The Cybersecurity and Infrastructure Security Agency (CISA) has added 15 vulnerabilities to its Known Exploited Vulnerabilities Catalog. Recent additions include SonicWall SonicOS, Windows UPnP, and other Microsoft Windows vulnerabilities.
Cisco has released a security update for a Critical UPnP vulnerability CVE-2021-34730 in Small Business router models, as well as multiple vulnerabilities in other Cisco products.
The CERT Coordination Center issued a new advisory for a UPnP configuration vulnerability CVE-2020-12695 that could allow an attacker to abuse devices and send traffic to arbitrary destinations. As a result, devices connected to the internet with UPnP enabled could expose additional vulnerabilities that could lead to amplified DDoS attacks and data loss.
CallStranger UPnP vulnerability affects multiple internet-facing products Read More »
Earlier this year, researchers from Akamai discovered attackers were abusing Universal Plug and Play (UPnP) vulnerabilities to conceal traffic, thus creating a malicious proxy system dubbed “UPnProxy.”
UPnProxy opens up networks to Eternal family of exploits Read More »
Security researchers warn that an IoT botnet has been scanning the internet and exploiting nearly 100,000 routers exposed with a five year old UPnP vulnerability.
Home routers exploited via IoT botnet Read More »
Attackers are exploiting IoT devices with open ADB port 5555 to spread malware.
Attackers attack open ADB ports to spread malware Read More »
McAfee Labs warns of a banking malware Pinkslipbot used to infect machines and turn them into HTTPS-based control servers.
Pinkslipbot banking malware takes control of systems Read More »
