IoT botnets

Annual IoT Security Report 2019-8

December 4, 2020 | Adeline Zhang

Heuristic Recon via the Dual-Stack UPnP Service In addition to the recon of IPv6 addresses based on their characteristics, we can also use UPnP to detect IoT assets by referring to the method described in a blog post 28 from Cisco Talos Labs. Principle UPnP is a set of protocols designed to achieve interconnectivity between […]

Windows Network File System Vulnerabilities (CVE-2020-17051, CVE-2020-17056) Threat Alert

December 2, 2020 | Adeline Zhang

Overview On November 10, 2020 local time, Microsoft fixed two vulnerabilities in the Windows Network File System (NFS) in its monthly security updates, which are CVE-2020-17051 and CVE-2020-17056. CVE-2020-17051 is a remote code execution vulnerability on the nfssvr.sys driver. It is said that the vulnerability can be reproduced to cause an immediate BSOD (Blue Screen […]

IoT botnets

Annual IoT Security Report 2019-7

December 1, 2020 | Adeline Zhang

Heuristic Recon of IPv6 Addresses Based on Their Characteristics Previously, we mentioned that IPv6 addresses, when assigned, can, for example, include random values in particular bytes or embed MAC addresses. With these facts in mind, we exercised some restrictions to narrow down the address space to be scanned. Specifically, we employed the following approaches to […]

Microsoft’s November 2020 Patches Fix 112 Security Vulnerabilities Threat Alert

November 30, 2020 | Adeline Zhang

Overview   Microsoft released November 2020 security updates on Tuesday which fix 112 vulnerabilities ranging from simple spoofing attacks to remote code execution, including 17 critical vulnerabilities, 93 important vulnerabilities, and two low vulnerabilities. All users are advised to install updates without delay. These vulnerabilities affect Azure DevOps, Azure Sphere, Common Log File System Driver, Microsoft […]

Adobe Releases November’s Security Updates Threat Alert

November 28, 2020 | Adeline Zhang

Overview On November 11, 2020 (local time), Adobe released security updates which address multiple vulnerabilities in Adobe Connect and Adobe Reader Mobile.

SaltStack Multiple Vulnerabilities (CVE-2020-16846, CVE-2020-17490, CVE-2020-25592) Threat Alert

November 27, 2020 | Adeline Zhang

Overview Recently, SaltStack released a security update to address multiple vulnerabilities (CVE-2020-16846, CVE-2020-17490, CVE-2020-25592). These vulnerabilities can cause authentication bypass and command execution. SaltStack recommends users upgrade as soon as possible. Salt is an open-source IP architecture management solution written in Python. It has been widely used in data centers worldwide.

IoT botnets

Annual IoT Security Report 2019-6

November 25, 2020 | Adeline Zhang

Identification of IoT Assets from Known IPv6 Addresses The preceding section gives a brief account of difficulties in the blind-scan of IPv6 addresses. To work around these problems, we based our recon on some available IPv6 addresses, in a bid to discover IoT assets operating in IPv6 environments. Sources of these addresses include Hitlist27, which […]

Supply Chain Attack Event — Targeted Attacks on Java Projects in GitHub

November 24, 2020 | Adeline Zhang

Preface Recently, GitHub’s Security Incident Response Team (SIRT) published an article saying that a set of Github code repositories were serving open-source projects that were infected with malicious code (https://securitylab.github.com/research/octopus-scanner-malware-open-source-supply-chain). According to the article, attackers submitted malicious code to the open-source projects, which were referenced by other open-source projects. After being used by developers, these […]

IoT botnets

Annual IoT Security Report 2019-5

November 23, 2020 | Adeline Zhang

This section presents the exposure of IPv6 assets on the Internet and methods for recon of these assets. IPv6 Evolution With the IoT and 5G gaining ground, the demand of network applications for IP addresses is undergoing an explosive growth. However, the IPv4 address space has been depleted and IPv4 addresses have been unevenly allocated. […]

Analysis of the 2020 H1 IoT Security Trend

November 20, 2020 | Adeline Zhang

Overview 2020 H1 witnessed nine Internet of Things (IoT) security events that deserved close attention: Ripple20 0-day vulnerabilities were discovered and affected hundreds of millions of networked devices in various industries across the globe. A high-risk 0-day vulnerability was detected in dozens of Netgear router products. A group of Industrial Control System (ICS) honeypots attracted […]

Search

Subscribe to the NSFOCUS Blog