Internet of Things

Pierluigi Paganini April 25, 2021
10,000+ unpatched ABUS Secvest home alarms can be deactivated remotely

10,000+ unpatched ABUS Secvest home alarm systems could be remotely disabled exposing customers to intrusions and thefts. Researchers from Eye Security have found thousands of unpatched ABUS Secvest home alarm systems exposed online despite the vendor has addressed a critical bug (CVE-2020-28973) in January. A remote attacker could exploit the vulnerability to disable alarm systems and expose homes and […]

Pierluigi Paganini April 23, 2021
New Qlocker ransomware infected hundreds of QNAP NAS devices in a few days

A new ransomware strain dubbed Qlocker is infecting hundreds of QNAP NAS devices every day and demanding a $550 ransom payment. Experts are warning of a new strain of ransomware named Qlocker that is infecting hundreds of QNAP NAS devices on daily bases. The malware moves all files stored on the device to password-protected 7zip […]

Pierluigi Paganini April 20, 2021
Watch out, hackers can take over your Cosori Smart Air Fryer

Watch out, hackers could breach into your house by exploiting two remote code execution (RCE) vulnerabilities in the Cosori Smart Air Fryer. Security experts from Cisco Talos have found two remote code execution (RCE) vulnerabilities in the Cosori Smart Air Fryer. The Cosori Smart Air Fryer is an appliance with smart capabilities that cooks food […]

Pierluigi Paganini April 02, 2021
Tens of thousands of QNAP SOHO NAS devices affected by unpatched RCEs

Unpatched vulnerabilities in QNAP small office/home office (SOHO) network-attached storage (NAS) devices could be exploited by remote attackers to remotely execute arbitrary code. Security researchers at SAM Seamless Network discovered a couple of critical unpatched flawsin QNAP small office/home office (SOHO) network-attached storage (NAS) devices that could allow remote attackers to execute arbitrary code on […]

Pierluigi Paganini March 28, 2021
QNAP urges users to take action to protect devices against Brute-Force attacks

Taiwanese manufacturer QNAP published an alert urging its customers to secure their devices after a growing number of users reported that their devices have been hit by brute-force attacks. This week the Taiwanese vendor QNAP has published an alert urging users to secure their devices after a growing number of users reported that their devices […]

Pierluigi Paganini March 14, 2021
Experts found 15 flaws in Netgear JGS516PE switch, including a critical RCE

Netgear has released security and firmware updates for its JGS516PE Ethernet switch to address 15 vulnerabilities, including a critica remote code execution issue. Netgear has released security and firmware updates to address 15 vulnerabilities in its JGS516PE Ethernet switch, including an unauthenticated remote code execution flaw rated as critical. The flaws were discovered by researchers […]

Pierluigi Paganini March 08, 2021
UnityMiner targets unpatched QNAP NAS in cryptocurrency mining campaign

Experts warn of ongoing attacks targeting QNAP network-attached storage (NAS) devices to abuse them in cryptocurrency mining. Researchers at 360Netlab are warning of a cryptocurrency malware campaign targeting unpatched QNAP network-attached storage (NAS) devices. Threat actors are exploiting two unauthorized remote command execution vulnerabilities, tracked as CVE-2020-2506 & CVE-2020-2507, in the Helpdesk app that have been fixed by the […]

Pierluigi Paganini February 23, 2021
NurseryCam daycare cam service shut down after security breach

Daycare camera product NurseryCam was hacked last week, the company was forced to shut down its IoT camera service. On Friday, The Register become aware of the compromise of the NurseryCam network. NurseryCam is produced by the companies FootfallCam Ltd and Meta Technologies Ltd. In response to the incident, the company shut down its IoT […]

Pierluigi Paganini February 06, 2021
Experts found critical flaws in Realtek Wi-Fi Module

Critical flaws in the Realtek RTL8195A Wi-Fi module could have been exploited to gain root access and take over devices’ wireless communications. Researchers from Israeli IoT security firm Vdoo found six vulnerabilities in the Realtek RTL8195A Wi-Fi module that could have been exploited to gain root access and take control of a device’s wireless communications. […]

Pierluigi Paganini January 21, 2021
Dovecat crypto-miner is targeting QNAP NAS devices

QNAP is warning customers of a new piece of malware dubbed Dovecat that is targeting NAS devices to mine cryptocurrency. Taiwanese vendor QNAP has published a security advisory to warn customers of a new piece of malware named Dovecat that is targeting NAS devices. The malware was designed to abuse NAS resources and mine cryptocurrency. The malware […]