Internet of Things

Pierluigi Paganini September 29, 2019
Security Affairs newsletter Round 233

A new round of the weekly newsletter arrived! The best news of the week with Security Affairs Hi folk, let me inform you that I suspended the newsletter service, anyway I’ll continue to provide you a list of published posts every week through the blog. Once again thank you! 0patch will provide micropatches for Windows […]

Pierluigi Paganini September 22, 2019
Security Affairs newsletter Round 232

A new round of the weekly newsletter arrived! The best news of the week with Security Affairs Hi folk, let me inform you that I suspended the newsletter service, anyway I’ll continue to provide you a list of published posts every week through the blog. Once again thank you! A bug in Instagram exposed user […]

Pierluigi Paganini September 19, 2019
Smominru Botnet continues to rapidly spread worldwide

Researchers at Guardicore Labs reported that the Smominru botnet is rapidly spreading and now is already infecting over 90,000 machines each month around worldwide. In February 2018, researchers from Proofpoint discovered a huge botnet dubbed ‘Smominru’ that was using the EternalBlue exploit to infect Windows computers and recruit them in Monero cryptocurrency mining activities. According to the […]

Pierluigi Paganini September 17, 2019
Experts found 125 new flaws in SOHO routers and NAS devices from multiple vendors

Researchers discovered many flaws in over a dozen small office/home office (SOHO) routers and network-attached storage (NAS) devices. Security experts have discovered multiple vulnerabilities in over a dozen small office/home office (SOHO) routers and network-attached storage (NAS) devices. The research is part of a project dubbed SOHOpelessly Broken 2.0 conducted Independent Security Evaluators (ISE). In […]

Pierluigi Paganini September 15, 2019
Security Affairs newsletter Round 231

A new round of the weekly newsletter arrived! The best news of the week with Security Affairs Hi folk, let me inform you that I suspended the newsletter service, anyway I’ll continue to provide you a list of published posts every week through the blog. Once again thank you! Experts found Joker Spyware in 24 […]

Pierluigi Paganini September 11, 2019
Some models of Comba and D-Link WiFi routers leak admin credentials

Security experts have discovered that some models of D-Link and Comba WiFi routers leak their administrative login credentials in plaintext. Security researchers from Trustwave’s SpiderLabs have discovered several credential leaking vulnerabilities in some models of D-Link and Comba Telecom. The researcher Simon Kenin from SpiderLabs discovered five credential leaking vulnerabilities, three of them affect some […]

Pierluigi Paganini September 10, 2019
Million of Telestar Digital GmbH IoT radio devices can be remotely hacked

A security researcher disclosed zero-day flaws in Telestar Digital GmbH IoT radio devices that could be exploited by remote attackers to hijack systems without any user interaction. The security researcher Benjamin Kunz from Vulnerability-Lab disclosed zero-day flaws in Telestar Digital GmbH IoT radio devices that could be exploited by remote attackers to hijack devices without any user […]

Pierluigi Paganini September 08, 2019
Security Affairs newsletter Round 230

A new round of the weekly newsletter arrived! The best news of the week with Security Affairs Hi folk, let me inform you that I suspended the newsletter service, anyway I’ll continue to provide you a list of published posts every week through the blog. Once again thank you! Cisco addresses CVE-2019-12643 critical flaw in […]

Pierluigi Paganini September 06, 2019
Over 600k GPS trackers left exposed online with a default password of ‘123456’

600,000 GPS trackers left exposed online with a default password of ‘123456’ Avast researchers found at least 600,000 GPS trackers manufactured by a Chinese vendor that were exposed online with a default password of “123456.” Researchers from Avast discovered at least 600,000 GPS trackers that were exposed online with a default password of “123456.” The […]

Pierluigi Paganini September 04, 2019
Some Zyxel devices can be hacked via DNS requests

Experts at SEC Consult discovered several security issues in various Zyxel devices that allow to hack them via unauthenticated DNS requests. Security researchers at SEC Consult discovered multiple vulnerabilities in various Zyxel devices, including hardcoded credentials and issues that could allow to hack them via unauthenticated DNS requests. The first issue is an information disclosure […]