Cybercrime, Firmware, Information Security and Manufacturing

Cybercrime

Firmware

Information Security

Manufacturing

Android devices shipped with backdoored firmware as part of the BADBOX network

Security Affairs

OCTOBER 8, 2023

Researchers warn that more than 70,000 Android smartphones, CTV boxes, and tablets were shipped with backdoored firmware as part of BADBOX network. Cybersecurity researchers at Human Security discovered a global network of consumer products, dubbed BADBOX, with firmware backdoors installed and sold through a compromised hardware supply chain.

Firmware

Firmware Mobile Malware Retail

How to hack Wincor Cineo ATMs to bypass black-box attack protections and withdraw cash

Security Affairs

NOVEMBER 1, 2021

Positive Technologies researchers Vladimir Kononovich and Alexey Stennikov have discovered security flaws Wincor Cineo ATMs that could be exploited to bypass Black-Box attack protections and withdraw cash. The vulnerabilities discovered by the security duo impacts the Wincor Cineo ATMs with the RM3 and CMD-V5 dispensers. score of 6.8.

Hacking

Hacking Firmware Encryption Manufacturing

Join 29,000+

Insiders

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

Trending Sources

Security Affairs newsletter Round 439 by Pierluigi Paganini – International edition

Security Affairs

OCTOBER 1, 2023

ALPHV/BlackCat ransomware gang hacked the hotel chain Motel One FBI warns of dual ransomware attacks Progress Software fixed two critical severity flaws in WS_FTP Server Child abuse site taken down, organized child exploitation crime suspected – exclusive A still unpatched zero-day RCE impacts more than 3.5M

Artificial Intelligence

Artificial Intelligence Firmware Data breaches Hacking

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

Interview With a Crypto Scam Investment Spammer

Krebs on Security

MAY 22, 2023

This email address is also connected to accounts on several Russian cybercrime forums, including “ __edman__ ,” who had a history of selling “logs” — large amounts of data stolen from many bot-infected computers — as well as giving away access to hacked Internet of Things (IoT) devices.

Scams

Scams DDOS Cryptocurrency Accountability

MSI confirms security breach after Money Message ransomware attack

Security Affairs

APRIL 7, 2023

Micro-Star International AKA MSI designs, manufactures, and sells motherboards and graphics cards for customers in the United States, Canada, and internationally. In response to the incident, the company announced it is enhancing the information security control measures of its network and infrastructure.

Ransomware

Ransomware Firmware Hacking Manufacturing

New BrakTooth flaws potentially impact millions of Bluetooth-enabled devices

Security Affairs

SEPTEMBER 2, 2021

As of today, the researchers discovered 16 security vulnerabilities, with 20 common vulnerability exposures (CVEs) already assigned and four vulnerabilities are pending CVE assignment from Intel and Qualcomm. Crashes generally trigger a fatal assertion, segmentation faults due to a buffer or heap overflow within the SoC firmware.

Firmware

Firmware Manufacturing IoT Technology

Realtek SDK flaws exploited to deliver Mirai bot variant

Security Affairs

AUGUST 24, 2021

Realtek published a security advisory on August 15 to warn customers about security updates to address vulnerabilities in its software developers kits (SDK) which is used by at least 65 separate vendors. On August 15, firmware security company IoT Inspector published details about the flaws.

IoT

IoT Firmware Internet Internet

Mozi P2P Botnet also targets Netgear, Huawei, and ZTE devices

Security Affairs

AUGUST 20, 2021

Microsoft researchers reported that the Mozi botnet was improved by implementing news capabilities to target network gateways manufactured by Netgear, Huawei, and ZTE. ” state researchers at Microsoft Security Threat Intelligence Center and Section 52 at Azure Defender for IoT. Follow me on Twitter: @securityaffairs and Facebook.

IoT

IoT DNS Manufacturing Firmware

Ranzy Locker ransomware hit tens of US companies in 2021

Security Affairs

OCTOBER 26, 2021

The victims include the construction subsector of the critical manufacturing sector, the academia subsector of the government facilities sector, the information technology sector, and the transportation sector.” Install updates/patch operating systems, software, and firmware as soon as updates/patches are released.

Ransomware

Ransomware Firmware Antivirus Accountability

Avoslocker ransomware gang targets US critical infrastructure

Security Affairs

MARCH 19, 2022

. “AvosLocker is a Ransomware as a Service (RaaS) affiliate-based group that has targeted victims across multiple critical infrastructure sectors in the United States including, but not limited to, the Financial Services, Critical Manufacturing, and Government Facilities sectors. Focus on cyber security awareness and training.

Ransomware

Ransomware DDOS Passwords Backups

Security Affairs newsletter Round 357 by Pierluigi Paganini

Security Affairs

MARCH 13, 2022

Government Multiple Russian government websites hacked in a supply chain attack Anonymous hacked Russian cams, websites, announced a clamorous leak HP addressed 16 UEFI firmware flaws impacting laptops, desktops, PoS systems Samsung data breach: Lapsus$ gang stole Galaxy devices’ source code Microsoft March 2022 Patch Tuesday updates fix 89 vulnerabilities (..)

Data breaches

Data breaches Firmware Hacking Ransomware

New eCh0raix ransomware variant targets NAS devices from both QNAP and Synology vendors

Security Affairs

AUGUST 10, 2021

NAS servers are a privileged target for hackers because they normally store large amounts of data.The ransomware was targeting poorly protected or vulnerable NAS servers manufactured by QNAP, threat actors exploited known vulnerabilities or carried out brute-force attacks.

Ransomware

Ransomware Encryption Firmware Passwords

CISA, FBI shared a joint advisory to warn of Zeppelin ransomware attacks

Security Affairs

AUGUST 13, 2022

The ransomware was involved in attacks aimed at technology and healthcare, defense contractors, educational institutions, manufacturers, companies across Europe, the United States, and Canada.

Ransomware

Ransomware Encryption Firmware Backups

Growing Cyber Threats to the Energy and Industrial Sectors

NopSec

DECEMBER 7, 2016

SCADA Access As A Service (SAaaS) Cybercrime is a business. It gives the example of Hacking Team, based in Italy, and Vupen Security, based in France. According to the information security giants, there is one known criminal that uses the handle of Bonito, and has been identified as selling access to SCADA systems.

Cyber threats

Cyber threats Cyber Attacks Ransomware Manufacturing

The Hacker Mind Podcast: The Hacker Revolution Will Be Televised

ForAllSecure

FEBRUARY 22, 2023

There's the you know, these little ESP chips that have like, all in one Wi Fi and a little Linux or a little you know that OS that's just trivial and you download the firmware, you tweak a few things and you've got blinky lights, the magic can talk to other things and like do all sorts of cool stuff. Everybody's building their own badges.

Engineering

Engineering Hacking Wireless Marketing

Cyber Security Informer

Android devices shipped with backdoored firmware as part of the BADBOX network

How to hack Wincor Cineo ATMs to bypass black-box attack protections and withdraw cash

Webinars

Trending Sources

Security Affairs newsletter Round 439 by Pierluigi Paganini – International edition

Webinars

Interview With a Crypto Scam Investment Spammer

MSI confirms security breach after Money Message ransomware attack

New BrakTooth flaws potentially impact millions of Bluetooth-enabled devices

Realtek SDK flaws exploited to deliver Mirai bot variant

Mozi P2P Botnet also targets Netgear, Huawei, and ZTE devices

Ranzy Locker ransomware hit tens of US companies in 2021

Avoslocker ransomware gang targets US critical infrastructure

Security Affairs newsletter Round 357 by Pierluigi Paganini

New eCh0raix ransomware variant targets NAS devices from both QNAP and Synology vendors

CISA, FBI shared a joint advisory to warn of Zeppelin ransomware attacks

Growing Cyber Threats to the Energy and Industrial Sectors

The Hacker Mind Podcast: The Hacker Revolution Will Be Televised

Stay Connected