DDOS, Firmware, Hacking and Manufacturing

KrebsOnSecurity Hit By Huge New IoT Botnet “Meris”

Krebs on Security

SEPTEMBER 10, 2021

On Thursday evening, KrebsOnSecurity was the subject of a rather massive (and mercifully brief) distributed denial-of-service (DDoS) attack. But on Thursday DDoS protection firm Qrator Labs identified the culprit — “Meris” — a new IoT monster that first emerged at the end of June 2021. In its Aug.

IoT

IoT DDOS Internet Internet

Unauthenticated RCE can allow hacking DrayTek Vigor routers without user interaction

Security Affairs

AUGUST 4, 2022

Tens of router models from Taiwanese SOHO manufacturer DrayTek are affected by a critical, unauthenticated, remote code execution vulnerability, tracked as CVE-2022-32548, that can be exploited to fully compromise a vulnerable device and gain unauthorized access to the broader network. . SecurityAffairs – hacking, DrayTek Vigor).

Hacking

Hacking Internet Internet Passwords

Interview With a Crypto Scam Investment Spammer

Krebs on Security

MAY 22, 2023

Shortly after that, those same servers came under a sustained distributed denial-of-service (DDoS) attack. Chaput said whoever was behind the DDoS was definitely not using point-and-click DDoS tools, like a booter or stresser service. In May 2020, Zipper told another Lolzteam member that quot[.]pw pw was their domain.

Scams

Scams DDOS Cryptocurrency Accountability

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

STEPS FORWARD: Regulators are on the move to set much needed IoT security rules of the road

The Last Watchdog

SEPTEMBER 5, 2023

I had an eye-opening conversation about all of this with Steve Hanna , distinguished engineer at Infineon Technologies , a global semiconductor manufacturer based in Neubiberg, Germany. Here are a few takeaways: Minimum requirements A few years back, a spate of seminal IoT hacks grabbed the full attention of governments worldwide.

IoT

IoT Government Internet Internet

Security Affairs newsletter Round 357 by Pierluigi Paganini

Security Affairs

MARCH 13, 2022

SecurityAffairs – hacking, newsletter). If you want to also receive for free the newsletter with the international press subscribe here. CVE-2022-0492 flaw in Linux Kernel cgroups feature allows container escape Charities and NGOs providing support in Ukraine hit by malware. Follow me on Twitter: @securityaffairs and Facebook.

Data breaches

Data breaches Firmware Hacking Ransomware

Million of Telestar Digital GmbH IoT radio devices can be remotely hacked

Security Affairs

SEPTEMBER 10, 2019

” The IoT radio devices are manufactured by Imperial & Dabman (Series I and D) and are distributed in Germany by Telestar, but experts pointed out that it is possible to buy them via Ebay and Amazon by resellers. .” SecurityAffairs – IoT radio devices, hacking). . ” continues the experts. Pierluigi Paganini.

IoT

IoT Hacking Firmware Advertising

Router security in 2021

SecureList

JUNE 8, 2022

Routers are forever being hacked and infected, and used to infiltrate local networks. At the time of writing, of the 87 critical vulnerabilities published in 2021, more than a quarter (29.9%) remain unpatched and unreported by the vendor: Router manufacturers’ response to vulnerabilities found in their products in 2021 ( download ).

DDOS

DDOS Passwords IoT Firmware

Overview of IoT threats in 2023

SecureList

SEPTEMBER 21, 2023

We conducted an analysis of the IoT threat landscape for 2023, as well as the products and services offered on the dark web related to hacking connected devices. As if that were not enough, many IoT devices have unalterable main passwords set by manufacturers. Another type of service sold on the dark web is IoT hacking.

IoT

IoT DDOS Passwords Malware

Mozi P2P Botnet also targets Netgear, Huawei, and ZTE devices

Security Affairs

AUGUST 20, 2021

Microsoft researchers reported that the Mozi botnet was improved by implementing news capabilities to target network gateways manufactured by Netgear, Huawei, and ZTE. According to the researchers, in the last months of 2019, the botnet was mainly involved in DDoS attacks. SecurityAffairs – hacking, Mozi botnet).

IoT

IoT DNS Manufacturing Firmware

Avoslocker ransomware gang targets US critical infrastructure

Security Affairs

MARCH 19, 2022

. “AvosLocker is a Ransomware as a Service (RaaS) affiliate-based group that has targeted victims across multiple critical infrastructure sectors in the United States including, but not limited to, the Financial Services, Critical Manufacturing, and Government Facilities sectors. SecurityAffairs – hacking, AvosLocker ransomware).

Ransomware

Ransomware DDOS Passwords Backups

"In our modern world, countless applications rely on radio frequency elements" - an Interview with Larbi Ouiyzme

Pen Test

OCTOBER 12, 2023

How effective are attackers with regard to RF in eavesdropping, DoS & DDoS, MitM, spoofing and malware propagation? DoS & DDoS: Attackers can flood RF channels, causing disruption. What are the common firmware and software vulnerabilities in RF devices that can be exploited? Are there any interesting case studies?

Encryption

Encryption Firmware Surveillance Technology

The Death botnet grows targeting AVTech devices with a 2-years old exploit

Security Affairs

JULY 25, 2018

AVTech is one of the world’s leading CCTV manufacturers, it is the largest public-listed company in the Taiwan surveillance industry. EliteLands is using a 2-years old exploit that could be used to trigger tens of well-known vulnerabilities in the AVTech firmware. Securi ty Affairs – Death botnet, hacking).

Firmware

Firmware Passwords IoT Advertising

IoT Cybersecurity: 5 Major Vulnerabilities and How to Tackle Them

Security Affairs

OCTOBER 13, 2020

Nobody told them that their coffee machine could be hacked into or that their camera could be used to launch a DDoS attack. The Flaws in Manufacturing Process. Manufacturers saw this as an opportunity and rushed in to grab their own piece of the IoT market. SecurityAffairs – hacking, IoT). Shadow IoT Devices.

IoT

IoT Cybersecurity Manufacturing Internet

Why Healthcare IoT Requires Strong Machine Identity Management

Security Boulevard

MAY 30, 2022

Due to the nature of these devices, the lack of security is often the result of weak design by the device manufacturer. Another alert by CISA has warned about critical vulnerabilities in Siemens software that could potentially impact millions of medical devices from multiple manufacturers. Hackable pacemakers.

Healthcare

Healthcare IoT Manufacturing Risk

QSnatch malware already infected thousands of QNAP NAS devices

Security Affairs

NOVEMBER 4, 2019

A new piece of malware dubbed QSnatch is infecting thousands of NAS devices manufactured by the Taiwanese vendor QNAP. “The original infection method remains unknown, but during that phase malicious code is injected to the firmware of the target system, and the code is then run as part of normal operations within the device.

Malware

Malware Firmware Advertising Encryption

DDoS attacks in Q4 2020

SecureList

FEBRUARY 16, 2021

After the attacks came to light, the manufacturer promptly released a firmware update for configuring verification of incoming requests. In December, Canada’s Laurentian University reported a DDoS attack. In early October, a DDoS attack was reported by the PUBG Mobile team.

DDOS

DDOS Cryptocurrency Marketing Internet

The Internet of Things: Security Risks Concerns

Spinone

MARCH 17, 2018

These smart devices include cars, household appliances, building systems such as lighting and heating, televisions, medical devices, manufacturing equipment, and many other types of systems used both in a consumer and industrial setting. In 2020, this number is expected to grow to a staggering 20.8

Internet

Internet Internet Risk Computers and Electronics

Experts hacked 28,000 unsecured printers to raise awareness of printer security issues

Security Affairs

AUGUST 27, 2020

Our selection was based on: Device location (to cover the entire globe) Device manufacturer Protocols used to access the printers. Bad actors can also take over unsecured printers and incorporate them into botnets in order to perform DDoS attacks , send spam, and more. Update your printer firmware to the latest version.

Hacking

Hacking IoT Firmware Internet

Mukashi, the new Mirai variant that targets Zyxel NAS

Security Affairs

MARCH 21, 2020

Security experts have discovered a new variant of the infamous Mirai malware, tracked as Mukashi, was employed in attacks against network-attached storage (NAS) devices manufactured by Zyxel. Multiple, if not all, Zyxel NAS products running firmware versions up to 5.21 ” reads the analysis published by Palo Alto Network.

DDOS

DDOS Authentication Advertising Firmware

Cyber Security Informer

KrebsOnSecurity Hit By Huge New IoT Botnet “Meris”

Unauthenticated RCE can allow hacking DrayTek Vigor routers without user interaction

Webinars

Trending Sources

Interview With a Crypto Scam Investment Spammer

Webinars

STEPS FORWARD: Regulators are on the move to set much needed IoT security rules of the road

Security Affairs newsletter Round 357 by Pierluigi Paganini

Million of Telestar Digital GmbH IoT radio devices can be remotely hacked

Router security in 2021

Overview of IoT threats in 2023

Mozi P2P Botnet also targets Netgear, Huawei, and ZTE devices

Avoslocker ransomware gang targets US critical infrastructure

"In our modern world, countless applications rely on radio frequency elements" - an Interview with Larbi Ouiyzme

The Death botnet grows targeting AVTech devices with a 2-years old exploit

IoT Cybersecurity: 5 Major Vulnerabilities and How to Tackle Them

Why Healthcare IoT Requires Strong Machine Identity Management

QSnatch malware already infected thousands of QNAP NAS devices

DDoS attacks in Q4 2020

The Internet of Things: Security Risks Concerns

Experts hacked 28,000 unsecured printers to raise awareness of printer security issues

Mukashi, the new Mirai variant that targets Zyxel NAS

Stay Connected