Security Affairs

JULY 18, 2021

x firmware in an imminent ransomware campaign using stolen credentials.” The exploitation targets a known vulnerability that has been patched in newer versions of firmware.”. The network equipment vendor is now urging customers to update the firmware of their devices as soon as possible. reads the alert published by the company.

Ransomware 116

Ransomware Firmware Mobile InfoSec 116

Krebs on Security

JULY 25, 2023

Now new findings reveal that AVrecon is the malware engine behind a 12-year-old service called SocksEscort , which rents hacked residential and small business devices to cybercriminals looking to hide their true location online. Image: Lumen’s Black Lotus Labs. Usually, these users have no idea their systems are compromised.

Malware 203

Malware VPN Internet Internet 203

Security Affairs

MAY 21, 2023

Please vote for Security Affairs ( [link] ) as the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS Vote for me in the sections where is reported Securityaffairs or my name Pierluigi Paganini Please nominate Security Affairs as your favorite blog.

Data breaches 87

Data breaches Cybercrime Ransomware Passwords 87

Security Affairs

JUNE 1, 2023

“Improper error message handling in Zyxel ZyWALL/USG series firmware versions 4.60 through 4.73, VPN series firmware versions 4.60 through 5.35, USG FLEX series firmware versions 4.60 through 5.35, and ATP series firmware versions 4.60 ” reads the advisory published by NIST.

Firewall 91

Firewall Firmware VPN DDOS 91

Security Affairs

AUGUST 11, 2023

The vulnerability impacts devices running firmware versions 7.3.15.0 Zyxel addressed the vulnerability in 2017 with the release of new firmware, however, the vendor warned that a Gafgyt variant was exploiting the flaw in 2019. Additionally, the P660HN-T1A running the latest generic firmware, version 3.40(BYF.11), 0)b31 or older.

Firmware 75

Firmware Hacking Cybercrime Information Security 75

Security Affairs

NOVEMBER 11, 2021

Ax with firmware 1.04b12 and earlier CVE-2016-1555 Netgear WN604 before 3.3.3 CVE-2017-6077 NETGEAR DGN2200 devices with firmware through 10.0.0.50 CVE-2020-9054 Multiple ZyXEL network-attached storage (NAS) devices running firmware version 5.2, Affected products include: NAS326 before firmware V5.21(AAZF.7)C0 A2pvI042j1.d26m

IoT 123

IoT Firmware Malware Wireless 123

Security Affairs

DECEMBER 8, 2021

The vulnerability is an unauthenticated Remote Code Execution (RCE) vulnerability in Hikvision IP camera/NVR firmware, it was discovered by a security researcher that goes online with the moniker “Watchful IP.”. The expert pointed out that every firmware developed since 2016 has been tested and found to be vulnerable.

Firmware 122

Firmware DDOS Malware IoT 122

Krebs on Security

SEPTEMBER 10, 2021

It’s not immediately clear which security vulnerabilities led to these estimated 250,000 MikroTik routers getting hacked by Meris. “The largest share belongs to the version of firmware previous to the current stable one.” ” Qrator’s breakdown of Meris-infected MikroTik devices by operating system version.

IoT 290

IoT DDOS Internet Internet 290

Security Affairs

OCTOBER 7, 2021

It could be quite easy for threat actors in the wild to find exposed Dahua devices using a search engine like Shodan and attempt to hack them using the available PoC code. In order to protect Dahua devices, users have to install the latest firmware version. SecurityAffairs – hacking, Dahua cameras). Pierluigi Paganini.

Authentication 127

Authentication Firmware Hacking Engineering 127

Security Affairs

MAY 16, 2022

Researchers devised an attack technique to tamper the firmware and execute a malware onto a Bluetooth chip when an iPhone is “off.” Unlike NFC and UWB chips, the Bluetooth firmware is neither signed nor encrypted opening the doors to modification. SecurityAffairs – hacking, domain name system). Pierluigi Paganini.

Malware 96

Malware Wireless Firmware Mobile 96

Security Affairs

MARCH 22, 2022

At the end of January, QNAP forced the firmware update for its Network Attached Storage (NAS) devices to protect its customers against the DeadBolt ransomware. ” After QNAP forced the firmware security update, the number of infections dropped to less than 300 in March. SecurityAffairs – hacking, QNAP).

Ransomware 97

Ransomware Firmware Internet Internet 97

Krebs on Security

MAY 22, 2023

This email address is also connected to accounts on several Russian cybercrime forums, including “ __edman__ ,” who had a history of selling “logs” — large amounts of data stolen from many bot-infected computers — as well as giving away access to hacked Internet of Things (IoT) devices.

Scams 243

Scams DDOS Cryptocurrency Accountability 243

Security Affairs

MAY 14, 2023

ransom Dragon Breath APT uses double-dip DLL sideloading strategy International Press Cybercrime San Bernardino County pays $1.1-million ransom Dragon Breath APT uses double-dip DLL sideloading strategy International Press Cybercrime San Bernardino County pays $1.1-million

Data breaches 88

Data breaches DDOS Artificial Intelligence Ransomware 88

Security Affairs

FEBRUARY 23, 2022

. “The actor has so far primarily deployed Cyclops Blink to WatchGuard devices, but it is likely that Sandworm would be capable of compiling the malware for other architectures and firmware.” The malware leverages the firmware update process to achieve persistence. SecurityAffairs – hacking, CISA).

Malware 91

Malware Firmware Architecture Firewall 91

Malwarebytes

OCTOBER 20, 2022

LAPSUS$ is a relative newcomer to the cybercrime scene that first appeared in the summer of 2021. Two of the seven suspects were charged with hacking offenses and one was re-arrested later after an attack on Rockstar Games. It has made a name for itself by leaking sensitive information from some big targets. Organized crime.

Cybercrime 74

Cybercrime Firmware Encryption Internet 74

Security Affairs

NOVEMBER 20, 2021

SecurityAffairs – hacking, newsletter). If you want to also receive for free the newsletter with the international press subscribe here. Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini. The post Security Affairs newsletter Round 341 appeared first on Security Affairs.

Banking 67

Banking Small Business Data breaches Firmware 67

Security Affairs

JANUARY 29, 2022

QNAP forces its customers to update the firmware of their Network Attached Storage (NAS) devices to protect against the DeadBolt ransomware. QNAP forced the firmware update for its Network Attached Storage (NAS) devices to protect its customers against the DeadBolt ransomware. SecurityAffairs – hacking, QNAP).

Ransomware 90

Ransomware Firmware Encryption Engineering 90

Security Affairs

SEPTEMBER 2, 2021

“we disclose BrakTooth, a family of new security vulnerabilities in commercial BT stacks that range from denial of service (DoS) via firmware crashes and deadlocks in commodity hardware to arbitrary code execution (ACE) in certain IoTs.” SecurityAffairs – hacking, BrakTooth). ” continue the researchers.

Firmware 89

Firmware Manufacturing IoT Technology 89

Security Affairs

JULY 15, 2022

Dragos experts investigated an infection of DirectLogic PLCs from Automation Direct, they performed reverse engineering of the password cracking tool and discovered it did not crack the password at all, rather, it exploited a vulnerability in the firmware to retrieve the password on command. SecurityAffairs – hacking, Sality malware).

Passwords 113

Passwords Software Firmware Malware 113

Security Affairs

AUGUST 24, 2021

On August 15, firmware security company IoT Inspector published details about the flaws. SecurityAffairs – hacking, InkySquid). SecurityAffairs – hacking, Realtek). SAM Seamless Network observed threat actors exploiting the vulnerabilities since August 18. ” reported IoT Inspector. Pierluigi Paganini. Pierluigi Paganini.

IoT 123

IoT Firmware Internet Internet 123

Security Affairs

APRIL 7, 2023

Multinational IT corporation MSI (Micro-Star International) confirms security breach after Money Message ransomware gang claimed the hack. This week the ransomware gang Money Message announced to have hacked the Taiwanese multinational IT corporation MSI (Micro-Star International).

Ransomware 86

Ransomware Firmware Hacking Manufacturing 86

Security Affairs

APRIL 2, 2022

The threat actors added TOTOLINK exploits just a week after the exploit codes were publicly released on GitHub in the attempt to compromise the largest number of devices as possible before the owners upgrade to the latest firmware releases. TOTOLINK has already addressed these flaws with the release of new firmware for vulnerable devices.

DDOS 85

DDOS Firmware Surveillance IoT 85

The Last Watchdog

APRIL 28, 2020

That, of course, presents the perfect environment for cybercrime that pivots off social engineering. Sadly, coronavirus phishing and ransomware hacks already are in high gear. What people will eventually come to realize, the sooner the better, is that we will need to flatten the X factor represented by cybercrime.

Social Engineering 174

Social Engineering Cyber Attacks Scams Engineering 174

Security Affairs

MARCH 13, 2022

SecurityAffairs – hacking, newsletter). If you want to also receive for free the newsletter with the international press subscribe here. CVE-2022-0492 flaw in Linux Kernel cgroups feature allows container escape Charities and NGOs providing support in Ukraine hit by malware. Follow me on Twitter: @securityaffairs and Facebook.

Data breaches 85

Data breaches Firmware Hacking Ransomware 85

Security Affairs

MARCH 21, 2021

Hackers also posted images captured from the hacked surveillance video on Twitter with an #OperationPanopticon hashtag, published images show that they have gained root shell access to the surveillance cameras used by Telsa and Cloudflare. The initial charges are for previous hacking activities as the they date from September 2020.

Identity Theft 73

Identity Theft Computers and Electronics Surveillance Hacking 73

Security Affairs

OCTOBER 22, 2022

US government agencies warned that the Daixin Team cybercrime group is actively targeting the U.S. CISA, the FBI, and the Department of Health and Human Services (HHS) warned that the Daixin Team cybercrime group is actively targeting U.S. SecurityAffairs – hacking, Daixin Team). Pierluigi Paganini.

Ransomware 69

Ransomware VPN Cybercrime Accountability 69

Security Affairs

APRIL 25, 2022

ALPHV has been advertising the BlackCat Ransomware-as-a-Service (RaaS) on the cybercrime forums XSS and Exploit since early December. Install updates/patch operating systems, software, and firmware as soon as updates/patches are released. SecurityAffairs – hacking, BlackCat ransomware). hard drive, storage device, the cloud).

Ransomware 106

Ransomware Antivirus Passwords Malware 106

Security Affairs

MAY 19, 2023

The Lemon Group cybercrime ring has reportedly pre-installed malware known as Guerilla on almost 9 million Android devices. A cybercrime group tracked has Lemon Group has reportedly pre-installed malware known as Guerilla on almost 9 million Android devices.

Mobile 86

Mobile Advertising Malware Cybercrime 86

Security Affairs

JULY 31, 2022

SecurityAffairs – hacking, newsletter). and Blackmatter ransomware U.S. increased rewards for info on North Korea-linked threat actors to $10 million Threat actors leverages DLL-SideLoading to spread Qakbot malware Zero Day attacks target online stores using PrestaShop? million Twitter accounts available for sale. Pierluigi Paganini.

Firmware 71

Firmware Surveillance Malware DDOS 71

Security Affairs

FEBRUARY 6, 2022

SecurityAffairs – hacking, newsletter). Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini. The post Security Affairs newsletter Round 352 appeared first on Security Affairs.

Social Engineering 79

Social Engineering Cryptocurrency Small Business Ransomware 79

Security Affairs

OCTOBER 26, 2021

Install updates/patch operating systems, software, and firmware as soon as updates/patches are released. SecurityAffairs – hacking, Ranzy Locker ransomware). Implement network segmentation, such that all machines on your network are not accessible from every other machine. Disable hyperlinks in received emails. Pierluigi Paganini.

Ransomware 129

Ransomware Firmware Antivirus Accountability 129

Security Affairs

JULY 5, 2019

Experts discovered a malicious app on Google Play, named Updates for Samsung , that was downloaded by over ten million users that poses as firmware updates. Over ten million users have installed a fake Samsung app named “ Updates for Samsung ” that poses as firmware updates. com via HTTPS. ” concludes the expert.

Scams 70

Scams Firmware Advertising Software 70

Security Affairs

APRIL 25, 2023

In March, TP-Link released a firmware update to address multiple issues, including this vulnerability. The vulnerability was first reported to ZDI during the Pwn2Own Toronto 2022 event. Working exploits for LAN and WAN interface accesses were respectively reported by Team Viettel and Qrious Security.

DDOS 90

DDOS Engineering Firmware Architecture 90

Security Affairs

DECEMBER 22, 2022

Maintain device health with updates: Make sure devices are up to date with the latest firmware and patches. SecurityAffairs – hacking, botnet). Ensure secure configurations for devices: Change the default password to a strong one, and block SSH from external access. Pierluigi Paganini.

IoT 116

IoT DDOS Malware Firmware 116

Security Affairs

JULY 8, 2022

Below is the content of the ransom not shared by a victim on the BleepingComputer forum: Here is the content: “ ……… You was hacked by CHECKMATE team. Go to Control Panel > System > Firmware Update. SecurityAffairs – hacking, Checkmate ransomware). Your unique ID: bc75c72[edited]. Click Apply.

Ransomware 93

Ransomware Encryption Passwords Internet 93

Security Affairs

AUGUST 4, 2020

At the time, the Maze ransomware operators only released three screenshots as proof of the data breaches on the Maze ransomware leak site: Researchers from ZDNet who analyzed the leaked data confirmed that it included source code for the firmware of various LG products, including phones and laptops. SecurityAffairs – hacking, ransomware).

Ransomware 111

Ransomware Encryption Advertising Firmware 111

Security Affairs

AUGUST 10, 2021

Researchers provided the following recommendations for protecting home offices from ransomware attacks: Update device firmware to keep attacks of this nature at bay. SecurityAffairs – hacking, NAS). Once compromised the device, threat actors employed it in a botnet used in attacks aimed at Linux systems, including Synology NAS.

Ransomware 129

Ransomware Encryption Firmware Passwords 129