully.

Firmware 93

Firmware Manufacturing Passwords Penetration Testing 93

Security Affairs

NOVEMBER 14, 2023

The vulnerability is an improper error message handling in Zyxel ZyWALL/USG series firmware versions 4.60 through 4.73, VPN series firmware versions 4.60 through 5.35, USG FLEX series firmware versions 4.60 through 5.35, and ATP series firmware versions 4.60 through 5.35. ” reported the SektorCERT.

Cyber Attacks 111

Cyber Attacks Firmware Firewall VPN 111

Security Affairs

JANUARY 14, 2024

The vulnerability is an improper error message handling in Zyxel ZyWALL/USG series firmware versions 4.60 through 4.73, VPN series firmware versions 4.60 through 5.35, USG FLEX series firmware versions 4.60 through 5.35, and ATP series firmware versions 4.60 through 5.35. reported the SektorCERT. “An

Firewall 102

Firewall Firmware Cyber Attacks VPN 102

Pen Test Partners

OCTOBER 9, 2023

A threat model is a structured representation of all the information that affects the security of an application. There is no concrete method to follow as it will rely on contents of the decomposed design from Step 2, but typical examples might include the following: Intellectual property in the device firmware.

IoT 52

IoT Firmware Mobile Manufacturing 52

eSecurity Planet

MAY 28, 2021

The truth is that solutions like single sign-on (SSO) and multi-factor authentication (MFA) can spell disaster if initial access is all a malicious actor needs to traverse the network’s resources. From BIOS and firmware to UEFI code, VBOS is an attack vector that requires more attention. Current Target: VBOS.

Software 119

Software DNS Firmware VPN 119

eSecurity Planet

MARCH 22, 2023

Virtual Private Network (VPN) : For remote access, remote desktop protocol (RDP) no longer can be considered safe. Instead, organizations should use a virtual private network (VPN) solution. For improved security using mobile phones, free authentication apps are available from Google, Microsoft, and others.

Firewall 109

Firewall Network Security Penetration Testing Encryption 109

Thales Cloud Protection & Licensing

APRIL 20, 2021

Even fewer (19%) told Proofpoint that they had updated their Wi-Fi router’s firmware. Meanwhile, Verizon found in its MSI 2021 that less than half (47%) of respondents with a VPN installed on their devices activated it. A fifth of survey participants said that they never use it or activated it only when there was no other option.

Mobile 71

Mobile Architecture Data breaches Authentication 71