Krebs on Security

JULY 25, 2023

Researchers this month uncovered a two-year-old Linux-based remote access trojan dubbed AVrecon that enslaves Internet routers into botnet that bilks online advertisers and performs password-spraying attacks. SocksEscort[.]com com , is what’s known as a “SOCKS Proxy” service. WHO’S BEHIND SOCKSESCORT?

Malware 200

Malware VPN Internet Internet 200

Security Affairs

SEPTEMBER 3, 2019

Researchers at firmware security firm Eclypsium discovered multiple vulnerabilities referred as USBAnywhere that could be exploited to potentially allow an attacker to take over the baseboard management controller (BMC) for three different models of Supermicro server boards: the X9, X10, and X11. ” continues the analysis.

Hacking 84

Hacking Firmware Media Authentication 84

eSecurity Planet

MARCH 21, 2022

By using a misconfigured Cisco Duo MFA implementation to force enrollment of a new device, the hackers were then able to use the “PrintNightmare” Windows Print Spooler vulnerability ( CVE-2021-34527 and CVE-2021-36958 ) to obtain administrator privileges. Require all accounts with password logins (e.g.,

VPN 116

VPN Accountability Authentication Passwords 116

eSecurity Planet

SEPTEMBER 11, 2023

Attackers target certain administrative API functions on these devices using specially crafted input. The fix: ASUS released firmware updates to address the vulnerabilities. Users are also urged to carefully inspect the default setups and passwords, especially while installing software. version of Superset.

VPN 112

VPN Firmware Authentication Phishing 112

SecureList

NOVEMBER 14, 2022

In both cases, we described new UEFI firmware bootkits that managed to propagate malicious components from the deepest layers of the machine up to Windows’ user-land. The reason is simple: they represent huge software stacks that must support many protocols and have to be internet-facing to operate properly. The next WannaCry.

Firmware 111

Firmware Surveillance Mobile Telecommunications 111