Internet of Things

Pierluigi Paganini April 08, 2020
Dark Nexus, a new IoT botnet that targets a broad range of devices

Cybersecurity researchers discovered a new IoT botnet, tracked as Dark Nexux, that is used to launch distributed denial-of-service (DDoS) attacks. Dark Nexux is the name of a new emerging IoT botnet discovered by Bitdefender that is used to launch DDoS attacks. The botnet spreads using exploits and launching credential stuffing attacks against a broad range […]

Pierluigi Paganini March 23, 2020
Botnet operators target multiple zero-day flaws in LILIN DVRs

Experts observed multiple botnets exploiting zero-day vulnerabilities in DVRs for surveillance systems manufactured by Taiwan-based LILIN. Botnet operators are exploiting several zero-day vulnerabilities in digital video recorders (DVRs) for surveillance systems manufactured by Taiwan-based LILIN- According to the Chinese security firm Qihoo 360’s Netlab team, operators of several botnets, including Chalubo, FBot, and Moobot, targeting LILIN DVRs at least since […]

Pierluigi Paganini February 18, 2020
Hacking IoT devices with Focaccia-Board: A Multipurpose Breakout Board to hack hardware in a clean and easy way!

Go grab a copy of the Gerbers and 3D-printed Case STL files at https://github.com/whid-injector/Focaccia-Board and print through your favorite FAB. Prologue Even before the appearance of the word (I)IoT, I was breaking hardware devices, as many of you, with a multitude of debuggers (i.e. stlink, jlink, RS23–2-2USB, etc.). It was always a PITA bringing around a device […]

Pierluigi Paganini February 15, 2020
SweynTooth Bluetooth flaws affect devices from major system-on-a-chip (SoC) vendors

Security experts have discovered multiple flaws, dubbed SweynTooth, in the Bluetooth Low Energy (BLE) implementations of major system-on-a-chip (SoC) vendors. A group of researchers has discovered multiple vulnerabilities, tracked as SweynTooth, in the Bluetooth Low Energy (BLE) implementations of major system-on-a-chip (SoC) vendors. The group was composed of researchers Matheus E. Garbelini, Sudipta Chattopadhyay, and […]

Pierluigi Paganini February 11, 2020
OT attacks increased by over 2000 percent in 2019, IBM reports

According to IBM, OT attacks increased by over 2000 percent in 2019, most of them involved the Echobot IoT malware. IBM’s 2020 X-Force Threat Intelligence Index report analyzes the threat landscape in 2019, the experts observed a spike in the number of OT attacks. According to IBM X-Force, attacks targeting operational technology (OT) infrastructure increased […]

Pierluigi Paganini February 08, 2020
IoT devices at major Manufacturers infected with crypto-miner

Hackers have infected with a piece of malware some IoT devices running Windows 7 designed by three of the world’s largest manufacturers. Security experts from TrapX reported that some IoT devices running Windows 7 have been infected with a piece of malware, is it a supply chain attack? The experts reported that several IoT devices […]

Pierluigi Paganini February 06, 2020
cdpwn – Millions of devices at risk due to flaws in implementations of Cisco Discovery Protocol (CDP)

A set of vulnerabilities in the Cisco Discovery Protocol (CDP) exposes tens of millions of devices to the risk of cyber attacks. Researchers at IoT security firm Armis discovered a set of five serious vulnerabilities in the implementation of the Cisco Discovery Protocol (CDP) protocol. The experts tracked the set as CDPwn and warned that the […]

Pierluigi Paganini February 06, 2020
Hacking Wi-Fi networks by exploiting a flaw in Philips Smart Light Bulbs

Check Point experts discovered a high-severity flaw in Philips Hue Smart Light Bulbs that can be exploited to gain entry into a targeted WiFi network. Security experts from Check Point discovered a high-severity flaw (CVE-2020-6007) in Philips Hue Smart Light Bulbs that can be exploited by hackers to gain entry into a targeted WiFi network. Lightbulbs could be remotely […]

Pierluigi Paganini January 21, 2020
The Mystery of Fbot

In a few days back, the MalwareMustDie team’s security researcher unixfreaxjp has published a new Linux malware analysis of Fbot that has focused on the decryption of the last encryption logic used by its bot client. This is not the first time Fbot analysis has been published, and also Fbot binaries have been actively infecting […]

Pierluigi Paganini January 19, 2020
Bot list with Telnet credentials for more than 500,000 servers and IoT devices leaked online

The availability online of a new collection of Telnet credentials for more than 500,000 servers, routers, and IoT devices made the headlines. A hacker has published online a massive list of Telnet credentials for more than 515,000 servers and smart devices, including home routers. This is the biggest leak of Telnet passwords even reported. According […]