Firmware, Information Security and Passwords

Western Digital customers have to update their My Cloud devices to latest firmware version

Security Affairs

DECEMBER 18, 2021

My Cloud OS firmware is reaching the end of support, Western Digital customers have to update their WD My Cloud devices to the latest version. Devices on these older firmware versions will not receive security fixes or technical support.” Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini.

Firmware

Firmware Architecture Internet Internet

Tainted password-cracking software for industrial systems used to spread P2P Sality bot

Security Affairs

JULY 15, 2022

Threat actors behind the campaign used multiple accounts across several social media platforms to advertise password-cracking software for Programmable Logic Controller (PLC), Human-Machine Interface (HMI), and project files. The password cracking software also acts as a dropper for the Sality P2P bot. ” concludes the report.

Passwords

Passwords Software Firmware Malware

Expert found a secret backdoor in Zyxel firewall and VPN

Security Affairs

JANUARY 1, 2021

Zyxel addressed a critical flaw in its firmware, tracked as CVE-2020-29583 , related to the presence of a hardcoded undocumented secret account. The Taiwanese vendor Zyxel has addressed a critical vulnerability in its firmware related to the presence of a hardcoded undocumented secret account. “Firmware version 4.60

Firewall

Firewall VPN Firmware Passwords

Experts warn of backdoor-like behavior within Gigabyte systems

Security Affairs

MAY 31, 2023

Researchers from firmware security firm Eclypsium have discovered a suspected backdoor-like behavior within Gigabyte systems. The experts discovered that the firmware in Gigabyte systems drops and executes a Windows native executable during the system startup process. The executable resides in a UEFI firmware volume.

Firmware

Firmware Risk Software Passwords

SonicWall warns of ‘imminent ransomware’ attacks on its EOL products

Security Affairs

JULY 15, 2021

. “Through the course of collaboration with trusted third parties, SonicWall has been made aware of threat actors actively targeting Secure Mobile Access (SMA) 100 series and Secure Remote Access (SRA) products running unpatched and end-of-life (EOL) 8.x x firmware in an imminent ransomware campaign using stolen credentials.”

Firmware

Firmware Ransomware Passwords Mobile

D-Link issues beta hotfix for multiple flaws in DIR-3040 routers

Security Affairs

JULY 17, 2021

Network equipment vendor D-Link has released a firmware hotfix to fix multiple vulnerabilities in the DIR-3040 AC3000-based wireless internet router. Network equipment vendor D-Link has released a firmware hotfix to address multiple vulnerabilities affecting the DIR-3040 AC3000-based wireless internet router.

Firmware

Firmware Wireless Passwords Internet

TP-Link Archer routers allow remote takeover without passwords

Security Affairs

DECEMBER 17, 2019

TP-Link has addressed a critical vulnerability impacting some TP-Link Archer routers that could allow attackers to login without passwords. “In such an event, the victim could lose access to the console and even a shell, and thereby would not be able to re-establish a new password.” ” continues the post.

Passwords

Passwords Advertising Firmware Authentication

Recently disclosed CVE-2020-29583 Zyxel flaw already under opportunistic attack

Security Affairs

JANUARY 6, 2021

The Taiwanese vendor Zyxel has recently addressed a critical vulnerability in its firmware, tracked as CVE-2020-29583 , related to the presence of a hardcoded undocumented secret account. Firmware version 4.60 of Zyxel USG devices contains an undocumented account (zyfwp) with an unchangeable password. Firmware version 4.60

Firmware

Firmware Passwords Accountability VPN

Netgear addresses severe security flaws in 20 of its products

Security Affairs

SEPTEMBER 6, 2021

Netgear has released security updates to address high-severity vulnerabilities affecting several of its smart switches used by businesses. Netgear has released firmware updates to address high-severity vulnerabilities in more than a dozen of its smart switches used on businesses. GC108PP fixed in firmware version 1.0.8.2

Firmware

Firmware Authentication Passwords Hacking

ASUS addressed critical flaws in some router models

Security Affairs

JUNE 19, 2023

ASUS addressed critical vulnerabilities in multiple router models, urging customers to immediately install firmware updates. ASUS is warning customers to update some router models to the latest firmware to address critical vulnerabilities. “Update your router to the latest firmware.

Firmware

Firmware VPN Wireless Passwords

DRAGONBLOOD flaws allow hacking WPA3 protected WiFi passwords

Security Affairs

AUGUST 3, 2019

Dragonblood researchers found two new weaknesses in WPA3 protocol that could be exploited to hack WPA3 protected WiFi passwords. passwords. A group of researchers known as Dragonblood (Mathy Vanhoef and Eyal Ronen ) devised new methods to hack WPA3 protected WiFi passwords by exploiting two new vulnerabilities dubbed Dragonblood flaws.

Passwords

Passwords Hacking Wireless Authentication

Over 600k GPS trackers left exposed online with a default password of ‘123456’

Security Affairs

SEPTEMBER 6, 2019

600,000 GPS trackers left exposed online with a default password of ‘123456’ Avast researchers found at least 600,000 GPS trackers manufactured by a Chinese vendor that were exposed online with a default password of “123456.” The use of default passwords represents a serious problem also for the Chinese vendor.

Passwords

Passwords Manufacturing Advertising Firmware

Expert discloses details and PoC code for Netgear Seventh Inferno bug

Security Affairs

SEPTEMBER 18, 2021

In short, it goes from a newline injection in the password field, through being able to write a file with constant uncontrolled content of 2 (like, one byte 32h), through a DoS and session crafting (which yields an admin web UI user), to an eventual post-auth shell injection (which yields full root).” .” Coldwind explained.

Firmware

Firmware Engineering Passwords Hacking

Expert found Backdoor credentials in ZyXEL LTE3301 M209

Security Affairs

DECEMBER 24, 2022

Unlike the D-Link analysis, the researchers has no physical access to the device and attempted to retrieve the password from the config. “The firmware is basically a merge of 3 sections, the LZMA section is the kernel, at 0x148CD6 the root-fs and at 0x90BD36 the www content.” A firmware fix has been released.

Firmware

Firmware Passwords Hacking Cybersecurity

Experts warn of critical flaws in Flexlan devices that provide WiFi on airplanes

Security Affairs

SEPTEMBER 19, 2022

“It is found that our wireless products, FLEXLAN FX3000/2000 series, have a firmware vulnerability. There are possibilities of data plagiarism, falsification, system destruction, and malicious program execution if this vulnerability was exploited by malicious attackers who can access to this private webpage (with passwords information).”

Wireless

Wireless Firmware Passwords Engineering

3.5m IP cameras exposed, with US in the lead

Security Affairs

DECEMBER 14, 2022

Some of the most popular brands don’t enforce a strong password policy, meaning anyone can peer into their owners’ lives. While the default security settings have improved over the review period, some popular brands either offer default passwords or no authentication, meaning anyone can spy on the spies.

Surveillance

Surveillance Manufacturing Passwords Internet

Multiple flaws in Netgear Nighthawk R6700v3 router are still unpatched

Security Affairs

DECEMBER 31, 2021

Researchers discovered multiple high-risk vulnerabilities affecting the latest firmware version for the Netgear Nighthawk R6700v3 router. Researchers from Tenable have discovered multiple vulnerabilities in the latest firmware version (version 1.0.4.120) of the popular Netgear Nighthawk R6700v3 WiFi router. ” states Tenable.

Firmware

Firmware Encryption Authentication Passwords

Hundreds of vulnerabilities in common Wi-Fi routers affect millions of users

Security Affairs

DECEMBER 5, 2021

The researchers analyzed the network devices using IoT Inspector’s security platform, which checked for thousands of CVEs and security flaws. “Some of the security issues were detected more than once. Since the integration of a new kernel into the firmware is costly, no manufacturer was up to date here.

Manufacturing

Manufacturing IoT Firmware VPN

Ukrainian Blackjack group used ICS malware Fuxnet against Russian targets

Security Affairs

APRIL 15, 2024

The website ruexfil.com provided detailed information about the attacks against Moscollector, the hackers also published screenshots of monitoring systems, servers, and databases they claim to have compromised. The site also hosts password dumps allegedly stolen from the Russian company. Access to 112 Emergency Service.

Malware

Malware Firmware IoT Hacking

Netgear Routers impacted by FunJSQ Game Acceleration Module flaw

Security Affairs

SEPTEMBER 19, 2022

Researchers at security and compliance assessment firm Onekey warns of an arbitrary code execution via FunJSQ, which is a third-party module developed by Xiamen Xunwang Network Technology for online game acceleration, that impacts multiple Netgear router models. present in the majority of NETGEAR firmware images in our corpus.”

Firmware

Firmware Passwords Technology Hacking

Be aware of exposure of sensitive data on Wi-Fi settings for Canon inkjet printers

Security Affairs

AUGUST 1, 2023

The information stored in a Canon printer depends on the specific model, however, almost any model stores the network SSID, the password, network type (WPA3, WEP, etc.), Set up strong authentication mechanisms, such as complex passwords or use multi-factor authentication (MFA) for printer access. MAC address, and IP address.

Wireless

Wireless Firmware Passwords Authentication

Experts share details of five flaws that can be chained to hack Netgear RAX30 Routers

Security Affairs

MAY 11, 2023

These vulnerabilities require an attacker to have your WiFi password or an Ethernet connection to your network to be exploited.” “NETGEAR strongly recommends that you download the latest firmware as soon as possible.” ” The vendor addressed the issues in April 2023 with the release of firmware version 1.0.10.94

Hacking

Hacking Firmware Authentication DNS

Experts found multiple flaws in AudioCodes desk phones and Zoom’s Zero Touch Provisioning (ZTP)

Security Affairs

AUGUST 14, 2023

The procedures allow administrators to provide device information such as server addresses, account information, and firmware updates. The server is used to provide configurations and firmware updates to the devices. In this scenario, an attacker can act as a rogue server and distribute malicious firmware.

Firmware

Firmware Authentication Passwords Hacking

10,000+ unpatched ABUS Secvest home alarms can be deactivated remotely

Security Affairs

APRIL 25, 2021

Someone can use this vulnerability to obtain sensitive information from the system, such as usernames and passwords. This information can then be used to reconfigure or disable the alarm system.” ” states the report published by Eye security. ” reads the description of the vulnerability.

Firmware

Firmware Passwords Authentication Wireless

Hikvision cameras could be remotely hacked due to critical flaw

Security Affairs

SEPTEMBER 22, 2021

The vulnerability is an unauthenticated Remote Code Execution (RCE) vulnerability in Hikvision IP camera/NVR firmware, it was discovered by a security researcher that goes online with the moniker “Watchful IP.”. No username or password needed nor any actions need to be initiated by the camera owner. ” wrote the expert.

Hacking

Hacking Firmware IoT Internet

T95 Android TV Box sold on Amazon hides sophisticated malware

Security Affairs

JANUARY 16, 2023

Milisic discovered pre-loaded malware into its firmware. The malicious code embedded in the firmware of the device acts like the Android CopyCat malware. Milisic was not able to test other devices from the same vendor or model to determine if their firmware was infected too. ” continues the expert.

Malware

Malware DNS Firmware Internet

A bug in ABB Totalflow flow computers exposed oil and gas companies to attack

Security Affairs

NOVEMBER 10, 2022

The industrial automation giant ABB addressed the flaw with the release of firmware updates on July 14, 2022. “We chose the simplest approach, reading /etc/shadow and using hashcat cracking the root account password (which turned out to be root:root). ” reads an advisory published by Claroty.

Firmware

Firmware Authentication Passwords Manufacturing

Security Affairs newsletter Round 439 by Pierluigi Paganini – International edition

Security Affairs

OCTOBER 1, 2023

ALPHV/BlackCat ransomware gang hacked the hotel chain Motel One FBI warns of dual ransomware attacks Progress Software fixed two critical severity flaws in WS_FTP Server Child abuse site taken down, organized child exploitation crime suspected – exclusive A still unpatched zero-day RCE impacts more than 3.5M

Artificial Intelligence

Artificial Intelligence Firmware Data breaches Hacking

Dovecat crypto-miner is targeting QNAP NAS devices

Security Affairs

JANUARY 21, 2021

Taiwanese vendor QNAP has published a security advisory to warn customers of a new piece of malware named Dovecat that is targeting NAS devices. The malware targets QNAP NAS devices exposed online that use weak passwords. ” reads the security advisory published by the vendor. Use stronger admin passwords.

Cryptocurrency

Cryptocurrency Firmware Malware Passwords

Avoslocker ransomware gang targets US critical infrastructure

Security Affairs

MARCH 19, 2022

Regularly back up data, password protect backup copies offline. Install updates/patch operating systems, software, and firmware as soon as updates/patches are released. Use strong passwords and regularly change passwords to network systems and accounts, implementing the shortest acceptable timeframe for password changes.

Ransomware

Ransomware DDOS Passwords Backups

FBI warns of ransomware attacks targeting the food and agriculture sector

Security Affairs

SEPTEMBER 3, 2021

The FBI provided the following mitigations to protect against ransomware attacks: Regularly back up data, air gap, and password protect backup copies offline. Install updates/patch operating systems, software, and firmware as soon as they are released. Avoid reusing passwords for multiple accounts.

Ransomware

Ransomware Passwords Backups Firmware

Practical coexistence attacks on billions of WiFi chips allow data theft and traffic manipulation

Security Affairs

DECEMBER 13, 2021

Boffins discovered bugs in WiFi chips that can be exploited to extract passwords and manipulate traffic by targeting a device’s Bluetooth component. Threat actors can execute code by exploiting an unpatched or new security issue over-the-air, or abusing the local OS firmware update mechanism. Pierluigi Paganini.

Wireless

Wireless Firmware Mobile Passwords

Expert found Backdoor credentials in ZyXEL LTE3301 M209

Security Affairs

DECEMBER 24, 2022

Unlike the D-Link analysis, the researchers has no physical access to the device and attempted to retrieve the password from the config. “The firmware is basically a merge of 3 sections, the LZMA section is the kernel, at 0x148CD6 the root-fs and at 0x90BD36 the www content.” A firmware fix has been released.

Firmware

Firmware Passwords Hacking Cybersecurity

Downfall Intel CPU side-channel attack exposes sensitive data

Security Affairs

AUGUST 9, 2023

Malware can carry out a Downfall attack to steal sensitive information like passwords, encryption keys, and private data such as banking details, personal emails, and messages. ” Intel informed customers that is releasing firmware updates to address the vulnerability.

Firmware

Firmware Encryption Software Banking

Experts uncovered hidden behavior in thousands of Android Apps

Security Affairs

APRIL 5, 2020

A group of security researchers has found thousands of Android apps containing hidden backdoors and blacklists. There are 7,584 apps with secret access keys, 501 apps that embed master passwords, and 6,013 apps with secret commands. Moreover, these security risks hold generally across all of our data sources.

Mobile

Mobile Passwords Advertising Firmware

Over 80,000 Hikvision cameras can be easily hacked

Security Affairs

AUGUST 23, 2022

The vulnerability is an unauthenticated Remote Code Execution (RCE) vulnerability in Hikvision IP camera/NVR firmware, it was discovered by a security researcher that goes online with the moniker “Watchful IP.”. No username or password needed nor any actions need to be initiated by the camera owner. wrote the expert. “.

Hacking

Hacking Firmware Internet Internet

Multiple flaws in CODESYS V3 SDK could lead to RCE or DoS?

Security Affairs

AUGUST 13, 2023

Check with the device manufacturers for available patches and update the device firmware to version to 3.5.19.0 Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, OT) The post Multiple flaws in CODESYS V3 SDK could lead to RCE or DoS appeared first on Security Affairs.

Authentication

Authentication Firmware Hacking Passwords

Attackers are actively targeting critical RCE bug in SonicWall Secure Mobile Access

Security Affairs

JANUARY 25, 2022

This vulnerability affected SMA 200, 210, 400, 410 and 500v appliances firmware 10.2.0.8-37sv, The news of the exploitation of the issue in the wild was confirmed by the security firm NCC Group. Experts also warned of some password spraying attacks attempting to compromise devices using default passwords. 37sv, 10.2.1.1-19sv,

Mobile

Mobile Passwords Firmware Firewall

Unauthenticated RCE can allow hacking DrayTek Vigor routers without user interaction

Security Affairs

AUGUST 4, 2022

All the affected models have a patched firmware available for download on the vendor’s website.” An attacker can trigger the flaw by supplying carefully crafted username and/or password as base64 encoded strings inside the fields aa and ab of the login page.

Hacking

Hacking Internet Internet Passwords

WAGO Industrial Switches affected by multiple flaws

Security Affairs

JUNE 13, 2019

The company has already fixed the issues with the release of firmware versions 1.2.2.S0, “The industrial managed switch series 852 from WAGO is affected by multiple vulnerabilities such as old software components embedded in the firmware. ” reads the security advisory. ” reads the security advisory.

Firmware

Firmware Passwords Advertising IoT

PwnedPiper flaws in PTS systems affect 80% of major US hospitals

Security Affairs

AUGUST 2, 2021

An attacker could also push an insecure firmware upgrade to fully compromise the devices. .” The flaws include privilege escalation, memory corruption, remote-code execution, and denial-of-service issues. Swisslog has released Nexus Control Panel version 7.2.5.7 that addresses most of the above vulnerabilities.

Healthcare

Healthcare Firmware Manufacturing Ransomware

Expert found multiple critical issues in MoFi routers

Security Affairs

SEPTEMBER 8, 2020

“The authentication function contains undocumented code which provides the ability to authenticate as root without having to know the actual root password. An adversary with the private key can remotely reboot the device without having to know the root password. ” reads the advisory published by the expert.

Firmware

Firmware Wireless Authentication Advertising

Security Affairs newsletter Round 420 by Pierluigi Paganini – International edition

Security Affairs

MAY 21, 2023

X Master Password Dumper (CVE-2023-32784) Malware RapperBot DDoS Botnet Expands into Cryptojacking Newly identified RA Group compromises companies in U.S. X Master Password Dumper (CVE-2023-32784) Malware RapperBot DDoS Botnet Expands into Cryptojacking Newly identified RA Group compromises companies in U.S.

Data breaches

Data breaches Cybercrime Ransomware Passwords

An educational robot security research

SecureList

FEBRUARY 27, 2024

However, we decided not to update the toy immediately in order to explore what could be extracted from the older firmware version. This was the first security-related issue we discovered. This was the first security-related issue we discovered. In fact, a valid token is returned even if we provide incorrect credentials.

Education

Education Manufacturing Firmware Internet

Western Digital customers have to update their My Cloud devices to latest firmware version

Tainted password-cracking software for industrial systems used to spread P2P Sality bot

Trending Sources

Expert found a secret backdoor in Zyxel firewall and VPN

Experts warn of backdoor-like behavior within Gigabyte systems

SonicWall warns of ‘imminent ransomware’ attacks on its EOL products

D-Link issues beta hotfix for multiple flaws in DIR-3040 routers

TP-Link Archer routers allow remote takeover without passwords

Recently disclosed CVE-2020-29583 Zyxel flaw already under opportunistic attack

Netgear addresses severe security flaws in 20 of its products

ASUS addressed critical flaws in some router models

DRAGONBLOOD flaws allow hacking WPA3 protected WiFi passwords

Over 600k GPS trackers left exposed online with a default password of ‘123456’

Expert discloses details and PoC code for Netgear Seventh Inferno bug

Expert found Backdoor credentials in ZyXEL LTE3301 M209

Experts warn of critical flaws in Flexlan devices that provide WiFi on airplanes

3.5m IP cameras exposed, with US in the lead

Multiple flaws in Netgear Nighthawk R6700v3 router are still unpatched

Hundreds of vulnerabilities in common Wi-Fi routers affect millions of users

Ukrainian Blackjack group used ICS malware Fuxnet against Russian targets

Netgear Routers impacted by FunJSQ Game Acceleration Module flaw

Be aware of exposure of sensitive data on Wi-Fi settings for Canon inkjet printers

Experts share details of five flaws that can be chained to hack Netgear RAX30 Routers

Experts found multiple flaws in AudioCodes desk phones and Zoom’s Zero Touch Provisioning (ZTP)

10,000+ unpatched ABUS Secvest home alarms can be deactivated remotely

Hikvision cameras could be remotely hacked due to critical flaw

T95 Android TV Box sold on Amazon hides sophisticated malware

A bug in ABB Totalflow flow computers exposed oil and gas companies to attack

Security Affairs newsletter Round 439 by Pierluigi Paganini – International edition

Dovecat crypto-miner is targeting QNAP NAS devices

Avoslocker ransomware gang targets US critical infrastructure

FBI warns of ransomware attacks targeting the food and agriculture sector

Practical coexistence attacks on billions of WiFi chips allow data theft and traffic manipulation

Expert found Backdoor credentials in ZyXEL LTE3301 M209

Downfall Intel CPU side-channel attack exposes sensitive data

Experts uncovered hidden behavior in thousands of Android Apps

Over 80,000 Hikvision cameras can be easily hacked

Multiple flaws in CODESYS V3 SDK could lead to RCE or DoS?

Attackers are actively targeting critical RCE bug in SonicWall Secure Mobile Access

Unauthenticated RCE can allow hacking DrayTek Vigor routers without user interaction

WAGO Industrial Switches affected by multiple flaws

PwnedPiper flaws in PTS systems affect 80% of major US hospitals

Expert found multiple critical issues in MoFi routers

Security Affairs newsletter Round 420 by Pierluigi Paganini – International edition

An educational robot security research

Stay Connected