Palo Alto Networks discovered a new version of Gafgyt botnet composed of Home & Small Office Wireless routers used to attack gaming servers. Palo Alto Networks researchers discovered a new version of Gafgyt botnet targeting home & small office wireless routers, including Zyxel and Huawei routers, as well as devices with Realtek RTL81xx chipset. According […]
A Russian security researcher accidentally discovered API and firmware issues that allowed her to take over all Xiaomi FurryTail pet feeders. The Russian security researcher Anna Prosvetova, from Saint Petersburg, has accidentally discovered API and firmware issues that allowed her to take over all Xiaomi FurryTail pet feeders. Last week, Prosvetova revealed on her private […]
Researchers at Fortinet’s FortiGuard Labs have publicly disclosed a critical remote code execution vulnerability affecting some models of D-Link routers. Security experts at Fortinet’s FortiGuard Labs disclosed a remote code execution vulnerability tracked as CVE-2019-16920. The vulnerability is an unauthenticated command injection issue that was discovered on September 2019. The flaw has received a CVSS v31 base […]
Dutch police seized a bulletproof hosting service in a major takedown, the infrastructure was used by tens of IoT botnets involved in DDoS attacks. A joint operation conducted by the Netherlands’ National Criminal Investigation Department and National Cyber Security Center allowed to track down and seize five servers that were composing a cybercrime underground bulletproof […]
Security Labs discovered a new IOT bot named “GUCCI”. It seems like the IOT botnet is named after an Italian luxury brand of fashion and leather goods. Analysis The discovery came to exist during our reconnaissance and intelligence collection process. The IOT threat detection engine picked the infection IP has shown below hosting number of bins […]
Tridium’s Niagara product is affected by two vulnerabilities in BlackBerry’s QNX operating system for embedded devices. The U.S. Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) is warning of two vulnerabilities in Tridium’s Niagara product that reside in the BlackBerry’s QNX operating system for embedded devices. The flaws could be exploited by a […]
After 2 years of waiting, MalwareMustDie returns with an excellent page of malware analysis of a new IoT malware: Linux/AirDropBot. Yes, I have to confess, it was hard to wait all this time, but the reward it was worth it: unixfreaxjp is return, with a new, great page of reverse engeeniring published on the MalwareMustDie […]
A new round of the weekly newsletter arrived! The best news of the week with Security Affairs Hi folk, let me inform you that I suspended the newsletter service, anyway I’ll continue to provide you a list of published posts every week through the blog. Once again thank you! 0patch will provide micropatches for Windows […]
A new round of the weekly newsletter arrived! The best news of the week with Security Affairs Hi folk, let me inform you that I suspended the newsletter service, anyway I’ll continue to provide you a list of published posts every week through the blog. Once again thank you! A bug in Instagram exposed user […]
Researchers at Guardicore Labs reported that the Smominru botnet is rapidly spreading and now is already infecting over 90,000 machines each month around worldwide. In February 2018, researchers from Proofpoint discovered a huge botnet dubbed ‘Smominru’ that was using the EternalBlue exploit to infect Windows computers and recruit them in Monero cryptocurrency mining activities. According to the […]