Internet of Things

Pierluigi Paganini March 03, 2022
75% of medical infusion pumps affected by known vulnerabilities

Researchers analyzed more than 200,000 network-connected medical infusion pumps and discovered that over 100,000 of them are vulnerable. Researchers from Palo Alto Networks have analyzed more than 200,000 medical infusion pumps on the networks of hospitals and other healthcare organizations and discovered that 75% are affected by known vulnerabilities that could be exploited by attackers. […]

Pierluigi Paganini February 24, 2022
Deadbolt Ransomware targets Asustor and QNap NAS Devices

Deadbolt ransomware operators are targeting Asustor NAS (network-attached storage) appliances. Storage solutions provider Asustor is warning its customers of a wave of Deadbolt ransomware attacks targeting its NAS devices. Since January, DeadBolt ransomware operators are targeting QNAP NAS devices worldwide, its operators claim the availability of a zero-day exploit that allows them to encrypt the […]

Pierluigi Paganini February 15, 2022
QNAP extends security Updates for some EOL devices

Taiwanese vendor QNAP extended the security update window for some devices that have reached end-of-life (EOL). Taiwanese vendor QNAP extended the security update for some devices that have reached end-of-life (EOL) years ago. The company decided to extend until October this year the security updates for some models that have reached EOL, the decision aims […]

Pierluigi Paganini February 03, 2022
Cisco fixes critical flaws in its Small Business Routers

Cisco released security patches to address multiple flaws in its Small Business RV160, RV260, RV340, and RV345 series routers. Cisco announced patches for multiple issue affecting its Small Business RV160, RV260, RV340, and RV345 series routers. Some of the bugs fixed by the IT giant could lead to the execution of arbitrary code with root […]

Pierluigi Paganini January 31, 2022
Hundreds of thousands of routers exposed to Eternal Silence campaign via UPnP

A hacking campaign, tracked as Eternal Silence, is abusing UPnP to compromise routers and use them to carry out malicious activities. Researchers from Akamai have spotted a malicious campaign, tracked as ‘Eternal Silence,’ that is abusing Universal Plug and Play (UPnP) to turn routers into a proxy server used to carry out a broad range […]

Pierluigi Paganini January 13, 2022
KCodes NetUSB flaw impacts millions of SOHO routers

Cybersecurity experts discovered a flaw in the KCodes NetUSB component that impacts millions of end-user routers from different vendors Cybersecurity researchers from SentinelOne have discovered a critical vulnerability (CVE-2021-45608) in KCodes NetUSB component that is present in millions of end-user routers from different vendors, including Netgear, TP-Link, Tenda, EDiMAX, D-Link, and Western Digital. NetUSB is […]

Pierluigi Paganini January 07, 2022
How to secure QNAP NAS devices? The vendor’s instructions

QNAP is warning customers of ransomware attacks targeting network-attached storage (NAS) devices exposed online. Taiwanese vendor QNAP has warned customers to secure network-attached storage (NAS) exposed online from ransomware and brute-force attacks. “Ransomware and brute-force attacks have been widely targeting all networking devices, and the most vulnerable victims will be those devices exposed to the […]

Pierluigi Paganini January 05, 2022
Researchers used electromagnetic signals to classify malware infecting IoT devices

Cybersecurity researchers demonstrate how to use electromagnetic field emanations from IoT devices to detect malware. A team of academics (Duy-Phuc Pham, Damien Marion, Matthieu Mastio and Annelie Heuser) from the Research Institute of Computer Science and Random Systems (IRISA) have devised a new approach that analyzes electromagnetic field emanations from the Internet of Things (IoT) […]

Pierluigi Paganini December 27, 2021
A new wave of ech0raix ransomware attacks targets QNAP NAS devices

A new wave of ech0raix ransomware attacks is targeting QNAP network-attached storage (NAS) devices. The threat actors behind the ech0raix ransomware are targeting NAP network-attached storage (NAS) devices. Users reported numerous compromises of their devices a few days before Christmas. According to BleepingComputer, forum users reported an intensification of the attacks since December 20, the […]

Pierluigi Paganini December 18, 2021
Western Digital customers have to update their My Cloud devices to latest firmware version

My Cloud OS firmware is reaching the end of support, Western Digital customers have to update their WD My Cloud devices to the latest version. Western Digital is urging customers to update their WD My Cloud devices to the latest firmware version to continues receiving security updates on My Cloud OS firmware that is reaching […]