Firmware, Information Security and IoT - Cyber Security Informer

PTZOptics cameras zero-days actively exploited in the wild

Security Affairs

NOVEMBER 2, 2024

The company discovered the zero-day vulnerabilities in IoT live-streaming cameras, used in industrial operations, healthcare, and other sensitive environments. Affected devices use VHD PTZ camera firmware < 6.3.40 “Organizations using VHD PTZ camera firmware < 6.3.40 ” concludes the report.

Firmware

Firmware Manufacturing IoT Healthcare

Undocumented hidden feature found in Espressif ESP32 microchip

Security Affairs

MARCH 9, 2025

The experts warn that a hidden feature poses a security risk for millions of IoT devices. “Tarlogic Securityhas detected a hidden functionality that can be used as a backdoor in the ESP32, a microcontroller that enables WiFi and Bluetooth connection and is present inmillions of mass-market IoT devices.”

Manufacturing

Manufacturing IoT Firmware Mobile

BadBox rapidly grows, 190,000 Android devices infected

Security Affairs

DECEMBER 21, 2024

” Recently, The Federal Office for Information Security (BSI) announced it had blocked communication between the 30,000 devices infected with the BadBox malware and the C2. The experts reported that at least 74,000 Android-based mobile phones, tablets, and Connected TV boxes worldwide were shipped with the backdoored firmware.

Firmware

Firmware Malware Internet Internet

Hacking IoT & RF Devices with BürtleinaBoard

Security Affairs

JULY 28, 2020

How to hack IoT & RF Devices with BürtleinaBoard. Few months ago I have presented #FocacciaBoard : a similar multipurpose breakout board that uses the famous FT232H to handle multiple protocols commonly found in (I)IoT devices (i.e. his majesty, the Firmware). In a couple of minutes you should get extracted the firmware.

IoT

IoT Hacking Firmware Advertising

New Ttint IoT botnet exploits two zero-days in Tenda routers

Security Affairs

OCTOBER 5, 2020

Security researchers provided technical details about an IoT botnet dubbed Ttint that has been exploiting two zero-days in Tenda routers. Security researchers at Netlab, the network security division Qihoo 360, have published a report that details an IoT botnet dubbed Ttint. ” concludes the report.

IoT

IoT Firmware Advertising DNS

BotenaGo botnet targets millions of IoT devices using 33 exploits

Security Affairs

NOVEMBER 11, 2021

Researchers at AT&T discovered a new BotenaGo botnet that is using thirty three exploits to target millions of routers and IoT devices. BotenaGo is a new botnet discovered by researchers at AT&T that leverages thirty three exploits to target millions of routers and IoT devices. 7)C0 NAS520 before firmware V5.21(AASZ.3)C0

IoT

IoT Firmware Malware Wireless

U.S. CISA adds PTZOptics camera bugs to its Known Exploited Vulnerabilities catalog

Security Affairs

NOVEMBER 5, 2024

The company discovered the zero-day vulnerabilities in IoT live-streaming cameras, used in industrial operations, healthcare, and other sensitive environments. Affected devices use VHD PTZ camera firmware < 6.3.40 Organizations using VHD PTZ camera firmware < 6.3.40 Organizations using VHD PTZ camera firmware < 6.3.40

Firmware

Firmware Manufacturing Authentication IoT

CVE-2021-20090 actively exploited to target millions of IoT devices worldwide

Security Affairs

AUGUST 7, 2021

Threat actors are actively exploiting a critical authentication bypass issue (CVE-2021-20090 ) affecting home routers with Arcadyan firmware. Threat actors actively exploit a critical authentication bypass vulnerability, tracked as CVE-2021-20090 , impacting home routers with Arcadyan firmware to deploy a Mirai bot.

IoT

IoT Firmware Authentication Wireless

Planet WGS-804HPT Industrial Switch flaws could be chained to achieve remote code execution

Security Affairs

JANUARY 19, 2025

The Planet WGS-804HPT industrial switch is used in building and home automation networks to provide connectivity of Internet of things (IoT) devices, IP surveillance cameras, and wireless LAN network applications. Planet Technology has released firmware version 1.305b241111 to address these issues. ” concludes the report. .

Firmware

Firmware IoT Wireless Surveillance

Mozi Botnet is responsible for most of the IoT Traffic

Security Affairs

SEPTEMBER 20, 2020

The Mozi botnet accounted for 90% of the IoT network traffic observed between October 2019 and June 2020, IBM reported. Mozi is an IoT botnet that borrows the code from Mirai variants and the Gafgyt malware , it appeared on the threat landscape in late 2019. ” reads the report published by IBM. ” continues the analysis.

IoT

IoT DDOS Architecture Passwords

IoT Cybersecurity: 5 Major Vulnerabilities and How to Tackle Them

Security Affairs

OCTOBER 13, 2020

The number of sensors and smart devices connected to the internet is exponentially rising, which are the 5 Major Vulnerabilities for IoT devices. If you take a look at the global market for IoT, you can easily spot the trend. IoT devices are exposed to cybersecurity vulnerabilities. IoT is a complicated concept.

IoT

IoT Cybersecurity Manufacturing Internet

Researchers used electromagnetic signals to classify malware infecting IoT devices

Security Affairs

JANUARY 5, 2022

Cybersecurity researchers demonstrate how to use electromagnetic field emanations from IoT devices to detect malware. The researchers proposed a novel approach of using side channel information to identify malware targeting IoT systems. SecurityAffairs – hacking, IoT devices). Pierluigi Paganini.

IoT

IoT Malware Internet Internet

Western Digital customers have to update their My Cloud devices to latest firmware version

Security Affairs

DECEMBER 18, 2021

My Cloud OS firmware is reaching the end of support, Western Digital customers have to update their WD My Cloud devices to the latest version. Devices on these older firmware versions will not receive security fixes or technical support.” Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini.

Firmware

Firmware Architecture Internet Internet

Kalay cloud platform flaw exposes millions of IoT devices to hack

Security Affairs

AUGUST 17, 2021

FireEye Mandiant researchers have discovered a critical vulnerability in the Kalay cloud platform that exposes millions of IoT devices to attacks. The flaw could be easily exploited by a remote attacker to take over an IoT device, the only info needed for the attack is the Kalay unique identifier (UID) of the targeted user. .

IoT

IoT Hacking Social Engineering Firmware

Million of Telestar Digital GmbH IoT radio devices can be remotely hacked

Security Affairs

SEPTEMBER 10, 2019

A security researcher disclosed zero-day flaws in Telestar Digital GmbH IoT radio devices that could be exploited by remote attackers to hijack systems without any user interaction. The hardware of the terminals is equipped with Shenzen technology, while the firmware is based on BusyBox Linux Debian. . Pierluigi Paganini.

IoT

IoT Hacking Firmware Advertising

Silex malware bricks thousands of IoT devices in a few hours

Security Affairs

JUNE 26, 2019

Security experts warn of a new piece of the Silex malware that is bricking thousands of IoT devices, and the situation could rapidly go worse. The only way to recover infected devices is to manually reinstall the device’s firmware. pic.twitter.com/Ue661ku0fy — Larry W. Cashdollar (@_larry0) June 25, 2019.

IoT

IoT Malware Advertising Firmware

A new Mirai botnet variant targets DigiEver DS-2105 Pro DVRs

Security Affairs

DECEMBER 26, 2024

“Using a Mirai malware variant that incorporates ChaCha20 and XOR decryption algorithms, it has been seen compromising vulnerable Internet of Things (IoT) devices in the wild, such as the DigiEver DVR, and TP-Link devices through CVE-2023-1389.” .” reads the analysis published by Akamai. in newer ones.

Manufacturing

Manufacturing Malware Firmware IoT

MikroTik botnet relies on DNS misconfiguration to spread malware

Security Affairs

JANUARY 16, 2025

The researchers found that the botnet comprises MikroTik routers with various firmware versions, including recent ones. Over the years, multiple security experts have identified several vulnerabilities in MikroTik routers, such as a remote code execution vulnerability detailed by VulnCheck researchers here.

DNS

DNS Malware Firmware Authentication

Realtek SDK flaws exploited to deliver Mirai bot variant

Security Affairs

AUGUST 24, 2021

Realtek published a security advisory on August 15 to warn customers about security updates to address vulnerabilities in its software developers kits (SDK) which is used by at least 65 separate vendors. On August 15, firmware security company IoT Inspector published details about the flaws.

IoT

IoT Firmware Internet Internet

Hundreds of vulnerabilities in common Wi-Fi routers affect millions of users

Security Affairs

DECEMBER 5, 2021

The researchers analyzed the network devices using IoT Inspector’s security platform, which checked for thousands of CVEs and security flaws. “Some of the security issues were detected more than once. . “Some of the security issues were detected more than once. Pierluigi Paganini.

Manufacturing

Manufacturing IoT Firmware VPN

Experts warn of a vulnerability affecting Bosch BCC100 Thermostat

Security Affairs

JANUARY 15, 2024

The researchers discovered a vulnerability, tracked as CVE-2023-49722 (CVSS score: 8.3), that can be exploited by an attacker on the same network to replace the device firmware with a rogue version. “Home users should closely monitor IoT devices and isolate them as completely as possible from the local network.

Firmware

Firmware IoT Hacking Information Security

Hikvision cameras could be remotely hacked due to critical flaw

Security Affairs

SEPTEMBER 22, 2021

The vulnerability is an unauthenticated Remote Code Execution (RCE) vulnerability in Hikvision IP camera/NVR firmware, it was discovered by a security researcher that goes online with the moniker “Watchful IP.”. The expert pointed out that every firmware developed since 2016 has been tested and found to be vulnerable.

Hacking

Hacking Firmware IoT Internet

Hacking Wi-Fi networks by exploiting a flaw in Philips Smart Light Bulbs

Security Affairs

FEBRUARY 6, 2020

“Check Point’s researchers showed how a threat actor could exploit an IoT network (smart lightbulbs and their control bridge) to launch attacks on conventional computer networks in homes, businesses or even smart cities.” The company released firmware p atches for the device in January.

Hacking

Hacking IoT Wireless Firmware

Flaws in Medtronic MyCareLink can allow attackers to take over implanted cardiac devices

Security Affairs

DECEMBER 15, 2020

Experts from IoT security firm Sternum discovered vulnerabilities discovered in Medtronic’s MyCareLink Smart 25000 Patient Reader product that could be exploited to take control of a paired cardiac device. The flaw could be exploited by an attacker to remotely execute code taking over the device. ” states the advisory.

Firmware

Firmware Authentication Mobile IoT

Experts found 15 flaws in Netgear JGS516PE switch, including a critical RCE

Security Affairs

MARCH 14, 2021

Netgear has released security and firmware updates for its JGS516PE Ethernet switch to address 15 vulnerabilities, including a critica remote code execution issue. “The switch internal management web application in firmware versions prior to 2.6.0.43 02 Dec 2020 – Netgear released the new firmware v2.6.0.48

Firmware

Firmware Authentication Hacking Software

Microsoft found auth bypass, system hijack flaws in Netgear routers

Security Affairs

JULY 1, 2021

Microsoft experts have disclosed a series of vulnerabilities in the firmware of Netgear routers which could lead to data leaks and full system takeover. “In our research, we unpacked the router firmware and found three vulnerabilities that can be reliably exploited.” html) and the firmware image itself (.chk

Firmware

Firmware Authentication Encryption Passwords

Moobot botnet spreads by exploiting CVE-2021-36260 flaw in Hikvision products

Security Affairs

DECEMBER 8, 2021

The vulnerability is an unauthenticated Remote Code Execution (RCE) vulnerability in Hikvision IP camera/NVR firmware, it was discovered by a security researcher that goes online with the moniker “Watchful IP.”. The expert pointed out that every firmware developed since 2016 has been tested and found to be vulnerable.

Firmware

Firmware DDOS Malware IoT

News alert: Sternum and ChargePoint collaborate to enhance ChargePoint Home Flex Security

The Last Watchdog

JANUARY 22, 2024

23, 2024 — Sternum, the pioneer in embedded IoT security and observability, today announced enhanced security for the ChargePoint Home Flex. ChargePoint, with its last firmware update, has disabled the HTTP server and updated the NTP client to address the issues. Tel Aviv, Israel – Jan.

IoT

IoT InfoSec Firmware Manufacturing

10-year-old vulnerability in Avaya VoIP Phones finally fixed

Security Affairs

AUGUST 10, 2019

. “We were able to find the presence of a Remote Code Execution (RCE) vulnerability in a piece of open source software that Avaya likely copied and modified 10 years ago, and then failed to apply subsequent security patches to.” Avaya addressed the issue with the release of new firmware on June 25. Only the H.323

Firmware

Firmware IoT Advertising Software

InfectedSlurs botnet targets QNAP VioStor NVR vulnerability

Security Affairs

DECEMBER 17, 2023

The security firm revealed that threat actors were exploiting a vulnerability, tracked as CVE-2023-49897 (CVSS score 8.0) that impacted several routers, including Future X Communications (FXC) AE1021 and AE1021PE wall routers, running firmware versions 2.0.9 and earlier. The vulnerability affects VioStor NVR Versions 5.0.0

Firmware

Firmware Wireless DDOS IoT

New BrakTooth flaws potentially impact millions of Bluetooth-enabled devices

Security Affairs

SEPTEMBER 2, 2021

. “we disclose BrakTooth, a family of new security vulnerabilities in commercial BT stacks that range from denial of service (DoS) via firmware crashes and deadlocks in commodity hardware to arbitrary code execution (ACE) in certain IoTs.” ” reads the post published by the researchers. Pierluigi Paganini.

Firmware

Firmware Manufacturing IoT Technology

D-Link issues beta hotfix for multiple flaws in DIR-3040 routers

Security Affairs

JULY 17, 2021

Network equipment vendor D-Link has released a firmware hotfix to fix multiple vulnerabilities in the DIR-3040 AC3000-based wireless internet router. Network equipment vendor D-Link has released a firmware hotfix to address multiple vulnerabilities affecting the DIR-3040 AC3000-based wireless internet router. ” states the vendor.

Firmware

Firmware Wireless Passwords Internet

TLStorm flaws allow to remotely manipulate the power of millions of enterprise UPS devices

Security Affairs

MARCH 9, 2022

Researchers from IoT security company Armis have discovered three high-impact security flaws, collectively tracked as TLStorm, affecting APC Smart-UPS devices. The researchers discovered that the firmware upgrades are not properly signed and validated. SecurityAffairs – hacking, IoT). Pierluigi Paganini.

Firmware

Firmware IoT Authentication Backups

D-Link addressed three critical RCE in wireless router models

Security Affairs

SEPTEMBER 16, 2024

DIR-X4860 A1 firmware version 1.00, 1.04 The issue impacts: DIR-X4860 A1 firmware version 1.00, 1.04 The issue impacts: DIR-X4860 A1 firmware version 1.00, 1.04. COVR-X1870 firmware version v1.02 The issue impacts: DIR-X4860 A1 firmware version 1.00, 1.04 CVE-2024-45695 (9.8 The issue impacts: CVE-2024-45697 (9.8

Wireless

Wireless Firmware Manufacturing Hacking

SweynTooth Bluetooth flaws affect devices from major system-on-a-chip (SoC) vendors

Security Affairs

FEBRUARY 15, 2020

.” Experts confirmed that more issues are still under disclosure and that the list of impacted SoC vendors is longer, and the number of IoT products designed on top of vulnerable SoCs still need independent patches from their respective vendors. “ SweynTooth highlights concrete flaws in the BLE stack certification process.

IoT

IoT Firmware Advertising Hacking

A new Zerobot variant spreads by exploiting Apache flaws

Security Affairs

DECEMBER 22, 2022

Microsoft Threat Intelligence Center (MSTIC) researchers discovered a new variant of the Zerobot botnet (aka ZeroStresser) that was improved with the capabilities to target more Internet of Things (IoT) devices. Adopt a comprehensive IoT security solution. The IT giant is tracking this cluster of threat activity as DEV-1061.

IoT

IoT DDOS Malware Firmware

WAGO Industrial Switches affected by multiple flaws

Security Affairs

JUNE 13, 2019

The company has already fixed the issues with the release of firmware versions 1.2.2.S0, “The industrial managed switch series 852 from WAGO is affected by multiple vulnerabilities such as old software components embedded in the firmware. ” reads the security advisory. S0 and 1.1.5.S0, S0, respectively.

Firmware

Firmware Passwords Advertising IoT

Ukrainian Blackjack group used ICS malware Fuxnet against Russian targets

Security Affairs

APRIL 15, 2024

Industrial and enterprise IoT cybersecurity firm Claroty reported that the Ukrainian Blackjack hacking group claims to have damaged emergency detection and response capabilities in Moscow and beyond the Russian capital using a destructive ICS malware dubbed Fuxnet. . YouTube Video 1 , YouTube Video 2 ). All servers have been deleted.

Malware

Malware Firmware IoT Hacking

Flaws in Wyze cam devices allow their complete takeover

Security Affairs

MARCH 31, 2022

The vendor addressed the unauthenticated access to the content of the SD card with the release of firmware updates on January 29, 2022. According to the experts, there are 3 version of Wyze Cam devices on the market and the first one has been discontinued and will not receive security updates to address the flaws.

IoT

IoT Firmware Marketing Authentication

Mozi P2P Botnet also targets Netgear, Huawei, and ZTE devices

Security Affairs

AUGUST 20, 2021

Mozi is an IoT botnet that borrows the code from Mirai variants and the Gafgyt malware , it appeared on the threat landscape in late 2019. Now researchers from Microsoft Security Threat Intelligence Center and Section 52 at Azure Defender for IoT have monitored a new evolution of the threat that extent the list of targets. .

IoT

IoT DNS Manufacturing Malware

Flaws in Realtek RTL8170C Wi-Fi module allow hijacking wireless communications

Security Affairs

JUNE 3, 2021

Researchers from Israeli IoT security firm Vdoo found multiple vulnerabilities in the Realtek RTL8170C Wi-Fi module that could allow to elevate privileges and hijack wireless communications. ” reads a reported published by Vdoo. The latest version of ambz2 SDK (7.1d) addresses the issues. Pierluigi Paganini.

Wireless

Wireless IoT Encryption Firmware

Vo1d malware infected 1.3 Million Android-based TV Boxes in 197 countries

Security Affairs

SEPTEMBER 13, 2024

Users may also mistakenly believe TV boxes are more secure than smartphones and are less likely to install antivirus software, increasing their risk when downloading third-party apps or unofficial firmware.

Malware

Malware Firmware Antivirus Manufacturing

Decoding Security 127: We Got Conned

SiteLock

AUGUST 27, 2021

Up next, Black Hat, one of the world’s largest information security conferences, took place in early August 2018 in Sin City. The conference held many briefings on politics, legislation, and Machine Learning (ML) and Artificial Intelligence (AI) in cybersecurity, as well as the challenge of endpoint security for many IoT devices.

Small Business

Small Business Artificial Intelligence Firmware IoT

Security Podcasting, Hacking Stories, and The State of Firmware Security with Paul Asadoorian

Security Boulevard

JUNE 25, 2023

Paul also shares with us some of his greatest hacking stories and don’t miss our lively […] The post Security Podcasting, Hacking Stories, and The State of Firmware Security with Paul Asadoorian appeared first on Shared Security Podcast.

Firmware

Firmware Hacking Internet Internet

PTZOptics cameras zero-days actively exploited in the wild

Undocumented hidden feature found in Espressif ESP32 microchip

Trending Sources

BadBox rapidly grows, 190,000 Android devices infected

Hacking IoT & RF Devices with BürtleinaBoard

New Ttint IoT botnet exploits two zero-days in Tenda routers

BotenaGo botnet targets millions of IoT devices using 33 exploits

U.S. CISA adds PTZOptics camera bugs to its Known Exploited Vulnerabilities catalog

CVE-2021-20090 actively exploited to target millions of IoT devices worldwide

Planet WGS-804HPT Industrial Switch flaws could be chained to achieve remote code execution

Mozi Botnet is responsible for most of the IoT Traffic

IoT Cybersecurity: 5 Major Vulnerabilities and How to Tackle Them

Researchers used electromagnetic signals to classify malware infecting IoT devices

Western Digital customers have to update their My Cloud devices to latest firmware version

Kalay cloud platform flaw exposes millions of IoT devices to hack

Million of Telestar Digital GmbH IoT radio devices can be remotely hacked

Silex malware bricks thousands of IoT devices in a few hours

A new Mirai botnet variant targets DigiEver DS-2105 Pro DVRs

MikroTik botnet relies on DNS misconfiguration to spread malware

Realtek SDK flaws exploited to deliver Mirai bot variant

Hundreds of vulnerabilities in common Wi-Fi routers affect millions of users

Experts warn of a vulnerability affecting Bosch BCC100 Thermostat

Hikvision cameras could be remotely hacked due to critical flaw

Hacking Wi-Fi networks by exploiting a flaw in Philips Smart Light Bulbs

Flaws in Medtronic MyCareLink can allow attackers to take over implanted cardiac devices

Experts found 15 flaws in Netgear JGS516PE switch, including a critical RCE

Microsoft found auth bypass, system hijack flaws in Netgear routers

Moobot botnet spreads by exploiting CVE-2021-36260 flaw in Hikvision products

News alert: Sternum and ChargePoint collaborate to enhance ChargePoint Home Flex Security

10-year-old vulnerability in Avaya VoIP Phones finally fixed

InfectedSlurs botnet targets QNAP VioStor NVR vulnerability

New BrakTooth flaws potentially impact millions of Bluetooth-enabled devices

D-Link issues beta hotfix for multiple flaws in DIR-3040 routers

TLStorm flaws allow to remotely manipulate the power of millions of enterprise UPS devices

D-Link addressed three critical RCE in wireless router models

SweynTooth Bluetooth flaws affect devices from major system-on-a-chip (SoC) vendors

A new Zerobot variant spreads by exploiting Apache flaws

WAGO Industrial Switches affected by multiple flaws

Ukrainian Blackjack group used ICS malware Fuxnet against Russian targets

Flaws in Wyze cam devices allow their complete takeover

Mozi P2P Botnet also targets Netgear, Huawei, and ZTE devices

Flaws in Realtek RTL8170C Wi-Fi module allow hijacking wireless communications

Vo1d malware infected 1.3 Million Android-based TV Boxes in 197 countries

Decoding Security 127: We Got Conned

Security Podcasting, Hacking Stories, and The State of Firmware Security with Paul Asadoorian

Stay Connected