Security Affairs

JANUARY 16, 2025

The researchers found that the botnet comprises MikroTik routers with various firmware versions, including recent ones. Over the years, multiple security experts have identified several vulnerabilities in MikroTik routers, such as a remote code execution vulnerability detailed by VulnCheck researchers here.

DNS 139

DNS Malware Firmware Authentication 139

Security Affairs

APRIL 2, 2025

The researchers speculate that threat actors behind this variant have compromised the supply chain, so stores may not even suspect that they are selling smartphones infected with Triada “The new version of the malware is distributed in the firmware of infected Android devices. It is located in the system framework.

Malware 121

Malware Cryptocurrency Mobile Firmware 121

Security Affairs

JULY 18, 2021

“Through the course of collaboration with trusted third parties, SonicWall has been made aware of threat actors actively targeting Secure Mobile Access (SMA) 100 series and Secure Remote Access (SRA) products running unpatched and end-of-life (EOL) 8.x x firmware in an imminent ransomware campaign using stolen credentials.”

Ransomware 138

Ransomware Firmware Mobile InfoSec 138

Security Affairs

DECEMBER 19, 2024

To mitigate the exposure to these threats, users are recommended to change default credentials, use strong passwords, review access logs, employ firewalls and IDS/IPS, and keep firmware up-to-date. Below are actions recommended by Juniper Networks: Strengthen Security Practices : Change default credentials on all SSRs.

DDOS 66

DDOS Firmware Firewall Passwords 66

Security Affairs

NOVEMBER 1, 2021

The ATM black box attacks are quite popular in the cybercrime underground and several threat actors offer the hardware equipment and malware that could be used to compromise the ATMs. The vulnerabilities discovered by the security duo impacts the Wincor Cineo ATMs with the RM3 and CMD-V5 dispensers. Both issues received a CVSSv3.0

Hacking 136

Hacking Firmware Encryption Manufacturing 136

Krebs on Security

JULY 25, 2023

Proxy services can be used in a legitimate manner for several business purposes — such as price comparisons or sales intelligence — but they are massively abused for hiding cybercrime activity because they make it difficult to trace malicious traffic to its original source. WHO’S BEHIND SOCKSESCORT? com, super-socks[.]com,

Malware 245

Malware VPN Internet Internet 245

Security Affairs

FEBRUARY 28, 2025

Users may also mistakenly believe TV boxes are more secure than smartphones and are less likely to install antivirus software, increasing their risk when downloading third-party apps or unofficial firmware. By sharing our findings, we aim to contribute to the fight against cybercrime and raise awareness of this formidable threat.”

Antivirus 64

Antivirus Firmware Encryption Manufacturing 64

Security Affairs

JUNE 25, 2024

The flaw is a command injection vulnerability in the “setCookie” parameter in Zyxel NAS326 firmware versions before V5.21(AAZF.17)C0 17)C0 and NAS542 firmware versions before V5.21(ABAG.14)C0. The vulnerability affects NAS326 running firmware versions 5.21(AAZF.16)C0 16)C0 and earlier, and NAS542 running firmware versions 5.21(ABAG.13)C0

Firmware 124

Firmware Hacking Cybercrime Information Security 124

Security Affairs

NOVEMBER 11, 2021

Ax with firmware 1.04b12 and earlier CVE-2016-1555 Netgear WN604 before 3.3.3 CVE-2017-6077 NETGEAR DGN2200 devices with firmware through 10.0.0.50 CVE-2020-9054 Multiple ZyXEL network-attached storage (NAS) devices running firmware version 5.2, Affected products include: NAS326 before firmware V5.21(AAZF.7)C0 A2pvI042j1.d26m

IoT 140

IoT Firmware Malware Wireless 140

Security Affairs

DECEMBER 26, 2024

“One of the easiest methods for threat actors to compromise new hosts is to target outdated firmware or retired hardware.” Compromised hosts display unique strings during execution, including you are now apart of hail c**k botnet in older versions and I just wanna look after my cats, man. in newer ones.

Manufacturing 89

Manufacturing Malware Firmware IoT 89

Security Affairs

JANUARY 29, 2025

In mid-July 2024, Mitel addressed the vulnerability with the release of firmware updates. “In his GitHub README, Burns reported that he found that the Mitel 6869i SIP phone, firmware version 6.3.0.1020, failed to sanitize user-supplied input properly, and he found multiple endpoints vulnerable to this. HF1 (R6.4.0.136).

DDOS 68

DDOS Firmware Malware Firewall 68

Security Affairs

AUGUST 16, 2024

Threat actors could exploit this flaw to inject malicious code, execute commands with system privileges, and take over devices, potentially leading to serious cybercrimes and data breaches. The app is preinstalled in Pixel firmware and included in Google’s OTA updates for Pixel devices.

Hacking 143

Hacking Firmware Mobile Penetration Testing 143

Security Affairs

JANUARY 14, 2025

” The researchers noticed that the attack targeted firmware versions of devices ranging between 7.0.14 and 7.0.16, which were released on February 2024 and October 2024 respectively.

Firewall 82

Firewall VPN Accountability Firmware 82

Security Affairs

DECEMBER 8, 2021

The vulnerability is an unauthenticated Remote Code Execution (RCE) vulnerability in Hikvision IP camera/NVR firmware, it was discovered by a security researcher that goes online with the moniker “Watchful IP.”. The expert pointed out that every firmware developed since 2016 has been tested and found to be vulnerable.

Firmware 144

Firmware DDOS Malware IoT 144

Security Affairs

SEPTEMBER 13, 2024

Users may also mistakenly believe TV boxes are more secure than smartphones and are less likely to install antivirus software, increasing their risk when downloading third-party apps or unofficial firmware.

Malware 140

Malware Firmware Antivirus Manufacturing 140

Security Affairs

SEPTEMBER 2, 2021

As of today, the researchers discovered 16 security vulnerabilities, with 20 common vulnerability exposures (CVEs) already assigned and four vulnerabilities are pending CVE assignment from Intel and Qualcomm. Crashes generally trigger a fatal assertion, segmentation faults due to a buffer or heap overflow within the SoC firmware.

Firmware 124

Firmware Manufacturing IoT Technology 124

Security Affairs

DECEMBER 17, 2023

Hunters International ransomware gang claims to have hacked the Fred Hutch Cancer Center New NKAbuse malware abuses NKN decentralized P2P network protocol Snatch ransomware gang claims the hack of the food giant Kraft Heinz Multiple flaws in pfSense firewall can lead to arbitrary code execution BianLian, White Rabbit, and Mario Ransomware Gangs Spotted (..)

Data breaches 124

Data breaches Cybercrime Firewall Ransomware 124

Security Affairs

JUNE 16, 2024

London hospitals canceled over 800 operations in the week after Synnovis ransomware attack DORA Compliance Strategy for Business Leaders City of Cleveland still working to fully restore systems impacted by a cyber attack Two Ukrainians accused of spreading Russian propaganda and hack soldiers’ phones Google fixed an actively exploited zero-day (..)

Data breaches 124

Data breaches Hacking Ransomware Cyber Attacks 124

Security Affairs

JANUARY 29, 2022

QNAP forces its customers to update the firmware of their Network Attached Storage (NAS) devices to protect against the DeadBolt ransomware. QNAP forced the firmware update for its Network Attached Storage (NAS) devices to protect its customers against the DeadBolt ransomware. ” states the vendor.

Ransomware 116

Ransomware Firmware Encryption Engineering 116

Security Affairs

SEPTEMBER 14, 2024

CISA adds SonicWall SonicOS, ImageMagick and Linux Kernel bugs to its Known Exploited Vulnerabilities catalog Electronic payment gateway Slim CD disclosed a data breach impacting 1.7M

Data breaches 123

Data breaches Computers and Electronics Spyware Cybercrime 123

Security Affairs

FEBRUARY 23, 2022

. “The actor has so far primarily deployed Cyclops Blink to WatchGuard devices, but it is likely that Sandworm would be capable of compiling the malware for other architectures and firmware.” The malware leverages the firmware update process to achieve persistence.

Malware 113

Malware Firmware Architecture Firewall 113

Security Affairs

OCTOBER 7, 2021

In order to protect Dahua devices, users have to install the latest firmware version. The post PoC exploit for 2 flaws in Dahua cameras leaked online appeared first on Security Affairs. Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini. SecurityAffairs – hacking, Dahua cameras).

Authentication 145

Authentication Firmware Hacking Engineering 145

Security Affairs

AUGUST 24, 2021

Realtek published a security advisory on August 15 to warn customers about security updates to address vulnerabilities in its software developers kits (SDK) which is used by at least 65 separate vendors. On August 15, firmware security company IoT Inspector published details about the flaws.

IoT 133

IoT Firmware Internet Internet 133

Security Affairs

APRIL 25, 2022

ALPHV has been advertising the BlackCat Ransomware-as-a-Service (RaaS) on the cybercrime forums XSS and Exploit since early December. Implement a recovery plan to maintain and retain multiple copies of sensitive or proprietary data and servers in a physically separate, segmented, secure location (e.g.,

Ransomware 135

Ransomware Antivirus Passwords Malware 135

Security Affairs

JULY 15, 2022

Dragos experts investigated an infection of DirectLogic PLCs from Automation Direct, they performed reverse engineering of the password cracking tool and discovered it did not crack the password at all, rather, it exploited a vulnerability in the firmware to retrieve the password on command. ” reads the advisory published by Dragos.

Passwords 129

Passwords Software Firmware Malware 129

Security Affairs

MAY 16, 2022

Researchers devised an attack technique to tamper the firmware and execute a malware onto a Bluetooth chip when an iPhone is “off.” Unlike NFC and UWB chips, the Bluetooth firmware is neither signed nor encrypted opening the doors to modification.

Malware 98

Malware Wireless Firmware Mobile 98

Security Affairs

JUNE 1, 2023

“Improper error message handling in Zyxel ZyWALL/USG series firmware versions 4.60 through 4.73, VPN series firmware versions 4.60 through 5.35, USG FLEX series firmware versions 4.60 through 5.35, and ATP series firmware versions 4.60 ” reads the advisory published by NIST.

Firewall 98

Firewall Firmware VPN DDOS 98

Security Affairs

AUGUST 11, 2023

The vulnerability impacts devices running firmware versions 7.3.15.0 Zyxel addressed the vulnerability in 2017 with the release of new firmware, however, the vendor warned that a Gafgyt variant was exploiting the flaw in 2019. Additionally, the P660HN-T1A running the latest generic firmware, version 3.40(BYF.11), 0)b31 or older.

Firmware 98

Firmware Hacking Cybercrime Information Security 98

Security Affairs

MAY 21, 2023

Please vote for Security Affairs ( [link] ) as the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS Vote for me in the sections where is reported Securityaffairs or my name Pierluigi Paganini Please nominate Security Affairs as your favorite blog.

Data breaches 98

Data breaches Cybercrime Ransomware Hacking 98

Security Affairs

MARCH 22, 2022

At the end of January, QNAP forced the firmware update for its Network Attached Storage (NAS) devices to protect its customers against the DeadBolt ransomware. ” After QNAP forced the firmware security update, the number of infections dropped to less than 300 in March. It was looking like this problem was behind us.”

Ransomware 102

Ransomware Firmware Internet Internet 102

Security Affairs

OCTOBER 26, 2021

Install updates/patch operating systems, software, and firmware as soon as updates/patches are released. Implement network segmentation, such that all machines on your network are not accessible from every other machine. Install and regularly update antivirus software on all hosts, and enable real time detection.

Ransomware 144

Ransomware Firmware Antivirus Accountability 144

Security Affairs

APRIL 2, 2022

The threat actors added TOTOLINK exploits just a week after the exploit codes were publicly released on GitHub in the attempt to compromise the largest number of devices as possible before the owners upgrade to the latest firmware releases. TOTOLINK has already addressed these flaws with the release of new firmware for vulnerable devices.

DDOS 98

DDOS Firmware Surveillance IoT 98

Security Affairs

MARCH 19, 2022

Install updates/patch operating systems, software, and firmware as soon as updates/patches are released. Only use secure networks and avoid using public Wi-Fi networks. Focus on cyber security awareness and training. Install and regularly update antivirus software on all hosts, and enable real time detection.

Ransomware 120

Ransomware DDOS Passwords Backups 120

Security Affairs

APRIL 7, 2023

.” The company reported the security breach to the relevant authorities, and it downplayed the incident, saying that the attack had no significant financial and operational impact. In response to the incident, the company announced it is enhancing the information security control measures of its network and infrastructure.

Ransomware 98

Ransomware Firmware Hacking Manufacturing 98

Security Affairs

MARCH 21, 2021

According to BleepingComputer , Kottmann has performed reverse engineering of the firmware used by Verkada and discovered hardcoded credentials for a super admin account. ” If you want to receive the weekly Security Affairs Newsletter for free subscribe here. SecurityAffairs – hacking, cybercrime). Pierluigi Paganini.

Identity Theft 107

Identity Theft Computers and Electronics Surveillance Hacking 107

Security Affairs

AUGUST 29, 2024

The vulnerability impacts Avtech AVM1203 IP cameras running firmware versions FullImg-1023-1007-1011-1009 and prior. “Successful exploitation of this vulnerability could allow an attacker to inject and execute commands as the owner of the running process.” reads the advisory published by CISA.

Firmware 126

Firmware Malware Security Intelligence Authentication 126

Security Affairs

NOVEMBER 20, 2021

If you want to also receive for free the newsletter with the international press subscribe here.

Banking 76

Banking Small Business Data breaches Firmware 76