Security Affairs

JUNE 12, 2025

Over 40,000 internet-exposed security cameras worldwide are vulnerable to remote hacking, posing serious privacy and security risks. Bitsight warns that over 40,000 security cameras worldwide are exposed to remote hacking due to unsecured HTTP or RTSP (Real-Time Streaming Protocol) access.

Hacking 67

Hacking Telecommunications Internet Internet 67

Security Affairs

OCTOBER 13, 2020

The number of sensors and smart devices connected to the internet is exponentially rising, which are the 5 Major Vulnerabilities for IoT devices. If you take a look at the global market for IoT, you can easily spot the trend. IoT devices are exposed to cybersecurity vulnerabilities. IoT is a complicated concept.

IoT 143

IoT Cybersecurity Manufacturing Internet 143

SecureList

SEPTEMBER 21, 2023

IoT devices (routers, cameras, NAS boxes, and smart home components) multiply every year. The first-ever large-scale malware attacks on IoT devices were recorded back in 2008, and their number has only been growing ever since. Telnet, the overwhelmingly popular unencrypted IoT text protocol, is the main target of brute-forcing.

IoT 137

IoT DDOS Passwords Malware 137

Security Affairs

AUGUST 7, 2021

Threat actors are actively exploiting a critical authentication bypass issue (CVE-2021-20090 ) affecting home routers with Arcadyan firmware. Threat actors actively exploit a critical authentication bypass vulnerability, tracked as CVE-2021-20090 , impacting home routers with Arcadyan firmware to deploy a Mirai bot.

IoT 145

IoT Firmware Authentication Wireless 145

Krebs on Security

APRIL 4, 2021

Ubiquiti’s IoT gear includes things like WiFi routers, security cameras, and network video recorders. Their products have long been popular with security nerds and DIY types because they make it easy for users to build their own internal IoT networks without spending many thousands of dollars. And on Jan.

Authentication 362

Authentication IoT Accountability Passwords 362

Security Affairs

APRIL 26, 2019

Experts discovered security flaws in the iLnkP2P peer-to-peer (P2P) system that exposes millions of IoT devices to remote attacks. The iLnkP2P system allows users to remotely connect to their IoT devices using a mobile phone or a PC. Potentially affected IoT devices include cameras and smart doorbells. Pierluigi Paganini.

IoT 110

IoT Hacking Manufacturing Advertising 110

Security Affairs

MAY 19, 2020

Palo Alto Networks Unit 42 researchers observed both the Mirai and Hoaxcalls botnets using an exploit for a post-authentication Remote Code Execution vulnerability in legacy Symantec Web Gateways 5.0.2.8. Experts note that the exploit is only effective for authenticated sessions and the affected devices are End of Life (EOL) from 2012.

IoT 141

IoT DDOS Authentication Firmware 141

Security Affairs

DECEMBER 17, 2024

In March 2024, threat actors behind this campaign started targeting Internet of Things (IoT) devices in the US, Australia, Canada, New Zealand, and the United Kingdom. Follow me on Twitter: @securityaffairs and Facebook and Mastodon PierluigiPaganini ( SecurityAffairs hacking,HiatusRAT)

Architecture 109

Architecture Internet Internet Malware 109

The Last Watchdog

APRIL 4, 2022

They are often unaware of the risks they take on, which can include hacking, fraud, phishing, and more. To protect against these attacks, businesses need to implement a wide range of strong API security measures such as authentication, authorization, encryption, and vulnerability scanning. Related: Using employees as human sensors.

Hacking 222

Hacking Penetration Testing Data breaches Authentication 222

Security Affairs

JANUARY 19, 2020

The availability online of a new collection of Telnet credentials for more than 500,000 servers, routers, and IoT devices made the headlines. According to ZDNet that first published the news, the list was leaked on a popular hacking forum by the operator of a DDoS booter service. . SecurityAffairs – Telnet credentials, hacking).

IoT 121

IoT DDOS InfoSec Internet 121

Security Affairs

DECEMBER 21, 2018

2018 was the year of the Internet of Things (IoT), massive attacks and various botnets hit smart devices, These are 5 IoT Security Predictions for 2019. IoT Attacks in 2018. Do the increased attacks mean the industry is becoming accustomed to IoT cyber attacks? Three IoT Attack Avenues for 2019.

IoT 111

IoT Manufacturing Internet Internet 111

Security Affairs

NOVEMBER 5, 2024

The company discovered the zero-day vulnerabilities in IoT live-streaming cameras, used in industrial operations, healthcare, and other sensitive environments. is an inadequate authentication mechanisms that could allow an attacker to access sensitive information like usernames, MD5 password hashes, and configuration data.

Firmware 127

Firmware Manufacturing Authentication IoT 127

Security Affairs

APRIL 30, 2021

Microsoft researchers are warning of major security vulnerabilities affecting OT and IoT devices and high-risks for businesses using them. Researchers from Microsoft’s Section 52 team recently uncovered several critical memory allocation flaws, collectively tracked as BadAlloc , affecting IoT and OT devices. Pierluigi Paganini.

IoT 120

IoT VPN Firewall Risk 120

Security Affairs

MAY 16, 2025

CookieAttack : Enhances BrowserAttack with advanced cookie handling to further imitate authentic web interactions. “DDoS Botnet families tend to congregate on Linux and IoT platforms. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,botnet)

DDOS 113

DDOS Education IoT Malware 113

Security Affairs

JANUARY 16, 2025

The botnet uses compromised MikroTik devices as SOCKS proxies, masking malicious traffic origins and enabling other actors to exploit them without authentication, amplifying its scale. ” Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking, MikroTik botnet)

DNS 139

DNS Malware Firmware Authentication 139

Security Affairs

FEBRUARY 26, 2024

Recently the leak of a collection of files apparently stolen from the Chinese government hacking contractor, I-Soon, exposed Chinese hacking capabilities. Recently someone has leaked on GitHub [ 1 , 2 ] a collection of files apparently stolen from the Chinese hacking firm, I-Soon.

Hacking 135

Hacking Government Spyware Marketing 135

Security Affairs

JANUARY 19, 2025

The Planet WGS-804HPT industrial switch is used in building and home automation networks to provide connectivity of Internet of things (IoT) devices, IP surveillance cameras, and wireless LAN network applications. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,IOT)

Firmware 71

Firmware IoT Wireless Surveillance 71

eSecurity Planet

NOVEMBER 1, 2021

The European Union is poised to place more demands on manufacturers to design greater security into their wireless and Internet of Things (IoT) devices. has made some strides on IoT security at the federal level; it remains to be seen if the EU initiative will spur the U.S. IoT market growth. IoT Security Neglected.

Wireless 109

Wireless IoT Manufacturing Mobile 109

Thales Cloud Protection & Licensing

FEBRUARY 16, 2021

Critical Success Factors to Widespread Deployment of IoT. Digital technology and connected IoT devices have proliferated across industries and into our daily lives. Finally, IoT devices are being used extensively in smart vehicles and home appliances to provide enhanced user experiences. Threat vectors on IoT.

IoT 96

IoT Manufacturing Energy and Utilities Data collection 96

SecureWorld News

SEPTEMBER 15, 2021

Now George Jetson’s reality is nearly our own, and Rosie the Robot is somewhat interchangeable with any number of IoT devices like Siri, Roomba, or Alexa. Today, organizations are also embracing a record number of Internet of Things (IoT) devices to accomplish objectives. Securing your IoT environment.

IoT 97

IoT Encryption Internet Internet 97

CyberSecurity Insiders

MARCH 25, 2021

billion IoT devices active across the world – a figure that is expected to grow to 75 billion by 2025. This tripling will be a phenomenal feat to achieve in the next four years and relies upon IoT projects that are currently planned or under development to mature quickly. 1 Consider using generic IoT service modules.

IoT 100

IoT Authentication Passwords Data collection 100

eSecurity Planet

OCTOBER 5, 2021

Passwords are the most common authentication tool used by enterprises, yet they are notoriously insecure and easily hackable. At this point, multi-factor authentication (MFA) has permeated most applications, becoming a minimum safeguard against attacks. Jump to: What is multi-factor authentication? MFA can be hacked.

Authentication 104

Authentication Passwords Mobile Accountability 104

Security Affairs

OCTOBER 1, 2019

Security Labs discovered a new IOT bot named “GUCCI”. It seems like the IOT botnet is named after an Italian luxury brand of fashion and leather goods. The IOT threat detection engine picked the infection IP has shown below hosting number of bins for different architectures. Compromising C&C. Inference. Pierluigi Paganini.

IoT 105

IoT Advertising Engineering Architecture 105

Security Boulevard

MAY 30, 2022

Why Healthcare IoT Requires Strong Machine Identity Management. The healthcare industry has been leveraging IoT devices for years, steadily increasing its use in facilities and patient care. By 2027, the IoT in Healthcare market is expected to reach $290 billion , up from just $60 billion in 2019. brooke.crothers.

Healthcare 90

Healthcare IoT Manufacturing Risk 90

Security Affairs

SEPTEMBER 2, 2019

Akamai researcher Larry Cashdollar reported that a cryptocurrency miner that previously hit only Arm-powered IoT devices it now targeting Intel systems. The researchers revealed that one of his honeypots was hit by this IoT malware that targets Intel machines running Linux. “This one seems to target enterprise systems.”

IoT 111

IoT Cryptocurrency Malware System Administration 111

CyberSecurity Insiders

FEBRUARY 12, 2021

Living in a more connected world leads to more risk of hacking and cyber-attacks. The worldwide number of IoT-connected devices is projected to increase to 43 billion by 2023 , an almost threefold increase from 2018 , demonstrating the pace at which the world is becoming more connected.

IoT 84

IoT Architecture Authentication Technology 84

Security Affairs

MARCH 9, 2019

Security experts at Pen Test Partners discovered several vulnerabilities in two smart car alarm systems put three million vehicles globally at risk of hack. Simply by tampering with parameters, one can update the email address registered to the account without authentication, send a password reset to the modified address (i.e.

Hacking 112

Hacking Accountability Engineering Advertising 112

Security Affairs

MARCH 16, 2025

CISA adds Advantive VeraCore and Ivanti EPM flaws to its Known Exploited Vulnerabilities catalog Cybersecurity Challenges in Cross-Border Data Transfers and Regulatory Compliance Strategies Elon Musk blames a massive cyberattack for the X outages Experts warn of mass exploitation of critical PHP flaw CVE-2024-4577 RansomHouse gang claims the hack of (..)

Spyware 74

Spyware Cybercrime Ransomware IoT 74

Security Affairs

JANUARY 7, 2019

The hot tubs could be remotely controlled by an app, dubbed Balboa Water App, that lack of authentication mechanisms. The unprotected devices can be easily hacked because the AP is open and no PSK is used. An attacker could hack into the hot tubs in the nearby or remotely. SecurityAffairs – IoT, hacking).

Hacking 111

Hacking Cyber Attacks IoT Mobile 111

Troy Hunt

SEPTEMBER 8, 2022

Great to see a book deliver this authenticity - we're all only human after all! Plenty of tech, data breaches, career hacks, IoT, Cloud, password management, application security, and more, delivered in a fun way. This book has it all.

InfoSec 363

InfoSec Password Management Passwords IoT 363

Security Affairs

MAY 11, 2023

Industrial and IoT cybersecurity firm Claroty disclosed technical details of five vulnerabilities that be exploited to hack some Netgear router models. “Team82 disclosed five vulnerabilities in NETGEAR’s Nighthawk RAX30 routers as part of its research and participation in last December’s Pwn2Own Toronto hacking competition.”

Hacking 98

Hacking Firmware Authentication DNS 98

Hot for Security

FEBRUARY 16, 2021

Seismic monitoring equipment is vulnerable to common cybersecurity threats like those faced by IoT devices, a new research paper warns. Non-encrypted data, insecure protocols and poor user authentication mechanisms are among the security issues that leave seismological networks open to breaches, the authors note.

IoT 128

IoT InfoSec Data collection Encryption 128

Security Affairs

SEPTEMBER 25, 2020

According to SAM Seamless Network , over 200,000 businesses are using Fortigate VPN with default settings, exposing them to the risk of a hack. The researchers set up a compromised IoT device that initiates MITM attack using ARP Poisoning, then Forticlient initiates VPN connection. SecurityAffairs – hacking, Fortigate VPN).

VPN 112

VPN Hacking IoT Advertising 112

Security Affairs

AUGUST 24, 2021

On August 15, firmware security company IoT Inspector published details about the flaws. “On August 16th, three days ago, multiple vulnerabilities in a software SDK distributed as part of Realtek chipsets were disclosed by IoT Inspector Research Lab [1]. ” reported IoT Inspector. ” reported IoT Inspector.

IoT 135

IoT Firmware Internet Internet 135

The Last Watchdog

OCTOBER 16, 2019

Related: IoT exposures explained I’ve conversed several times with Jeff Hudson about this. APIs , the interface coding that allows two different machines to exchange data – for instance, an IoT device and a command server — are machines as well. By comparison, scant effort has gone into securing the latter.

Digital transformation 195

Digital transformation Firmware Authentication IoT 195

ForAllSecure

APRIL 22, 2021

It seems everything smart is hackable, with IoT startups sometimes repeating security mistakes first made decades ago. The next day I cut the string, There's a parallel here to IoT light bulbs that change colors. Problem is, MAC addresses are not great for authentication. How then does one start securing it?

IoT 52

IoT Hacking Internet Internet 52

ForAllSecure

APRIL 22, 2021

It seems everything smart is hackable, with IoT startups sometimes repeating security mistakes first made decades ago. The next day I cut the string, There's a parallel here to IoT light bulbs that change colors. Problem is, MAC addresses are not great for authentication. How then does one start securing it?

IoT 52

IoT Hacking Internet Internet 52