Discontinued GeoVision Products Targeted in Botnet Attacks via Zero-Day

November 18, 2024 at 09:34AM Discontinued GeoVision video surveillance products are facing botnet attacks due to a critical zero-day vulnerability (CVE-2024-11120). This flaw allows remote attackers to execute commands without authentication. The affected models, now unsupported, include GV-VS12 and GV-VS11. Users are urged to replace these devices to mitigate risks. ### Meeting Notes Takeaways: 1. … Read more

Why End of Life for Applications Is the Beginning of Life for Hackers

August 22, 2024 at 10:04AM The text discusses the importance of tracking end-of-life and end-of-support dates for software assets to mitigate security risks. It emphasizes the challenges of migrating applications and the need for early planning to justify costs and demonstrate business value. The commentary also highlights the need to address internal politics and stakeholders … Read more

Over 92,000 exposed D-Link NAS devices have a backdoor account

April 6, 2024 at 12:04PM A threat researcher disclosed a new arbitrary command injection and hardcoded backdoor flaw in multiple end-of-life D-Link Network Attached Storage (NAS) models, impacting their security. The flaw allows remote execution of arbitrary commands and affects over 92,000 vulnerable devices. D-Link has confirmed the end of support for these devices and … Read more

Researchers Discover 40,000-Strong EOL Router, IoT Botnet 

March 26, 2024 at 02:42PM Lumen Technologies’ Black Lotus Labs discovered a 40,000-strong botnet comprised of end-of-life routers and IoT devices, used by a cybercriminal group to power the Faceless proxy service. The botnet, in operation since 2014, has grown to 40,000 bots from 88 countries. Researchers urge network defenders to watch for attacks on … Read more