FBI forced Flax Typhoon to abandon its botnet

A botnet operated by the Chinese state-sponsored threat actor known as Flax Typhoon has been disrupted by the law enforcement agency and abandoned by the group, FBI Director Chris Wray confirmed on Wednesday. “We executed court-authorized operati… Continue reading FBI forced Flax Typhoon to abandon its botnet

Attackers are trying to exploit old DVR vulnerabilities (CVE-2018-9995, CVE-2016-20016)

Five years ago, security researcher Fernandez Ezequiel discovered a vulnerability (CVE-2018-9995) in many digital video recorder (DVR) brands and released a tool for exploiting it. The vulnerability is still being exploited in the wild, FortiGuard Labs… Continue reading Attackers are trying to exploit old DVR vulnerabilities (CVE-2018-9995, CVE-2016-20016)

Critical bug allows remote compromise, control of millions of IoT devices (CVE-2021-28372)

A vulnerability (CVE-2021-28372) in the SDK that allows IoT devices to use ThroughTek’s Kalay P2P cloud platform could be exploited to remotely compromise and control them, Mandiant researchers have discovered. Further attacks are possible depend… Continue reading Critical bug allows remote compromise, control of millions of IoT devices (CVE-2021-28372)

Zyxel NAS, firewalls and LILIN DVRs and IP cameras conscripted into IoT botnets

A wide variety of Zyxel and LILIN IoT devices are being conscripted into several botnets, researchers have warned. Users are advised to implement the provided firmware updates to plug the security holes exploited by the botmasters or, if they can&#8217… Continue reading Zyxel NAS, firewalls and LILIN DVRs and IP cameras conscripted into IoT botnets

Atari Tape Drive Turned Security DVR

We know that a lot of our beloved readers don’t take kindly to abuse of vintage hardware, so the Atari fans in the audience may want to avert their eyes for this one. Especially if they’re particularly keen on spinning up their Jawbreaker cassette on authentic hardware, as [iot4c] has …read more

Continue reading Atari Tape Drive Turned Security DVR

ESP8266 Controls TiVo Over the Network

Remember the TiVo? The set-top DVR that was once so popular of a hacking target that Hackaday had a dedicated subdomain for it has today largely faded into obscurity as time-shifted viewing has given way to Internet streaming services like Netflix and Hulu. But make no mistake, while the TiVo …read more

Continue reading ESP8266 Controls TiVo Over the Network

9 million Xiongmai cameras, DVRs wide open to attack

SEC Consult researchers have issued a warning about a handful of critical vulnerabilities they discovered in video surveillance equipment by Chinese manufacturer Hangzhou Xiongmai Technology. About the vulnerabilities The discovered vulnerabilities inc… Continue reading 9 million Xiongmai cameras, DVRs wide open to attack