Firmware, Hacking, Manufacturing and VPN

Hundreds of vulnerabilities in common Wi-Fi routers affect millions of users

Security Affairs

DECEMBER 5, 2021

Researchers discovered a total of 226 potential security vulnerabilities in nine Wi-Fi popular routers from known manufacturers. Since the integration of a new kernel into the firmware is costly, no manufacturer was up to date here. SecurityAffairs – hacking, routers). ” reads the advisory published by the experts.

Manufacturing

Manufacturing IoT Firmware VPN

335,923 out of 489,337 Fortinet firewalls vulnerable to CVE-2023-27997

Security Affairs

JULY 3, 2023

Researchers reported that there are 490,000 Fortinet firewalls exposing SSL VPN interfaces on the internet, and roughly 69% of them are still vulnerable to CVE-2023-27997. For this reason, if the customer has SSL-VPN enabled, Fortinet is advising customers to take immediate action to upgrade to the most recent firmware release.

Firewall

Firewall VPN Firmware Internet

Unauthenticated RCE can allow hacking DrayTek Vigor routers without user interaction

Security Affairs

AUGUST 4, 2022

Tens of router models from Taiwanese SOHO manufacturer DrayTek are affected by a critical, unauthenticated, remote code execution vulnerability, tracked as CVE-2022-32548, that can be exploited to fully compromise a vulnerable device and gain unauthorized access to the broader network. . SecurityAffairs – hacking, DrayTek Vigor).

Hacking

Hacking Internet Internet Passwords

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

Fortinet urges to patch the critical RCE flaw CVE-2023-27997 in Fortigate firewalls

Security Affairs

JUNE 13, 2023

. “A heap-based buffer overflow vulnerability [CWE-122] in FortiOS and FortiProxy SSL-VPN may allow a remote attacker to execute arbitrary code or commands via specifically crafted requests.” If the customer is not operating SSL-VPN the risk of this issue is mitigated – however, Fortinet still recommends upgrading.”

Firewall

Firewall VPN Firmware Manufacturing

Hackers target zero-day flaws in enterprise Draytek network devices

Security Affairs

MARCH 28, 2020

The two critical remote command injection vulnerabilities tracked as CVE-2020-8515 affect DrayTek Vigor network devices, including enterprise switches, routers, load-balancers, and VPN gateway. On the 6th Feb, we released an updated firmware to address this issue.” firmware or later. SecurityAffairs – DrayTek, hacking).

Firmware

Firmware VPN Accountability Advertising

Two critical flaws affect CODESYS ICS Automation Software

Security Affairs

JUNE 27, 2022

.” The Chinese researchers who discovered the vulnerabilities pointed out that CODESYS V2 Runtime is used by many manufacturers, and most of these manufacturers still use outdated versions. The vulnerabilities affect a large number of manufacturers using a version of CODESYS V2 Runtime older than V2.4.7.57.

Software

Software Manufacturing Firmware Risk

China-linked hackers target government agencies by exploiting flaws in Citrix, Pulse, and F5 systems, and MS Exchange

Security Affairs

SEPTEMBER 15, 2020

7 ] CVE-2019-19781 : Citrix Virtual Private Network (VPN) Appliances – CISA has observed the threat actors attempting to discover vulnerable Citrix VPN Appliances. Citrix blog post: firmware updates for Citrix ADC and Citrix Gateway versions 12.1 SecurityAffairs – hacking, China). “According to a recent U.S.

Government

Government VPN Firmware Energy and Utilities

Interview With a Crypto Scam Investment Spammer

Krebs on Security

MAY 22, 2023

This email address is also connected to accounts on several Russian cybercrime forums, including “ __edman__ ,” who had a history of selling “logs” — large amounts of data stolen from many bot-infected computers — as well as giving away access to hacked Internet of Things (IoT) devices. pw was their domain.

Scams

Scams DDOS Cryptocurrency Accountability

FBI warns of ransomware attacks targeting the food and agriculture sector

Security Affairs

SEPTEMBER 3, 2021

Small farms, large producers, processors and manufacturers, and markets and restaurants are particularly exposed to ransomware attacks. Install updates/patch operating systems, software, and firmware as soon as they are released. Consider installing and using a VPN. SecurityAffairs – hacking, FBI). Pierluigi Paganini.

Ransomware

Ransomware Passwords Backups Firmware

Avoslocker ransomware gang targets US critical infrastructure

Security Affairs

MARCH 19, 2022

. “AvosLocker is a Ransomware as a Service (RaaS) affiliate-based group that has targeted victims across multiple critical infrastructure sectors in the United States including, but not limited to, the Financial Services, Critical Manufacturing, and Government Facilities sectors. Consider installing and using a VPN.

Ransomware

Ransomware DDOS Passwords Backups

A mysterious code prevents QNAP NAS devices to be updated

Security Affairs

FEBRUARY 11, 2019

Users of the Network attached storage devices manufactured have reported a mystery string of malware attacks that disabled software updates by hijacking entries in host machines’ hosts file. “Since recent firmware updates, the ClamAV Antivirus fails to update due to 700+ clamav.net entries in /etc/hosts, all set to 0.0.0.0

Antivirus

Antivirus Firmware Advertising VPN

FBI published a flash alert on Mamba Ransomware attacks

Security Affairs

MARCH 26, 2021

According to the flash alert published by the FBI, the Mamba ransomware was employed in attacks against local governments, public transportation agencies, legal services, technology services, industrial, commercial, manufacturing, and construction businesses. Consider installing and using a VPN. hard drive, storage device, the cloud).

Ransomware

Ransomware Encryption Passwords Malware

IoT Cybersecurity: 5 Major Vulnerabilities and How to Tackle Them

Security Affairs

OCTOBER 13, 2020

Nobody told them that their coffee machine could be hacked into or that their camera could be used to launch a DDoS attack. The Flaws in Manufacturing Process. Manufacturers saw this as an opportunity and rushed in to grab their own piece of the IoT market. It can be prevented through the use of an online VPN.

IoT

IoT Cybersecurity Manufacturing Internet

US CISA and FBI publish joint alert on DarkSide ransomware

Security Affairs

MAY 13, 2021

US agencies warn that groups employed DarkSide ransomware in attacks aimed at organizations across various Critical Infrastructure sectors, including manufacturing, legal, insurance, healthcare, and energy. Update software , including operating systems, applications, and firmware on IT network assets, in a timely manner.

Ransomware

Ransomware Healthcare Phishing Risk

Overview of IoT threats in 2023

SecureList

SEPTEMBER 21, 2023

We conducted an analysis of the IoT threat landscape for 2023, as well as the products and services offered on the dark web related to hacking connected devices. As if that were not enough, many IoT devices have unalterable main passwords set by manufacturers. Another type of service sold on the dark web is IoT hacking.

IoT

IoT DDOS Passwords Malware

CISA warns of critical flaws in Prima FlexAir access control system

Security Affairs

JULY 31, 2019

Cybersecurity and Infrastructure Security Agency (CISA) published an advisory to warn of critical flaws affecting access control systems manufactured by Prima Systems. “To update to the latest firmware, each user should select the “Check for Upgrade” option in the “Centrals” menu in the GUI. ” concludes the CISA advisory.

Backups

Backups Authentication Advertising Firmware

Wireless Security: WEP, WPA, WPA2 and WPA3 Explained

eSecurity Planet

MARCH 1, 2023

Update your router firmware from your router’s manufacturer and install them to ensure your router is up to date and secure. By using the latest protocols, tools and practices, you can significantly improve the security of your wireless network and protect it from unauthorized access or hacking attempts.

Wireless

Wireless Encryption Authentication IoT

Experts found backdoors in a popular Auerswald VoIP appliance

Security Affairs

DECEMBER 27, 2021

Researchers found multiple backdoors in popular VoIP (voice over Internet protocol) appliance made by the German manufacturer Auerswald. Researchers from RedTeam Pentesting discovered multiple backdoors in a popular VoIP (voice over Internet protocol) appliance made by the German manufacturer Auerswald. “Firmware Update 8.2B

Firmware

Firmware Manufacturing Passwords Penetration Testing

Cyber Security Informer

Hundreds of vulnerabilities in common Wi-Fi routers affect millions of users

335,923 out of 489,337 Fortinet firewalls vulnerable to CVE-2023-27997

Webinars

Trending Sources

Unauthenticated RCE can allow hacking DrayTek Vigor routers without user interaction

Webinars

Fortinet urges to patch the critical RCE flaw CVE-2023-27997 in Fortigate firewalls

Hackers target zero-day flaws in enterprise Draytek network devices

Two critical flaws affect CODESYS ICS Automation Software

China-linked hackers target government agencies by exploiting flaws in Citrix, Pulse, and F5 systems, and MS Exchange

Interview With a Crypto Scam Investment Spammer

FBI warns of ransomware attacks targeting the food and agriculture sector

Avoslocker ransomware gang targets US critical infrastructure

A mysterious code prevents QNAP NAS devices to be updated

FBI published a flash alert on Mamba Ransomware attacks

IoT Cybersecurity: 5 Major Vulnerabilities and How to Tackle Them

US CISA and FBI publish joint alert on DarkSide ransomware

Overview of IoT threats in 2023

CISA warns of critical flaws in Prima FlexAir access control system

Wireless Security: WEP, WPA, WPA2 and WPA3 Explained

Experts found backdoors in a popular Auerswald VoIP appliance

Stay Connected