Download, Firmware and Surveillance - Cyber Security Informer

An RCE in Annke video surveillance product allows hacking the device

Security Affairs

AUGUST 27, 2021

Researchers from Nozomi Networks discovered a critical vulnerability that can be exploited to hack a video surveillance product made by Annke. The vulnerability, tracked as CVE-2021-32941 can be exploited by an attacker to hack a video surveillance product made by Annke, a provider of home and business security solutions.

Surveillance

Surveillance Hacking Firmware Manufacturing

Patch now! Insecure Hikvision security cameras can be taken over remotely

Malwarebytes

SEPTEMBER 22, 2021

In a detailed post on Github , security researcher Watchful_IP describes how he found that the majority of the recent camera product ranges of Hikvision cameras are susceptible to a critical, unauthenticated, remote code execution (RCE) vulnerability, even with the latest firmware. Hangzhou Hikvision Digital Technology Co.,

Firmware

Firmware Surveillance Marketing VPN

IT threat evolution Q1 2024

SecureList

JUNE 3, 2024

The attackers were able to bypass this hardware-based security protection using another hardware feature of Apple-designed SoCs (System on a Chip): they did this by writing the data, destination address and data hash to unknown hardware registers of the chip that are not used by the firmware.

Banking

Banking Malware Computers and Electronics Mobile

MoonBounce: the dark side of UEFI firmware

SecureList

JANUARY 20, 2022

At the end of 2021, we were made aware of a UEFI firmware-level compromise through logs from our Firmware Scanner , which has been integrated into Kaspersky products since the beginning of 2019. This one is made up of implants found in the UEFI firmware within the SPI flash, a non-volatile storage external to the hard drive.

Firmware

Firmware Malware Encryption Passwords

Top 10 Malware Strains of 2021

SecureWorld News

AUGUST 8, 2022

MOUSEISLAND MOUSEISLAND is usually found within the embedded macros of a Microsoft Word document and can download other payloads. Remcos, short for Remote Control and Surveillance, was leveraged by malicious cyber actors conducting mass phishing campaigns during the COVID-19 pandemic to steal personal data and credentials. Enforce MFA.

Malware

Malware Banking Healthcare Penetration Testing

Overview of IoT threats in 2023

SecureList

SEPTEMBER 21, 2023

DDoS ads distributed by month, H1 2023 ( download ) The price of a service like that is driven by numerous factors that determine attack complexity, such as DDoS protection, CAPTCHA, and JavaScript verification on the victim’s side. Regrettably, vendors could have done a much better job fixing those.

IoT

IoT DDOS Passwords Malware

A bowl full of security problems: Examining the vulnerabilities of smart pet feeders

SecureList

JUNE 20, 2023

The findings of the study reveal a number of serious security issues, including the use of hard-coded credentials, and an insecure firmware update process. We later managed to extract the firmware from the EEPROM for further static reverse engineering. Further hardware analysis of the circuit board helped us identify chips.

Firmware

Firmware Passwords Manufacturing Mobile

IT threat evolution Q3 2021

SecureList

NOVEMBER 26, 2021

The attackers obtain initial access to a system by sending a spear-phishing email to the victim containing a Dropbox download link. If the victim opens the document, Microsoft Office downloads the script and runs it using the MSHTML engine. After this, they were tricked into downloading previously unknown malware.

Malware

Malware Banking Energy and Utilities Accountability

MoonBounce UEFI implant spotted in a targeted APT41 attack

Security Affairs

JANUARY 21, 2022

At the end of 2021, researchers discovered a UEFI firmware-level compromise by analyzing logs from its Firmware Scanner. Threat actors compromised a single component within the firmware image to intercept the original execution flow of the machine’s boot sequence and inject the sophisticated implant. Pierluigi Paganini.

Firmware

Firmware Malware Spyware Surveillance

APT trends report Q1 2022

SecureList

APRIL 27, 2022

We have previously seen DustSquad use third-party post-exploitation tools, such as the password dumping utility fgdump; but we have now observed new custom C modules, a first for DustSquad, and Delphi downloaders acting as post-exploitation facilitators, able to gather documents of interest for the actor. Other interesting discoveries.

Malware

Malware Firmware Government Phishing

APT annual review 2021

SecureList

NOVEMBER 30, 2021

Based on forensic analysis of numerous mobile devices, Amnesty International’s Security Lab found that the software was repeatedly used in an abusive manner for surveillance. As part of the infection chain, Lazarus used a downloader named Racket, which they signed using a stolen certificate. Firmware vulnerabilities.

Malware

Malware Mobile Spyware Surveillance

What is Malware? Definition, Purpose & Common Protections

eSecurity Planet

OCTOBER 21, 2022

Adware is often smuggled onto a device, either by users who don’t know what they’re downloading or by hiding it in an otherwise innocuous piece of software like a search engine toolbar plugin for your browser. Firmware rootkits are also known as “hardware rootkits.”.

Malware

Malware Adware Spyware Antivirus

APT trends report Q3 2021

SecureList

OCTOBER 26, 2021

Following this, they were tricked into downloading previously unknown malware. On June 3, Check Point published a report about an ongoing surveillance operation targeting a Southeast Asian government, and attributed the malicious activities to a Chinese-speaking threat actor named SharpPanda. The C2 domain code.microsoft[.]com

Malware

Malware Government Surveillance Spyware

Over 100 million Hikvision devices hit by critical cyber vulnerability

CyberSecurity Insiders

SEPTEMBER 24, 2021

China-based video surveillance related product offering company Hikvision has issued a security advisory saying that all those using their security cameras and NVRs must know a critical vulnerability on its devices that could allow hackers to take control of the cameras and use them as bots to launch DDoS or other related attacks.

Surveillance

Surveillance Firmware DDOS IoT

Cyber Security Informer

An RCE in Annke video surveillance product allows hacking the device

Patch now! Insecure Hikvision security cameras can be taken over remotely

Trending Sources

IT threat evolution Q1 2024

MoonBounce: the dark side of UEFI firmware

Top 10 Malware Strains of 2021

Overview of IoT threats in 2023

A bowl full of security problems: Examining the vulnerabilities of smart pet feeders

IT threat evolution Q3 2021

MoonBounce UEFI implant spotted in a targeted APT41 attack

APT trends report Q1 2022

APT annual review 2021

What is Malware? Definition, Purpose & Common Protections

APT trends report Q3 2021

Over 100 million Hikvision devices hit by critical cyber vulnerability

Stay Connected