Internet of Things

Pierluigi Paganini July 11, 2019
A new NAS Ransomware targets QNAP Devices

Malware researchers at two security firms Intezer and Anomali have discovered a new piece of ransomware targeting Network Attached Storage (NAS) devices. Experts at security firms Intezer and Anomali have separately discovered a new piece of ransomware targeting Network Attached Storage (NAS) devices. NAS servers are a privileged target for hackers because they normally store […]

Pierluigi Paganini July 03, 2019
Chinese smart home solutions vendor Orvibo leaks two billion user logs

Experts found a Chinese smart home solutions vendor that has been leaking billions of logs from devices managed via its cloud platform. Experts at vpnMentor discovered a massive data leak in Orvibo’s user database. The research team, led by Noam Rotem and Ran Locar, has found an open database managed by Orvibo Smart Home vendor. […]

Pierluigi Paganini June 30, 2019
Vulnerability in Medtronic insulin pumps allow hacking devices

Medtronic and the US government have warned that some Medtronic MiniMed insulin pumps are vulnerable to cyber attacks. Medtronic and the United States government have warned of a security vulnerability affecting some Medtronic MiniMed insulin pumps that could be exploited by hackers. The Department of Homeland Security (DHS) and Medtronic, and the Food and Drug […]

Pierluigi Paganini June 26, 2019
Silex malware bricks thousands of IoT devices in a few hours

Security experts warn of a new piece of the Silex malware that is bricking thousands of IoT devices, and the situation could rapidly go worse. Akamai researcher Larry Cashdollar discovered a new piece of the Silex malware that is bricking thousands of IoT devices, over 2,000 devices have been bricked in a few hours and the […]

Pierluigi Paganini June 18, 2019
Expert found a critical RCE zero-day in TP-Link Wi-Fi Extenders

A zero-day vulnerability affects multiple models of TP-Link Wi-Fi extenders, it could be exploited to remotely execute code. Security expert Grzegorz Wypych from IBM X-Force found a zero-day flaw that affects multiple models of TP-Link Wi-Fi extenders. The Wi-Fi extenders capture the Wi-Fi signal from the main network device and rebroadcast it to areas where […]

Pierluigi Paganini June 16, 2019
New Echobot Botnet targets Oracle, VMware Apps and includes 26 Exploits

Operators behind the Echobot botnet added new exploits to infect IoT devices, and also enterprise apps Oracle WebLogic and VMware SD-Wan. Recently a new botnet, tracked Echobot, appeared in the threat landscape its operators are adding new exploits to infect a broad range of systems, including IoT devices, enterprise apps Oracle WebLogic and VMware SD-Wan. […]

Pierluigi Paganini June 03, 2019
Expert shows how to Hack a Supra Smart Cloud TV

Supra Smart Cloud TV allows remote file inclusion in the openLiveURL function, which allows a local attacker to broadcast fake video without any authentication Summary:Supra Smart Cloud TV allows remote file inclusion in the openLiveURL function, which allows a local attacker to broadcast fake video without any authentication via a /remote/media_control?action=setUri&uri=URI Technical Observation: We are abusing […]

Pierluigi Paganini May 18, 2019
Dozens of Linksys router models leak data useful for hackers

Dozens of Linksys router models are affected by a flaw that causes the leak of data that can be used by attackers …. and the company won’t fix it. Security researcher Troy Mursch, Chief Research Officer of Bad Packets, discovered that over 20,000 Linksys wireless routers are leaking full historical records of every device ever connected to them. […]

Pierluigi Paganini May 05, 2019
A hacker has taken over at least 29 IoT botnets

Hacker “Subby” brute-forces the backends of 29 IoT botnets that were using weak or default credentials. A hacker that goes online with the moniker ‘Subby’ took over 29 IoT botnets in the past few weeks with brute-force attacks. The hacker ‘Subby’ took over 29 IoT botnets in the past few weeks brute-forcing the back end […]

Pierluigi Paganini April 26, 2019
Millions of IoT Devices exposed to remote hacks due to iLnkP2P flaws

Experts discovered security flaws in the iLnkP2P peer-to-peer (P2P) system that exposes millions of IoT devices to remote attacks. Security expert Paul Marrapese discovered two serious vulnerabilities in the iLnkP2P P2P system that ĂŹs developed by Chinese firm Shenzhen Yunni Technology Company, Inc. The iLnkP2P system allows users to remotely connect to their IoT devices […]