Security Affairs

NOVEMBER 5, 2024

Affected devices use VHD PTZ camera firmware < 6.3.40 Organizations using VHD PTZ camera firmware < 6.3.40 Organizations using VHD PTZ camera firmware < 6.3.40 The manufacturer released firmware updates addressing these flaws.” GreyNoise worked with VulnCheck to disclose the two vulnerabilities responsibly.

Firmware 127

Firmware Manufacturing Authentication IoT 127

Security Affairs

NOVEMBER 1, 2021

Researchers demonstrated how crooks could hack Diebold Nixdorf’s Wincor Cineo ATMs to bypass black-box attack protections and withdraw cash. The ATM black box attacks are quite popular in the cybercrime underground and several threat actors offer the hardware equipment and malware that could be used to compromise the ATMs.

Hacking 138

Hacking Firmware Encryption Manufacturing 138

Security Affairs

NOVEMBER 16, 2018

According to Group-IB’s report findings, Asia is one of the most actively attacked regions in the world, the company presented latest cybercrime trends. The attackers’ research vector is now shifting from software vulnerabilities to those located at the hardware and firmware level. Attacks on Crypto. Pierluigi Paganini.

Cybercrime 108

Cybercrime Hacking Banking Phishing 108

Security Affairs

JANUARY 16, 2025

The researchers found that the botnet comprises MikroTik routers with various firmware versions, including recent ones. ” Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking, MikroTik botnet)

DNS 139

DNS Malware Firmware Authentication 139

Security Affairs

APRIL 2, 2025

The researchers speculate that threat actors behind this variant have compromised the supply chain, so stores may not even suspect that they are selling smartphones infected with Triada “The new version of the malware is distributed in the firmware of infected Android devices. It is located in the system framework.

Cryptocurrency 123

Cryptocurrency Malware Mobile Firmware 123

Security Affairs

AUGUST 16, 2024

Threat actors could exploit this flaw to inject malicious code, execute commands with system privileges, and take over devices, potentially leading to serious cybercrimes and data breaches. The app is preinstalled in Pixel firmware and included in Google’s OTA updates for Pixel devices.

Hacking 144

Hacking Firmware Mobile Penetration Testing 144

Krebs on Security

SEPTEMBER 10, 2021

It’s not immediately clear which security vulnerabilities led to these estimated 250,000 MikroTik routers getting hacked by Meris. “The largest share belongs to the version of firmware previous to the current stable one.” ” Qrator’s breakdown of Meris-infected MikroTik devices by operating system version.

IoT 353

IoT DDOS Internet Internet 353

Security Affairs

DECEMBER 19, 2024

To mitigate the exposure to these threats, users are recommended to change default credentials, use strong passwords, review access logs, employ firewalls and IDS/IPS, and keep firmware up-to-date. Keep Software Updated : Apply the latest firmware updates to patch vulnerabilities. Implement strong, unique passwords across devices.

DDOS 67

DDOS Firmware Firewall Passwords 67

Security Affairs

JUNE 19, 2024

.” Earlier this week IntelBroker announced on the BreachForums cybercrime forum that they were “selling the AMD.com data breach.” The allegedly stolen data includes information on future products, datasheets, employee and customer databases, property files, firmware, source code, and financial documentation.

Data breaches 139

Data breaches Firmware Cybercrime Media 139

Security Affairs

JULY 18, 2021

x firmware in an imminent ransomware campaign using stolen credentials.” The exploitation targets a known vulnerability that has been patched in newer versions of firmware.”. The network equipment vendor is now urging customers to update the firmware of their devices as soon as possible. reads the alert published by the company.

Ransomware 139

Ransomware Firmware Mobile InfoSec 139

Security Affairs

DECEMBER 26, 2024

“One of the easiest methods for threat actors to compromise new hosts is to target outdated firmware or retired hardware.” Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,botnet) in newer ones. ” concludes the report.

Manufacturing 90

Manufacturing Malware Firmware IoT 90

Krebs on Security

JULY 25, 2023

Now new findings reveal that AVrecon is the malware engine behind a 12-year-old service called SocksEscort , which rents hacked residential and small business devices to cybercriminals looking to hide their true location online. Image: Lumen’s Black Lotus Labs. Usually, these users have no idea their systems are compromised.

Malware 244

Malware VPN Internet Internet 244

Security Affairs

FEBRUARY 28, 2025

Users may also mistakenly believe TV boxes are more secure than smartphones and are less likely to install antivirus software, increasing their risk when downloading third-party apps or unofficial firmware. By sharing our findings, we aim to contribute to the fight against cybercrime and raise awareness of this formidable threat.”

Antivirus 66

Antivirus Firmware Encryption Manufacturing 66

Security Affairs

JUNE 25, 2024

The flaw is a command injection vulnerability in the “setCookie” parameter in Zyxel NAS326 firmware versions before V5.21(AAZF.17)C0 17)C0 and NAS542 firmware versions before V5.21(ABAG.14)C0. The vulnerability affects NAS326 running firmware versions 5.21(AAZF.16)C0 16)C0 and earlier, and NAS542 running firmware versions 5.21(ABAG.13)C0

Firmware 126

Firmware Hacking Cybercrime Information Security 126

Security Affairs

JANUARY 29, 2025

In mid-July 2024, Mitel addressed the vulnerability with the release of firmware updates. “In his GitHub README, Burns reported that he found that the Mitel 6869i SIP phone, firmware version 6.3.0.1020, failed to sanitize user-supplied input properly, and he found multiple endpoints vulnerable to this. HF1 (R6.4.0.136).

DDOS 69

DDOS Firmware Malware Firewall 69

Security Affairs

NOVEMBER 11, 2021

Ax with firmware 1.04b12 and earlier CVE-2016-1555 Netgear WN604 before 3.3.3 CVE-2017-6077 NETGEAR DGN2200 devices with firmware through 10.0.0.50 CVE-2020-9054 Multiple ZyXEL network-attached storage (NAS) devices running firmware version 5.2, Affected products include: NAS326 before firmware V5.21(AAZF.7)C0 A2pvI042j1.d26m

IoT 141

IoT Firmware Malware Wireless 141

Security Affairs

JANUARY 14, 2025

” The researchers noticed that the attack targeted firmware versions of devices ranging between 7.0.14 Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,FortiGate) and 7.0.16, which were released on February 2024 and October 2024 respectively.

Firewall 84

Firewall VPN Accountability Firmware 84

Security Affairs

DECEMBER 17, 2023

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. CISA and ENISA enhance their Cooperation CISA adds Qlik bugs to exploited vulnerabilities catalog Report: 2.6 CISA and ENISA enhance their Cooperation CISA adds Qlik bugs to exploited vulnerabilities catalog Report: 2.6

Data breaches 126

Data breaches Cybercrime Firewall Ransomware 126

Security Affairs

DECEMBER 8, 2021

The vulnerability is an unauthenticated Remote Code Execution (RCE) vulnerability in Hikvision IP camera/NVR firmware, it was discovered by a security researcher that goes online with the moniker “Watchful IP.”. The expert pointed out that every firmware developed since 2016 has been tested and found to be vulnerable.

Firmware 144

Firmware DDOS Malware IoT 144

Security Affairs

OCTOBER 7, 2021

It could be quite easy for threat actors in the wild to find exposed Dahua devices using a search engine like Shodan and attempt to hack them using the available PoC code. In order to protect Dahua devices, users have to install the latest firmware version. SecurityAffairs – hacking, Dahua cameras). Pierluigi Paganini.

Authentication 145

Authentication Firmware Hacking Engineering 145

Security Affairs

JUNE 16, 2024

London hospitals canceled over 800 operations in the week after Synnovis ransomware attack DORA Compliance Strategy for Business Leaders City of Cleveland still working to fully restore systems impacted by a cyber attack Two Ukrainians accused of spreading Russian propaganda and hack soldiers’ phones Google fixed an actively exploited zero-day (..)

Data breaches 126

Data breaches Hacking Ransomware Cyber Attacks 126

Security Affairs

SEPTEMBER 13, 2024

Users may also mistakenly believe TV boxes are more secure than smartphones and are less likely to install antivirus software, increasing their risk when downloading third-party apps or unofficial firmware.

Malware 141

Malware Firmware Antivirus Manufacturing 141

Security Affairs

SEPTEMBER 14, 2024

CISA adds SonicWall SonicOS, ImageMagick and Linux Kernel bugs to its Known Exploited Vulnerabilities catalog Electronic payment gateway Slim CD disclosed a data breach impacting 1.7M

Data breaches 124

Data breaches Computers and Electronics Spyware Cybercrime 124

The Last Watchdog

APRIL 28, 2020

That, of course, presents the perfect environment for cybercrime that pivots off social engineering. Sadly, coronavirus phishing and ransomware hacks already are in high gear. What people will eventually come to realize, the sooner the better, is that we will need to flatten the X factor represented by cybercrime.

Social Engineering 174

Social Engineering Cyber Attacks Scams Phishing 174

Security Affairs

SEPTEMBER 2, 2021

“we disclose BrakTooth, a family of new security vulnerabilities in commercial BT stacks that range from denial of service (DoS) via firmware crashes and deadlocks in commodity hardware to arbitrary code execution (ACE) in certain IoTs.” SecurityAffairs – hacking, BrakTooth). ” continue the researchers.

Firmware 126

Firmware Manufacturing IoT Technology 126

Security Affairs

AUGUST 24, 2021

On August 15, firmware security company IoT Inspector published details about the flaws. SecurityAffairs – hacking, InkySquid). SecurityAffairs – hacking, Realtek). SAM Seamless Network observed threat actors exploiting the vulnerabilities since August 18. ” reported IoT Inspector. Pierluigi Paganini. Pierluigi Paganini.

IoT 135

IoT Firmware Internet Internet 135

Security Affairs

FEBRUARY 23, 2022

. “The actor has so far primarily deployed Cyclops Blink to WatchGuard devices, but it is likely that Sandworm would be capable of compiling the malware for other architectures and firmware.” The malware leverages the firmware update process to achieve persistence. SecurityAffairs – hacking, CISA).

Malware 114

Malware Firmware Architecture Firewall 114

Security Affairs

JANUARY 29, 2022

QNAP forces its customers to update the firmware of their Network Attached Storage (NAS) devices to protect against the DeadBolt ransomware. QNAP forced the firmware update for its Network Attached Storage (NAS) devices to protect its customers against the DeadBolt ransomware. SecurityAffairs – hacking, QNAP).

Ransomware 118

Ransomware Firmware Encryption Engineering 118

Security Affairs

MAY 21, 2023

Please vote for Security Affairs ( [link] ) as the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS Vote for me in the sections where is reported Securityaffairs or my name Pierluigi Paganini Please nominate Security Affairs as your favorite blog.

Data breaches 98

Data breaches Cybercrime Ransomware Hacking 98

Security Affairs

MARCH 21, 2021

Hackers also posted images captured from the hacked surveillance video on Twitter with an #OperationPanopticon hashtag, published images show that they have gained root shell access to the surveillance cameras used by Telsa and Cloudflare. The initial charges are for previous hacking activities as the they date from September 2020.

Identity Theft 108

Identity Theft Computers and Electronics Surveillance Hacking 108

Security Affairs

JULY 15, 2022

Dragos experts investigated an infection of DirectLogic PLCs from Automation Direct, they performed reverse engineering of the password cracking tool and discovered it did not crack the password at all, rather, it exploited a vulnerability in the firmware to retrieve the password on command. SecurityAffairs – hacking, Sality malware).

Passwords 131

Passwords Software Firmware Malware 131

Security Affairs

APRIL 25, 2022

ALPHV has been advertising the BlackCat Ransomware-as-a-Service (RaaS) on the cybercrime forums XSS and Exploit since early December. Install updates/patch operating systems, software, and firmware as soon as updates/patches are released. SecurityAffairs – hacking, BlackCat ransomware). hard drive, storage device, the cloud).

Ransomware 136

Ransomware Antivirus Passwords Malware 136

Security Affairs

AUGUST 11, 2023

The vulnerability impacts devices running firmware versions 7.3.15.0 Zyxel addressed the vulnerability in 2017 with the release of new firmware, however, the vendor warned that a Gafgyt variant was exploiting the flaw in 2019. Additionally, the P660HN-T1A running the latest generic firmware, version 3.40(BYF.11), 0)b31 or older.

Firmware 98

Firmware Hacking Cybercrime Information Security 98

Security Affairs

MARCH 22, 2022

At the end of January, QNAP forced the firmware update for its Network Attached Storage (NAS) devices to protect its customers against the DeadBolt ransomware. ” After QNAP forced the firmware security update, the number of infections dropped to less than 300 in March. SecurityAffairs – hacking, QNAP).

Ransomware 102

Ransomware Firmware Internet Internet 102

Security Affairs

AUGUST 4, 2020

At the time, the Maze ransomware operators only released three screenshots as proof of the data breaches on the Maze ransomware leak site: Researchers from ZDNet who analyzed the leaked data confirmed that it included source code for the firmware of various LG products, including phones and laptops. SecurityAffairs – hacking, ransomware).

Ransomware 144

Ransomware Encryption Advertising Hacking 144

Security Affairs

JUNE 1, 2023

“Improper error message handling in Zyxel ZyWALL/USG series firmware versions 4.60 through 4.73, VPN series firmware versions 4.60 through 5.35, USG FLEX series firmware versions 4.60 through 5.35, and ATP series firmware versions 4.60 ” reads the advisory published by NIST.

Firewall 98

Firewall Firmware VPN DDOS 98

Security Affairs

JANUARY 15, 2025

A previously unknown threat actor released config files and VPN passwords for Fortinet FortiGate devices on a popular cybercrime forum. “The build date coded in the last number block also points to the same date range: None of the firewall firmwares examined had been compiled after September 14, 2022.”

VPN 90

VPN Passwords Firewall Firmware 90