Firmware, Information and Internet - Cyber Security Informer

MyBook Users Urged to Unplug Devices from Internet

Krebs on Security

JUNE 25, 2021

Hard drive giant Western Digital is urging users of its MyBook Live brand of network storage drives to disconnect them from the Internet, warning that malicious hackers are remotely wiping the drives using a critical flaw that can be triggered by anyone who knows the Internet address of an affected device.

Internet

Internet Internet Backups Small Business

Sophos backports fix for CVE-2022-3236 for EOL firewall firmware versions due to ongoing attacks

Security Affairs

DECEMBER 13, 2023

Sophos backports the patch for CVE-2022-3236 for end-of-life (EOL) firewall firmware versions due to ongoing attacks exploiting the issue. No action is required if organizations have upgraded their firewalls to a supported firmware version after September 2022. All the vulnerable devices are running end-of-life (EOL) firmware.

Firmware

Firmware Firewall Internet Internet

CosmicStrand: the discovery of a sophisticated UEFI firmware rootkit

SecureList

JULY 25, 2022

One of the main draws towards malware nested in such low levels of the operating system is that it is extremely difficult to detect and, in the case of firmware rootkits, will ensure a computer remains in an infected state even if the operating system is reinstalled or the user replaces the machine’s hard drive entirely.

Firmware

Firmware DNS Malware Technology

QNAP urges users to update NAS firmware and app to prevent infections

Security Affairs

SEPTEMBER 29, 2020

While the AgeLocker ransomware continues to target QNAP NAS systems, the Taiwanese vendor urges customers to update the firmware and apps. Taiwanese vendor QNAP is urging its customers to update the firmware and apps installed on their network-attached storage (NAS) devices to prevent AgeLocker ransomware infections.

Firmware

Firmware Encryption Ransomware Advertising

Western Digital customers have to update their My Cloud devices to latest firmware version

Security Affairs

DECEMBER 18, 2021

My Cloud OS firmware is reaching the end of support, Western Digital customers have to update their WD My Cloud devices to the latest version. Devices on these older firmware versions will not receive security fixes or technical support.” Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini.

Firmware

Firmware Architecture Internet Internet

Security Podcasting, Hacking Stories, and The State of Firmware Security with Paul Asadoorian

Security Boulevard

JUNE 25, 2023

Paul also shares with us some of his greatest hacking stories and don’t miss our lively […] The post Security Podcasting, Hacking Stories, and The State of Firmware Security with Paul Asadoorian appeared first on Shared Security Podcast.

Firmware

Firmware Hacking Internet Internet

Over 30k Internet-Exposed QNAP NAS hosts impacted by CVE-2022-27596 flaw

Security Affairs

FEBRUARY 1, 2023

Censys found 30,000 internet-facing QNAP appliances potentially impacted by a recently disclosed critical code injection flaw. On January 30, Taiwanese vendor QNAP released QTS and QuTS firmware updates to address a critical vulnerability, tracked as CVE-2022-27596 (CVSS v3 score: 9.8), that affects QNAP NAS devices. Censys concludes.

Internet

Internet Internet Firmware IoT

QNAP firmware updates fix Apache HTTP vulnerabilities in its NAS

Security Affairs

APRIL 22, 2022

Taiwanese vendor QNAP warns users to update their NAS Firmware to fix Apache HTTP flaws addressed in the Apache HTTP server last month. Taiwanese vendor QNAP warns users to update their NAS Firmware to address Apache HTTP vulnerabilities, tracked as CVE-2022-22721 and CVE-2022-23943 , addressed in the Apache HTTP server in March.

Firmware

Firmware Hacking Cybersecurity Internet

Using EM Waves to Detect Malware

Schneier on Security

JANUARY 14, 2022

” Abstract : The Internet of Things (IoT) is constituted of devices that are exponentially growing in number and in complexity. They use numerous customized firmware and hardware, without taking into consideration security issues, which make them a target for cybercriminals, especially malware authors.

Malware

Malware IoT Firmware Internet

Over 178,000 SonicWall next-generation firewalls (NGFW) online exposed to hack

Security Affairs

JANUARY 15, 2024

Researchers from Bishop Fox used BinaryEdge source data to find SonicWall firewalls with management interfaces exposed to the internet. The experts found that 76% (178,637 of 233,984) of the Internet-facing firewalls are vulnerable to one or both issues. ” concludes the report.

Firewall

Firewall Hacking Firmware Internet

Another 0-Day Looms for Many Western Digital Users

Krebs on Security

JULY 2, 2021

That update effectively nullified their chances at competing in Pwn2Own, which requires exploits to work against the latest firmware or software supported by the targeted device. A statement published on its support site March 12, 2021 says the company will no longer provide further security updates to the MyCloud OS 3 firmware.

Firmware

Firmware Passwords Internet Internet

D-Link issues beta hotfix for multiple flaws in DIR-3040 routers

Security Affairs

JULY 17, 2021

Network equipment vendor D-Link has released a firmware hotfix to fix multiple vulnerabilities in the DIR-3040 AC3000-based wireless internet router. Network equipment vendor D-Link has released a firmware hotfix to address multiple vulnerabilities affecting the DIR-3040 AC3000-based wireless internet router.

Firmware

Firmware Wireless Passwords Internet

Internet safety tips for kids and teens: A comprehensive guide for the modern parent

Malwarebytes

SEPTEMBER 21, 2021

Today’s generation of kids and teens consider their devices and the Internet as extensions of their lives. So without further ado, let’s dive into what we should be teaching our kids about Internet safety and what we can do to enforce these teachings. 7 Internet safety tips. Update your child’s device’s firmware.

Internet

Internet Internet Passwords Password Management

InfectedSlurs botnet targets QNAP VioStor NVR vulnerability

Security Affairs

DECEMBER 17, 2023

that impacted several routers, including Future X Communications (FXC) AE1021 and AE1021PE wall routers, running firmware versions 2.0.9 The Akamai SIRT this week published an additional update after one of the affected vendors, QNAP, released advisory information and guidance. and earlier. and earlier (5.0.0 released June 21, 2014).

Firmware

Firmware Wireless DDOS IoT

Ubiquiti: Change Your Password, Enable 2FA

Krebs on Security

JANUARY 11, 2021

Ubiquiti , a major vendor of cloud-enabled Internet of Things (IoT) devices such as routers, network video recorders, security cameras and access control systems, is urging customers to change their passwords and enable multi-factor authentication. In an email sent to customers today, Ubiquiti Inc.

Passwords

Passwords Authentication Firmware Accountability

Ransomware attack on MSI led to compromised Intel Boot Guard private keys

Malwarebytes

MAY 8, 2023

On April 7, 2023 MSI (Micro-Star International) released a statement confirming a cyberattack on part of its information systems. The Money Message gang claimed to have stolen 1.5TB of data during the attack, including firmware, source code, and databases. Among them are household names like Lenovo and HP. Prevent intrusions.

Firmware

Firmware Ransomware Backups Malware

Ukrainian Blackjack group used ICS malware Fuxnet against Russian targets

Security Affairs

APRIL 15, 2024

The Blackjack group is believed to be affiliated with Ukrainian intelligence services that carried out other attacks against Russian targets, including an internet provider and a military infrastructure. 87,000 sensors and controls have been disabled (including Airports, subways, gas-pipelines,). YouTube Video 1 , YouTube Video 2 ).

Malware

Malware Firmware IoT Hacking

Thousands of Hikvision video cameras remain unpatched and vulnerable to takeover

Malwarebytes

AUGUST 23, 2022

The flaw is tracked as CVE-2021-36260 and was addressed by Hikvision via a firmware update in September 2021. Given the amount of available information, it is trivial even for a “copy and paste criminal,” to make use of the unpatched cameras. The critical bug received a 9.8 The critical bug received a 9.8

Firmware

Firmware VPN Internet Internet

Hikvision cameras could be remotely hacked due to critical flaw

Security Affairs

SEPTEMBER 22, 2021

The vulnerability is an unauthenticated Remote Code Execution (RCE) vulnerability in Hikvision IP camera/NVR firmware, it was discovered by a security researcher that goes online with the moniker “Watchful IP.”. The expert pointed out that every firmware developed since 2016 has been tested and found to be vulnerable.

Hacking

Hacking Firmware IoT Internet

Who and What is Behind the Malware Proxy Service SocksEscort?

Krebs on Security

JULY 25, 2023

Researchers this month uncovered a two-year-old Linux-based remote access trojan dubbed AVrecon that enslaves Internet routers into botnet that bilks online advertisers and performs password-spraying attacks. SocksEscort[.]com com , is what’s known as a “SOCKS Proxy” service.

Malware

Malware VPN Internet Internet

Widespread exploitation by botnet operators of Zyxel firewall flaw

Security Affairs

JUNE 1, 2023

“Improper error message handling in Zyxel ZyWALL/USG series firmware versions 4.60 through 4.73, VPN series firmware versions 4.60 through 5.35, USG FLEX series firmware versions 4.60 through 5.35, and ATP series firmware versions 4.60 ” reads the advisory published by NIST.

Firewall

Firewall Firmware VPN DDOS

NETGEAR fixes a severe bug in its routers. Patch it asap!

Security Affairs

DECEMBER 30, 2022

The vendor only said that the flaw is a pre-authentication buffer overflow vulnerability and urged customers to address the firmware of their devices as soon as possible. “NETGEAR strongly recommends that you download the latest firmware as soon as possible.” RAX35 fixed in firmware version 1.0.2.60. Click Downloads.

Firmware

Firmware Wireless Authentication Hacking

Vulnerabilities in the iBoot Power Distribution Unit Let Hackers Remotely Shut Down Devices

Hacker Combat

SEPTEMBER 22, 2022

More than 2,000 PDUs were directly exposed to the internet in 2021, and roughly a third of those were iBoot PDUs, according to a Censys research. The problems include server-side request forgery, path traversal, sensitive information disclosure, inappropriate access control, and faulty and erroneous authorisation (SSRF).

Firmware

Firmware Firewall Manufacturing Internet

Patch now! Insecure Hikvision security cameras can be taken over remotely

Malwarebytes

SEPTEMBER 22, 2021

In a detailed post on Github , security researcher Watchful_IP describes how he found that the majority of the recent camera product ranges of Hikvision cameras are susceptible to a critical, unauthenticated, remote code execution (RCE) vulnerability, even with the latest firmware. Hangzhou Hikvision Digital Technology Co.,

Firmware

Firmware Surveillance Marketing VPN

IoT Unravelled Part 3: Security

Troy Hunt

NOVEMBER 25, 2020

I also looked at custom firmware and soldering and why, to my mind, that was a path I didn't need to go down at this time. Back to the bit about risks impacting data collected by IoT devices and back again to CloudPets, Context Security's piece aligned with my own story about kids' CloudPets messages being left exposed to the internet.

IoT

IoT Firmware Risk Manufacturing

A new wave of DeadBolt Ransomware attacks hit QNAP NAS devices ?

Security Affairs

MARCH 22, 2022

Internet search engine Censys reported a new wave of DeadBolt ransomware attacks targeting QNAP NAS devices. Internet search engine Censys reported that QNAP devices were targeted in a new wave of DeadBolt ransomware attacks. If every victim had paid the ransom, this attack would have netted the hackers about $4,484,700.”

Ransomware

Ransomware Firmware Internet Internet

Experts found 15 flaws in Netgear JGS516PE switch, including a critical RCE

Security Affairs

MARCH 14, 2021

Netgear has released security and firmware updates for its JGS516PE Ethernet switch to address 15 vulnerabilities, including a critica remote code execution issue. “The switch internal management web application in firmware versions prior to 2.6.0.43 02 Dec 2020 – Netgear released the new firmware v2.6.0.48

Firmware

Firmware Authentication Hacking Software

Experts share details of five flaws that can be chained to hack Netgear RAX30 Routers

Security Affairs

MAY 11, 2023

“Successful exploits could allow attackers to monitor users’ internet activity, highjack internet connections and redirect traffic to malicious websites or inject malware into network traffic. “NETGEAR strongly recommends that you download the latest firmware as soon as possible.”

Hacking

Hacking Firmware Authentication DNS

Multiple DDoS botnets were observed targeting Zyxel devices

Security Affairs

JULY 22, 2023

The cause of the vulnerability is the improper error message handling in Zyxel ZyWALL/USG series firmware versions 4.60 through 4.73, VPN series firmware versions 4.60 through 5.35, USG FLEX series firmware versions 4.60 through 5.35, and ATP series firmware versions 4.60 through 5.35. reads the alert published by Rapid7.

DDOS

DDOS Firmware VPN Firewall

Over 80,000 Hikvision cameras can be easily hacked

Security Affairs

AUGUST 23, 2022

The vulnerability is an unauthenticated Remote Code Execution (RCE) vulnerability in Hikvision IP camera/NVR firmware, it was discovered by a security researcher that goes online with the moniker “Watchful IP.”. The expert confirmed that every firmware developed since 2016 has been tested and found to be vulnerable.

Hacking

Hacking Firmware Internet Internet

The High-Stakes Game of Ensuring IoMT Device Security

SecureWorld News

FEBRUARY 17, 2024

Being constantly connected to the internet, they are either protected by basic passwords or, in some cases, have no password protection at all. Challenges in securing IoMT devices The Internet of Medical Things (IoMT) is essentially a subset of the wider Internet of Things (IoT) concept.

Healthcare

Healthcare Manufacturing Internet Internet

3.5m IP cameras exposed, with US in the lead

Security Affairs

DECEMBER 14, 2022

The number of internet-facing cameras in the world is growing exponentially. Businesses and homeowners increasingly rely on internet protocol (IP) cameras for surveillance. New research by Cybernews shows an exponential rise in the uptake of internet-facing cameras. Surge in internet-facing cameras.

Surveillance

Surveillance Manufacturing Passwords Internet

Expert found a secret backdoor in Zyxel firewall and VPN

Security Affairs

JANUARY 1, 2021

Zyxel addressed a critical flaw in its firmware, tracked as CVE-2020-29583 , related to the presence of a hardcoded undocumented secret account. The Taiwanese vendor Zyxel has addressed a critical vulnerability in its firmware related to the presence of a hardcoded undocumented secret account. “Firmware version 4.60

Firewall

Firewall VPN Firmware Passwords

Building a foundation of trust for the Internet of Things

Thales Cloud Protection & Licensing

DECEMBER 13, 2018

Invariably, Internet of Things (IoT) strategies form the backbone of those efforts. Firmware signing is also key to ensuring that devices can verify the authenticity and integrity of updates and security patches that eliminate discovered vulnerabilities. The goal is then to analyse it and take impactful action.

Internet

Internet Internet IoT Manufacturing

BotenaGo botnet targets millions of IoT devices using 33 exploits

Security Affairs

NOVEMBER 11, 2021

Ax with firmware 1.04b12 and earlier CVE-2016-1555 Netgear WN604 before 3.3.3 CVE-2017-6077 NETGEAR DGN2200 devices with firmware through 10.0.0.50 CVE-2020-9054 Multiple ZyXEL network-attached storage (NAS) devices running firmware version 5.2, Affected products include: NAS326 before firmware V5.21(AAZF.7)C0 A2pvI042j1.d26m

IoT

IoT Firmware Malware Wireless

ASUS addressed critical flaws in some router models

Security Affairs

JUNE 19, 2023

ASUS addressed critical vulnerabilities in multiple router models, urging customers to immediately install firmware updates. ASUS is warning customers to update some router models to the latest firmware to address critical vulnerabilities. “Update your router to the latest firmware.

Firmware

Firmware VPN Wireless Passwords

STEPS FORWARD: Regulators are on the move to set much needed IoT security rules of the road

The Last Watchdog

SEPTEMBER 5, 2023

New government rules coupled with industry standards meant to give formal shape to the Internet of Things (IoT) are rapidly quickening around the globe. The Mirai botnet, initially discovered in October 2016 , infected Internet-connected routers, cameras and digital video recorders at scale. I’ll keep watch and keep reporting.

IoT

IoT Government Internet Internet

T95 Android TV Box sold on Amazon hides sophisticated malware

Security Affairs

JANUARY 16, 2023

Milisic discovered pre-loaded malware into its firmware. Milisic purchased the T95 Android TV box to run Pi-hole , which is a Linux network-level advertisement and Internet tracker blocking application. The malicious code embedded in the firmware of the device acts like the Android CopyCat malware. ” Milisic concludes.

Malware

Malware Firmware DNS Internet

335,923 out of 489,337 Fortinet firewalls vulnerable to CVE-2023-27997

Security Affairs

JULY 3, 2023

Researchers reported that there are 490,000 Fortinet firewalls exposing SSL VPN interfaces on the internet, and roughly 69% of them are still vulnerable to CVE-2023-27997. For this reason, if the customer has SSL-VPN enabled, Fortinet is advising customers to take immediate action to upgrade to the most recent firmware release.

Firewall

Firewall VPN Firmware Internet

Recent Tesla Hacks Highlight Importance of Protecting Connected Devices

eSecurity Planet

FEBRUARY 2, 2024

Within the last couple of months, smart device vulnerabilities have been piling up, prompting businesses to protect their Internet of Things (IoT) environments. While Teslas aren’t the typical business IoT device, their connection to the internet makes them a cyber threat as much as your business’s other IoT technology.

Hacking

Hacking IoT Firmware Cybersecurity

A daily average of 80,000 printers exposed online via IPP

Security Affairs

JUNE 23, 2020

It’s not a mystery, a printer left exposed online without proper security could open the doors to hackers, now researchers from Shadowserver Foundation have discovered tens of thousands of printers that are exposed online that are leaking information. and printers (or print servers). ” continues the report.

Internet

Internet Internet Firmware Advertising

10,000+ unpatched ABUS Secvest home alarms can be deactivated remotely

Security Affairs

APRIL 25, 2021

Someone can use this vulnerability to obtain sensitive information from the system, such as usernames and passwords. This information can then be used to reconfigure or disable the alarm system.” “Based on this information, we did a quick investigation to see how popular the system is.

Firmware

Firmware Passwords Authentication Wireless

Expert discloses details and PoC code for Netgear Seventh Inferno bug

Security Affairs

SEPTEMBER 18, 2021

NETGEAR urge its customers using the following products to download the latest firmware: GC108P fixed in firmware version 1.0.8.2 GC108PP fixed in firmware version 1.0.8.2 GS108Tv3 fixed in firmware version 7.0.7.2 GS110TPP fixed in firmware version 7.0.7.2 GS110TPv3 fixed in firmware version 7.0.7.2

Firmware

Firmware Engineering Passwords Hacking

TLStorm flaws allow to remotely manipulate the power of millions of enterprise UPS devices

Security Affairs

MARCH 9, 2022

Two of the TLStorm vulnerabilities reside in the TLS implementation used by Cloud-connected Smart-UPS devices, while the third one is a design flaw in the firmware upgrade process of Smart-UPS devices. The researchers discovered that the firmware upgrades are not properly signed and validated. ” continues Armis.

Firmware

Firmware IoT Authentication Backups

MyBook Users Urged to Unplug Devices from Internet

Sophos backports fix for CVE-2022-3236 for EOL firewall firmware versions due to ongoing attacks

Trending Sources

CosmicStrand: the discovery of a sophisticated UEFI firmware rootkit

QNAP urges users to update NAS firmware and app to prevent infections

Western Digital customers have to update their My Cloud devices to latest firmware version

Security Podcasting, Hacking Stories, and The State of Firmware Security with Paul Asadoorian

Over 30k Internet-Exposed QNAP NAS hosts impacted by CVE-2022-27596 flaw

QNAP firmware updates fix Apache HTTP vulnerabilities in its NAS

Using EM Waves to Detect Malware

Over 178,000 SonicWall next-generation firewalls (NGFW) online exposed to hack

Another 0-Day Looms for Many Western Digital Users

D-Link issues beta hotfix for multiple flaws in DIR-3040 routers

Internet safety tips for kids and teens: A comprehensive guide for the modern parent

InfectedSlurs botnet targets QNAP VioStor NVR vulnerability

Ubiquiti: Change Your Password, Enable 2FA

Ransomware attack on MSI led to compromised Intel Boot Guard private keys

Ukrainian Blackjack group used ICS malware Fuxnet against Russian targets

Thousands of Hikvision video cameras remain unpatched and vulnerable to takeover

Hikvision cameras could be remotely hacked due to critical flaw

Who and What is Behind the Malware Proxy Service SocksEscort?

Widespread exploitation by botnet operators of Zyxel firewall flaw

NETGEAR fixes a severe bug in its routers. Patch it asap!

Vulnerabilities in the iBoot Power Distribution Unit Let Hackers Remotely Shut Down Devices

Patch now! Insecure Hikvision security cameras can be taken over remotely

IoT Unravelled Part 3: Security

A new wave of DeadBolt Ransomware attacks hit QNAP NAS devices ?

Experts found 15 flaws in Netgear JGS516PE switch, including a critical RCE

Experts share details of five flaws that can be chained to hack Netgear RAX30 Routers

Multiple DDoS botnets were observed targeting Zyxel devices

Over 80,000 Hikvision cameras can be easily hacked

The High-Stakes Game of Ensuring IoMT Device Security

3.5m IP cameras exposed, with US in the lead

Expert found a secret backdoor in Zyxel firewall and VPN

Building a foundation of trust for the Internet of Things

BotenaGo botnet targets millions of IoT devices using 33 exploits

ASUS addressed critical flaws in some router models

STEPS FORWARD: Regulators are on the move to set much needed IoT security rules of the road

T95 Android TV Box sold on Amazon hides sophisticated malware

335,923 out of 489,337 Fortinet firewalls vulnerable to CVE-2023-27997

Recent Tesla Hacks Highlight Importance of Protecting Connected Devices

A daily average of 80,000 printers exposed online via IPP

10,000+ unpatched ABUS Secvest home alarms can be deactivated remotely

Expert discloses details and PoC code for Netgear Seventh Inferno bug

TLStorm flaws allow to remotely manipulate the power of millions of enterprise UPS devices

Stay Connected