Security Boulevard

JUNE 21, 2023

On June 20, 2023, Zyxel, a well-known network-attached storage (NAS) device manufacturer, disclosed a critical security flaw known as CVE-2023-27992. This pre-authentication command injection vulnerability has been assigned a high CVSS score of 9.8, indicating its severe impact and ease of exploitation.

Manufacturing 52

Manufacturing Authentication 52

Security Affairs

DECEMBER 24, 2022

The cybersecurity researcher RE-Solver discovered Backdoor credentials in ZyXEL LTE3301-M209 LTE indoor routers. Security researcher ReSolver announced the discovery of hardcoded credentials (CVE-2022-40602) in ZyXEL LTE3301-M209 LTE indoor routers. Below is the timeline for this issue: 12 Sep 2022: Vulnerability reported to ZyXEL.

Firmware 52

Firmware Passwords Hacking Cybersecurity 52

Security Affairs

APRIL 17, 2022

Enemybot is a DDoS botnet that targeted several routers and web servers by exploiting known vulnerabilities. Researchers from Fortinet discovered a new DDoS botnet, tracked as Enemybot, that has targeted several routers and web servers by exploiting known vulnerabilities. ” reads the analysis published by Fortinet.

DDOS 135

DDOS Architecture Malware Cybercrime 135

Security Affairs

MAY 29, 2022

sections “The Underdogs – Best Personal (non-commercial) Security Blog” and “The Tech Whizz – Best Technical Blog”). Please vote for Security Affairs and Pierluigi Paganini in every category that includes them (e.g. To nominate, please visit:?. Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini.

InfoSec 101

InfoSec Spyware DDOS Firewall 101

Security Affairs

APRIL 30, 2023

Nominate here: [link] Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, newsletter ) The post Security Affairs newsletter Round 417 by Pierluigi Paganini – International edition appeared first on Security Affairs.

Cybercrime 88

Cybercrime Malware Hacking Accountability 88

Security Affairs

MAY 15, 2022

Please vote for Security Affairs as the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS Vote for me in the sections “The Underdogs – Best Personal (non-commercial) Security Blog” and “The Tech Whizz – Best Technical Blog” and others of your choice. Pierluigi Paganini.

Hacking 71

Hacking Ransomware Manufacturing Firewall 71

CyberSecurity Insiders

NOVEMBER 11, 2021

Deployed with more than 30 exploits, it has the potential of targeting millions of routers and IoT devices. Key Takeaways: BotenaGo has more than 30 different exploit functions to attack a target. Mapping attack functions to relevant vulnerable systems. Exploit delivery. It also has different DDoS functionality.

Malware 85

Malware IoT Firmware Authentication 85

Security Affairs

MAY 22, 2022

Please vote for Security Affairs as the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS Vote for me in the sections “The Underdogs – Best Personal (non-commercial) Security Blog” and “The Tech Whizz – Best Technical Blog” and others of your choice.

Ransomware 73

Ransomware Firewall Hacking Malware 73

Security Affairs

JUNE 8, 2022

The nation-state actors exploit publicly known vulnerabilities to compromise the target infrastructure. . The RouterSploit Framework allows operators to scan for vulnerable embedded devices, while RouterScan allows for the scanning of IP addresses for vulnerabilities. To nominate, please visit:?. Pierluigi Paganini.

Telecommunications 95

Telecommunications Authentication Passwords Accountability 95

CyberSecurity Insiders

JANUARY 26, 2022

Since the Mirai botnet can be now modified and compiled by different adversaries, many new variants have become available over time featuring new capabilities and new exploits. The top of the source code on GitHub shows a comment with the list of current exploits for “supported” vendors and software, as shown in Figure 1.

Malware 81

Malware IoT Authentication Antivirus 81

Security Affairs

SEPTEMBER 8, 2019

Hi folk, let me inform you that I suspended the newsletter service, anyway I’ll continue to provide you a list of published posts every week through the blog. Android Zero-Day exploits are the most expensive in the new Zerodium price list. Some Zyxel devices can be hacked via DNS requests. Once again thank you!

IoT 75

IoT Data breaches DNS Advertising 75

Security Affairs

JUNE 17, 2019

The attackers are leveraging a still-unpatched zero-day vulnerability, tracked as CVE-2017-6526 , to gain full control over the targeted systems. The vulnerability in dnaLIMS was reported to the vendor in 2017, but it is still unpatched. ” reads a blog post published by the expert. Why DNA sequencing apps?

DDOS 78

DDOS Advertising IoT Marketing 78