Encryption, Firmware, Information Security and Internet

QNAP urges users to update NAS firmware and app to prevent infections

Security Affairs

SEPTEMBER 29, 2020

While the AgeLocker ransomware continues to target QNAP NAS systems, the Taiwanese vendor urges customers to update the firmware and apps. Taiwanese vendor QNAP is urging its customers to update the firmware and apps installed on their network-attached storage (NAS) devices to prevent AgeLocker ransomware infections.

Firmware

Firmware Encryption Ransomware Advertising

A new wave of DeadBolt Ransomware attacks hit QNAP NAS devices ?

Security Affairs

MARCH 22, 2022

Internet search engine Censys reported a new wave of DeadBolt ransomware attacks targeting QNAP NAS devices. Internet search engine Censys reported that QNAP devices were targeted in a new wave of DeadBolt ransomware attacks. Once encrypted the content of the device, the ransomware appends. Source DarkFeed Twitter.

Ransomware

Ransomware Firmware Internet Internet

QNAP warns new Deadbolt ransomware attacks exploiting zero-day

Security Affairs

SEPTEMBER 6, 2022

today detected the security threat DEADBOLT leveraging exploitation of Photo Station vulnerability to encrypt QNAP NAS that are directly connected to the Internet. QNAP Product Security Incident Response Team (QNAP PSIRT) had made the assessment and released the patched Photo Station app for the current version within 12 hours.”

Ransomware

Ransomware Internet Internet Encryption

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

Who and What is Behind the Malware Proxy Service SocksEscort?

Krebs on Security

JULY 25, 2023

Researchers this month uncovered a two-year-old Linux-based remote access trojan dubbed AVrecon that enslaves Internet routers into botnet that bilks online advertisers and performs password-spraying attacks. SocksEscort[.]com com , is what’s known as a “SOCKS Proxy” service. WHO’S BEHIND SOCKSESCORT?

Malware

Malware VPN Internet Internet

New Checkmate ransomware target QNAP NAS devices

Security Affairs

JULY 8, 2022

Preliminary investigation indicates that Checkmate attacks via SMB services exposed to the internet, and employs a dictionary attack to break accounts with weak passwords.” “Once the attacker successfully logs in to a device, they encrypt data in shared folders and leave a ransom note with the file name “! .

Ransomware

Ransomware Encryption Passwords Internet

QNAP warns of a new wave of DeadBolt ransomware attacks against its NAS devices

Security Affairs

MAY 20, 2022

Taiwanese vendor QNAP is asking users to install the latest update on their NAS devices and avoid exposing them on the Internet. “QNAP urges all NAS users to check and update QTS to the latest version as soon as possible, and avoid exposing their NAS to the Internet.” and QTS 4.4.1. “QNAP® Systems, Inc.

Ransomware

Ransomware Internet Internet Firmware

Deadbolt Ransomware targets Asustor and QNap NAS Devices

Security Affairs

FEBRUARY 24, 2022

Since January, DeadBolt ransomware operators are targeting QNAP NAS devices worldwide, its operators claim the availability of a zero-day exploit that allows them to encrypt the content of the infected systems. Once encrypted the content of the device, the ransomware appends. The encrypted files have a ‘.deadbolt’

Ransomware

Ransomware Encryption Internet Internet

New Ttint IoT botnet exploits two zero-days in Tenda routers

Security Affairs

OCTOBER 5, 2020

The botnet uses the WSS (WebSocket over TLS) protocol for C2 communication to circumvent the typical Mirai traffic detection and provide secure encrypted communication for command and control. “Two zero days, 12 remote access functions for the router, encrypted traffic protocol, and infrastructure IP that that moves around.

IoT

IoT Firmware DNS Advertising

New eCh0raix ransomware variant targets NAS devices from both QNAP and Synology vendors

Security Affairs

AUGUST 10, 2021

The ransomware, tracked by Intezer as “ QNAPCrypt ” and “ eCh0raix ” by Anomali, is written in the Go programming language and uses AES encryption to encrypt files. The malicious code appends.encrypt extension to filenames of encrypted files. Create complex login passwords to make brute-forcing more difficult for attackers.

Ransomware

Ransomware Encryption Firmware Passwords

Researchers found allegedly intentional backdoors in FTTH devices from Chinese vendor C-Data

Security Affairs

JULY 10, 2020

Two security researchers have discovered undocumented Telnet admin account accounts in 29 Fiber-To-The-Home (FTTH) devices from Chinese vendor C-Data. Some of the devices support multiple 10-gigabit uplinks and provide Internet connectivity to up to 1024 ONTs (clients). ” reads the analysis published by the experts.

Firmware

Firmware Accountability Advertising Manufacturing

Tails OS version 4.5 supports the Secure Boot

Security Affairs

APRIL 10, 2020

The Tails OS allows to use the Internet anonymously and circumvent censorship by using the Tor Network, it leaves no trace on the computer users are using and uses the state-of-the-art cryptographic tools to encrypt files, emails and instant messaging. it the first version that supports the UEFI Secure Boot.

Firmware

Firmware Advertising Encryption Internet

An educational robot security research

SecureList

FEBRUARY 27, 2024

” For instance, educational robots that connect to the internet and support video calls. ” Interactive features include gaming and educational applications for children, a voice assistant, internet access and connection to the parent app for smartphones. In other words, this is a “tablet on wheels.”

Education

Education Manufacturing Firmware Internet

USBAnywhere BMC flaws expose Supermicro servers to hack

Security Affairs

SEPTEMBER 3, 2019

Researchers at firmware security firm Eclypsium discovered multiple vulnerabilities referred as USBAnywhere that could be exploited to potentially allow an attacker to take over the baseboard management controller (BMC) for three different models of Supermicro server boards: the X9, X10, and X11. ” concludes Eclypsium.

Hacking

Hacking Firmware Media Authentication

CVE-2021-40847 flaw in Netgear SOHO routers could allow remote code execution

Security Affairs

SEPTEMBER 22, 2021

Security experts from consulting firm GRIMM have discovered a vulnerability in Small Offices/Home Offices (SOHO) Netgear routers that could be exploited by a remote attacker to execute arbitrary code as root. The flaw, tracked as CVE-2021-40847, resides in the source of a third-party component included in the firmware of many Netgear devices.

DNS

DNS Firmware VPN Risk

FBI warns of ransomware attacks targeting the food and agriculture sector

Security Affairs

SEPTEMBER 3, 2021

“Cyber criminal threat actors exploit network vulnerabilities to exfiltrate data and encrypt systems in a sector that is increasingly reliant on smart technologies, industrial control systems, and internet-based automation systems. Install updates/patch operating systems, software, and firmware as soon as they are released.

Ransomware

Ransomware Passwords Backups Firmware

IoT Cybersecurity: 5 Major Vulnerabilities and How to Tackle Them

Security Affairs

OCTOBER 13, 2020

The number of sensors and smart devices connected to the internet is exponentially rising, which are the 5 Major Vulnerabilities for IoT devices. A hacker managed to identify a weak spot in a security camera model. Unfortunately, at that moment, there were over 300,000 of those cameras connected to the internet. Vicious insider.

IoT

IoT Cybersecurity Manufacturing Internet

BlackByte ransomware breached at least 3 US critical infrastructure organizations

Security Affairs

FEBRUARY 14, 2022

“BlackByte is a Ransomware as a Service (RaaS) group that encrypts files on compromised Windows host systems, including physical and virtual servers.” Once gained access to the network, threat actors deployed tools to perform lateral movements and escalate privileges before exfiltrating and encrypting files.

Ransomware

Ransomware Accountability Firmware Antivirus

QNAP addresses 2 critical flaws that can allow hackers to take over NASs

Security Affairs

OCTOBER 8, 2020

Recently QNAP published a security advisory urging its customers to update the firmware and apps installed on their network-attached storage (NAS) devices to prevent AgeLocker ransomware infections.

Encryption

Encryption Firmware Advertising Ransomware

QSnatch malware infected over 62,000 QNAP NAS Devices

Security Affairs

JULY 28, 2020

These are encrypted with the actor’s public key and sent to their infrastructure over HTTPS. In November 2019, security experts first spotted the QSnatch malware that at the time infected thousands of QNAP NAS devices worldwide. .” Webshell functionality for remote access.

Malware

Malware Firmware Advertising Manufacturing

QNAP extends security Updates for some EOL devices

Security Affairs

FEBRUARY 15, 2022

NAS devices are privileged targets of cybercriminals, a couple of weeks ago QNAP forced the firmware update for its Network Attached Storage (NAS) devices to protect its customers against the DeadBolt ransomware. Recently a new wave of Qlocker ransomware was observed targeting QNAP NAS devices worldwide.

Firmware

Firmware Ransomware Encryption Hacking

USBsamurai for Dummies: How To Make a Malicious USB Implant & Bypass Air-Gapped Environments for 10$. The Dumb-Proof Guide.

Security Affairs

SEPTEMBER 26, 2019

With this article I wanna bring more light regarding: Which are the differences between C-U0007 & C-U0012 How to Build USBsamurai with a C-U0012 How to flash the C-U0012 with the LIGHTSPEED Firmware How to Flash the C-U0007 with the G700 firmware to achieve better performances and get the Air-Gap Bypass feature How to setup LOGITacker.

Firmware

Firmware Encryption Advertising Engineering

Security Affairs newsletter Round 419 by Pierluigi Paganini – International edition

Security Affairs

MAY 14, 2023

ransom Dragon Breath APT uses double-dip DLL sideloading strategy International Press Cybercrime San Bernardino County pays $1.1-million ransom Dragon Breath APT uses double-dip DLL sideloading strategy International Press Cybercrime San Bernardino County pays $1.1-million

Data breaches

Data breaches DDOS Artificial Intelligence Ransomware

Cloud Security: The Shared Responsibility Model

eSecurity Planet

OCTOBER 20, 2022

Its table illustration also goes into more detail and notes Google’s responsibility for hardware, boot, hardened kernel and interprocess communication (IPC), audit logging, network, and storage and encryption of data. However, the customer must secure that data when the environment is active.

Backups

Backups Firewall Encryption Software

CISA is warning of vulnerabilities in GE Power Management Devices

Security Affairs

MARCH 23, 2021

The flaws could be exploited to access sensitive information, reboot the device, trigger a denial-of-service condition, and gain privileged access. “Successful exploitation of these vulnerabilities could allow an attacker to access sensitive information, reboot the UR, gain privileged access, or cause a denial-of-service condition.”

Firmware

Firmware VPN Firewall Risk

Daixin Team targets health organizations with ransomware, US agencies warn

Security Affairs

OCTOBER 22, 2022

Below are the mitigations provided in the alert: Install updates for operating systems, software, and firmware as soon as they are released. Turn off SSH and other network device management interfaces such as Telnet, Winbox, and HTTP for wide area networks (WANs) and secure with strong passwords and encryption when enabled.

Ransomware

Ransomware VPN Cybercrime Accountability

New Qlocker ransomware infected hundreds of QNAP NAS devices in a few days

Security Affairs

APRIL 23, 2021

(QNAP), a leading computing, networking and storage solution innovator, today issued a statement in response to recent user reports and media coverage that two types of ransomware (Qlocker and eCh0raix) are targeting QNAP NAS and encrypting users’ data for ransom. ” read the advisory published by the vendor.

Ransomware

Ransomware Backups Media Malware

China-linked APT Mustang Panda targets TP-Link routers with a custom firmware implant

Security Affairs

MAY 16, 2023

China-linked APT group Mustang Panda employed a custom firmware implant targeting TP-Link routers in targeted attacks since January 2023. In most recent attacks observed by Check Point, the threat actors employed custom firmware implant designed explicitly for TP-Link routers. ” reads the report published by Check point.

Firmware

Firmware Encryption Government Malware

US CISA and FBI publish joint alert on DarkSide ransomware

Security Affairs

MAY 13, 2021

According to open-source reporting, since August 2020, DarkSide actors have been targeting multiple large, high-revenue organizations, resulting in the encryption and theft of sensitive data. Update software , including operating systems, applications, and firmware on IT network assets, in a timely manner.

Ransomware

Ransomware Healthcare Phishing Risk

FBI and CISA are warning of APT actors targeting Fortinet FortiOS servers

Security Affairs

APRIL 2, 2021

In March 2021, government experts observed state sponsored hackers scanning the internet for servers vulnerable to the above flaws, the attackers were probing systems on ports 4443, 8443, and 10443. Implement a recovery plan to restore sensitive or proprietary data from a physically separate, segmented, secure location (e.g.,

Passwords

Passwords Government Firmware Accountability

CryptoAgility to take advantage of Quantum Computing

Thales Cloud Protection & Licensing

MAY 4, 2021

The same goes with the advent of Quantum Computing , which is supposed to bring exponential computing power that shall not only bring endless benefits but also raises question marks on the current state of cryptography that is the bedrock of all information security as we know today. What risks will this entail?

Computers and Electronics

Computers and Electronics Banking IoT Risk

TP-Link Archer routers allow remote takeover without passwords

Security Affairs

DECEMBER 17, 2019

” The experts also pointed out that the RSA encryption key would fail since it is not designed to work with an empty password. TP-Link has already addressed the flaw with the release of the following security patches for Archer C5 V4, Archer MR200v4, Archer MR6400v4, and Archer MR400v3 routers: Firmware for Archer C5 V4: [link].

Passwords

Passwords Advertising Firmware Authentication

IoT Secure Development Guide

Pen Test Partners

OCTOBER 9, 2023

In essence, it is a view of the application and its environment through the lens of security. Threat modeling can be applied to a wide range of things, including software, applications, systems, networks, distributed systems, Internet of Things (IoT) devices, and business processes. Deploy malicious firmware. Use AES encryption.

IoT

IoT Firmware Mobile Manufacturing

FBI warns about high-impact Ransomware attacks on U.S. Organizations

Security Affairs

OCTOBER 3, 2019

Federal Bureau of Investigation (FBI) Internet Crime Complaint Center (IC3) warns organizations about high-impact ransomware attacks. Federal Bureau of Investigation (FBI) Internet Crime Complaint Center (IC3) issued organizations about high-impact ransomware attacks. ” reads the public service announcement published by the IC3.

Ransomware

Ransomware Advertising Firmware Internet

Microsoft found auth bypass, system hijack flaws in Netgear routers

Security Affairs

JULY 1, 2021

Microsoft experts have disclosed a series of vulnerabilities in the firmware of Netgear routers which could lead to data leaks and full system takeover. The traffic was TLS-encrypted, so the researchers focused on the router and investigate the presence of security weaknesses that can be exploited by threat actors.

Firmware

Firmware Authentication Encryption Passwords

Cyber Security Roundup for June 2021

Security Boulevard

JUNE 1, 2021

roundup of UK focused Cyber and Information Security News, Blog Posts, Reports and general Threat Intelligence from the previous calendar month, May 2021. The UK National Cyber Security Centre (NCSC) published its Smart Cities (connected places) guidance for UK local authorities. VULNERABILITIES AND SECURITY UPDATES.

Ransomware

Ransomware Passwords Scams Cyber Attacks

McAfee Enterprise ATR Uncovers Vulnerabilities in Globally Used B. Braun Infusion Pump

McAfee

AUGUST 24, 2021

From the 1960’s to 2000 infusion pumps were mostly electromechanical devices with some embedded electronics, but the turn of the century delivered “smarter” devices with better safety mechanisms and the possibility to program them, which slowly opened the door to information security challenges.

Computers and Electronics

Computers and Electronics Authentication Software Risk

EU and US agencies warn that Russia could attack satellite communications networks

Security Affairs

MARCH 20, 2022

In early March, Orange confirmed that “nearly 9,000 subscribers” of a satellite internet service provided by its subsidiary Nordnet in France were offline following a “cyber event” that took place on February 24 at Viasat, the US giant satellite operator that provides services to the European carriers.

Cyber Attacks

Cyber Attacks Digital transformation Firmware Internet

Security Affairs newsletter Round 268

Security Affairs

JUNE 14, 2020

Firmware

Firmware Advertising Ransomware Hacking

The Hacker Mind Podcast: Reverse Engineering Smart Meters

ForAllSecure

MAY 13, 2022

I kind of felt like it was giving back a bit to the community that I had kind of taken a lot from like when I was growing up by being IRC channels, and I had found the internet, all this information that was available. It was all this discovery on the internet that brought me to it. Then you go up.

Engineering

Engineering Energy and Utilities Computers and Electronics Firmware

What is Incident Response? Ultimate Guide + Templates

eSecurity Planet

JULY 25, 2023

Phishing attacks: Deceptive techniques, such as fraudulent emails or websites, trick individuals into revealing sensitive information like credit card and payment information, passwords, or login credentials. Escalate to ISO: The procedure for reporting issues to higher-level management, such as the Information Security Officer (ISO).

Software

Software Data breaches DDOS Ransomware

A flaw in Peloton Bike+ could allow hackers to control it

Security Affairs

JUNE 16, 2021

. “With their newfound access, the hacker interferes with the Peloton’s operating system and now has the ability to install and run any programs, modify files, or set up remote backdoor access over the internet. An attacker could also gather info regarding users’ workouts or spy on them via the bike’s camera and microphone.

Firmware

Firmware Hacking Encryption Internet

The Hacker Mind Podcast: The Right To Repair

ForAllSecure

FEBRUARY 10, 2021

As Stuart Brand said back in 1984 “information wants to be free.” ” So should analyzing a device’s firmware for security flaws be considered illegal? Roberts: We've got some great so secure repairs I founded in 2019. Or should our right to repair our own devices extend into the digital world?

InfoSec

InfoSec Manufacturing Technology Software

The Hacker Mind Podcast: The Right To Repair

ForAllSecure

FEBRUARY 10, 2021

As Stuart Brand said back in 1984 “information wants to be free.” ” So should analyzing a device’s firmware for security flaws be considered illegal? Roberts: We've got some great so secure repairs I founded in 2019. Or should our right to repair our own devices extend into the digital world?

InfoSec

InfoSec Manufacturing Technology Software

QNAP urges users to update NAS firmware and app to prevent infections

A new wave of DeadBolt Ransomware attacks hit QNAP NAS devices ?

Webinars

Trending Sources

QNAP warns new Deadbolt ransomware attacks exploiting zero-day

Webinars

Who and What is Behind the Malware Proxy Service SocksEscort?

New Checkmate ransomware target QNAP NAS devices

QNAP warns of a new wave of DeadBolt ransomware attacks against its NAS devices

Deadbolt Ransomware targets Asustor and QNap NAS Devices

New Ttint IoT botnet exploits two zero-days in Tenda routers

New eCh0raix ransomware variant targets NAS devices from both QNAP and Synology vendors

Researchers found allegedly intentional backdoors in FTTH devices from Chinese vendor C-Data

Tails OS version 4.5 supports the Secure Boot

An educational robot security research

USBAnywhere BMC flaws expose Supermicro servers to hack

CVE-2021-40847 flaw in Netgear SOHO routers could allow remote code execution

FBI warns of ransomware attacks targeting the food and agriculture sector

IoT Cybersecurity: 5 Major Vulnerabilities and How to Tackle Them

BlackByte ransomware breached at least 3 US critical infrastructure organizations

QNAP addresses 2 critical flaws that can allow hackers to take over NASs

QSnatch malware infected over 62,000 QNAP NAS Devices

QNAP extends security Updates for some EOL devices

USBsamurai for Dummies: How To Make a Malicious USB Implant & Bypass Air-Gapped Environments for 10$. The Dumb-Proof Guide.

Security Affairs newsletter Round 419 by Pierluigi Paganini – International edition

Cloud Security: The Shared Responsibility Model

CISA is warning of vulnerabilities in GE Power Management Devices

Daixin Team targets health organizations with ransomware, US agencies warn

New Qlocker ransomware infected hundreds of QNAP NAS devices in a few days

China-linked APT Mustang Panda targets TP-Link routers with a custom firmware implant

US CISA and FBI publish joint alert on DarkSide ransomware

FBI and CISA are warning of APT actors targeting Fortinet FortiOS servers

CryptoAgility to take advantage of Quantum Computing

TP-Link Archer routers allow remote takeover without passwords

IoT Secure Development Guide

FBI warns about high-impact Ransomware attacks on U.S. Organizations

Microsoft found auth bypass, system hijack flaws in Netgear routers

Cyber Security Roundup for June 2021

McAfee Enterprise ATR Uncovers Vulnerabilities in Globally Used B. Braun Infusion Pump

EU and US agencies warn that Russia could attack satellite communications networks

Security Affairs newsletter Round 268

The Hacker Mind Podcast: Reverse Engineering Smart Meters

What is Incident Response? Ultimate Guide + Templates

A flaw in Peloton Bike+ could allow hackers to control it

The Hacker Mind Podcast: The Right To Repair

The Hacker Mind Podcast: The Right To Repair

Stay Connected