The new Mirai botnet is actively exploiting vulnerabilities in DigiEver DS-2105 Pro IP video recorders (NVRs) and legacy TP-Link routers.
Akamai researchers report that the botnet has been operating since at least September and targets devices with unpatched firmware.
The DigiEver vulnerability allows remote attackers to execute commands through incorrect input validation in the URI /cgi-bin/cgi_main.cgi. Hackers use this flaw to inject malicious commands and download malware from external servers. The botnet also exploits CVE-2023-1389 in TP-Link devices and CVE-2018-17-532 in Teltonika RUT9XX routers.
Compromised devices are used for DDoS attacks or further propagation of the worm. The botnet is distinguished by its use of XOR and ChaCha20 encryption, as well as compatibility with various architectures, including x86, ARM, and MIPS.
Users are advised to update firmware and monitor unusual device activity to mitigate risks.
The Dutch Ministry of Defense will acquire 22 combat vehicles to destroy drones, with 1.3…
The missile is specifically designed to counter China's growing power in the Indo-Pacific region. It…
The Royal Navy of Great Britain has begun modernizing combat systems on key ships, including…
ABC News has published a “popular” rating of the popularity of PIN codes chosen by…
© BRENDAN SMIALOWSKI/AFP/Archives It's ugly and mean. Social networks have become the ideal hunting ground…
In Ternopil, police detained a woman from Bukovina who pretended to be a man and…