Internet of Things Archives - Page 13 of 41

Pierluigi Paganini August 07, 2021

CVE-2021-20090 actively exploited to target millions of IoT devices worldwide

Threat actors are actively exploiting a critical authentication bypass issue (CVE-2021-20090) affecting home routers with Arcadyan firmware. Threat actors actively exploit a critical authentication bypass vulnerability, tracked as CVE-2021-20090, impacting home routers with Arcadyan firmware to deploy a Mirai bot. “A path traversal vulnerability in the web interfaces of Buffalo WSR-2533DHPL2 firmware version <= 1.02 and […]

Pierluigi Paganini August 05, 2021

Cisco fixes critical, high severity vulnerabilities in VPN routers

Cisco fixed critical, high severity pre-auth security vulnerabilities impacting multiple Small Business VPN routers. Cisco addressed critical and high severity pre-auth security vulnerabilities that impact multiple Small Business VPN routers. An attacker could exploit the issues to trigger a denial of service condition or execute commands and arbitrary code on impacted multiple Small Business VPN […]

Pierluigi Paganini August 02, 2021

Do You Trust Your Smart TV?

Did you ever stop to think that the office smart TV used for company presentations, Zoom meetings, and other work-related activities may not be so trustworthy? In our latest video, we demonstrate an attack scenario that can occur within any organization – hacking a smart TV. The video shows an insider plugging a USB Rubber […]

Pierluigi Paganini July 19, 2021

Experts disclose critical flaws in Advantech router monitoring tool

Cisco Talos experts disclose details of several critical flaws in a router monitoring application developed by industrial and IoT firm Advantech. Cisco Talos researchers discovered multiple critical vulnerabilities in the R-SeeNet application developed by industrial and IoT firm Advantech. The application allows network administrators to monitor Advantech routers in their infrastructure. The monitoring tool collects […]

Pierluigi Paganini July 17, 2021

D-Link issues beta hotfix for multiple flaws in DIR-3040 routers

Network equipment vendor D-Link has released a firmware hotfix to fix multiple vulnerabilities in the DIR-3040 AC3000-based wireless internet router. Network equipment vendor D-Link has released a firmware hotfix to address multiple vulnerabilities affecting the DIR-3040 AC3000-based wireless internet router. An attacker could exploit the flaws to execute arbitrary code on unpatched routers, crash the devices, or gain access […]

Pierluigi Paganini July 01, 2021

Microsoft found auth bypass, system hijack flaws in Netgear routers

Microsoft experts have disclosed a series of vulnerabilities in the firmware of Netgear routers which could lead to data leaks and full system takeover. Microsoft researchers discovered multiple vulnerabilities in the firmware of the Netgear DGN-2200v1 series router that can allow attackers to bypass authentication, access stored credentials, and even take over devices. Experts discovered […]

Pierluigi Paganini June 25, 2021

Hackers exploit 3-years old flaw to wipe Western Digital devices

Threat actors are wiping many Western Digital (WD) My Book Live and My Book Live Duo NAS devices likely exploiting an old vulnerability. Owners of Western Digital (WD) claim that their My Book Live and My Book Live Duo network-attached storage (NAS) devices have been wiped. Threat actors forced a factory reset on the devices […]

Pierluigi Paganini May 15, 2021

QNAP warns of eCh0raix ransomware and Roon Server zero-day attacks

QNAP warns of an actively exploited Roon Server zero-day flaw and eCh0raix ransomware attacks on its NAS devices. QNAP warns customers of threat actors that are targeting its Network Attached Storage (NAS) devices with eCh0raix ransomware attacks and exploiting a Roon Server zero-day vulnerability. The Taiwanese vendor was informed of ongoing eCh0raix ransomware attacks that […]

Pierluigi Paganini May 12, 2021

Maybe don’t call Saul? Over 30,000 VoIP devices identifiable worldwide, some with suspected vulnerabilities

Thousands of public-facing devices can be accessed anywhere in the world, from the US to Russia, from London to Johannesburg. Our research shows that large and small manufacturers are identifiable, with Aastra-Mitel topping the list. As with many inventions of the 20th century, the internet has drastically changed using the phone. Once a vital necessity […]

Pierluigi Paganini May 01, 2021

AgeLocker ransomware operation targets QNAP NAS devices

Taiwanese vendor QNAP is warning its customers of AgeLocker ransomware attacks on their NAS devices. Crooks behind the AgeLocker ransomware operation are targeting QNAP NAS devices, the Taiwanese vendor warns. The vendor doesn’t provide technical details of the attacks, it is not clear if the ransomware gang exploited know vulnerabilities. “The QNAP security team has […]