Internet of Things

Pierluigi Paganini July 14, 2020
New Mirai variant includes exploit for a flaw in Comtrend Routers

Researchers spotted a new version of the Mirai IoT botnet that includes an exploit for a vulnerability affecting Comtrend routers. Malware researchers at Trend Micro have discovered a new version of the Mirai Internet of Things (IoT) botnet that includes an exploit for the CVE-2020-10173 vulnerability impacting Comtrend routers. The Mirai botnet was first discovered in August 2016 by […]

Pierluigi Paganini June 26, 2020
New Lucifer DDoS botnet targets Windows systems with multiple exploits

A new botnet, tracked as Lucifer, appeared in the threat landscape, it leverages close to a dozen exploits to hack Windows systems. A new botnet tracked as Lucifer appeared in the threat landscape, it leverages a dozen exploits for high and critical severity flaws affecting Windows systems. Upon infecting a system the bot turns it […]

Pierluigi Paganini June 23, 2020
A daily average of 80,000 printers exposed online via IPP

Experts found tens of thousands of printers that are exposed online that are leaking device names, organization names, WiFi SSIDs, and other info. It’s not a mystery, a printer left exposed online without proper security could open the doors to hackers, now researchers from Shadowserver Foundation have discovered tens of thousands of printers that are […]

Pierluigi Paganini June 18, 2020
79 Netgear router models affected by a dangerous Zero-day

79 Netgear router models are vulnerable to a severe unpatched security vulnerability that can be exploited by remote attackers to take over devices. Security experts Adam Nichols from GRIMM and d4rkn3ss from the Vietnamese internet service provider VNPT have independently reported a severe unpatched security vulnerability that affects 79 Netgear router models. The flaw could […]

Pierluigi Paganini June 16, 2020
Ripple20 flaws in Treck TCP/IP stack potentially expose hundreds of millions of devices to hack

Serious security vulnerabilities in the Treck TCP/IP stack dubbed Ripple20 expose millions of IoT devices worldwide to cyber attacks, researchers warn. Hundreds of millions of devices worldwide could be vulnerable to remote attacks due to security vulnerabilities in the Treck TCP/IP stack dubbed Ripple20. Treck TCP/IP is a high-performance TCP/IP protocol suite designed for embedded […]

Pierluigi Paganini June 06, 2020
eCh0raix ransomware is back and targets QNAP NAS devices again

eCh0raix Ransomware operators are back after months of apparent inactivity, now are targeting QNAP storage devices in a new campaign. Threat actors behind the eCh0raix Ransomware have launched a new campaign aimed at infecting QNAP storage devices. The eCh0raix ransomware was appeared in the threat landscape in June 2019 by experts at security firms Intezer […]

Pierluigi Paganini May 19, 2020
Both Mirai and Hoaxcalls IoT botnets target Symantec Web Gateways

Experts from Palo Alto Networks discovered that the Mirai and Hoaxcalls botnets are targeting a vulnerability in legacy Symantec Web Gateways. Palo Alto Networks Unit 42 researchers observed both the Mirai and Hoaxcalls botnets using an exploit for a post-authentication Remote Code Execution vulnerability in legacy Symantec Web Gateways 5.0.2.8. “I recently came across new […]

Pierluigi Paganini May 05, 2020
Kaiji, a new Linux malware targets IoT devices in the wild

Security researchers spotted a new piece of DDoS bot dubbed Kaiji that is targeting IoT devices via SSH brute-force attacks. Last week, the popular security researcher MalwareMustDie and the experts at Intezer Labs spotted a new piece of malware dubbed Kaiji, that is targeting IoT devices via SSH brute-force attacks. The malicious code was designed to target […]

Pierluigi Paganini April 24, 2020
Hoaxcalls Botnet expands the target list and adds new DDoS capabilities

The Hoaxcalls IoT botnet expanded the list of targeted devices and has added new distributed denial of service (DDoS) capabilities. DDoS protection services provider Radware warns the Hoaxcalls Internet of Things (IoT) botnet has expanded the list of targeted devices, the experts also noticed that the operators implemented new distributed denial of service (DDoS) capabilities. […]

Pierluigi Paganini April 20, 2020
Law enforcement and Microsoft join forces to dismantle botnet using LED Light Control Console

Cybercriminals have abused LED light control console to launch malicious attacks, Microsoft’s security experts warn. Microsoft researchers shared details of a new incident discovered in Taiwan, where crooks abused LED light control consoles to launch malicious attacks. Threat actors used the consoles to deliver malware and ransomware through an IoT botnet that was also used […]