Firmware, Hacking and Passwords - Cyber Security Informer

Threat actor leaked config files and VPN passwords for over Fortinet Fortigate devices

Security Affairs

JANUARY 15, 2025

A previously unknown threat actor released config files and VPN passwords for Fortinet FortiGate devices on a popular cybercrime forum. A previously unknown threat actor named Belsen Group published configuration files and VPN passwords for over 15,000 Fortinet FortiGate appliances. “2025 will be a fortunate year for the world.

VPN

VPN Passwords Firewall Firmware

Japanese Government Will Hack Citizens' IoT Devices

Schneier on Security

JANUARY 28, 2019

Many have argued that this is an unnecessary step, as the same results could be achieved by just sending a security alert to all users, as there's no guarantee that the users found to be using default or easy-to-guess passwords would change their passwords after being notified in private. I am interested in the results of this survey.

IoT

IoT Government Firmware Hacking

ASUS routers with AiCloud vulnerable to auth bypass exploit

Security Affairs

APRIL 18, 2025

. “An improper authentication control vulnerability exists in certain ASUS router firmware series. “We have released new firmware update for 3.0.0.4_382, 3.0.0.4_386, 3.0.0.4_388, 3.0.0.6_102 series.” Asus also urges users to update the routers firmware via the ASUS support page when available.

Firmware

Firmware Authentication Passwords VPN

PTZOptics cameras zero-days actively exploited in the wild

Security Affairs

NOVEMBER 2, 2024

Affected devices use VHD PTZ camera firmware < 6.3.40 is an inadequate authentication mechanisms that could allow an attacker to access sensitive information like usernames, MD5 password hashes, and configuration data. . “Organizations using VHD PTZ camera firmware < 6.3.40 CVE-2024-8957 (CVSS score of CVSS 7.2)

Firmware

Firmware Manufacturing IoT Healthcare

Another 0-Day Looms for Many Western Digital Users

Krebs on Security

JULY 2, 2021

Researchers Radek Domanski and Pedro Ribeiro originally planned to present their findings at the Pwn2Own hacking competition in Tokyo last year. That update effectively nullified their chances at competing in Pwn2Own, which requires exploits to work against the latest firmware or software supported by the targeted device.

Firmware

Firmware Passwords Internet Internet

U.S. CISA adds PTZOptics camera bugs to its Known Exploited Vulnerabilities catalog

Security Affairs

NOVEMBER 5, 2024

Affected devices use VHD PTZ camera firmware < 6.3.40 is an inadequate authentication mechanisms that could allow an attacker to access sensitive information like usernames, MD5 password hashes, and configuration data. Organizations using VHD PTZ camera firmware < 6.3.40 reads the analysis published by GreyNoise.

Firmware

Firmware Manufacturing Authentication IoT

Western Digital customers have to update their My Cloud devices to latest firmware version

Security Affairs

DECEMBER 18, 2021

My Cloud OS firmware is reaching the end of support, Western Digital customers have to update their WD My Cloud devices to the latest version. Devices on these older firmware versions will not receive security fixes or technical support.” SecurityAffairs – hacking, Western Digital). Pierluigi Paganini.

Firmware

Firmware Architecture Internet Internet

Mirai botnet targets SSR devices, Juniper Networks warns

Security Affairs

DECEMBER 19, 2024

Juniper Networks warns that a Mirai botnet is targeting SSR devices with default passwords after unusual activity was reported on December 11, 2024. Juniper Networks is warning that a Mirai botnet is targeting Session Smart Router (SSR) products with default passwords. “The impacted systems were all using default passwords.”

DDOS

DDOS Firmware Firewall Passwords

DRAGONBLOOD flaws allow hacking WPA3 protected WiFi passwords

Security Affairs

AUGUST 3, 2019

Dragonblood researchers found two new weaknesses in WPA3 protocol that could be exploited to hack WPA3 protected WiFi passwords. passwords. We first met this team of experts in April when they discovered weaknesses in WPA3 that could be exploited to recover WiFi passwords by abusing timing or cache-based side-channel leaks.

Passwords

Passwords Hacking Wireless Authentication

Tainted password-cracking software for industrial systems used to spread P2P Sality bot

Security Affairs

JULY 15, 2022

Threat actors behind the campaign used multiple accounts across several social media platforms to advertise password-cracking software for Programmable Logic Controller (PLC), Human-Machine Interface (HMI), and project files. The password cracking software also acts as a dropper for the Sality P2P bot. ” concludes the report.

Passwords

Passwords Software Firmware Malware

Hikvision cameras could be remotely hacked due to critical flaw

Security Affairs

SEPTEMBER 22, 2021

The vulnerability is an unauthenticated Remote Code Execution (RCE) vulnerability in Hikvision IP camera/NVR firmware, it was discovered by a security researcher that goes online with the moniker “Watchful IP.”. No username or password needed nor any actions need to be initiated by the camera owner. SecurityAffairs – hacking, IoT).

Hacking

Hacking Firmware IoT Internet

Hacker leaks passwords for 900+ Pulse Secure VPN enterprise servers

Security Affairs

AUGUST 5, 2020

ZDNet reported in exclusive that a list of passwords for 900+ enterprise VPN servers has been shared on a Russian-speaking hacker forum. ZDNet has reported in exclusive that a list of plaintext usernames and passwords for 900 Pulse Secure VPN enterprise servers, along with IP addresses, has been shared on a Russian-speaking hacker forum.

VPN

VPN Passwords Banking Advertising

Zyxel firewalls targeted in recent ransomware attacks

Security Affairs

NOVEMBER 25, 2024

.” The vendor addressed these vulnerabilities with the release of firmware version 5.39 The company urges users to update admin and user account passwords for enhanced protection. Since then, admin passwords have not been changed. for ATP, USG FLEX, and USG FLEX 50(W)/USG20(W)-VPN series.

Firewall

Firewall Ransomware VPN Firmware

IoT Unravelled Part 3: Security

Troy Hunt

NOVEMBER 25, 2020

I also looked at custom firmware and soldering and why, to my mind, that was a path I didn't need to go down at this time. I can't blame this on the teddy bears themselves, rather the fact that the MongoDB holding all the collected data was left publicly facing without a password. IoT firmware should be self-healing.

IoT

IoT Firmware Risk Encryption

Expert found a secret backdoor in Zyxel firewall and VPN

Security Affairs

JANUARY 1, 2021

Zyxel addressed a critical flaw in its firmware, tracked as CVE-2020-29583 , related to the presence of a hardcoded undocumented secret account. The Taiwanese vendor Zyxel has addressed a critical vulnerability in its firmware related to the presence of a hardcoded undocumented secret account. “Firmware version 4.60

Firewall

Firewall VPN Firmware Passwords

Flaws in firmware expose almost any modern PC to Cold Boot Attacks

Security Affairs

SEPTEMBER 13, 2018

New Firmware Flaws Resurrect Cold Boot Attacks. A team of security researchers demonstrated that the firmware running on nearly all modern computers is vulnerable to cold boot attacks. encryption keys, passwords) from a running operating system after using a cold reboot to restart the machine. Pierluigi Paganini.

Firmware

Firmware Encryption Advertising Passwords

Critical Blink Router Flaws (CVSS 9.8) Allow Remote Root Code Execution via Unauthenticated Attacks

Penetration Testing

JUNE 15, 2025

The flaws, tracked as CVE-2025-45984 through CVE-2025-45988, affect a wide range of firmware versions used in both consumer and enterprise-grade networking equipment. Shared Affected Codebase: Each flaw targets the same goahead binary and associated shared object, amplifying the impact across models and firmware versions.

Firmware

Firmware DNS Penetration Testing Malware

Experts hacked 28,000 unsecured printers to raise awareness of printer security issues

Security Affairs

AUGUST 27, 2020

Example of available open printers on a single IoT search engine (Shodan.io): As we can see, many users and organizations still use internet-connected devices without thinking about security, installing firmware updates, or taking into account the implications of leaving their devices publicly accessible. Change the default password.

Hacking

Hacking IoT Firmware Internet

10 Behaviors That Will Reduce Your Risk Online

Daniel Miessler

MAY 14, 2020

Use unique, strong passwords, and store them in a password manager. Many people get hacked from having guessable or previously compromised passwords. Good passwords are long, random, and unique to each account, which means it’s impossible for a human to manage them on their own.

Risk

Risk Password Management Passwords Accountability

Xerox VersaLink C7025 Multifunction printer flaws may expose Windows Active Directory credentials to attackers

Security Affairs

FEBRUARY 18, 2025

The vulnerabilities are: CVE-2024-12511: SMB / FTP pass-back vulnerability CVE-2024-12510: LDAP pass-back vulnerability The vulnerabilities impact Xerox Versalink MFPs and Firmware Version: 57.69.91 ” Organizations using Xerox VersaLink C7025 Multifunction printers should update to the latest firmware. and earlier.

Firmware

Firmware Authentication Accountability Passwords

SonicWall warns of a critical CVE-2025-23006 zero-day likely exploited in the wild

Security Affairs

JANUARY 24, 2025

In March 2023, Mandiant researchers reported that alleged China-linked threat actors, tracked as UNC4540 , deployed custom malware on a SonicWall SMA appliance.The malware allows attackers to steal user credentials, achieve persistence through firmware upgrades, and provides shell access. reads the report published by Mandiant.

Firmware

Firmware Malware Authentication Mobile

China-linked APT Mustang Panda targets TP-Link routers with a custom firmware implant

Security Affairs

MAY 16, 2023

China-linked APT group Mustang Panda employed a custom firmware implant targeting TP-Link routers in targeted attacks since January 2023. In most recent attacks observed by Check Point, the threat actors employed custom firmware implant designed explicitly for TP-Link routers. ” reads the report published by Check point.

Firmware

Firmware Encryption Government Malware

Over 80,000 Hikvision cameras can be easily hacked

Security Affairs

AUGUST 23, 2022

The vulnerability is an unauthenticated Remote Code Execution (RCE) vulnerability in Hikvision IP camera/NVR firmware, it was discovered by a security researcher that goes online with the moniker “Watchful IP.”. No username or password needed nor any actions need to be initiated by the camera owner. wrote the expert. “.

Hacking

Hacking Firmware Internet Internet

Millions of Pixel devices can be hacked due to a pre-installed vulnerable app

Security Affairs

AUGUST 16, 2024

The “Showcase.apk” package, developed by Smith Micro, is part of the firmware image on millions of Android Pixel phones, potentially enhancing sales in Verizon stores. The app is preinstalled in Pixel firmware and included in Google’s OTA updates for Pixel devices.

Hacking

Hacking Firmware Mobile Penetration Testing

Recently disclosed CVE-2020-29583 Zyxel flaw already under opportunistic attack

Security Affairs

JANUARY 6, 2021

Threat actors are attempting to hack Zyxel devices exploiting the recently disclosed vulnerability CVE-2020-29583, security researchers warn. The Taiwanese vendor Zyxel has recently addressed a critical vulnerability in its firmware, tracked as CVE-2020-29583 , related to the presence of a hardcoded undocumented secret account.

Firmware

Firmware Passwords Accountability Firewall

Millions of Xiongmai video surveillance devices can be easily hacked via cloud feature

Security Affairs

OCTOBER 10, 2018

Millions of Xiongmai video surveillance devices can be easily hacked via cloud feature, a gift for APT groups and cyber crime syndicates. Xiongmai hereinafter) that are open to hack. The experts also discovered an undocumented user with the name “default” and password “tluafed.”. ” continues the analysis.

Surveillance

Surveillance Hacking Firmware Manufacturing

D-Link issues beta hotfix for multiple flaws in DIR-3040 routers

Security Affairs

JULY 17, 2021

Network equipment vendor D-Link has released a firmware hotfix to fix multiple vulnerabilities in the DIR-3040 AC3000-based wireless internet router. Network equipment vendor D-Link has released a firmware hotfix to address multiple vulnerabilities affecting the DIR-3040 AC3000-based wireless internet router.

Firmware

Firmware Wireless Passwords Internet

SonicWall warns of ‘imminent ransomware’ attacks on its EOL products

Security Affairs

JULY 15, 2021

x firmware in an imminent ransomware campaign using stolen credentials.” “The exploitation targets a known vulnerability that has been patched in newer versions of firmware.” The network equipment vendor is now urging customers to update the firmware of their devices as soon as possible. “If 34 or 9.0.0.10

Ransomware

Ransomware Firmware Passwords Mobile

Some Zyxel devices can be hacked via DNS requests

Security Affairs

SEPTEMBER 4, 2019

Experts at SEC Consult discovered several security issues in various Zyxel devices that allow to hack them via unauthenticated DNS requests. An attacker could use these credentials to log on to the APs FTP server and steal the configuration file that includes SSIDs and passwords. “An SecurityAffairs – Zyxel, hacking).

DNS

DNS Hacking Firmware Wireless

Netgear addresses severe security flaws in 20 of its products

Security Affairs

SEPTEMBER 6, 2021

Netgear has released firmware updates to address high-severity vulnerabilities in more than a dozen of its smart switches used on businesses. The flaws affected multiple products including the following smart switches, below is the list of the impacted devices and related firmware fixes: GC108P fixed in firmware version 1.0.8.2

Firmware

Firmware Authentication Passwords Hacking

Hacking IoT devices with Focaccia-Board: A Multipurpose Breakout Board to hack hardware in a clean and easy way!

Security Affairs

FEBRUARY 18, 2020

Successfully dumped the smartlock’s firmware. And after having successfully dumped the firmware we can proceed at extracting some valuable evidences for the forensics case. Artifacts extracted from the FW analysis: Smartlock Passwords & User’s Logs. But it saves my time while hacking (I)IoT targets.

IoT

IoT Hacking Firmware Advertising

USBAnywhere BMC flaws expose Supermicro servers to hack

Security Affairs

SEPTEMBER 3, 2019

Researchers at firmware security firm Eclypsium discovered multiple vulnerabilities referred as USBAnywhere that could be exploited to potentially allow an attacker to take over the baseboard management controller (BMC) for three different models of Supermicro server boards: the X9, X10, and X11. ” reads the post published by Eclypsium.

Hacking

Hacking Firmware Media Authentication

Dell Wyse ThinOS flaws allow hacking think clients

Security Affairs

DECEMBER 21, 2020

The researchers also discovered the update process for the firmware and packages doesn’t rely on digital signature of the code. “Dell advises creating an FTP server using Microsoft IIS (no specific guidance), then giving access to firmware, packages, and INI files accessible through the FTP server. Pierluigi Paganini.

Hacking

Hacking Firmware DNS Healthcare

Multiple flaws in Netgear Nighthawk R6700v3 router are still unpatched

Security Affairs

DECEMBER 31, 2021

Researchers discovered multiple high-risk vulnerabilities affecting the latest firmware version for the Netgear Nighthawk R6700v3 router. Researchers from Tenable have discovered multiple vulnerabilities in the latest firmware version (version 1.0.4.120) of the popular Netgear Nighthawk R6700v3 WiFi router. ” states Tenable. .

Firmware

Firmware Encryption Authentication Passwords

TP-Link Archer routers allow remote takeover without passwords

Security Affairs

DECEMBER 17, 2019

TP-Link has addressed a critical vulnerability impacting some TP-Link Archer routers that could allow attackers to login without passwords. “In such an event, the victim could lose access to the console and even a shell, and thereby would not be able to re-establish a new password.” ” continues the post.

Passwords

Passwords Advertising Firmware Authentication

A new campaign is likely targeting a zero-day in Fortinet FortiGate firewalls

Security Affairs

JANUARY 14, 2025

” The researchers noticed that the attack targeted firmware versions of devices ranging between 7.0.14 Attackers also reset the guest account password, created new VPN portals, and used specific ports (4433, 59449, 59450). and 7.0.16, which were released on February 2024 and October 2024 respectively.

Firewall

Firewall VPN Accountability Firmware

Experts share details of five flaws that can be chained to hack Netgear RAX30 Routers

Security Affairs

MAY 11, 2023

Industrial and IoT cybersecurity firm Claroty disclosed technical details of five vulnerabilities that be exploited to hack some Netgear router models. “Team82 disclosed five vulnerabilities in NETGEAR’s Nighthawk RAX30 routers as part of its research and participation in last December’s Pwn2Own Toronto hacking competition.”

Hacking

Hacking Firmware Authentication DNS

Threat actor leaked config files and VPN passwords for over Fortinet Fortigate devices

Security Affairs

JANUARY 15, 2025

A previously unknown threat actor released config files and VPN passwords for Fortinet FortiGate devices on a popular cybercrime forum. A previously unknown threat actor named Belsen Group published configuration files and VPN passwords for over 15,000 Fortinet FortiGate appliances. “2025 will be a fortunate year for the world.

VPN

VPN Passwords Firewall Firmware

Over 600k GPS trackers left exposed online with a default password of ‘123456’

Security Affairs

SEPTEMBER 6, 2019

600,000 GPS trackers left exposed online with a default password of ‘123456’ Avast researchers found at least 600,000 GPS trackers manufactured by a Chinese vendor that were exposed online with a default password of “123456.” The use of default passwords represents a serious problem also for the Chinese vendor.

Passwords

Passwords Manufacturing Advertising Firmware

Expert discloses details and PoC code for Netgear Seventh Inferno bug

Security Affairs

SEPTEMBER 18, 2021

In short, it goes from a newline injection in the password field, through being able to write a file with constant uncontrolled content of 2 (like, one byte 32h), through a DoS and session crafting (which yields an admin web UI user), to an eventual post-auth shell injection (which yields full root).” .” Coldwind explained.

Firmware

Firmware Engineering Passwords Hacking

CISA adds D-Link DIR router flaws to its Known Exploited Vulnerabilities catalog

Security Affairs

MAY 17, 2024

CVE-2021-40655 An informtion disclosure issue exists in D-LINK-DIR-605 B2 Firmware Version : 2.01MT. Pierluigi Paganini Follow me on Twitter: @securityaffairs and Facebook and Mastodon ( SecurityAffairs – hacking, CISA ) CISA orders federal agencies to fix these vulnerabilities by June 6, 2024.

Firmware

Firmware Authentication Passwords Hacking

Microsoft found auth bypass, system hijack flaws in Netgear routers

Security Affairs

JULY 1, 2021

Microsoft experts have disclosed a series of vulnerabilities in the firmware of Netgear routers which could lead to data leaks and full system takeover. “In our research, we unpacked the router firmware and found three vulnerabilities that can be reliably exploited.” html) and the firmware image itself (.chk

Firmware

Firmware Authentication Encryption Passwords

Million of Telestar Digital GmbH IoT radio devices can be remotely hacked

Security Affairs

SEPTEMBER 10, 2019

The hardware of the terminals is equipped with Shenzen technology, while the firmware is based on BusyBox Linux Debian. . The telnetd service is being deactivated and old and weak passwords are as well being removed or changed. SecurityAffairs – IoT radio devices, hacking). . ” continues the experts. Pierluigi Paganini.

IoT

IoT Hacking Firmware Advertising

Hundreds of vulnerabilities in common Wi-Fi routers affect millions of users

Security Affairs

DECEMBER 5, 2021

The most common issues discovered by the experts were outdated Linux kernel in the firmware, outdated multimedia and VPN functions, presence of hardcoded credentials, the use of insecure communication protocols and weak default passwords. SecurityAffairs – hacking, routers). ” reads the advisory published by the experts.

Manufacturing

Manufacturing IoT Firmware VPN

Threat actor leaked config files and VPN passwords for over Fortinet Fortigate devices

Japanese Government Will Hack Citizens' IoT Devices

Trending Sources

ASUS routers with AiCloud vulnerable to auth bypass exploit

PTZOptics cameras zero-days actively exploited in the wild

Another 0-Day Looms for Many Western Digital Users

U.S. CISA adds PTZOptics camera bugs to its Known Exploited Vulnerabilities catalog

Western Digital customers have to update their My Cloud devices to latest firmware version

Mirai botnet targets SSR devices, Juniper Networks warns

DRAGONBLOOD flaws allow hacking WPA3 protected WiFi passwords

Tainted password-cracking software for industrial systems used to spread P2P Sality bot

Hikvision cameras could be remotely hacked due to critical flaw

Hacker leaks passwords for 900+ Pulse Secure VPN enterprise servers

Zyxel firewalls targeted in recent ransomware attacks

IoT Unravelled Part 3: Security

Expert found a secret backdoor in Zyxel firewall and VPN

Flaws in firmware expose almost any modern PC to Cold Boot Attacks

Critical Blink Router Flaws (CVSS 9.8) Allow Remote Root Code Execution via Unauthenticated Attacks

Experts hacked 28,000 unsecured printers to raise awareness of printer security issues

10 Behaviors That Will Reduce Your Risk Online

Xerox VersaLink C7025 Multifunction printer flaws may expose Windows Active Directory credentials to attackers

SonicWall warns of a critical CVE-2025-23006 zero-day likely exploited in the wild

China-linked APT Mustang Panda targets TP-Link routers with a custom firmware implant

Over 80,000 Hikvision cameras can be easily hacked

Millions of Pixel devices can be hacked due to a pre-installed vulnerable app

Recently disclosed CVE-2020-29583 Zyxel flaw already under opportunistic attack

Millions of Xiongmai video surveillance devices can be easily hacked via cloud feature

D-Link issues beta hotfix for multiple flaws in DIR-3040 routers

SonicWall warns of ‘imminent ransomware’ attacks on its EOL products

Some Zyxel devices can be hacked via DNS requests

Netgear addresses severe security flaws in 20 of its products

Hacking IoT devices with Focaccia-Board: A Multipurpose Breakout Board to hack hardware in a clean and easy way!

USBAnywhere BMC flaws expose Supermicro servers to hack

Dell Wyse ThinOS flaws allow hacking think clients

Multiple flaws in Netgear Nighthawk R6700v3 router are still unpatched

TP-Link Archer routers allow remote takeover without passwords

A new campaign is likely targeting a zero-day in Fortinet FortiGate firewalls

Experts share details of five flaws that can be chained to hack Netgear RAX30 Routers

Threat actor leaked config files and VPN passwords for over Fortinet Fortigate devices

Over 600k GPS trackers left exposed online with a default password of ‘123456’

Expert discloses details and PoC code for Netgear Seventh Inferno bug

CISA adds D-Link DIR router flaws to its Known Exploited Vulnerabilities catalog

Microsoft found auth bypass, system hijack flaws in Netgear routers

Million of Telestar Digital GmbH IoT radio devices can be remotely hacked

Hundreds of vulnerabilities in common Wi-Fi routers affect millions of users

Stay Connected