Security Affairs

JANUARY 19, 2025

The Planet WGS-804HPT industrial switch is used in building and home automation networks to provide connectivity of Internet of things (IoT) devices, IP surveillance cameras, and wireless LAN network applications. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,IOT)

Firmware 71

Firmware IoT Wireless Surveillance 71

Security Affairs

MAY 20, 2025

South Korean mobile network operator SK Telecom revealed that the security breach disclosed in April began in 2022. SK Telecom is South Koreas largest wireless telecom company, a major player in the countrys mobile and tech landscape.

Malware 108

Malware Mobile Data breaches Wireless 108

Security Affairs

NOVEMBER 26, 2021

Resecurity, a Los Angeles-based cybersecurity company has identified an active a zero-day vulnerability in the TP-Link device with model number TL-XVR1800L (Enterprise AX1800 Dual Band Gigabit Wi-Fi 6 Wireless VPN Router), which is primarily suited to enterprises.

IoT 145

IoT Wireless DDOS VPN 145

Security Affairs

FEBRUARY 6, 2020

based specification for a suite of high-level communication protocols used to create personal area networks with small, low-power digital radios, such as for home automation, medical device data collection, and other low-power low-bandwidth needs, designed for small scale projects which need wireless connection. ZigBee is an IEEE 802.15.4-based

Hacking 142

Hacking IoT Wireless Firmware 142

Security Affairs

FEBRUARY 6, 2021

Critical flaws in the Realtek RTL8195A Wi-Fi module could have been exploited to gain root access and take over devices’ wireless communications. The Realtek RTL8195AM is a highly integrated single-chip with a low-power-consumption mechanism ideal for IoT (Internet of Things) applications in multiple industries.

IoT 124

IoT Wireless Authentication Passwords 124

Security Affairs

AUGUST 24, 2021

On August 15, firmware security company IoT Inspector published details about the flaws. “On August 16th, three days ago, multiple vulnerabilities in a software SDK distributed as part of Realtek chipsets were disclosed by IoT Inspector Research Lab [1]. ” reported IoT Inspector.

IoT 135

IoT Firmware Internet Internet 135

Security Affairs

APRIL 22, 2025

SK Telecom is South Koreas largest wireless telecom company, a major player in the countrys mobile and tech landscape. The company offers cellular service, along with 5G development, AI services, IoT solutions, cloud computing, and smart city infrastructure.

Data breaches 90

Data breaches Risk Mobile Wireless 90

Security Affairs

OCTOBER 2, 2024

. “Compared to our research on OT, we found a smaller percentage of unpatched and end-of-life IT routers in DrayTek compared to OT routers (Sierra Wireless). Pierluigi Paganini Follow me on Twitter: @securityaffairs and Facebook and Mastodon ( SecurityAffairs – hacking, IoT)

Wireless 138

Wireless Manufacturing IoT Hacking 138

Security Affairs

OCTOBER 11, 2023

” The malicious payloads added to this variant target D-Link devices, Netis wireless router, Sunhillo SureLine, Geutebruck IP camera, Yealink Device Management, Zyxel devices, TP-Link Archer, Korenix Jetwave, and TOTOLINK routers. ” reads the analysis published by Fortinet.

DDOS 136

DDOS Wireless Architecture IoT 136

Security Affairs

JUNE 16, 2019

Operators behind the Echobot botnet added new exploits to infect IoT devices, and also enterprise apps Oracle WebLogic and VMware SD-Wan. The latest Echobot variant targets routers, network-attached storage devices (NAS), network video recorders (NVR), IP cameras, wireless presentation systems, and VoIP phones. Pierluigi Paganini.

IoT 110

IoT Advertising Malware Wireless 110

Security Affairs

FEBRUARY 26, 2020

The vulnerability could have a severe impact on the IT sector, the flawed chips are used in over a billion devices, including routers, smartphones, tablets, laptops, and IoT gadgets. “In a successful attack, this vulnerability allows an adversary to decrypt some wireless network packets transmitted by a vulnerable device.”

Encryption 113

Encryption Wireless Manufacturing Advertising 113

Security Affairs

DECEMBER 9, 2022

Researchers at industrial and IoT cybersecurity firm Claroty devised an attack technique for bypassing the web application firewalls (WAF) of several industry-leading vendors. The technique was discovered while conducting unrelated research on Cambium Networks’ wireless device management platform.

Firewall 144

Firewall Wireless IoT Hacking 144

Security Affairs

DECEMBER 17, 2023

A close look at the ongoing campaign revealed that the bot also targets wireless LAN routers built for hotels and residential applications. On December 6, The Akamai Security Intelligence Response Team (SIRT) published the first update to the InfectedSlurs advisory series. ” concludes the report.

Firmware 140

Firmware Wireless DDOS IoT 140

Security Affairs

DECEMBER 15, 2021

No No RCE CVE-2021-43899 Microsoft 4K Wireless Display Adapter Remote Code Execution Vulnerability Critical 9.8 No No RCE CVE-2021-42310 Microsoft Defender for IoT Remote Code Execution Vulnerability Critical 8.1 No No Spoofing CVE-2021-42312 Microsoft Defender for IOT Elevation of Privilege Vulnerability Important 7.8

IoT 124

IoT Mobile Media Encryption 124

Security Affairs

MAY 18, 2019

Security researcher Troy Mursch , Chief Research Officer of Bad Packets , discovered that over 20,000 Linksys wireless routers are leaking full historical records of every device ever connected to them. The devices continue to leak the information even when their firewall is turned on.

IoT 111

IoT Wireless Advertising DNS 111

Security Affairs

AUGUST 7, 2019

Most of the exploits allow the botnet to compromise unpatched IoT devices, but experts warn that enterprise apps Oracle WebLogic and VMware SD-Wan are also potential targets. The latest Echobot variant was spotted by security researcher Carlos Brendel Alcañiz, it includes 59 different RCE exploits to propagate. 264 VGA IP Camera M2.1.6

IoT 104

IoT Wireless Advertising Surveillance 104

Security Affairs

JUNE 15, 2020

5G networks use EPC as the core network for wireless communications, for this reason, the vulnerabilities discovered by the experts could affect 5G users too. “To make things better, operators need to look closely at the GTP protocol, ensure filtering at the GTP level, and deploy purpose-made security solutions.

Mobile 142

Mobile Internet Internet Advertising 142

The Security Ledger

MARCH 13, 2019

Forget about Congress's latest attempt to regulate IoT security. The post Spotlight: CTIA’s IoT Cybersecurity Certification is a Big Deal. Forget about Congress’s latest attempt to regulate IoT security. Federal Government to meet strict information security standards. Here’s why.

IoT 40

IoT Cybersecurity Internet Internet 40

Security Affairs

NOVEMBER 14, 2020

The FBI and NSA attribute the Drovorub malware to APT28 due to the reuse of the C2 infrastructure in different operations, including a past campaign targeting IoT devices in 2019. The affected products are ethernet and serial data radios that provide long-range wireless data communications for SCADA and remote telemetry applications.

Malware 135

Malware Wireless IoT Risk 135

Pen Test

OCTOBER 12, 2023

Its primary goal is to meticulously identify vulnerabilities inherent within wireless communication systems (Smith & Johnson, 2018). In contemporary times, with the exponential growth of the Internet of Things (IoT), smart homes, connected cars, and wearable devices, the importance of RF pentesting has soared significantly.

Penetration Testing 52

Penetration Testing Wireless IoT Technology 52

SecureList

FEBRUARY 1, 2022

Let’s see if there are any informational security issues with these wearables. The MQTT protocol is very convenient to use for devices that belong to the Internet of Things (IoT), and, therefore, it can be found not just in wearable devices but in almost any smart gadget. Vulnerabilities in the MQTT protocol.

Phishing 145

Phishing Healthcare IoT Authentication 145

Security Affairs

JULY 17, 2021

Network equipment vendor D-Link has released a firmware hotfix to fix multiple vulnerabilities in the DIR-3040 AC3000-based wireless internet router. Network equipment vendor D-Link has released a firmware hotfix to address multiple vulnerabilities affecting the DIR-3040 AC3000-based wireless internet router.

Firmware 131

Firmware Wireless Passwords Internet 131

Security Affairs

NOVEMBER 7, 2019

Bitdefender discovered a high-severity security flaw in Amazon’s Ring Video Doorbell Pro devices that could allow nearby attackers to steal WiFi password. Amazon’s Ring Video Doorbell is a smart wireless home security doorbell camera that allows users to use to remotely control their doorbell. Pierluigi Paganini.

Wireless 74

Wireless Passwords IoT Advertising 74

Thales Cloud Protection & Licensing

APRIL 29, 2021

From my own professional experiences of occupying roles in the implementation of security solutions within some of the world’s largest organizations, as well as once holding a government classified technology position, I thought it would be interesting to explore some of these ideas with a like-minded security professional.

Technology 104

Technology Wireless IoT Firewall 104

Security Affairs

DECEMBER 29, 2019

IoT vendor Wyze announced that one of its servers exposed the details of roughly 2.4 IoT vendor Wyze announced that details of roughly 2.4 The company produces inexpensive smart home products and wireless cameras. . million customers. million customers were accidentally exposed online.

IoT 96

IoT Accountability Advertising Wireless 96

Security Affairs

APRIL 23, 2021

Once inside and within a reasonable distance to the target endpoint, the Raspberry Pi’s wireless capability provides the attacker with remote access to the endpoint, all while sitting inside the vacuum. The Raspberry Pi, operating on the wireless USB interface, spoofs a legitimate HID through Physical Layer (L1) manipulation.

Hacking 127

Hacking Social Engineering Engineering Wireless 127

Security Affairs

APRIL 29, 2025

These flaws can be chained to fully hijack devices over wireless or peer-to-peer connections. Attackers can exploit the vulnerabilities to perform zero-/one-click RCE, bypass ACLs, read local files, steal data, and execute MITM or DoS attacks. The AirBorne vulnerabilities dont affect all Apple devices, but with 2.35

Wireless 119

Wireless Malware Firewall Ransomware 119

eSecurity Planet

MARCH 7, 2023

Known as black , white , and gray box pentests, these differ in how much information is provided to the pentester before running the simulated attacks. Limited tests can focus on narrower targets such as networks, Internet of Things (IoT) devices, physical security, cloud security, web applications, or other system components.

Penetration Testing 98

Penetration Testing Wireless Passwords Social Engineering 98

eSecurity Planet

APRIL 7, 2023

Network infrastructure (switches, routers, wireless access points, etc.) IoT (printers, IP phones, security cameras, etc.) Although the features beyond network access control and services can be valuable, they are beyond the scope of this review and will not be covered further here. OT (sensors, conveyor belt motors, pumps, etc.)

IoT 98

IoT Technology Energy and Utilities Wireless 98

Spinone

OCTOBER 10, 2019

Here you can find security-related news on many topics: Apps, IoT, Cloud, and much more. Hacking Vision Hacking Vision is a cybersecurity blog with a vision to bring a community of white hat security experts together to learn and gain knowledge. Krebs on Security One of the best cybersecurity blogs offering unique insights.

Cybersecurity 56

Cybersecurity IoT Antivirus Education 56

Security Boulevard

JUNE 2, 2025

The creator, Jason Blanchard of Black Hills Information Security , also hosts a weekly Twitch stream, Job Hunt Like a Hacker , which expands on these lessons with real-time advice and feedback. HackTricks Training is a relatively new but solid starting point for offensive cloud security training.

Penetration Testing 52

Penetration Testing Engineering Wireless Cybersecurity 52

Security Affairs

JUNE 19, 2023

The vendor also recommends creating distinct, strong passwords for the wireless network and router administration pages. These services include remote access from WAN, port forwarding, DDNS, VPN server, DMZ, port trigger.

Firmware 98

Firmware VPN Wireless Passwords 98

SecureWorld News

JANUARY 28, 2021

And not only work-from-home (WFH) employees have been affected, but also those mobile workers and all the contracted workers and supply chain workers who have largely been going under the radar of CISOs and information security departments for the past two to three decades. Believe that you have no AI use to worry about?

IoT 65

IoT Phishing Mobile Information Security 65

Security Affairs

APRIL 25, 2021

Researchers from Eye Security have found thousands of unpatched ABUS Secvest home alarm systems exposed online despite the vendor has addressed a critical bug (CVE-2020-28973) in January. “The ABUS Secvest wireless alarm system FUAA50000 (v3.01.17) fails to properly authenticate some requests to its built-in HTTPS interface.

Firmware 124

Firmware Passwords Authentication Wireless 124

SecureWorld News

JUNE 28, 2020

These include: Home personal networks, wired and wireless, including network reconnaissance and device inventorying. Devices owned by other companies that may be using the same network, wired or wireless, due to other family members working from home. This is clearly a scoping issue and never should be allowed for any pentest.

Penetration Testing 104

Penetration Testing Social Engineering VPN Phishing 104

eSecurity Planet

FEBRUARY 8, 2023

Vulnerability scanning is the process of scanning IT networks and systems to identify security vulnerabilities in hardware and software. The edge, cloud computing, Internet of Things (IoT) devices, and more have led to a much bigger attack surface and have required new vulnerability scanning approaches and tools.

Penetration Testing 104

Penetration Testing Software IoT Policy Compliance 104

eSecurity Planet

APRIL 26, 2024

The basic elements of a fundamental network include: Network equipment: Controls data flow between devices and commonly includes physical and virtual switches, wired or wireless routers, modems, and hubs. COBIT is designed to integrate into other frameworks and focuses on business logic, process requirements, and risk.

Architecture 120

Architecture Network Security Firewall Risk 120