DNS, Firmware, Internet and Presentation

CosmicStrand: the discovery of a sophisticated UEFI firmware rootkit

SecureList

JULY 25, 2022

One of the main draws towards malware nested in such low levels of the operating system is that it is extremely difficult to detect and, in the case of firmware rootkits, will ensure a computer remains in an infected state even if the operating system is reinstalled or the user replaces the machine’s hard drive entirely.

Firmware

Firmware DNS Malware Technology

Some Zyxel devices can be hacked via DNS requests

Security Affairs

SEPTEMBER 4, 2019

Experts at SEC Consult discovered several security issues in various Zyxel devices that allow to hack them via unauthenticated DNS requests. The first issue is an information disclosure flaw via unauthenticated external DNS requests that affect Zyxel devices from the USG, UAG, ATP, VPN and NXC series. ” reads the advisory.

DNS

DNS Hacking Firmware Wireless

NAME:WRECK, a potential IoT trainwreck

Malwarebytes

APRIL 13, 2021

A set of vulnerabilities has been found in the way a number of popular TCP/IP stacks handle DNS requests. Yes, the researchers found 9 DNS-related vulnerabilities that have the potential to allow attackers to take targeted devices offline or to gain control over them. Basically, you could say DNS is the phonebook of the internet.

IoT

IoT DNS Internet Internet

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

IoT Unravelled Part 3: Security

Troy Hunt

NOVEMBER 25, 2020

I also looked at custom firmware and soldering and why, to my mind, that was a path I didn't need to go down at this time. Back to the bit about risks impacting data collected by IoT devices and back again to CloudPets, Context Security's piece aligned with my own story about kids' CloudPets messages being left exposed to the internet.

IoT

IoT Firmware Risk Manufacturing

Unauthenticated RCE can allow hacking DrayTek Vigor routers without user interaction

Security Affairs

AUGUST 4, 2022

“The attack can be performed without user interaction if the management interface of the device has been configured to be internet facing. All the affected models have a patched firmware available for download on the vendor’s website.” ” reads the advisory published by Trellix. ” continues the analysis.

Hacking

Hacking Internet Internet Passwords

StripedFly: Perennially flying under the radar

SecureList

OCTOBER 25, 2023

If the PowerShell is not present, the malware generates a hidden file with MZ-PE loader with a randomized name located in % APPDATA % directory. If administrative rights are present, its ether executes a PowerShell script that creates two task scheduler entries with GUID-like names and with different triggers. 8, 10.0.0.0/8,

Malware

Malware DNS Encryption Cryptocurrency

Remotely Accessing Secure Kali Pi

Kali Linux

NOVEMBER 27, 2022

To enable wireless support, we need to find: The kernel Wi-Fi modules that need to be in the initramfs (Depends on hardware) The Wi-Fi firmware files that need to be in the initramfs (Depends on hardware) The Wireless interface name (Kali defaults to: wlan0 ) Additional packages to increase functionally. bin firmware: brcm/brcmfmac*-sdio.*.txt

Firmware

Firmware Wireless Passwords VPN

Hacking the Twinkly IoT Christmas lights

Security Affairs

DECEMBER 24, 2018

“ Experts found hardcoded credentials in the firmware that are used to connect to a private broker through the Message Queuing Telemetry Transport (MQTT) protocol for exchanging messages with remote IoT boards and sensors. If Twinkly lights are present in the network they will be instructed to display the message ‘Hack the Planet!’

IoT

IoT Hacking DNS Authentication

Overview of IoT threats in 2023

SecureList

SEPTEMBER 21, 2023

DNS changer Malicious actors may use IoT devices to target users who connect to them. A 2022 campaign known as Roaming Mantis, or Shaoye, spread an Android app whose capabilities included modifying DNS settings on Wi-Fi routers through the administration interface. The practice has not become widespread due to relative inefficiency.

IoT

IoT DDOS Passwords Malware

IT threat evolution Q3 2021

SecureList

NOVEMBER 26, 2021

You can view our report on the new version here , together with a video presentation of our findings. The vulnerability is in MSHTML, the Internet Explorer engine. Apart from Trojanized installers, we also observed infections involving use of a UEFI (Unified Extensible Firmware Interface) and MBR (Master Boot Record) bootkit.

Malware

Malware Banking Energy and Utilities Accountability

10 Network Security Threats Everyone Should Know

eSecurity Planet

MARCH 16, 2023

Definition, Threats & Protections Public Internet Threats If your enterprise network is connected to the public internet, every single threat on the internet can render your business vulnerable too. These threaten enterprise networks because malicious traffic from the internet can travel between networks.

Network Security

Network Security Firewall Internet Internet

Types of Malware & Best Malware Protection Practices

eSecurity Planet

FEBRUARY 16, 2021

These adware strains often present themselves as a video, banner, full screen, or otherwise pop-up nuisance. with no internet. Targeting victims over the phone, vishing is the use of Voice over Internet Protocol (VoIP), technical jargon, and ID spoofing to trick a caller into revealing sensitive information. Backdoors.

Malware

Malware Adware Spyware Antivirus

DDoS attacks in Q4 2020

SecureList

FEBRUARY 16, 2021

The DTLS (Datagram Transport Layer Security) protocol is used to establish secure connections over UDP, through which most DNS queries, as well as audio and video traffic, are sent. After the attacks came to light, the manufacturer promptly released a firmware update for configuring verification of incoming requests. Quarter summary.

DDOS

DDOS Cryptocurrency Marketing Internet

2024 State of Cybersecurity: Reports of More Threats & Prioritization Issues

eSecurity Planet

MAY 2, 2024

50,000 DDoS attacks on public domain name service (DNS) resolvers. 553% increase in DNS Flood attacks from 1H 2020 to 2H 2023. DDoS attacks on single networks or websites render them unavailable, but DDoS attacks on DNS resolvers bring down all networks and websites using that DNS resource.

Cybersecurity

Cybersecurity DDOS Penetration Testing Passwords

APT trends report Q3 2021

SecureList

OCTOBER 26, 2021

In June, more than six months after DarkHalo had gone dark, we observed the DNS hijacking of multiple government zones of a CIS member state that allowed the attacker to redirect traffic from government mail servers to computers under their control – probably achieved by obtaining credentials to the control panel of the victims’ registrar.

Malware

Malware Government Surveillance Spyware

Cyber Security Informer

CosmicStrand: the discovery of a sophisticated UEFI firmware rootkit

Some Zyxel devices can be hacked via DNS requests

Webinars

Trending Sources

NAME:WRECK, a potential IoT trainwreck

Webinars

IoT Unravelled Part 3: Security

Unauthenticated RCE can allow hacking DrayTek Vigor routers without user interaction

StripedFly: Perennially flying under the radar

Remotely Accessing Secure Kali Pi

Hacking the Twinkly IoT Christmas lights

Overview of IoT threats in 2023

IT threat evolution Q3 2021

10 Network Security Threats Everyone Should Know

Types of Malware & Best Malware Protection Practices

DDoS attacks in Q4 2020

2024 State of Cybersecurity: Reports of More Threats & Prioritization Issues

APT trends report Q3 2021

Stay Connected