The new Mirai botnet is actively exploiting vulnerabilities in DigiEver DS-2105 Pro IP video recorders (NVRs) and legacy TP-Link routers.
Akamai researchers report that the botnet has been operating since at least September and targets devices with unpatched firmware.
The DigiEver vulnerability allows remote attackers to execute commands through incorrect input validation in the URI /cgi-bin/cgi_main.cgi. Hackers use this flaw to inject malicious commands and download malware from external servers. The botnet also exploits CVE-2023-1389 in TP-Link devices and CVE-2018-17-532 in Teltonika RUT9XX routers.
Compromised devices are used for DDoS attacks or further propagation of the worm. The botnet is distinguished by its use of XOR and ChaCha20 encryption, as well as compatibility with various architectures, including x86, ARM, and MIPS.
Users are advised to update firmware and monitor unusual device activity to mitigate risks.
The development of the PS5 version of S.T.A.L.K.E.R. 2: Heart of Chornobyl is still in…
Following the release of the second season of the popular Netflix series "The Squidward Game,"…
The Russian Ministry of Justice has added to the list of foreign agents the public…
In the next two years, the company intends to fill Instagram and Facebook with AI-generated…
AFP/Archives - PHILIPPE HUGUEN Mutual insurance rates continue their steep rise, with increases of 5.3%…
After the ceremony, we all gathered at the family home. The day of Dad's funeral…