Firmware, Internet and Telecommunications

Secret Backdoors Found in German-made Auerswald VoIP System

The Hacker News

DECEMBER 21, 2021

Multiple backdoors have been discovered during a penetration test in the firmware of a widely used voice over Internet Protocol (VoIP) appliance from Auerswald, a German telecommunications hardware manufacturer, that could be abused to gain full administrative access to the devices.

Penetration Testing

Penetration Testing Firmware Telecommunications Manufacturing

3.5m IP cameras exposed, with US in the lead

Security Affairs

DECEMBER 14, 2022

The number of internet-facing cameras in the world is growing exponentially. Businesses and homeowners increasingly rely on internet protocol (IP) cameras for surveillance. New research by Cybernews shows an exponential rise in the uptake of internet-facing cameras. Surge in internet-facing cameras. Most insecure brands.

Surveillance

Surveillance Manufacturing Passwords Internet

Massive Surge in DDoS Attacks Reported in First Quarter of 2023

CyberSecurity Insiders

APRIL 12, 2023

The report stems from a detailed analysis of attacks targeting StormWall’s clientele, which spans various sectors such as finance, e-commerce, telecommunications, entertainment, transportation, education, and logistics. Telecommunications continued to be a popular target, enduring 16% of attacks and a 47% YoY increase.

DDOS

DDOS Telecommunications Data breaches DNS

Maze ransomware operators claim to have breached LG Electronics

Security Affairs

JUNE 25, 2020

Just after the WorldNet Telecommunications, the LG electronics fall as a victim of the Maze ransomware operators.” “One of the screenshots seems to consist of LG Electronics official firmware or software update releases that assist their hardware products to work more efficiently.” ” continues Cyble.

Computers and Electronics

Computers and Electronics Ransomware Mobile Telecommunications

What is a Managed Security Service Provider? MSSPs Explained

eSecurity Planet

AUGUST 22, 2023

Expanding attack surfaces require additional skills to secure, maintain, and monitor an ever-expanding environment of assets such as mobile, cloud, and the internet of things (IoT). and installed software (operating systems, applications, firmware, etc.). assets (endpoints, servers, IoT, routers, etc.), Outsourcing U.S.

Telecommunications

Telecommunications Firewall Penetration Testing Cybersecurity

Spotlight: CTIA’s IoT Cybersecurity Certification is a Big Deal. Here’s why.

The Security Ledger

MARCH 13, 2019

» Related Stories Podcast Episode 129: Repair Eye on the CES Guy and Sensor Insecurity EU calls for End to Default Passwords on Internet of Things Podcast Episode 134: The Deep Fake Threat to Authentication and analyzing the PEAR Compromise. NIST Floats Internet of Things Cybersecurity Standards. Here’s why.

IoT

IoT Cybersecurity Internet Internet

For nearly a year, Brazilian users have been targeted with router attacks

Security Affairs

JULY 13, 2019

“The password “gvt12345”, for example, suggests that hackers target users with routers from the former Brazilian internet service provider (ISP) GVT, which was acquired by Teleônica Brasil, and is the largest telecommunications company in the country.” ” states the analysis published by Avast. concludes Avast.

DNS

DNS Passwords Advertising Banking

Nvidia, the ransomware breach with some plot twists

Malwarebytes

MARCH 3, 2022

The LAPSUS$ group is a relative newcomer to the ransomware scene, but it has made a name for itself by bringing down big targets like Impresa, the largest media conglomerate in Portugal, Brazil’s Ministry of Health, and Brazilian telecommunications operator Claro. Hacked back?

Ransomware

Ransomware Password Management Passwords Hacking

Episode 167: Made in America? Trade Tensions highlight Supply Chain Risk

The Security Ledger

NOVEMBER 11, 2019

Terry is a former NSA employee who specializes in firmware security. Congress has been aggressive in calling out the Chinese threat to domestic businesses. To understand the threat that software and hardware from China poses to organizations here in the U.S. we invited Terry Dunlap of the firm ReFirm Labs back into the Security Ledger studio.

Risk

Risk Surveillance Firmware Technology

Sunburst: connecting the dots in the DNS requests

SecureList

DECEMBER 18, 2020

For instance, before making the first internet connection to its C2s, the Sunburst malware lies dormant for a long period, of up to two weeks, which prevents an easy detection of this behavior in sandboxes. Low-level details. The sample we’ll be analyzing is 2c4a910a1299cdae2a4e55988a2f102e. domain name part(0x683D2C991E01711D)=ov.

DNS

DNS Telecommunications Malware Encryption

Maybe don’t call Saul? Over 30,000 VoIP devices identifiable worldwide, some with suspected vulnerabilities

Security Affairs

MAY 12, 2021

As with many inventions of the 20th century, the internet has drastically changed using the phone. Once a vital necessity in every building, PBX boxes are driven towards extinction by devices supporting Voice over Internet Protocol (VoIP). However, as with everything connected to the internet, beware of vulnerabilities.

Manufacturing

Manufacturing Internet Internet Firmware

Reassessing cyberwarfare. Lessons learned in 2022

SecureList

DECEMBER 14, 2022

According to the same article, another such attack took place in the late 1990s when the American military attacked a Serbian telecommunications network. The Viasat “cyberevent” On the 24 th of February , Europeans who relied on the ViaSat-owned “ KA-SAT ” satellite faced major Internet access disruptions.

DDOS

DDOS Ransomware Government Energy and Utilities

DDoS attacks in Q4 2020

SecureList

FEBRUARY 16, 2021

After the attacks came to light, the manufacturer promptly released a firmware update for configuring verification of incoming requests. In October, telecommunications firm Telenor Norway was another to fall victim. Consequently, the victims received reply packets several times larger in size.

DDOS

DDOS Cryptocurrency Marketing Internet

DDoS attacks in Q1 2021

SecureList

MAY 10, 2021

Vulnerable devices were either misconfigured or missing the latest firmware version with the required settings. Maltese Internet service provider Melita was also hit by ransomware: a showcase DDoS attack disrupted services. In particular, DDoS ransomware continued to attack organizations worldwide at the start of the year.

DDOS

DDOS Cryptocurrency Media Marketing

Advanced threat predictions for 2023

SecureList

NOVEMBER 14, 2022

From a different angle, reporting from The Intercept revealed mobile surveillance capabilities available to Iran for the purposes of domestic investigations that leverage direct access to (and cooperation of) local telecommunication companies. The first one, in January, was MoonBounce ; the other was CosmicStrand in July 2022.

Firmware

Firmware Surveillance Mobile Telecommunications

Cyber Security Informer

Secret Backdoors Found in German-made Auerswald VoIP System

3.5m IP cameras exposed, with US in the lead

Trending Sources

Massive Surge in DDoS Attacks Reported in First Quarter of 2023

Maze ransomware operators claim to have breached LG Electronics

What is a Managed Security Service Provider? MSSPs Explained

Spotlight: CTIA’s IoT Cybersecurity Certification is a Big Deal. Here’s why.

For nearly a year, Brazilian users have been targeted with router attacks

Nvidia, the ransomware breach with some plot twists

Episode 167: Made in America? Trade Tensions highlight Supply Chain Risk

Sunburst: connecting the dots in the DNS requests

Maybe don’t call Saul? Over 30,000 VoIP devices identifiable worldwide, some with suspected vulnerabilities

Reassessing cyberwarfare. Lessons learned in 2022

DDoS attacks in Q4 2020

DDoS attacks in Q1 2021

Advanced threat predictions for 2023

Stay Connected