Pierluigi Paganini
April 20, 2022
QNAP urges customers to disable Universal Plug and Play (UPnP) port forwarding on their routers to secure their NAS devices. Taiwanese vendor QNAP urges customers to disable Universal Plug and Play (UPnP) port forwarding on their routers to protect their network-attached storage (NAS) devices from attacks. UPnP is an insecure protocol, it uses network UDP […]
Pierluigi Paganini
April 17, 2022
Enemybot is a DDoS botnet that targeted several routers and web servers by exploiting known vulnerabilities. Researchers from Fortinet discovered a new DDoS botnet, tracked as Enemybot, that has targeted several routers and web servers by exploiting known vulnerabilities. The botnet targets multiple architectures, including arm, bsd, x64, and x86. The researchers attribute the botnet […]
Pierluigi Paganini
April 01, 2022
Wyze Cam devices are affected by three security vulnerabilities that can allow attackers to takeover them and access camera feeds. Bitdefender researchers discovered three security vulnerabilities in the popular Wyze Cam devices that can be exploited by threat actors to execute arbitrary code and access camera feeds. The three flaws reported by the cybersecurity firm […]
Pierluigi Paganini
March 30, 2022
The US CISA and the Department of Energy issued guidance on mitigating attacks against uninterruptible power supply (UPS) devices. The US Cybersecurity and Infrastructure Security Agency (CISA) and the Department of Energy published joint guidance on mitigating cyber attacks against uninterruptible power supply (UPS) devices. The US agencies warn of threat actors gaining access to […]
Pierluigi Paganini
March 22, 2022
Internet search engine Censys reported a new wave of DeadBolt ransomware attacks targeting QNAP NAS devices. Internet search engine Censys reported that QNAP devices were targeted in a new wave of DeadBolt ransomware attacks. Since January, DeadBolt ransomware operators are targeting QNAP NAS devices worldwide, its operators claim the availability of a zero-day exploit that […]
Pierluigi Paganini
March 18, 2022
The recently discovered Cyclops Blink botnet, which is believed to be a replacement for the VPNFilter botnet, is now targeting the ASUS routers. The recently discovered Cyclops Blink botnet is now targeting the ASUS routers, reports Trend Micro researchers. The Cyclops Blink malware has been active since at least June 2019, it targets WatchGuard Firebox and other […]
Pierluigi Paganini
March 15, 2022
Taiwanese vendor QNAP warns most of its NAS devices are impacted by high severity Linux vulnerability dubbed ‘Dirty Pipe.’ Taiwanese hardware vendor QNAP warns most of its Network Attached Storage (NAS) devices are impacted by the recently discovered Linux vulnerability ‘Dirty Pipe.’ An attacker with local access can exploit the high-severity vulnerability Dirty Pipe to […]
Pierluigi Paganini
March 10, 2022
Three flaws in APC Smart-UPS devices, tracked as TLStorm, could be exploited by remote attackers to hack and destroy them. Researchers from IoT security company Armis have discovered three high-impact security flaws, collectively tracked as TLStorm, affecting APC Smart-UPS devices. The flaws can allow remote attackers to manipulate the power of millions of enterprise devices carrying out extreme […]
Pierluigi Paganini
March 08, 2022
Many IoT and medical devices are affected by seven serious flaws, collectively tracked as Access:7, in widely used Axeda platform. Researchers from medical device cybersecurity company CyberMDX have discovered seven serious flaws, collectively tracked as Access:7, in the widely used Axeda platform of IIoT solutions provider PTC. “Access:7 could enable hackers to remotely execute malicious […]
Pierluigi Paganini
March 03, 2022
Researchers analyzed more than 200,000 network-connected medical infusion pumps and discovered that over 100,000 of them are vulnerable. Researchers from Palo Alto Networks have analyzed more than 200,000 medical infusion pumps on the networks of hospitals and other healthcare organizations and discovered that 75% are affected by known vulnerabilities that could be exploited by attackers. […]
Cyber Crime / January 20, 2026
