Specialists from the Israeli company JSOF discovered 19 vulnerabilities in a small library that was created back in the 90s and has been actively used in many different products all this time. As a result, hundreds of millions of devices were compromised, including printers, routers, various smart home solutions, power grid, medical and industrial equipment,…
Tag: devices
Cycldek hack attacks network-isolated devices with USBCulprit malware
Kaspersky Lab experts discovered USBCulprit, created by the hacker group Cycldek (also known as Goblin Panda, APT 27, and Conimes). This malware is designed to steal data from corporate networks and gives attackers the opportunity to penetrate disconnected from the network and physically isolated devices. According to experts, the malware has been active since 2014,…
Thousands of Qnap Devices Vulnerable to Remote Attacks – Hacker
Information Security Specialist Henry Huang told Four critical vulnerabilities affecting tens or even hundreds of thousands of Qnap NAS devices. The fact is that three of the four problems found were related to the preinstalled Photo Station photo album application. This application can be found on 80% of Qnap devices. As a result, according to…
BIAS Bluetooth attack threatens devices with firmware Apple, Broadcom, Cypress, Intel, Samsung – “Hacker”
The experts talked about a new problem in the Bluetooth protocol, called BIAS (Bluetooth Impersonation AttackS) The bug received the identifier CVE-2020-10135 and poses a threat to the classic version of Bluetooth, it is also the Basic Rate / Enhanced Data Rate, Bluetooth BR / EDR or just Bluetooth Classic. The research team included scientists…
Hoaxcalls botnet attacks Grandstream devices – Hacker
Palo Alto Networks Specialists warnThat the Hoaxcalls botnet is actively exploiting the recently patched vulnerability in the Grandstream UCM6200 series devices. The Hoaxcalls botnet is built on the source code of the Gafgyt / Bashlite malware and is mainly used for DDoS attacks. The issue in question has an identifier CVE-2020-5722 and is rated critical…
New version of Mirai attacks Zyxel devices – Hacker
Palo Alto Networks Experts discovered a new version the wrecker Mirai, dubbed Mukashi. This version uses brute force and various combinations of default credentials, and also penetrates Zyxel's devices to gain control over them and then use them for DDoS attacks. Researchers explain that the Mukashi malware exploits the recently found and fixed vulnerability CVE-2020-9054,…
More than a billion Android devices do not receive updates – Hacker
British analysts Which?The Consumer Protection Authority has calculated how many Android devices in the world are no longer supported and do not receive security updates. According to researchers, there are more than a billion of them, that is, two out of five Android devices do not receive important security updates from Google, which exposes them…
bug in MediaTek processors threatens millions of devices – Hacker
Google engineers prepared March update set for Android, within the framework of which more than 70 various vulnerabilities were fixed, including critical ones. The critical error CVE-2020-0032 has been fixed at security level 2020-03-01. This set of updates included a total of 11 vulnerabilities in the Media Framework, the framework, and the system itself. The…