Lucene search
K

26 matches found

The Hacker News
The Hacker News
added 2026/02/27 12:43 p.m.9 views

ScarCruft Uses Zoho WorkDrive and USB Malware to Breach Air-Gapped Networks

The North Korean threat actor known as ScarCruft has been attributed to a fresh set of tools, including a backdoor that uses Zoho WorkDrive for command-and-control C2 communications to fetch more payloads and an implant that uses removable media to relay commands and breach air-gapped networks. T...

6.3AI score
Exploits0
The Hacker News
The Hacker News
added 2024/09/09 5:19 p.m.17 views

New RAMBO Attack Uses RAM Radio Signals to Steal Data from Air-Gapped Networks

A novel side-channel attack has been found to leverage radio signals emanated by a device's random access memory RAM as a data exfiltration mechanism, posing a threat to air-gapped networks. The technique has been codenamed RAMBO short for "Radiation of Air-gapped Memory Bus for Offense" by Dr...

6.6AI score
Exploits0
The Hacker News
The Hacker News
added 2023/10/18 9:11 a.m.40 views

TetrisPhantom: Cyber Espionage via Secure USBs Targets APAC Governments

Government entities in the Asia-Pacific APAC region are the target of a long-running cyber espionage campaign dubbed TetrisPhantom. "The attacker covertly spied on and harvested sensitive data from APAC government entities by exploiting a particular type of secure USB drive, protected by hardware...

7.3AI score
Exploits0
Microsoft Malware Protection
Microsoft Malware Protection
added 2021/12/08 6:0 p.m.22 views

New research shows IoT and OT innovation is critical to business but comes with significant risks

The need for much improved IoT and operational technology OT cybersecurity became clearer this year with recent attacks on network devices,1 surveillance systems,2 an oil pipeline,3 and a water treatment facility,4 to name a few examples. To better understand the challenges customers are facing,...

0.2AI score
Exploits0
Securelist
Securelist
added 2020/06/03 10:0 a.m.957 views

Cycldek: Bridging the (air) gap

Key findings While investigating attacks related to a group named Cycldek post 2018, we were able to uncover various pieces of information on its activities that were not known thus far. In this blog post we aim to bridge the knowledge gap on this group and provide a more thorough insight into it...

9.3CVSS0.99966EPSS
Exploits48
Schneier on Security
Schneier on Security
added 2020/05/18 11:15 a.m.35 views

Ramsey Malware

A new malware, called Ramsey, can jump air gaps: ESET said they've been able to track down three different versions of the Ramsay malware, one compiled in September 2019 Ramsay v1, and two others in early and late March 2020 Ramsay v2.a and v2.b. Each version was different and infected victims...

7.1AI score
Exploits0
ThreatPost
ThreatPost
added 2020/05/13 3:56 p.m.1311 views

Ramsay Malware Targets Air-Gapped Networks

A cyber-espionage malware has been discovered that’s capable of collecting and exfiltrating sensitive documents from within air‑gapped networks. The malware, dubbed Ramsay, is still under active development — so far, researchers have found three different samples, with each sample adding new...

9.3CVSS8.6AI score0.99933EPSS
Exploits29References12
The Hacker News
The Hacker News
added 2020/05/13 2:25 p.m.4 views

Researcher Spots New Malware Claimed to be 'Tailored for Air‑Gapped Networks'

A cybersecurity researcher at ESET today published an analysis of a new piece of malware, a sample of which they spotted on the Virustotal malware scanning engine and believe the hacker behind it is likely interested in some high-value computers protected behind air‑gapped networks. Dubbed 'Ramsa...

6.3AI score
Exploits0
The Hacker News
The Hacker News
added 2020/05/13 2:25 p.m.31 views

Researcher Spots New Malware Claimed to be 'Tailored for Air‑Gapped Networks'

A cybersecurity researcher at ESET today published an analysis of a new piece of malware, a sample of which they spotted on the Virustotal malware scanning engine and believe the hacker behind it is likely interested in some high-value computers protected behind air‑gapped networks. Dubbed...

0.7AI score
Exploits0
NVD
NVD
added 2019/06/17 10:15 p.m.19 views

CVE-2017-10724

Recently it was discovered as a part of the research on IoT devices in the most recent firmware for Shekar Endoscope that an attacker connected to the device Wi-Fi SSID can exploit a memory corruption issue and execute remote code on the device. This device acts as an Endoscope camera that allows...

8.8CVSS9.2AI score0.02569EPSS
Exploits1References3
NVD
NVD
added 2019/06/17 10:15 p.m.20 views

CVE-2017-10721

Recently it was discovered as a part of the research on IoT devices in the most recent firmware for Shekar Endoscope that the device has Telnet functionality enabled by default. This device acts as an Endoscope camera that allows its users to use it in various industrial systems and settings, car...

6.5CVSS6.5AI score0.01625EPSS
Exploits1References3
NVD
NVD
added 2019/06/17 10:15 p.m.24 views

CVE-2017-10723

Recently it was discovered as a part of the research on IoT devices in the most recent firmware for Shekar Endoscope that an attacker connected to the device Wi-Fi SSID can exploit a memory corruption issue and execute remote code on the device. This device acts as an Endoscope camera that allows...

8.8CVSS9.2AI score0.02569EPSS
Exploits1References3
NVD
NVD
added 2019/06/17 10:15 p.m.20 views

CVE-2017-10718

Recently it was discovered as a part of the research on IoT devices in the most recent firmware for Shekar Endoscope that any malicious user connecting to the device can change the default SSID and password thereby denying the owner an access to his/her own device. This device acts as an Endoscop...

6.5CVSS6.6AI score0.01865EPSS
Exploits1References3
Prion
Prion
added 2019/06/17 10:15 p.m.18 views

Memory corruption

Recently it was discovered as a part of the research on IoT devices in the most recent firmware for Shekar Endoscope that an attacker connected to the device Wi-Fi SSID can exploit a memory corruption issue and execute remote code on the device. This device acts as an Endoscope camera that allows...

6.5CVSS9.1AI score0.02569EPSS
Exploits1References3
Prion
Prion
added 2019/06/17 10:15 p.m.14 views

Design/Logic Flaw

Recently it was discovered as a part of the research on IoT devices in the most recent firmware for Shekar Endoscope that the device has default Wi-Fi credentials that are exactly the same for every device. This device acts as an Endoscope camera that allows its users to use it in various...

4CVSS6.5AI score0.0207EPSS
Exploits1References3
Cvelist
Cvelist
added 2019/06/17 9:36 p.m.19 views

CVE-2017-10724

Recently it was discovered as a part of the research on IoT devices in the most recent firmware for Shekar Endoscope that an attacker connected to the device Wi-Fi SSID can exploit a memory corruption issue and execute remote code on the device. This device acts as an Endoscope camera that allows...

9.2AI score0.02569EPSS
Exploits1References3
Cvelist
Cvelist
added 2019/06/17 9:32 p.m.20 views

CVE-2017-10723

Recently it was discovered as a part of the research on IoT devices in the most recent firmware for Shekar Endoscope that an attacker connected to the device Wi-Fi SSID can exploit a memory corruption issue and execute remote code on the device. This device acts as an Endoscope camera that allows...

9.2AI score0.02569EPSS
Exploits1References3
Cvelist
Cvelist
added 2019/06/17 9:28 p.m.21 views

CVE-2017-10718

Recently it was discovered as a part of the research on IoT devices in the most recent firmware for Shekar Endoscope that any malicious user connecting to the device can change the default SSID and password thereby denying the owner an access to his/her own device. This device acts as an Endoscop...

6.6AI score0.01865EPSS
Exploits1References3
CVE
CVE
added 2019/06/17 9:28 p.m.77 views

CVE-2017-10718

CVE-2017-10718 affects the Shekar Endoscope firmware. A vulnerability lets any malicious user connecting to the device change the default SSID and password, denying the owner access. This can enable an attacker to access the video feed and images; it also could facilitate footholds in air‑gapped ...

6.5CVSS6.5AI score0.01865EPSS
Exploits1References3Affected Software1
CVE
CVE
added 2019/06/17 9:19 p.m.71 views

CVE-2017-10721

Technical details about CVE-2017-10721 are not publicly provided in the connected documents. The description notes default Telnet but no specifics on versions, impact, or remediation; monitor for updates.

6.5CVSS6.4AI score0.01625EPSS
Exploits1References3Affected Software1
Rows per page
Query Builder