A new round of the weekly newsletter arrived! The best news of the week with Security Affairs Experts found undocumented access feature in Siemens SIMATIC PLCs Tianfu Cup 2019 Day 1 – Chinese experts hacked Chrome, Edge, Safari, Office365 Crooks use carding bots to check stolen card data ahead of the holiday season Experts report […]
A new round of the weekly newsletter arrived! The best news of the week with Security Affairs Controversial law entered into effect in Russia this week First Cyber Attack ‘Mass Exploiting BlueKeep RDP Flaw Spotted in the Wild New Gafgyt botnet targets Gaming Servers Everis and Spains radio network Cadena SER hit by ransomware Exclusive […]
Bitdefender discovered a high-severity security flaw in Amazon’s Ring Video Doorbell Pro devices that could allow nearby attackers to steal WiFi password. Amazon’s Ring Video Doorbell is a smart wireless home security doorbell camera that allows users to use to remotely control their doorbell. Amazon’s Ring Video Doorbell allows users to interact with anyone on their […]
Palo Alto Networks discovered a new version of Gafgyt botnet composed of Home & Small Office Wireless routers used to attack gaming servers. Palo Alto Networks researchers discovered a new version of Gafgyt botnet targeting home & small office wireless routers, including Zyxel and Huawei routers, as well as devices with Realtek RTL81xx chipset. According […]
A Russian security researcher accidentally discovered API and firmware issues that allowed her to take over all Xiaomi FurryTail pet feeders. The Russian security researcher Anna Prosvetova, from Saint Petersburg, has accidentally discovered API and firmware issues that allowed her to take over all Xiaomi FurryTail pet feeders. Last week, Prosvetova revealed on her private […]
Researchers at Fortinet’s FortiGuard Labs have publicly disclosed a critical remote code execution vulnerability affecting some models of D-Link routers. Security experts at Fortinet’s FortiGuard Labs disclosed a remote code execution vulnerability tracked as CVE-2019-16920. The vulnerability is an unauthenticated command injection issue that was discovered on September 2019. The flaw has received a CVSS v31 base […]
Dutch police seized a bulletproof hosting service in a major takedown, the infrastructure was used by tens of IoT botnets involved in DDoS attacks. A joint operation conducted by the Netherlands’ National Criminal Investigation Department and National Cyber Security Center allowed to track down and seize five servers that were composing a cybercrime underground bulletproof […]
Security Labs discovered a new IOT bot named “GUCCI”. It seems like the IOT botnet is named after an Italian luxury brand of fashion and leather goods. Analysis The discovery came to exist during our reconnaissance and intelligence collection process. The IOT threat detection engine picked the infection IP has shown below hosting number of bins […]
Tridium’s Niagara product is affected by two vulnerabilities in BlackBerry’s QNX operating system for embedded devices. The U.S. Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) is warning of two vulnerabilities in Tridium’s Niagara product that reside in the BlackBerry’s QNX operating system for embedded devices. The flaws could be exploited by a […]
After 2 years of waiting, MalwareMustDie returns with an excellent page of malware analysis of a new IoT malware: Linux/AirDropBot. Yes, I have to confess, it was hard to wait all this time, but the reward it was worth it: unixfreaxjp is return, with a new, great page of reverse engeeniring published on the MalwareMustDie […]