Security Affairs

DECEMBER 17, 2023

Hunters International ransomware gang claims to have hacked the Fred Hutch Cancer Center New NKAbuse malware abuses NKN decentralized P2P network protocol Snatch ransomware gang claims the hack of the food giant Kraft Heinz Multiple flaws in pfSense firewall can lead to arbitrary code execution BianLian, White Rabbit, and Mario Ransomware Gangs Spotted (..)

Data breaches 84

Data breaches Cybercrime Firewall Artificial Intelligence 84

Security Affairs

JUNE 1, 2023

“Improper error message handling in Zyxel ZyWALL/USG series firmware versions 4.60 through 4.73, VPN series firmware versions 4.60 through 5.35, USG FLEX series firmware versions 4.60 through 5.35, and ATP series firmware versions 4.60 ” reads the advisory published by NIST.

Firewall 95

Firewall Firmware VPN DDOS 95

Security Affairs

AUGUST 11, 2023

The vulnerability impacts devices running firmware versions 7.3.15.0 Zyxel addressed the vulnerability in 2017 with the release of new firmware, however, the vendor warned that a Gafgyt variant was exploiting the flaw in 2019. Additionally, the P660HN-T1A running the latest generic firmware, version 3.40(BYF.11), 0)b31 or older.

Firmware 80

Firmware Hacking Cybercrime Information Security 80

Security Affairs

MAY 21, 2023

Please vote for Security Affairs ( [link] ) as the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS Vote for me in the sections where is reported Securityaffairs or my name Pierluigi Paganini Please nominate Security Affairs as your favorite blog.

Data breaches 92

Data breaches Cybercrime Ransomware Passwords 92

Krebs on Security

MAY 22, 2023

This email address is also connected to accounts on several Russian cybercrime forums, including “ __edman__ ,” who had a history of selling “logs” — large amounts of data stolen from many bot-infected computers — as well as giving away access to hacked Internet of Things (IoT) devices.

Scams 251

Scams DDOS Cryptocurrency Accountability 251

Security Affairs

MAY 16, 2022

Researchers devised an attack technique to tamper the firmware and execute a malware onto a Bluetooth chip when an iPhone is “off.” Unlike NFC and UWB chips, the Bluetooth firmware is neither signed nor encrypted opening the doors to modification.

Malware 97

Malware Wireless Firmware Mobile 97

Security Affairs

DECEMBER 8, 2021

The vulnerability is an unauthenticated Remote Code Execution (RCE) vulnerability in Hikvision IP camera/NVR firmware, it was discovered by a security researcher that goes online with the moniker “Watchful IP.”. The expert pointed out that every firmware developed since 2016 has been tested and found to be vulnerable.

Firmware 126

Firmware DDOS Malware IoT 126

Security Affairs

JANUARY 29, 2022

QNAP forces its customers to update the firmware of their Network Attached Storage (NAS) devices to protect against the DeadBolt ransomware. QNAP forced the firmware update for its Network Attached Storage (NAS) devices to protect its customers against the DeadBolt ransomware. ” states the vendor.

Ransomware 95

Ransomware Firmware Encryption Engineering 95

Security Affairs

FEBRUARY 23, 2022

. “The actor has so far primarily deployed Cyclops Blink to WatchGuard devices, but it is likely that Sandworm would be capable of compiling the malware for other architectures and firmware.” The malware leverages the firmware update process to achieve persistence.

Malware 96

Malware Firmware Architecture Firewall 96

Security Affairs

SEPTEMBER 2, 2021

As of today, the researchers discovered 16 security vulnerabilities, with 20 common vulnerability exposures (CVEs) already assigned and four vulnerabilities are pending CVE assignment from Intel and Qualcomm. Crashes generally trigger a fatal assertion, segmentation faults due to a buffer or heap overflow within the SoC firmware.

Firmware 94

Firmware Manufacturing IoT Technology 94

Security Affairs

APRIL 7, 2023

.” The company reported the security breach to the relevant authorities, and it downplayed the incident, saying that the attack had no significant financial and operational impact. In response to the incident, the company announced it is enhancing the information security control measures of its network and infrastructure.

Ransomware 91

Ransomware Firmware Hacking Manufacturing 91

Security Affairs

MARCH 22, 2022

At the end of January, QNAP forced the firmware update for its Network Attached Storage (NAS) devices to protect its customers against the DeadBolt ransomware. ” After QNAP forced the firmware security update, the number of infections dropped to less than 300 in March. It was looking like this problem was behind us.”

Ransomware 99

Ransomware Firmware Internet Internet 99

Security Affairs

JULY 15, 2022

Dragos experts investigated an infection of DirectLogic PLCs from Automation Direct, they performed reverse engineering of the password cracking tool and discovered it did not crack the password at all, rather, it exploited a vulnerability in the firmware to retrieve the password on command. ” reads the advisory published by Dragos.

Passwords 115

Passwords Software Firmware Malware 115

Security Affairs

JULY 5, 2019

Experts discovered a malicious app on Google Play, named Updates for Samsung , that was downloaded by over ten million users that poses as firmware updates. Over ten million users have installed a fake Samsung app named “ Updates for Samsung ” that poses as firmware updates. com via HTTPS. ” concludes the expert.

Scams 71

Scams Firmware Advertising Software 71

Security Affairs

OCTOBER 22, 2022

US government agencies warned that the Daixin Team cybercrime group is actively targeting the U.S. CISA, the FBI, and the Department of Health and Human Services (HHS) warned that the Daixin Team cybercrime group is actively targeting U.S. Healthcare and Public Health sector with ransomware.

Ransomware 72

Ransomware VPN Cybercrime Accountability 72

Security Affairs

MAY 19, 2023

The Lemon Group cybercrime ring has reportedly pre-installed malware known as Guerilla on almost 9 million Android devices. A cybercrime group tracked has Lemon Group has reportedly pre-installed malware known as Guerilla on almost 9 million Android devices.

Mobile 91

Mobile Advertising Malware Cybercrime 91

Security Affairs

APRIL 2, 2022

The threat actors added TOTOLINK exploits just a week after the exploit codes were publicly released on GitHub in the attempt to compromise the largest number of devices as possible before the owners upgrade to the latest firmware releases. TOTOLINK has already addressed these flaws with the release of new firmware for vulnerable devices.

DDOS 91

DDOS Firmware Surveillance IoT 91

Security Affairs

AUGUST 24, 2021

Realtek published a security advisory on August 15 to warn customers about security updates to address vulnerabilities in its software developers kits (SDK) which is used by at least 65 separate vendors. On August 15, firmware security company IoT Inspector published details about the flaws.

IoT 122

IoT Firmware Internet Internet 122

Security Affairs

OCTOBER 7, 2021

In order to protect Dahua devices, users have to install the latest firmware version. The post PoC exploit for 2 flaws in Dahua cameras leaked online appeared first on Security Affairs. Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini. SecurityAffairs – hacking, Dahua cameras).

Authentication 131

Authentication Firmware Hacking Engineering 131

Security Affairs

APRIL 25, 2022

ALPHV has been advertising the BlackCat Ransomware-as-a-Service (RaaS) on the cybercrime forums XSS and Exploit since early December. Implement a recovery plan to maintain and retain multiple copies of sensitive or proprietary data and servers in a physically separate, segmented, secure location (e.g.,

Ransomware 110

Ransomware Antivirus Passwords Malware 110

Security Affairs

NOVEMBER 20, 2021

If you want to also receive for free the newsletter with the international press subscribe here.

Banking 66

Banking Small Business Data breaches Firmware 66

Security Affairs

MAY 14, 2023

ransom Dragon Breath APT uses double-dip DLL sideloading strategy International Press Cybercrime San Bernardino County pays $1.1-million

Data breaches 93

Data breaches DDOS Artificial Intelligence Ransomware 93

Security Affairs

MARCH 19, 2022

Install updates/patch operating systems, software, and firmware as soon as updates/patches are released. Only use secure networks and avoid using public Wi-Fi networks. Focus on cyber security awareness and training. Install and regularly update antivirus software on all hosts, and enable real time detection.

Ransomware 102

Ransomware DDOS Passwords Backups 102

SecureWorld News

JUNE 13, 2023

"While many of these attack trends are troubling, there are a number of things organizations can do to reduce their risk, such as investing in security awareness programs, updating security protocols, working with trusted partners to address vulnerabilities, and partnering with an MDR vendor."

Cyber threats 72

Cyber threats Malware Phishing Penetration Testing 72

Security Affairs

OCTOBER 26, 2021

Install updates/patch operating systems, software, and firmware as soon as updates/patches are released. Implement network segmentation, such that all machines on your network are not accessible from every other machine. Install and regularly update antivirus software on all hosts, and enable real time detection.

Ransomware 132

Ransomware Firmware Antivirus Accountability 132

Security Affairs

JULY 31, 2022

and Blackmatter ransomware U.S. increased rewards for info on North Korea-linked threat actors to $10 million Threat actors leverages DLL-SideLoading to spread Qakbot malware Zero Day attacks target online stores using PrestaShop?

Firmware 77

Firmware Surveillance Malware DDOS 77

Security Affairs

MARCH 21, 2021

According to BleepingComputer , Kottmann has performed reverse engineering of the firmware used by Verkada and discovered hardcoded credentials for a super admin account. ” If you want to receive the weekly Security Affairs Newsletter for free subscribe here. SecurityAffairs – hacking, cybercrime). Pierluigi Paganini.

Identity Theft 77

Identity Theft Computers and Electronics Surveillance Hacking 77

Security Affairs

APRIL 25, 2023

Working exploits for LAN and WAN interface accesses were respectively reported by Team Viettel and Qrious Security. In March, TP-Link released a firmware update to address multiple issues, including this vulnerability. The vulnerability was first reported to ZDI during the Pwn2Own Toronto 2022 event.

DDOS 94

DDOS Engineering Firmware Architecture 94

Security Affairs

MARCH 13, 2022

LockBit ransomware group claims to have hacked Bridgestone Americas Attackers use website contact forms to spread BazarLoader malware Russian Internet watchdog Roskomnadzor is going to ban Instagram Ubisoft suffered a cyber security incident that caused a temporary disruption Anonymous hacked Roskomnadzor agency revealing Russian disinformation Open (..)

Data breaches 90

Data breaches Firmware Hacking Ransomware 90

Security Affairs

DECEMBER 22, 2022

Ensure secure configurations for devices: Change the default password to a strong one, and block SSH from external access. Maintain device health with updates: Make sure devices are up to date with the latest firmware and patches.

IoT 116

IoT DDOS Malware Firmware 116

Security Affairs

AUGUST 10, 2021

Researchers provided the following recommendations for protecting home offices from ransomware attacks: Update device firmware to keep attacks of this nature at bay. Once compromised the device, threat actors employed it in a botnet used in attacks aimed at Linux systems, including Synology NAS.

Ransomware 127

Ransomware Encryption Firmware Passwords 127

Security Affairs

FEBRUARY 24, 2022

At the end of January, QNAP forced the firmware update for its Network Attached Storage (NAS) devices to protect its customers against the DeadBolt ransomware. The hijacked QNAP login screen displays a ransom note demanding the payment of 0.03 BTC ransom (roughly $1017) to receive a decryption key to recover the files.

Ransomware 88

Ransomware Encryption Internet Internet 88

Security Affairs

AUGUST 20, 2021

Organizations using Netgear, Huawei, and ZTE network devices are recommended to keep their firmware up to date and use strong passwords. The post Mozi P2P Botnet also targets Netgear, Huawei, and ZTE devices appeared first on Security Affairs. Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini.

IoT 103

IoT DNS Manufacturing Firmware 103

Security Affairs

FEBRUARY 6, 2022

LockBit ransomware gang claims to have stolen data from PayBito crypto exchange FBI issued a flash alert on Lockbit ransomware operation CISA orders federal agencies to fix actively exploited CVE-2022-21882 Windows flaw Over 500,000 people were impacted by a ransomware attack that hit Morley Ransomware attack hit Swissport International causing delays (..)

Social Engineering 84

Social Engineering Cryptocurrency Small Business Ransomware 84

Security Affairs

SEPTEMBER 9, 2021

It spreads through a vulnerability in firmware and already numbers up to hundreds of thousands of infected devices.” Having devoted the last few weeks to studying the new botnet, we can say that a completely new botnet has appeared and it is built on the network equipment of a very popular vendor from the Baltic States.

DDOS 115

DDOS Internet Internet Firmware 115

Security Affairs

SEPTEMBER 6, 2022

At the end of January, QNAP forced the firmware update for its Network Attached Storage (NAS) devices to protect its customers against the DeadBolt ransomware. Ransomware operators are also offering for sale the QNAP the master decryption key for 50 BTC which could allow all the victims of this ransomware family to decrypt their files.

Ransomware 90

Ransomware Internet Internet Encryption 90

Security Affairs

AUGUST 13, 2022

“The FBI is seeking any information that can be shared, to include boundary logs showing communication to and from foreign IP addresses, a sample ransom note, communications with Zeppelin actors, Bitcoin wallet information, decryptor files, and/or a benign sample of an encrypted file” concludes the alert.

Ransomware 91

Ransomware Encryption Firmware Backups 91