Blog, DNS and Firmware - Cyber Security Informer

CosmicStrand: the discovery of a sophisticated UEFI firmware rootkit

SecureList

JULY 25, 2022

One of the main draws towards malware nested in such low levels of the operating system is that it is extremely difficult to detect and, in the case of firmware rootkits, will ensure a computer remains in an infected state even if the operating system is reinstalled or the user replaces the machine’s hard drive entirely.

Firmware

Firmware DNS Malware Technology

IoT Unravelled Part 3: Security

Troy Hunt

NOVEMBER 25, 2020

I also looked at custom firmware and soldering and why, to my mind, that was a path I didn't need to go down at this time. Let's got through the options: Firmware Patching I'll start with the devices themselves and pose a question to you: can you remember the last time you patched the firmware in your light globes? Or vibrator.

IoT

IoT Firmware Risk Manufacturing

For nearly a year, Brazilian users have been targeted with router attacks

Security Affairs

JULY 13, 2019

The campaign uncovered by Avast aimed at silently modifying the Brazilian users’ Domain Name System (DNS) settings to redirect victims to malicious websites mimicking legitimate ones. ” reads a blog post published by Avast. Most recently, Netflix became a popular domain for DNS hijackers.” concludes Avast.

DNS

DNS Passwords Advertising Banking

Experts share details of five flaws that can be chained to hack Netgear RAX30 Routers

Security Affairs

MAY 11, 2023

An attacker could also use these vulnerabilities to access and control networked smart devices (security cameras, thermostats, smart locks), change router settings including credentials or DNS settings, or use a compromised network to launch attacks against other devices or networks.” ” reads the advisory published by NETGEAR.

Hacking

Hacking Firmware Authentication DNS

Smart Tvs require even smarter security measures

Security Boulevard

JUNE 21, 2023

Pre-Installed Malware In Firmware Because the malware is "baked into" the firmware, it's no easy feat to remove the malware, or even possible. A Pi-hole generally runs on a Raspberry Pi (hence the name) and acts as the DNS resolver for the devices on your home network.

Firmware

Firmware DNS Malware Manufacturing

Multiple flaws in Teltonika industrial cellular router expose OT networks to hack

Security Affairs

MAY 16, 2023

The platform provides real-time monitoring and control, it also supports advanced features such as device management, software and firmware updates, GPS tracking, and data visualization. The compromised industrial devices may also be used to launch attacks against other devices or networks.” ” reads the advisory from CISA.

Hacking

Hacking Manufacturing Internet Internet

IT threat evolution Q1 2022

SecureList

MAY 27, 2022

MoonBounce: the dark side of UEFI firmware. Late last year, we became aware of a UEFI firmware-level compromise through logs from our firmware scanner (integrated into Kaspersky products at the start of 2019). Targeted attacks. Since 2018, we have been tracking Roaming Mantis – a threat actor that targets Android devices.

Phishing

Phishing Spyware Firmware Malware

Memory Safe Languages in Android 13

Google Security

DECEMBER 1, 2022

This matches the expectations published in our blog post 2 years ago about the age of memory safety vulnerabilities and why our focus should be on new code, not rewriting existing components. We’ve migrated VM firmware in the Android Virtualization Framework to Rust. There are approximately 1.5 With support for Rust landing in Linux 6.1

DNS

DNS Accountability Firmware Risk

Remotely Accessing Secure Kali Pi

Kali Linux

NOVEMBER 27, 2022

In Secure Kali Pi (2022) , the first blog post in the Raspberry Pi series, we set up a Raspberry Pi 4 with full disk encryption. author: Broadcom Corporation firmware: brcm/brcmfmac*-sdio.*.bin bin firmware: brcm/brcmfmac*-sdio.*.txt We mentioned that we can leave it somewhere as a drop box. wireless LAN fullmac driver.

Firmware

Firmware Wireless Passwords VPN

DDoS attacks in Q4 2020

SecureList

FEBRUARY 16, 2021

The DTLS (Datagram Transport Layer Security) protocol is used to establish secure connections over UDP, through which most DNS queries, as well as audio and video traffic, are sent. After the attacks came to light, the manufacturer promptly released a firmware update for configuring verification of incoming requests.

DDOS

DDOS Cryptocurrency Marketing Internet

Community Showcase: Raspberry Pi Zero W P4wnP1 A.L.O.A.

Kali Linux

OCTOBER 12, 2022

A L ittle O ffensive A pplication)” It takes the standard Kali Linux image and adds custom software and some extra firmware designed for the Raspberry Pi Zero W to turn it into a Swiss Army knife of attacks and exfiltration. port=53 --secret=5672ddb107fe2f33e490a83e8d1036ca Creating DNS driver: domain = (null) host = 0.0.0.0

Wireless

Wireless DNS Passwords Internet

Kali Linux 2021.1 Release (Command-Not-Found)

Kali Linux

FEBRUARY 23, 2021

Kali’s Website Until recently, the only way you could be reading this would have been from our RSS feed or directly from our blog (as we only recently made the announcement of the Kali Newletter ). If you’d like to see it in action, David Bombal has put out a video of it.

Wireless

Wireless Firmware DNS Architecture

Deploying Rust in Existing Firmware Codebases

Google Security

SEPTEMBER 4, 2024

To provide a secure foundation, we’re extending hardening and the use of memory-safe languages to low-level firmware (including in Trusty apps ). In this blog post, we'll show you how to gradually introduce Rust into your existing firmware , prioritizing new code and the most security-critical code. no_std] attribute.

Firmware

Firmware Architecture Software DNS

Unraveling Raspberry Robin's Layers: Analyzing Obfuscation Techniques and Core Mechanisms

Security Boulevard

NOVEMBER 19, 2024

In this blog, Zscaler ThreatLabz provides an in-depth analysis of Raspberry Robin’s functionality, including its execution layers, obfuscation methods, and network communication process along with its latest exploits.Key TakeawaysRaspberry Robin uses an extensive set of anti-analysis methods.

Antivirus

Antivirus Encryption Firewall Malware

APT trends report Q1 2022

SecureList

APRIL 27, 2022

On March 1, ESET published a blog post related to wipers used in Ukraine and to the ongoing conflict: in addition to HermeticWiper, this post introduced IsaacWiper, used to target specific machines previously compromised with another remote administration tool named RemCom, commonly used by attackers for lateral movement within compromised networks.

Malware

Malware Firmware Government Phishing

APT trends report Q3 2021

SecureList

OCTOBER 26, 2021

In June, more than six months after DarkHalo had gone dark, we observed the DNS hijacking of multiple government zones of a CIS member state that allowed the attacker to redirect traffic from government mail servers to computers under their control – probably achieved by obtaining credentials to the control panel of the victims’ registrar.

Malware

Malware Government Surveillance Spyware

Cyber Security Informer

CosmicStrand: the discovery of a sophisticated UEFI firmware rootkit

IoT Unravelled Part 3: Security

Trending Sources

For nearly a year, Brazilian users have been targeted with router attacks

Experts share details of five flaws that can be chained to hack Netgear RAX30 Routers

Smart Tvs require even smarter security measures

Multiple flaws in Teltonika industrial cellular router expose OT networks to hack

IT threat evolution Q1 2022

Memory Safe Languages in Android 13

Remotely Accessing Secure Kali Pi

DDoS attacks in Q4 2020

Community Showcase: Raspberry Pi Zero W P4wnP1 A.L.O.A.

Kali Linux 2021.1 Release (Command-Not-Found)

Deploying Rust in Existing Firmware Codebases

Unraveling Raspberry Robin's Layers: Analyzing Obfuscation Techniques and Core Mechanisms

APT trends report Q1 2022

APT trends report Q3 2021

Stay Connected