Internet of Things Archives - Page 8 of 41

Pierluigi Paganini July 08, 2022

New Checkmate ransomware target QNAP NAS devices

Taiwanese vendor QNAP wars of a new strain of ransomware, dubbed Checkmate, that is targeting its NAS devices. The Taiwanese vendor QNAP is warning of a new family of ransomware targeting its NAS devices using weak passwords. Threat actors are targeting devices exposed online with the SMB service enabled, they perform brute-force attacks against accounts […]

Pierluigi Paganini June 23, 2022

QNAP warns of a critical PHP flaw that could lead to remote code execution

Taiwanese company QNAP is addressing a critical PHP vulnerability that could be exploited to achieve remote code execution. Taiwanese vendor QNAP is addressing a critical PHP vulnerability, tracked as CVE-2019-11043 (CVSS score 9.8 out of 10), that could be exploited to achieve remote code execution. In certain configurations of FPM setup it is possible to […]

Pierluigi Paganini May 30, 2022

EnemyBot malware adds new exploits to target CMS servers and Android devices

The operators of the EnemyBot botnet added exploits for recently disclosed flaws in VMware, F5 BIG-IP, and Android systems. Operators behind the EnemyBot botnet are expanding the list of potential targets adding exploits for recently disclosed critical vulnerabilities in from VMware, F5 BIG-IP, and Android. The botnet was first discovered by Fortinet in March, the […]

Pierluigi Paganini May 23, 2022

Russia-linked Fronton botnet could run disinformation campaigns

Researchers warn that the Fronton botnet was used by Russia-linked threat actors for coordinated disinformation campaigns. Fronton is a distributed denial-of-service (DDoS) botnet that was used by Russia-linked threat actors for coordinated disinformation campaigns. In March 2020, the collective of hacktivists called “Digital Revolution” claimed to have hacked a subcontractor to the Russian FSB. The […]

Pierluigi Paganini May 20, 2022

QNAP warns of a new wave of DeadBolt ransomware attacks against its NAS devices

Taiwanese vendor QNAP warned customers of a new wave of DeadBolt ransomware attacks and urges them to install the latest updates. Taiwanese vendor QNAP is asking users to install the latest update on their NAS devices and avoid exposing them on the Internet. The company issued the alert in response to a new wave of DeadBolt […]

Pierluigi Paganini May 03, 2022

A DNS flaw impacts a library used by millions of IoT devices

A vulnerability in the domain name system (DNS) component of the uClibc library impacts millions of IoT products. Nozomi Networks warns of a vulnerability, tracked as CVE-2022-05-02, in the domain name system (DNS) component of the uClibc library which is used by a large number of IoT products. The flaw also affects DNS implementation of all versions of the uClibc-ng […]

Pierluigi Paganini May 02, 2022

IoT and Cybersecurity: What’s the Future?

IoT gizmos make our lives easier, but we forget that these doohickeys are IP endpoints that act as mini-radios. They continuously send and receive data via the internet and can be the easiest way for a hacker to access your home network. IoT devices can spy on people, steal data, or bring down vast swathes […]

Pierluigi Paganini May 01, 2022

Synology and QNAP warn of critical Netatalk flaws in some of their products

Synology warns customers that some of its NAS devices are affected by multiple critical Netatalk vulnerabilities. Synology has warned customers that multiple critical Netatalk vulnerabilities affect some of its network-attached storage (NAS) devices. Netatalk is a free, open-source implementation of the Apple Filing Protocol that allows Unix-like operating systems to serve as a file server for macOS computers. QNAP NAS devices support the AFP protocol to […]

Pierluigi Paganini April 22, 2022

QNAP firmware updates fix Apache HTTP vulnerabilities in its NAS

Taiwanese vendor QNAP warns users to update their NAS Firmware to fix Apache HTTP flaws addressed in the Apache HTTP server last month. Taiwanese vendor QNAP warns users to update their NAS Firmware to address Apache HTTP vulnerabilities, tracked as CVE-2022-22721 and CVE-2022-23943, addressed in the Apache HTTP server in March. “While CVE-2022-22719 and CVE-2022-22720 do […]

Pierluigi Paganini April 20, 2022

New BotenaGo variant specifically targets Lilin security camera DVR devices

Researchers spotted a new variant of the BotenaGo botnet malware that is considered highly evasive and has a zero-detection rate. The BotenaGo botnet was first spotted in November 2021 by researchers at AT&T, the malicious code leverages thirty-three exploits to target millions of routers and IoT devices. BotenaGo was written in Golang (Go) and at the […]