Security Affairs

JANUARY 30, 2021

US wireless carrier UScellular discloses data breach, personal information of customers may have been exposed and their phone numbers ported. US wireless carrier UScellular discloses a data breach that exposed personal information of its customers. ” reads the USCellular data breach notification. Pierluigi Paganini.

Data breaches 145

Data breaches Wireless Retail Accountability 145

Security Affairs

APRIL 5, 2025

cell carrier and instantly retrieve a list of its recent incoming callscomplete with timestampswithout compromising the device, guessing a password, or alerting the user.” The issue likely affected most Verizon Wireless users, as the service is often enabled by default. ” warned the expert.

Wireless 106

Wireless Surveillance Risk Media 106

Malwarebytes

JULY 24, 2024

TracFone Wireless Inc. is an American prepay wireless service provider wholly owned by Verizon. TracFone Wireless Inc. is an American prepay wireless service provider wholly owned by Verizon. TracFone services are used by the brands Straight Talk, Total by Verizon Wireless, and Walmart Family Mobile.

Data breaches 106

Data breaches Wireless Passwords Phishing 106

Security Affairs

DECEMBER 13, 2021

Boffins discovered bugs in WiFi chips that can be exploited to extract passwords and manipulate traffic by targeting a device’s Bluetooth component. According to the research paper published by the experts, modern mobile devices use separate wireless chips to manage wireless technologies, such as Bluetooth, Wi-Fi, and LTE.

Wireless 116

Wireless Firmware Mobile Passwords 116

Security Affairs

JULY 17, 2021

Network equipment vendor D-Link has released a firmware hotfix to fix multiple vulnerabilities in the DIR-3040 AC3000-based wireless internet router. Network equipment vendor D-Link has released a firmware hotfix to address multiple vulnerabilities affecting the DIR-3040 AC3000-based wireless internet router.

Firmware 131

Firmware Wireless Passwords Internet 131

Security Affairs

SEPTEMBER 19, 2022

The FXA3000 and FXA2000 Series are access points that are manufactured by Japan-based firm Contec that conform to IEEE 802.11n/a/b/g wireless. “It is found that our wireless products, FLEXLAN FX3000/2000 series, have a firmware vulnerability. The experts recommend to randomly generate a different password for each device.

Wireless 102

Wireless Firmware Passwords Engineering 102

Security Affairs

DECEMBER 23, 2023

Mint Mobile experienced a recent data breach, exposing customers’ personal information to unauthorized access by threat actors. As an MVNO, Mint Mobile doesn’t own its own wireless infrastructure. Mint Mobile is a mobile virtual network operator (MVNO) that offers prepaid mobile phone services.

Data breaches 138

Data breaches Mobile Wireless Data collection 138

Security Affairs

FEBRUARY 12, 2024

Public Wi-Fi users are prime targets for MITM attacks because the information they send is often not encrypted, meaning it’s easy for hackers to access your data. Once they’re in, they can grab your emails, usernames, passwords, and more. They might even lock you out of your own accounts by resetting your passwords.

DNS 144

DNS VPN Encryption Passwords 144

Security Affairs

FEBRUARY 6, 2021

Critical flaws in the Realtek RTL8195A Wi-Fi module could have been exploited to gain root access and take over devices’ wireless communications. The experts pointed out that the attackers don’t need the knowledge of the Wi-Fi network password (PSK) or whether the module is acting as a Wi-Fi access point or client.

IoT 124

IoT Wireless Authentication Passwords 124

Security Affairs

AUGUST 1, 2023

The information stored in a Canon printer depends on the specific model, however, almost any model stores the network SSID, the password, network type (WPA3, WEP, etc.), Set up strong authentication mechanisms, such as complex passwords or use multi-factor authentication (MFA) for printer access. MAC address, and IP address.

Wireless 98

Wireless Firmware Passwords Authentication 98

Security Affairs

SEPTEMBER 8, 2020

“The authentication function contains undocumented code which provides the ability to authenticate as root without having to know the actual root password. An adversary with the private key can remotely reboot the device without having to know the root password. ” reads the advisory published by the expert.

Firmware 130

Firmware Authentication Wireless Advertising 130

Security Affairs

JANUARY 14, 2021

One of the flaws fixed by the tech giant, tracked as CVE-2021-1144, is a high-severity vulnerability that affects Cisco Connected Mobile Experiences (CMX), which is a smart Wi-Fi solution that uses the Cisco wireless infrastructure to provide location services and location analytics for consumers’ mobile devices. and 10.6.2.

Software 125

Software Small Business Mobile Authentication 125

Security Affairs

MARCH 10, 2023

AT&T is notifying millions of customers that some of their information was exposed after a third-party vendor was hacked. CPNI is information related to the telecommunications services purchased by the customers, including the number of lines for each account or the wireless plan to which customers are subscribed.

Data breaches 98

Data breaches Hacking Wireless Telecommunications 98

Security Affairs

DECEMBER 1, 2024

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Cybercrime 73

Cybercrime Firewall Social Engineering Ransomware 73

Security Affairs

APRIL 25, 2021

“The ABUS Secvest wireless alarm system FUAA50000 (v3.01.17) fails to properly authenticate some requests to its built-in HTTPS interface. Someone can use this vulnerability to obtain sensitive information from the system, such as usernames and passwords. ” reads the description of the vulnerability.

Firmware 124

Firmware Passwords Authentication Wireless 124

Security Affairs

DECEMBER 9, 2022

The technique was discovered while conducting unrelated research on Cambium Networks’ wireless device management platform. The researchers discovered a Cambium SQL injection vulnerability that they used to exfiltrate users’ sessions, SSH keys, password hashes, tokens, and verification codes.

Firewall 144

Firewall Wireless IoT Hacking 144

Security Affairs

DECEMBER 30, 2020

.” T-Mobile said that threat actors did not access names on the account, physical or email addresses, financial data, credit card information, social security numbers, tax ID, passwords, or PINs. T-Mobile discovered that the attackers had access to the CPNI (Customer Proprietary Network Information).

Data breaches 145

Data breaches Mobile Telecommunications Accountability 145

Security Affairs

JUNE 23, 2022

SMS Bomber allows a user to flood the victim’s phone number with a very long list of pre-baked HTTP requests asking for one-time codes, verification messages, password recoveries and the like. ” The threat actors also used a new variant of the ‘ Yahoyah ’ Trojan to gather information about local wireless networks.

Hacking 126

Hacking Wireless Encryption Malware 126

Security Affairs

SEPTEMBER 20, 2020

The Mozi botnet was spotted by security experts from 360 Netlab, at the time of its discovered it was actively targeting Netgear, D-Link, and Huawei routers by probing for weak Telnet passwords to compromise them. The sample spreads via Telnet with weak passwords and some known exploits (see the list below).

IoT 145

IoT DDOS Architecture Passwords 145

Security Affairs

AUGUST 3, 2023

The researchers discovered that most of the medical infusion pumps that were purchased from secondary market services such as eBay were found to still contain wireless authentication data from the original medical organization that had deployed the devices. ” reads the analysis published by Rapid7.

Marketing 98

Marketing Wireless Authentication Manufacturing 98

Security Affairs

NOVEMBER 7, 2019

Bitdefender discovered a high-severity security flaw in Amazon’s Ring Video Doorbell Pro devices that could allow nearby attackers to steal WiFi password. Amazon’s Ring Video Doorbell is a smart wireless home security doorbell camera that allows users to use to remotely control their doorbell.

Wireless 74

Wireless Passwords IoT Advertising 74

Security Affairs

DECEMBER 19, 2019

. “Don’t allow your phone, computer, tablet, or other devices to auto-connect to a free wireless network while you are away from home,” reads the advisory published by the FBI. They then can load malware, steal your passwords and PINs, or even take remote control of your contacts and camera.”

Wireless 98

Wireless Advertising Passwords Accountability 98

Security Affairs

FEBRUARY 27, 2021

According to Bleeping Computer , the hackers used an internal T-Mobile application to target up to 400 customers in SIM swap attack attempts, the security breach did not impact business customers. Impacted T-Mobile customers are recommended to change their password, PIN, and security questions.

Mobile 135

Mobile Data breaches Telecommunications Identity Theft 135

Security Affairs

SEPTEMBER 11, 2019

While analyzing the dual-band D-Link DSL-2875AL wireless router, the expert discovered that a file located at https : //[router ip address ] /romfile.cfg contains the login password of the device in plaintext. “The username & password listed there are used by the user to connect to his/her ISP. download=true.

DNS 104

DNS Passwords Authentication Advertising 104

Security Affairs

DECEMBER 25, 2019

A new Mozi P2P botnet is actively targeting Netgear, D-Link, and Huawei routers by probing for weak Telnet passwords to compromise them. Security experts from 360 Netlab spotted a new Mozi P2P botnet that is actively targeting Netgear, D-Link, and Huawei routers by probing for weak Telnet passwords to compromise them.

DDOS 98

DDOS Passwords Wireless Advertising 98

Security Affairs

MAY 3, 2022

The threat actors deployed QUIETEXIT on network appliances within the target network, including load balancers and wireless access point controllers. The experts pointed out that these systems are not protected by security solutions, for this reason, the attackers remain undetected in victim environments for at least 18 months. .

Wireless 128

Wireless Passwords Hacking Malware 128

Security Affairs

MAY 18, 2019

Security researcher Troy Mursch , Chief Research Officer of Bad Packets , discovered that over 20,000 Linksys wireless routers are leaking full historical records of every device ever connected to them. The situation could be worse if owners of the routers were using default admin credentials.

IoT 111

IoT Wireless DNS Advertising 111

Security Affairs

JUNE 19, 2023

The vendor also recommends creating distinct, strong passwords for the wireless network and router administration pages. In case customers cannot immediately install the updates, Asus recommends disabling services accessible from the WAN side to avoid potential unwanted intrusions.

Firmware 98

Firmware VPN Wireless Passwords 98

eSecurity Planet

MARCH 7, 2023

NIST Developed by NIST, an agency of the United States Department of Commerce, NIST Special Publication 800-115 , Technical Guide to Information Security Testing and Assessment is the most specific from start to finish. Companies that want to meet high-security standards adopt this methodology for penetration testing.

Penetration Testing 98

Penetration Testing Wireless Passwords Social Engineering 98

Security Affairs

JANUARY 20, 2023

Customer payment card information (PCI), social security numbers/tax IDs, driver’s license or other government ID numbers, passwords/PINs or other financial account information were not exposed because the abused API does not provide access to this information.

Data breaches 98

Data breaches Mobile Accountability Telecommunications 98

Security Affairs

AUGUST 18, 2021

million current T-Mobile postpaid customer accounts’ information appears to be contained in the stolen files, as well as just over 40 million records of former or prospective customers who had previously applied for credit with T-Mobile. . “Our preliminary analysis is that approximately 7.8

Data breaches 102

Data breaches Mobile Telecommunications Accountability 102

Spinone

MARCH 20, 2019

The information the attacker is looking to gain could be login information, names, titles, phone numbers, banking information, or many other types of personally identifiable information. Security awareness training can help end users to effectively identify a phishing email in various ways.

Security Awareness 70

Security Awareness Wireless Ransomware Passwords 70

SecureList

FEBRUARY 1, 2022

Let’s see if there are any informational security issues with these wearables. Since the start of the pandemic, many companies working in the information security sphere, including Kaspersky, have discussed the fact that medicine has become a more common bait in cybercriminal scams.

Phishing 145

Phishing Healthcare IoT Authentication 145

Security Affairs

MAY 8, 2023

“Western Digital is currently experiencing a service outage impacting the following products: My Cloud, My Cloud Home, My Cloud Home Duo, My Cloud OS5, SanDisk ibi, SanDisk Ixpand Wireless Charger.” “The information included customer names, billing and shipping addresses, email addresses, and telephone numbers.

Data breaches 98

Data breaches Backups Ransomware Network Security 98

Security Affairs

AUGUST 22, 2019

They can see the passwords you use, your email address, your name and physical address, phone numbers and any other type of personal information that you might happen to enter into a website. For instance there are automated tools that look for passwords and write them into a file whenever they see one.

VPN 110

VPN Encryption Passwords Small Business 110

Cisco Security

AUGUST 28, 2023

After positive identification of the AsyncRat activity, we used the Arista wireless API to track the user to a specific training room and notified them about the fact that their device appeared to be compromised. Cleartext passwords and usernames disclosed in traffic. AsyncRAT traffic record.

Wireless 94

Wireless DNS Mobile Technology 94

CyberSecurity Insiders

APRIL 11, 2023

Our organization is currently running with a mix of Identity and Access Management Frameworks customized and embedded in the holistic ISO 27001 Cyber Security Framework. The organization is working hard to embrace more borderless and wireless authentication frameworks even though the acquisition process is ongoing.

Authentication 100

Authentication Passwords Accountability Government 100