Authentication, Information Security and IoT

CVE-2021-20090 actively exploited to target millions of IoT devices worldwide

Security Affairs

AUGUST 7, 2021

Threat actors are actively exploiting a critical authentication bypass issue (CVE-2021-20090 ) affecting home routers with Arcadyan firmware. Threat actors actively exploit a critical authentication bypass vulnerability, tracked as CVE-2021-20090 , impacting home routers with Arcadyan firmware to deploy a Mirai bot.

IoT

IoT Firmware Authentication Wireless

7 Top Tips for Accelerating your IoT Projects in 2021

CyberSecurity Insiders

MARCH 25, 2021

billion IoT devices active across the world – a figure that is expected to grow to 75 billion by 2025. This tripling will be a phenomenal feat to achieve in the next four years and relies upon IoT projects that are currently planned or under development to mature quickly. 1 Consider using generic IoT service modules.

IoT

IoT Authentication Passwords Data collection

IoT Cybersecurity: 5 Major Vulnerabilities and How to Tackle Them

Security Affairs

OCTOBER 13, 2020

The number of sensors and smart devices connected to the internet is exponentially rising, which are the 5 Major Vulnerabilities for IoT devices. If you take a look at the global market for IoT, you can easily spot the trend. IoT devices are exposed to cybersecurity vulnerabilities. IoT is a complicated concept.

IoT

IoT Cybersecurity Manufacturing Internet

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

Microsoft warns of BadAlloc flaws in OT, IoT devices

Security Affairs

APRIL 30, 2021

Microsoft researchers are warning of major security vulnerabilities affecting OT and IoT devices and high-risks for businesses using them. Researchers from Microsoft’s Section 52 team recently uncovered several critical memory allocation flaws, collectively tracked as BadAlloc , affecting IoT and OT devices.

IoT

IoT VPN Firewall Risk

Bot list with Telnet credentials for more than 500,000 servers and IoT devices leaked online

Security Affairs

JANUARY 19, 2020

The availability online of a new collection of Telnet credentials for more than 500,000 servers, routers, and IoT devices made the headlines. In August 2017, security researchers Ankit Anubhav found a list of more than 1,700 valid Telnet credentials for IoT devices online. admin:admin, root:root, or no authentication required).

IoT

IoT DDOS InfoSec Internet

Hackers Could Cause ‘Fake Earthquakes’ by Exploiting Vulnerable Seismic Equipment, Researchers Warn

Hot for Security

FEBRUARY 16, 2021

Seismic monitoring equipment is vulnerable to common cybersecurity threats like those faced by IoT devices, a new research paper warns. Non-encrypted data, insecure protocols and poor user authentication mechanisms are among the security issues that leave seismological networks open to breaches, the authors note.

IoT

IoT InfoSec Data collection Encryption

TheMoon bot infected 40,000 devices in January and February

Security Affairs

MARCH 26, 2024

A new variant of TheMoon malware infected thousands of outdated small office and home office (SOHO) routers and IoT devices worldwide. The Black Lotus Labs team at Lumen Technologies uncovered an updated version of “ TheMoon ” bot targeting end-of-life (EoL) small home/small office (SOHO) routers and IoT devices.

IoT

IoT Cybercrime Internet Internet

Gucci IOT Bot Discovered Targeting European Region

Security Affairs

OCTOBER 1, 2019

Security Labs discovered a new IOT bot named “GUCCI”. It seems like the IOT botnet is named after an Italian luxury brand of fashion and leather goods. The IOT threat detection engine picked the infection IP has shown below hosting number of bins for different architectures. Compromising C&C. Inference.

IoT

IoT Advertising Engineering Architecture

XMR crypto miner switches from arm IoT devices to X86/I686 Intel servers

Security Affairs

SEPTEMBER 2, 2019

Akamai researcher Larry Cashdollar reported that a cryptocurrency miner that previously hit only Arm-powered IoT devices it now targeting Intel systems. The researchers revealed that one of his honeypots was hit by this IoT malware that targets Intel machines running Linux. “This one seems to target enterprise systems.”

IoT

IoT Cryptocurrency Malware System Administration

Spotlight: CTIA’s IoT Cybersecurity Certification is a Big Deal. Here’s why.

The Security Ledger

MARCH 13, 2019

Forget about Congress's latest attempt to regulate IoT security. The post Spotlight: CTIA’s IoT Cybersecurity Certification is a Big Deal. Forget about Congress’s latest attempt to regulate IoT security. Federal Government to meet strict information security standards. Here’s why.

IoT

IoT Cybersecurity Internet Internet

Access:7 flaws impact +150 device models from over 100 manufacturers

Security Affairs

MARCH 8, 2022

Many IoT and medical devices are affected by seven serious flaws, collectively tracked as Access:7, in widely used Axeda platform. “Access:7 could enable hackers to remotely execute malicious code, access sensitive data or alter configuration on medical and IoT devices running PTC’s Axeda remote code and management agent.”reads

Manufacturing

Manufacturing IoT Authentication Financial Services

Realtek SDK flaws exploited to deliver Mirai bot variant

Security Affairs

AUGUST 24, 2021

On August 15, firmware security company IoT Inspector published details about the flaws. “On August 16th, three days ago, multiple vulnerabilities in a software SDK distributed as part of Realtek chipsets were disclosed by IoT Inspector Research Lab [1]. ” reported IoT Inspector.

IoT

IoT Firmware Internet Internet

Experts share details of five flaws that can be chained to hack Netgear RAX30 Routers

Security Affairs

MAY 11, 2023

Industrial and IoT cybersecurity firm Claroty disclosed technical details of five vulnerabilities that be exploited to hack some Netgear router models. ” reads the advisory published by the security firm. The remaining ones are authentication bypass and command injection flaws. ” concludes the advisory.

Hacking

Hacking Firmware Authentication DNS

New Linux botnet RapperBot brute-forces SSH servers

Security Affairs

AUGUST 5, 2022

Researchers from FortiGuard Labs have discovered a new IoT botnet tracked as RapperBot which is active since mid-June 2022. ssh/authorized_keys, anyone with the corresponding private key can authenticate the SSH server without supplying a password. The bulk of the malware code contains an implementation of an SSH 2.0

IoT

IoT Malware Passwords Authentication

GUEST ESSAY : Advanced tech to defend API hacking is now readily available to SMBs

The Last Watchdog

APRIL 4, 2022

SMBs and enterprises alike have been struggling with APIs as a mechanism for information security. To protect against these attacks, businesses need to implement a wide range of strong API security measures such as authentication, authorization, encryption, and vulnerability scanning.

Hacking

Hacking Penetration Testing Data breaches Authentication

ModiPwn flaw in Modicon PLCs bypasses security mechanisms

Security Affairs

JULY 13, 2021

ModiPwn flaw (CVE-2021-22779) in some of Schneider Electric’s Modicon PLCs can allow attackers to bypass authentication mechanisms and take over the device. The vulnerability can allow attackers to bypass authentication mechanisms which can lead to native remote-code-execution on vulnerable PLCs.”

Authentication

Authentication IoT Engineering Encryption

New Mirai variant includes exploit for a flaw in Comtrend Routers

Security Affairs

JULY 14, 2020

Researchers spotted a new version of the Mirai IoT botnet that includes an exploit for a vulnerability affecting Comtrend routers. Malware researchers at Trend Micro have discovered a new version of the Mirai Internet of Things (IoT) botnet that includes an exploit for the CVE-2020-10173 vulnerability impacting Comtrend routers.

IoT

IoT Advertising DDOS Authentication

Flaws in Wyze cam devices allow their complete takeover

Security Affairs

MARCH 31, 2022

Bitdefender researchers discovered three security vulnerabilities in the popular Wyze Cam devices that can be exploited by threat actors to execute arbitrary code and access camera feeds. An unauthenticated access to contents of the SD card. ” Follow me on Twitter: @securityaffairs and Facebook.

IoT

IoT Firmware Marketing Authentication

Decoding Security 127: We Got Conned

SiteLock

AUGUST 27, 2021

Up next, Black Hat, one of the world’s largest information security conferences, took place in early August 2018 in Sin City. The conference held many briefings on politics, legislation, and Machine Learning (ML) and Artificial Intelligence (AI) in cybersecurity, as well as the challenge of endpoint security for many IoT devices.

Small Business

Small Business Artificial Intelligence Firmware IoT

TLStorm flaws allow to remotely manipulate the power of millions of enterprise UPS devices

Security Affairs

MARCH 9, 2022

Researchers from IoT security company Armis have discovered three high-impact security flaws, collectively tracked as TLStorm, affecting APC Smart-UPS devices. SecurityAffairs – hacking, IoT). Three flaws in APC Smart-UPS devices, tracked as TLStorm, could be exploited by remote attackers to hack and destroy them.

Firmware

Firmware IoT Authentication Backups

GUEST ESSAY: As cyber risks rise in 2020, as they surely will, don’t overlook physical security

The Last Watchdog

DECEMBER 31, 2019

Physical security is the protection of personnel and IT infrastructure (such as hardware, software, and data) from physical actions and events that could cause severe damage to an organization. Related: Good to know about IoT Physical security is often a second thought when it comes to information security.

Cyber Risk

Cyber Risk Risk Firewall Surveillance

7 Ways Enterprises are Taking Advantage of Biometrics

Security Boulevard

AUGUST 11, 2023

Biometrics are known to have been a boon to digital security and data protection, but there are a variety of other use cases across industries. Biometrics are automated methods used to identify an individual or verify/authenticate an individual's identity based on physiological characteristics and behavioral traits.

Healthcare

Healthcare Authentication Passwords IoT

Microsoft Patch Tuesday for February 2023 fixed actively exploited zero-days

Security Affairs

FEBRUARY 14, 2023

“The attack itself is carried out locally by a user with authentication to the targeted system. An authenticated attacker could exploit the vulnerability by convincing a victim, through social engineering, to download and open a specially crafted file from a website which could lead to a local attack on the victim computer.”

Social Engineering

Social Engineering Engineering Authentication IoT

Flaws in Medtronic MyCareLink can allow attackers to take over implanted cardiac devices

Security Affairs

DECEMBER 15, 2020

Experts from IoT security firm Sternum discovered vulnerabilities discovered in Medtronic’s MyCareLink Smart 25000 Patient Reader product that could be exploited to take control of a paired cardiac device.

Firmware

Firmware Authentication Mobile IoT

Fortinet fixes critical FortiNAC RCE, install updates asap

Security Affairs

JUNE 23, 2023

FortiNAC helps organizations protect their network infrastructure by providing visibility and control over devices that connect to the network, such as laptops, smartphones, IoT devices, and other endpoints. Fortinet has released security updates to address a critical vulnerability, tracked as CVE-2023-33299 (CVSS score 9.6/10),

IoT

IoT Authentication Hacking Information Security

Siemens Metaverse exposes sensitive corporate data

Security Affairs

APRIL 15, 2023

Siemens Metaverse, a virtual space built to mirror real machines, factories, and other highly complex systems, has exposed sensitive data, including the company’s office plans and internet of things (IoT) devices. It contained ComfyApp credentials and endpoints.

Manufacturing

Manufacturing IoT Technology Authentication

The latest variant of the RapperBot botnet adds cryptojacking capabilities

Security Affairs

MAY 14, 2023

Researchers from FortiGuard Labs first discovered the previously undetected RapperBot IoT botnet in August, and reported that it is active since mid-June 2022. ssh/authorized_keys, anyone with the corresponding private key can authenticate the SSH server without supplying a password. ” We are in the final!

Malware

Malware IoT Passwords Authentication

Hacking firm I-Soon data leak revealed Chinese gov hacking capabilities

Security Affairs

FEBRUARY 26, 2024

pic.twitter.com/ucfPwk7zi6 — 安坂星海 Azaka VTuber (@AzakaSekai_) February 18, 2024 Azaka noticed that the hacking firm has a DDoS system relying on a bot that can infect Windows, Linux, or generic IoT devices. The individuals responsible for the data theft and their motivations remain unknown.

Hacking

Hacking Government Spyware Marketing

Security Affairs newsletter Round 435 by Pierluigi Paganini – International edition

Security Affairs

SEPTEMBER 3, 2023

ransomware builder used by multiple threat actors Cisco fixes 3 high-severity DoS flaws in NX-OS and FXOS software Cybercrime Unpacking the MOVEit Breach: Statistics and Analysis Cl0p Ups The Ante With Massive MOVEit Transfer Supply-Chain Exploit FBI, Partners Dismantle Qakbot Infrastructure in Multinational Cyber Takedown U.S.

Social Engineering

Social Engineering Spyware Data breaches Surveillance

How Dow Jones used the pandemic to undergo a zero trust overhaul

SC Magazine

MAY 18, 2021

It changed what was considered normal within that network, introducing more users overall, more mobile devices popping up on the network, and new cloud applications and IoT devices. They replaced their telecommunications network and built a new software-defined wide area network to handle policy, security and networking functions.

IoT

IoT Telecommunications Manufacturing Firewall

Telehealth: A New Frontier in Medicine—and Security

SecureList

FEBRUARY 1, 2022

Let’s see if there are any informational security issues with these wearables. Authentication for data transfer using this port is completely optional, and even when authentication is present, there is no encryption; in other words, the authentication data is sent as readable text.

Phishing

Phishing Healthcare IoT Authentication

Venafi Wins 2021 CyberSecurity Breakthrough Awards

CyberSecurity Insiders

OCTOBER 1, 2021

People rely on unique identities, like usernames, passwords and two-factor authentication, to get access to network data and services. The CyberSecurity Breakthrough Awards recognize innovation, hard work and success in a range of information security categories. There are two actors on every network: people and machines.

Cybersecurity

Cybersecurity Digital transformation IoT Marketing

Trusted Platform Module (TPM) 2.0 flaws could impact billions of devices

Security Affairs

MARCH 3, 2023

“An authenticated, local attacker could send maliciously crafted commands to a vulnerable TPM allowing access to sensitive data. ” Quarkslab researchers pointed out that the vulnerabilities could potentially affect billions of devices, including IoT devices, servers, and embedded systems. ” states Quarkslab.

Firmware

Firmware IoT Authentication Hacking

Gamblers’ data compromised after casino giant Strendus fails to set password

Security Affairs

NOVEMBER 15, 2023

The Cybernews research team discovered that Strendus, a Mexican-licensed online casino, had left public access to 85GB of its authentication logs, with hundreds of thousands of entries containing private gamblers’ data. The data was first indexed by IoT devices on March 8th, 2023. The data was likely compromised by unauthorized actors.

Passwords

Passwords Identity Theft Social Engineering Spyware

Flaws in Realtek RTL8170C Wi-Fi module allow hijacking wireless communications

Security Affairs

JUNE 3, 2021

Researchers from Israeli IoT security firm Vdoo found multiple vulnerabilities in the Realtek RTL8170C Wi-Fi module that could allow to elevate privileges and hijack wireless communications. ” reads a reported published by Vdoo.

Wireless

Wireless IoT Encryption Firmware

Million of vehicles can be attacked via MiCODUS MV720 GPS Trackers

Security Affairs

JULY 20, 2022

CVE-2022-2141 (CVSS score: 9.8) – Improper authentication allows a user to send some SMS commands to the GPS tracker without a password. CVE-2022-33944 (CVSS score: 6.5) – The main web server has an authenticated IDOR vulnerability on POST parameter “Device ID,” which accepts arbitrary Device IDs.

Manufacturing

Manufacturing Passwords Mobile Authentication

Sky.com servers exposed via misconfiguration

Security Affairs

OCTOBER 9, 2021

The configuration file, first indexed on an IoT search engine on September 7, appears to be the main configuration file of the application hosted on the ‘upliftmedia’ subdomain of Sky.com, and includes plain text access credentials to databases hosted on the Sky.com domain. What’s the impact?

IoT

IoT Media Engineering Education

19 petabytes of data exposed across 29,000+ unprotected databases

Security Affairs

MAY 7, 2021

While performing the search, we made sure that the open databases we found required no authentication whatsoever and were open for anyone to access, as opposed to those that had default credentials enabled. We excluded the latter because it would require us to log in to those databases without authorization, which would be unethical.

Passwords

Passwords Authentication Identity Theft Engineering

Experts found 125 new flaws in SOHO routers and NAS devices from multiple vendors

Security Affairs

SEPTEMBER 17, 2019

Internet-connected embedded devices are often placed into a broader category referred to as IoT devices. According to the experts, the level of security for IoT devices is slightly improved since SOHOpelessly Broken 1.0,

Manufacturing

Manufacturing IoT Advertising Authentication

Fortinet warns of a spike in attacks against TBK DVR devices

Security Affairs

MAY 2, 2023

FortiGuard Labs researchers observed a worrisome level of attacks attempting to exploit an authentication bypass vulnerability in TBK DVR devices. Threat actors are attempting to exploit a five-year-old authentication bypass issue, tracked as CVE-2018-9995 (CVSS score of 9.8), in TBK DVR devices.

Authentication

Authentication Retail Surveillance Education

Mirai code re-use in Gafgyt

Security Affairs

APRIL 16, 2021

Gafgyt (also known as Bashlite) is a prominent malware family for *nix systems, which mainly target vulnerable IoT devices like Huawei routers, Realtek routers and ASUS devices. Gafgyt uses existing vulnerabilities in IoT devices to turn them into bots and later perform DDoS attacks on specifically targeted IP addresses.

Malware

Malware DDOS IoT Firmware

Water utility CISO offers tips to stay secure as IT and OT converge

SC Magazine

APRIL 26, 2021

As critical infrastructure facilities increasingly converge their IT and OT systems, visibility into traditionally isolated operational systems is turning into a key security challenge. So far, “it’s been going really well,” she said. However, such modernization is not without risk.

CISO

CISO IoT VPN InfoSec

FBI warns of ransomware threat to food and agriculture

Malwarebytes

SEPTEMBER 3, 2021

The state of IoT is poor enough as it is, security wise. But the sector is only as secure as the technology it relies on, so our food supply requires secure IoT devices and Cloud services for food and agriculture too. Use multi-factor authentication with strong pass phrases where possible.

Ransomware

Ransomware Manufacturing Passwords Internet

Spotlight Podcast: Intel’s Matt Areno – Supply Chain is the New Security Battlefield

The Security Ledger

SEPTEMBER 18, 2020

. » Related Stories Spotlight Podcast: CTO Zulfikar Ramzan on RSA’s Next Act: Security Start-Up Spotlight Podcast: Taking a Risk-Based Approach to Election Security PKI Points the Way for Identity and Authentication in IoT. Unfortunately, the information security industry has been slow to respond.

Manufacturing

Manufacturing Engineering IoT Cyber threats

CVE-2021-20090 actively exploited to target millions of IoT devices worldwide

7 Top Tips for Accelerating your IoT Projects in 2021

Webinars

Trending Sources

IoT Cybersecurity: 5 Major Vulnerabilities and How to Tackle Them

Webinars

Microsoft warns of BadAlloc flaws in OT, IoT devices

Bot list with Telnet credentials for more than 500,000 servers and IoT devices leaked online

Hackers Could Cause ‘Fake Earthquakes’ by Exploiting Vulnerable Seismic Equipment, Researchers Warn

TheMoon bot infected 40,000 devices in January and February

Gucci IOT Bot Discovered Targeting European Region

XMR crypto miner switches from arm IoT devices to X86/I686 Intel servers

Spotlight: CTIA’s IoT Cybersecurity Certification is a Big Deal. Here’s why.

Access:7 flaws impact +150 device models from over 100 manufacturers

Realtek SDK flaws exploited to deliver Mirai bot variant

Experts share details of five flaws that can be chained to hack Netgear RAX30 Routers

New Linux botnet RapperBot brute-forces SSH servers

GUEST ESSAY : Advanced tech to defend API hacking is now readily available to SMBs

ModiPwn flaw in Modicon PLCs bypasses security mechanisms

New Mirai variant includes exploit for a flaw in Comtrend Routers

Flaws in Wyze cam devices allow their complete takeover

Decoding Security 127: We Got Conned

TLStorm flaws allow to remotely manipulate the power of millions of enterprise UPS devices

GUEST ESSAY: As cyber risks rise in 2020, as they surely will, don’t overlook physical security

7 Ways Enterprises are Taking Advantage of Biometrics

Microsoft Patch Tuesday for February 2023 fixed actively exploited zero-days

Flaws in Medtronic MyCareLink can allow attackers to take over implanted cardiac devices

Fortinet fixes critical FortiNAC RCE, install updates asap

Siemens Metaverse exposes sensitive corporate data

The latest variant of the RapperBot botnet adds cryptojacking capabilities

Hacking firm I-Soon data leak revealed Chinese gov hacking capabilities

Security Affairs newsletter Round 435 by Pierluigi Paganini – International edition

How Dow Jones used the pandemic to undergo a zero trust overhaul

Telehealth: A New Frontier in Medicine—and Security

Venafi Wins 2021 CyberSecurity Breakthrough Awards

Trusted Platform Module (TPM) 2.0 flaws could impact billions of devices

Gamblers’ data compromised after casino giant Strendus fails to set password

Flaws in Realtek RTL8170C Wi-Fi module allow hijacking wireless communications

Million of vehicles can be attacked via MiCODUS MV720 GPS Trackers

Sky.com servers exposed via misconfiguration

19 petabytes of data exposed across 29,000+ unprotected databases

Experts found 125 new flaws in SOHO routers and NAS devices from multiple vendors

Fortinet warns of a spike in attacks against TBK DVR devices

Mirai code re-use in Gafgyt

Water utility CISO offers tips to stay secure as IT and OT converge

FBI warns of ransomware threat to food and agriculture

Spotlight Podcast: Intel’s Matt Areno – Supply Chain is the New Security Battlefield

Stay Connected