Internet of Things

Pierluigi Paganini April 28, 2017
StringBleed SNMP Authentication Bypass affects numerous devices online

Security researchers discovered an SNMP flaw dubbed StringBleed that affects several models of Internet-connected devices. Simple Network Management Protocol (SNMP) authentication bypass affects several IoT devices, hackers could exploit the issue by simply sending random values in specific requests. The problem, dubbed StringBleed and tracked as CVE 2017-5135, was reported by the security researchers Ezequiel Fernandez and Bertin Bervis. The SNMP […]

Pierluigi Paganini April 27, 2017
The Hajime Botnet continues to grow and implements a new attack technique

The mysterious Hajime Botnet continues to grow and reached 300,000 IoT Devices, the author also implemented a new attack method. Recently experts from Symantec spotted a new IoT botnet dubbed Hajime that is spreading quickly in the last months, mostly in Brazil and Iran. The Hajime malware was first spotted in October 2016, it implements the same mechanism […]

Pierluigi Paganini April 21, 2017
WikiLeaks published the user guide for the CIA Weeping Angel, the Samsung Smart TV Hacking Tool

WikiLeaks published the user guide related to the hacking tool allegedly used by the CIA, code-named Weeping Angel, to hack Samsung Smart TV. WikiLeaks has published a new document included in the Vault7 archive containing technical details about another hacking tool allegedly used by the U.S. Central Intelligence Agency (CIA). This time, the organization has […]

Pierluigi Paganini April 20, 2017
Symantec is monitoring the Hajime IoT malware, is it the work of vigilante hacker?

Symantec observed the Hajime IoT malware leaving a message on the devices it infects, is it the work of a cyber vigilante? The Mirai botnet is the most popular thingbot, it is targeting poorly configured and flawed ‘Internet of Things’ devices since August 2016, when the threat was first discovered by the researcher MalwareMustDie. Many other bots threaten […]

Pierluigi Paganini April 13, 2017
Tens of thousands of compromised routers abused in WordPress attacks

Hackers exploited the CVE-2014-9222 flaw, also known as ‘Misfortune Cookie’, to hack thousands of home routers and abuse them for WordPress attacks. According to the experts at the security firm Wordfence tens of thousands, of home routers have been hacked and used to power cyber attacks on WordPress websites. The security firm observed a spike in […]

Pierluigi Paganini April 12, 2017
The Mirai botnet is back and includes a Bitcoin Mining component

Experts at IBM X-Force security firm warn of a new Mirai Botnet implementing Bitcoin crypto-currency mining capabilities. The Mirai botnet was first spotted in august 2016 by the security researcher MalwareMustDie, it was specifically designed to compromise vulnerable or poorly protected IoT. Once Mirai malware compromises an IoT device it recruits it into a botnet primarily used for […]

Pierluigi Paganini April 10, 2017
How to get admin credentials from TP-Link M5350 3G/Wi-Fi modem with a text message

A German security researcher discovered how to retrieve the admin credentials from a TP-Link M5350 3G/Wi-Fi modem with an evil text message Some bugs are very strange and dangerous, this is the case of a flaw affecting the TP-Link’s M5350 3G/Wi-Fi router that can expose admin credentials to an evil text message. The bug was discovered […]

Pierluigi Paganini April 08, 2017
Brickerbot botnet, the thingbot that permanently destroys IoT devices

Security researchers have spotted a new threat dubbed Brickerbot botnet that causes permanent damage to Internet of Things (IoT) devices. Months ago we anticipated the possible spike in the number of IoT botnets, at the beginning it was Mirai, but later other dangerous thingbot appeared in the wild such as the Leet Botnet and the Amnesia botnet. Now a […]

Pierluigi Paganini April 07, 2017
IoT Amnesia Botnet puts at risk hundreds of thousands of DVRs due to unpatched flaw

Security experts at Palo Alto Networks have discovered a new Linux/IoT botnet dubbed Amnesia botnet that has been targeting digital video recorders (DVRs). Amnesia exploited an unpatched remote code execution vulnerability that was disclosed more than one year ago by security researcher Rotem Kerner. “fraudsters are adopting new tactics in order to attack retailers. This new […]

Pierluigi Paganini April 01, 2017
Hacking Smart TVs remotely leveraging broadcasting signals

A security expert demonstrated how to hack SmartTV using a low-cost transmitter for embedding malicious commands into a rogue DVB-T signals. The number of IoT devices continues to grow, but unfortunately, their level of security is often very poor and at the same time the number of threats to smart objects is rapidly increasing. Due to security […]