Internet of Things Archives - Page 19 of 41

Pierluigi Paganini February 06, 2020

cdpwn – Millions of devices at risk due to flaws in implementations of Cisco Discovery Protocol (CDP)

A set of vulnerabilities in the Cisco Discovery Protocol (CDP) exposes tens of millions of devices to the risk of cyber attacks. Researchers at IoT security firm Armis discovered a set of five serious vulnerabilities in the implementation of the Cisco Discovery Protocol (CDP) protocol. The experts tracked the set as CDPwn and warned that the […]

Pierluigi Paganini February 06, 2020

Hacking Wi-Fi networks by exploiting a flaw in Philips Smart Light Bulbs

Check Point experts discovered a high-severity flaw in Philips Hue Smart Light Bulbs that can be exploited to gain entry into a targeted WiFi network. Security experts from Check Point discovered a high-severity flaw (CVE-2020-6007) in Philips Hue Smart Light Bulbs that can be exploited by hackers to gain entry into a targeted WiFi network. Lightbulbs could be remotely […]

Pierluigi Paganini January 21, 2020

The Mystery of Fbot

In a few days back, the MalwareMustDie team’s security researcher unixfreaxjp has published a new Linux malware analysis of Fbot that has focused on the decryption of the last encryption logic used by its bot client. This is not the first time Fbot analysis has been published, and also Fbot binaries have been actively infecting […]

Pierluigi Paganini January 19, 2020

Bot list with Telnet credentials for more than 500,000 servers and IoT devices leaked online

The availability online of a new collection of Telnet credentials for more than 500,000 servers, routers, and IoT devices made the headlines. A hacker has published online a massive list of Telnet credentials for more than 515,000 servers and smart devices, including home routers. This is the biggest leak of Telnet passwords even reported. According […]

Pierluigi Paganini January 09, 2020

Interpol: Goldfish Alpha operation reduces cryptojacking by 78%

An operation coordinated by Interpol, dubbed Goldfish Alpha, dismantled an illegal cryptocurrency network operating in Southeast Asia Interpol announced that it has coordinated a successful international operation aimed at removing cryptocurrency miners that infected routers located in Southeast Asia. The operation sees the contribution of Trend Micro, law enforcement and CERTs from ASEAN countries, including […]

Pierluigi Paganini January 07, 2020

Google blocks Xiaomi integrations on Nest hub over privacy concerns

Google has recently disabled all Xiaomi smart home integrations on Nest Hub after being informed that some users could access other people’s camera feeds. On January 1st, 2020, a Reddit user (‘/u/Dio-V’) posted a discussion revealing that Nest Hub was able to access feeds from other Xiaomi cameras. As proof of the issue, the user […]

Pierluigi Paganini December 29, 2019

Security experts disclosed Wyze data leak

IoT vendor Wyze announced that one of its servers exposed the details of roughly 2.4 million customers. IoT vendor Wyze announced that details of roughly 2.4 million customers were accidentally exposed online. The company produces inexpensive smart home products and wireless cameras. The leak was reported to Wyze on December 26th at around 10:00 AM […]

Pierluigi Paganini December 25, 2019

New Mozi P2P Botnet targets Netgear, D-Link, Huawei routers

A new Mozi P2P botnet is actively targeting Netgear, D-Link, and Huawei routers by probing for weak Telnet passwords to compromise them. Security experts from 360 Netlab spotted a new Mozi P2P botnet that is actively targeting Netgear, D-Link, and Huawei routers by probing for weak Telnet passwords to compromise them. According to the researchers, […]

Pierluigi Paganini December 18, 2019

Trend Micro observed notable malware activity associated with the Momentum Botnet

Security experts recently found notable malware activity affecting devices running Linux that is associated with the Momentum Botnet. Malware researchers from Trend Micro recently observed notable malware activity affecting devices running Linux that is associated with the Momentum Botnet. Experts revealed details on the tools and techniques used by the botnet to compromise Linux devices […]

Pierluigi Paganini December 17, 2019

TP-Link Archer routers allow remote takeover without passwords

TP-Link has addressed a critical vulnerability impacting some TP-Link Archer routers that could allow attackers to login without passwords. TP-Link addressed a critical zero-day vulnerability (CVE-2017-7405) in its TP-Link Archer routers that could be exploited by attackers to remotely take their control over LAN via a Telnet connection without authentication. “This is a zero-day flaw that was […]