Palo Alto researchers uncovered a series of ongoing attacks to spread a variant of the infamous Mirai bot exploiting multiple vulnerabilities. Security experts at Palo Alto Networks disclosed a series of attacks aimed at delivering a Mirai variant leveraging multiple vulnerabilities. Below the list of vulnerabilities exploited in the attacks, three of which were unknown issues: […]
Netgear has released security and firmware updates for its JGS516PE Ethernet switch to address 15 vulnerabilities, including a critica remote code execution issue. Netgear has released security and firmware updates to address 15 vulnerabilities in its JGS516PE Ethernet switch, including an unauthenticated remote code execution flaw rated as critical. The flaws were discovered by researchers […]
Daycare camera product NurseryCam was hacked last week, the company was forced to shut down its IoT camera service. On Friday, The Register become aware of the compromise of the NurseryCam network. NurseryCam is produced by the companies FootfallCam Ltd and Meta Technologies Ltd. In response to the incident, the company shut down its IoT […]
Critical flaws in the Realtek RTL8195A Wi-Fi module could have been exploited to gain root access and take over devices’ wireless communications. Researchers from Israeli IoT security firm Vdoo found six vulnerabilities in the Realtek RTL8195A Wi-Fi module that could have been exploited to gain root access and take control of a device’s wireless communications. […]
The source code for the ChastityLock ransomware that was used in attacks aimed at the users of the Qiui Cellmate adult toy is now publicly available. Recently a family of ransomware was observed targeting the users of the Bluetooth-controlled Qiui Cellmate chastity device.  Qiui Cellmate made the headlines in October when the researchers at Pen Test Partners […]
The Federal Bureau Investigation (FBI) is warning owners of smart home devices with voice and video capabilities of ‘swatting’ attacks. The FBI has recently issued an alert to warn owners of smart home devices with voice and video capabilities of so-called âswattingâ attacks. Swatting attacks consist of hoax calls made to emergency services, typically reporting […]
On 11th December 2020, the Observatory for the Protection of the National Strategic Industrial System (OSSISNa) was officially announced. On 11th December 2020, during the international scientific conference on CBRNe events “SICC 2020”, the Observatory for the Protection of the National Strategic Industrial System (OSSISNa) was officially presented. OSSISNa is a project created within the […]
Experts reported flaws in Medtronic âs MyCareLink Smart 25000 Patient Reader product that could be exploited to take control of a paired cardiac device. Experts from IoT security firm Sternum discovered vulnerabilities discovered in Medtronicâs MyCareLink Smart 25000 Patient Reader product that could be exploited to take control of a paired cardiac device. MyCareLink Smart […]
Security researcher Tolijan Trajanovski (@tolisec) analyzed the multi-vector Miner+Tsunami Botnet that implements SSH lateral movement. A fellow security researcher, 0xrb, shared with me samples of a botnet that propagates using weblogic exploit. The botnet was also discovered by @BadPackets 5 days ago and it is still active as of now, December 1, 2020. The botnet carries two […]
Researchers found more than 100 smart irrigation systems running ICC PRO that were left exposed online without a password last month. Security experts from the Israeli security firm Security Joes discovered more than 100 irrigation systems running ICC PRO that were left exposed online without protection. ICC PRO is a top-shelf smart irrigation system designed by Motorola. […]