Pierluigi Paganini
July 30, 2019
Security experts at Armis have discovered a dozen zero-day vulnerabilities affecting the VxWorks real-time operating systems (RTOS) for embedded devices. Researchers at Armis Labs have discovered a dozen zero-day flaws in the VxWorks real-time operating systems (RTOS) for embedded devices. The collection of vulnerabilities was dubbed URGENT/11, it includes 11 flaws, 6 of which are […]
Pierluigi Paganini
July 14, 2019
Brazilian users have been targeted by a large number of router attacks aimed at modifying the configuration of their routers for malicious purposes. This year, security experts at Avast have blocked more than 4.6 million cross-site request forgery (CSRF) attempts carried out by crooks to execute commands without the users’ knowledge. The campaign uncovered by […]
Pierluigi Paganini
July 12, 2019
A new variant of the implements a unique protocol to communicate with Command and Control infrastructure A new variant of the Miori botnet uses a unique protocol to communicate with C&C infrastructure, it implements a protection mechanism to access the login panel. The Miori bot borrows the code from the dreaded Mirai malware. it first […]
Pierluigi Paganini
July 11, 2019
Malware researchers at two security firms Intezer and Anomali have discovered a new piece of ransomware targeting Network Attached Storage (NAS) devices. Experts at security firms Intezer and Anomali have separately discovered a new piece of ransomware targeting Network Attached Storage (NAS) devices. NAS servers are a privileged target for hackers because they normally store […]
Pierluigi Paganini
July 03, 2019
Experts found a Chinese smart home solutions vendor that has been leaking billions of logs from devices managed via its cloud platform. Experts at vpnMentor discovered a massive data leak in Orvibo’s user database. The research team, led by Noam Rotem and Ran Locar, has found an open database managed by Orvibo Smart Home vendor. […]
Pierluigi Paganini
June 30, 2019
Medtronic and the US government have warned that some Medtronic MiniMed insulin pumps are vulnerable to cyber attacks. Medtronic and the United States government have warned of a security vulnerability affecting some Medtronic MiniMed insulin pumps that could be exploited by hackers. The Department of Homeland Security (DHS) and Medtronic, and the Food and Drug […]
Pierluigi Paganini
June 26, 2019
Security experts warn of a new piece of the Silex malware that is bricking thousands of IoT devices, and the situation could rapidly go worse. Akamai researcher Larry Cashdollar discovered a new piece of the Silex malware that is bricking thousands of IoT devices, over 2,000 devices have been bricked in a few hours and the […]
Pierluigi Paganini
June 18, 2019
A zero-day vulnerability affects multiple models of TP-Link Wi-Fi extenders, it could be exploited to remotely execute code. Security expert Grzegorz Wypych from IBM X-Force found a zero-day flaw that affects multiple models of TP-Link Wi-Fi extenders. The Wi-Fi extenders capture the Wi-Fi signal from the main network device and rebroadcast it to areas where […]
Pierluigi Paganini
June 16, 2019
Operators behind the Echobot botnet added new exploits to infect IoT devices, and also enterprise apps Oracle WebLogic and VMware SD-Wan. Recently a new botnet, tracked Echobot, appeared in the threat landscape its operators are adding new exploits to infect a broad range of systems, including IoT devices, enterprise apps Oracle WebLogic and VMware SD-Wan. […]
Pierluigi Paganini
June 03, 2019
Supra Smart Cloud TV allows remote file inclusion in the openLiveURL function, which allows a local attacker to broadcast fake video without any authentication Summary:Supra Smart Cloud TV allows remote file inclusion in the openLiveURL function, which allows a local attacker to broadcast fake video without any authentication via a /remote/media_control?action=setUri&uri=URI Technical Observation: We are abusing […]
