IT threat evolution in Q2 2024. Non-mobile statistics
This report presents statistics on PC threats for Q2 2024, including data on ransomware, miners, threats to macOS and IoT devices.
Internet of things
No, Toothbrushes Were Not Used in a Massive DDoS Attack
The widely reported story last week that 1.5 million smart toothbrushes were hacked and used in a DDoS attack is false.
Near as I can tell, a German reporter talking to someone at Fortinet got it wrong, and then everyone else ran with it without readin…
Unveiling NKAbuse: a new multiplatform threat abusing the NKN protocol
We uncovered a novel multiplatform threat named “NKAbuse”. The malware utilizes NKN technology for data exchange between peers, functioning as a potent implant, and equipped with both flooder and backdoor capabilities.
New InfectedSlurs Mirai-based botnet exploits two zero-days
Mirai-based botnet InfectedSlurs has been spotted exploiting two zero-day RCE flaws to compromise routers and video recorder (NVR) devices. Akamai discovered a new Mirai-based DDoS botnet, named InfectedSlurs, actively exploiting two zero-day vulnerabilities to infect routers and video recorder (NVR) devices. The researchers discovered the botnet in October 2023, but they believe it has been […]
CVSS 4.0 Arrived As The New Vulnerability Scoring Standard
After announcing the upgradation of the CVSS 3.0 scoring system in June, this week, FIRST…
CVSS 4.0 Arrived As The New Vulnerability Scoring Standard on Latest Hacking News | Cyber Security News, Hacking Tools and Penetration Testing Courses.
QNAP fixed two critical vulnerabilities in QTS OS and apps
Taiwanese vendor QNAP warns of two critical command injection flaws in the QTS operating system and applications on its NAS devices. Taiwanese vendor QNAP Systems addressed two critical command injection vulnerabilities, tracked as CVE-2023-23368 and CVE-2023-23369, that impact the QTS operating system and applications on its network-attached storage (NAS) devices. The vulnerability CVE-2023-23368 (CVSS score […]
The post QNAP fixed two critical vulnerabilities in QTS OS and apps appeared first on Security Affairs.
A flaw in Synology DiskStation Manager allows admin account takeover
A vulnerability in Synology DiskStation Manager (DSM) could be exploited to decipher an administrator’s password. Researchers from Claroty’s Team82 discovered a vulnerability, tracked as CVE-2023-2729 (CVSS score 5.9), in Synology DiskStation Manager (DSM). Team82 discovered the use of a weak random number generator in Synology’s DiskStation Manager (DSM) Linux-based operating system running on the NAS […]
The post A flaw in Synology DiskStation Manager allows admin account takeover appeared first on Security Affairs.
Mirai-based DDoS botnet IZ1H9 added 13 payloads to target routers
A Mirai-based DDoS botnet tracked as IZ1H9 has added thirteen new exploits to target routers from different vendors, including D-Link, Zyxel, and TP-Link. Fortinet researchers observed a new Mirai-based DDoS botnet, tracked as IZ1H9, that added thirteen new payloads to target routers from multiple vendors, including D-Link, Zyxel, TP-Link, and TOTOLINK. The experts observed a surge in botnet […]
The post Mirai-based DDoS botnet IZ1H9 added 13 payloads to target routers appeared first on Security Affairs.
Exposed security cameras in Israel and Palestine pose significant risks
Many poorly configured security cameras are exposed to hacktivists in Israel and Palestine, placing the owners using them and the people around them at substantial risk. After the Hamas attacks on Israel, the cyber war has also started between both sides and their supporters. Hacktivists have already targeted SCADA and ICS systems in Israel and Palestine, and […]
The post Exposed security cameras in Israel and Palestine pose significant risks appeared first on Security Affairs.
Eyes everywhere: How to safely navigate the IoT video revolution
Cameras are coming to a connected device near you. Cheap image sensors from old mobile phones are flooding the market and bringing video to the Internet of Things (IoT). Vacuum cleaners, bird feeders, connected cars and even smart ovens now come loaded…