Tag: iot
-
RondoDox Botnet Exploiting Devices With React2Shell Flaw
The Campaign Compromises Open-Source Vulnerability to Hack IoT Devices at Scale. Security firm CloudSEK has uncovered a botnet campaign that is exploiting the React2Shell vulnerability in the Meta-developed, open-source React framework across a variety of devices since December. The security firm attributed the campaign to RondoDox. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/rondodox-botnet-exploiting-devices-react2shell-flaw-a-30436
-
RondoDoX Botnet Abuses React2Shell Vulnerability for Malware Deployment
Tags: attack, botnet, control, cyber, data-breach, exploit, infrastructure, iot, malware, threat, vulnerabilityCloudSEK has uncovered a sustained nine-month campaign by the RondoDoX botnet operation, revealing rapid exploitation of emerging vulnerabilities including the critical React2Shell vulnerability. Analysis of exposed command-and-control logs spanning March through December 2025 demonstrates how threat actors swiftly adapted attack infrastructure following public disclosure, pivoting from traditional IoT targets to weaponizing Next.js applications within days…
-
React2Shell under attack: RondoDox Botnet spreads miners and malware
RondoDox botnet exploits the critical React2Shell flaw (CVE-2025-55182) to infect vulnerable Next.js servers with malware and cryptominers. CloudSEK researchers warn that the RondoDox botnet is exploiting the critical React2Shell flaw (CVE-2025-55182) to drop malware and cryptominers on vulnerable Next.js servers. >>CloudSEK’s report details a persistent nine-month RondoDoX botnet campaign targeting IoT devices and web applications. Recently, the…
-
RondoDox Botnet Exploits Critical React2Shell Flaw to Hijack IoT Devices and Web Servers
Cybersecurity researchers have disclosed details of a persistent nine-month-long campaign that has targeted Internet of Things (IoT) devices and web applications to enroll them into a botnet known as RondoDox.As of December 2025, the activity has been observed leveraging the recently disclosed React2Shell (CVE-2025-55182, CVSS score: 10.0) flaw as an initial access vector, CloudSEK said…
-
When the Cloud Rains on Everyone’s IoT Parade
What happens to all of those always-connected devices and Internet of Things when the cloud goes down? Disruptions to sleep, school, and smart homes, just to name a few issues. First seen on darkreading.com Jump to article: www.darkreading.com/iot/when-cloud-rains-on-everyone-iot-parade
-
Daran scheitert Passwordless
Passwortlose Authentifizierung im Unternehmen einzuführen, ist nur auf dem Papier einfach.Etliche Enterprise-CISOs versuchen schon seit mehr als einer Dekade, Passwörter hinter sich zu lassen. Weil aber diverse Legacy-Systeme ausschließlich auf Kennwörter ausgelegt sind, stoßen sie dabei immer wieder auf technische Hürden. Das spiegelt auch der aktuelle “ID IQ Report 2026″ von RSA (Download gegen Daten)…
-
CERN: how does the international research institution manage risk?
Tags: access, ai, business, compliance, control, cyber, cybersecurity, defense, framework, governance, group, international, iot, LLM, network, risk, service, strategy, technology, toolStefan Lüders and Tim Bell of CERN. CERNEmploying proprietary technology can introduce risks, according to Tim Bell, leader of CERN’s IT governance, risk and compliance section, who is responsible for business continuity and disaster recovery. “If you’re a visitor to a university, you’ll want to bring your laptop and use it at CERN. We can’t…
-
ServiceNow’s $7.75 billion cash deal for Armis illustrates shifting strategies
Tags: access, ai, attack, authentication, automation, business, ceo, cio, ciso, computing, control, cyber, governance, identity, incident response, intelligence, iot, risk, service, strategy, tool, update, vulnerabilityVisibility is the key: “For decades, the CIO’s white whale has been a precise, real-time Configuration Management Database [CMDB]. Most are outdated the moment they are populated,” said Whisper Security CEO Kaveh Ranjbar. The Armis acquisition “is an admission that in an era of IoT, OT, and edge computing, you cannot rely on manual entry…
-
NDSS 2025 A Large-Scale Measurement Study Of The PROXY Protocol And Its Security Implications
Tags: access, automation, cctv, conference, control, data, email, Internet, iot, leak, monitoring, network, service, vulnerabilitySession 7A: Network Security 2 Authors, Creators & Presenters: Stijn Pletinckx (University of California, Santa Barbara), Christopher Kruegel (University of California, Santa Barbara), Giovanni Vigna (University of California, Santa Barbara) PAPER A Large-Scale Measurement Study Of The PROXY Protocol And Its Security Implications Reverse proxy servers play a critical role in optimizing Internet services, offering…
-
Securing the Network Edge: A Comprehensive Framework for Modern Cybersecurity
The future of cybersecurity means defending everywhere. Securing IoT, cloud, and remote work requires a unified edge-to-cloud strategy. First in a three-part series. First seen on darkreading.com Jump to article: www.darkreading.com/endpoint-security/securing-network-edge-comprehensive-framework-modern-cybersecurity
-
Securing the Network Edge: A Comprehensive Framework for Modern Cybersecurity
The future of cybersecurity means defending everywhere. Securing IoT, cloud, and remote work requires a unified edge-to-cloud strategy. First in a three-part series. First seen on darkreading.com Jump to article: www.darkreading.com/endpoint-security/securing-network-edge-comprehensive-framework-modern-cybersecurity
-
Zscaler ThreatLabZ-Report – Zero Trust begrenzt die Angriffsfläche von Mobil, IoT und OT
First seen on security-insider.de Jump to article: www.security-insider.de/zero-trust-mobile-iot-ot-angriffsflaeche-a-6d8da4ece4b3cdd936727adfa0d823e8/
-
Bin ich Teil eines Botnets? GreyNoise IP-Check-Seite
Immer häufiger werden IoT-Geräte wie Router etc. durch Malware infiziert und in ein Botnetz integriert. Die Frage ist, wie man als Anwender auf einfache Art prüfen kann, ob das eigene Netzwerk Teil eines Botnetzes ist. Sicherheitsanbieter GreyNoise hat für diese … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/12/01/bin-ich-teil-eines-botnets-sicherheitsanbieter-gray-nose-stellt-ip-check-online/
-
Bin ich Teil eines Botnets? Gray Nose IP-Check-Seite
Immer häufiger werden IoT-Geräte wie Router etc. durch Malware infiziert und in ein Botnetz integriert. Die Frage ist, wie man als Anwender auf einfache Art prüfen kann, ob das eigene Netzwerk Teil eines Botnetzes ist. Sicherheitsanbieter Grey Nose hat für … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/12/01/bin-ich-teil-eines-botnets-sicherheitsanbieter-gray-nose-stellt-ip-check-online/
-
New Mirai variant ShadowV2 tests IoT exploits amid AWS disruption
ShadowV2, a new Mirai-based botnet, briefly targeted vulnerable IoT devices during October’s AWS outage, likely as a test run. During the late-October AWS disruption, FortiGuard Labs researchers observed the Mirai-based ‘ShadowV2’ malware exploiting IoT vulnerabilities across multiple countries and industries. The botnet was active only during the outage, suggesting a test run for future attacks.…
-
ThreatsDay Bulletin: AI Malware, Voice Bot Flaws, Crypto Laundering, IoT Attacks, and 20 More Stories
Hackers have been busy again this week. From fake voice calls and AI-powered malware to huge money-laundering busts and new scams, there’s a lot happening in the cyber world.Criminals are getting creative, using smart tricks to steal data, sound real, and hide in plain sight. But they’re not the only ones moving fast. Governments and…
-
New ShadowV2 botnet malware used AWS outage as a test opportunity
A new Mirai-based botnet malware named ‘ShadowV2’ has been observed targeting IoT devices from D-Link, TP-Link, and other vendors with exploits for known vulnerabilities. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/new-shadowv2-botnet-malware-used-aws-outage-as-a-test-opportunity/
-
NDSS 2025 Machine Learning-Based loT Device Identification Models For Security Applications
Session4A: IoT Security Authors, Creators & Presenters: Eman Maali (Imperial College London), Omar Alrawi (Georgia Institute of Technology), Julie McCann (Imperial College London) PAPER Evaluating Machine Learning-Based IoT Device Identification Models for Security Applications With the proliferation of IoT devices, network device identification is essential for effective network management and security. Many exhibit performance degradation…
-
NDSS 2025 Hidden And Lost Control: On Security Design Risks In loT User-Facing Matter Controller
Session4A: IoT Security Authors, Creators & Presenters: Haoqiang Wang, Yiwei Fang (Institute of Information Engineering, Chinese Academy of Sciences; School of Cyber Security, University of Chinese Academy of Sciences; Indiana University Bloomington), Yichen Liu (Indiana University Bloomington), Ze Jin (Institute of Information Engineering, Chinese Academy of Sciences; School of Cyber Security, University of Chinese Academy…
-
NDSS 2025 Hidden And Lost Control: On Security Design Risks In loT User-Facing Matter Controller
Session4A: IoT Security Authors, Creators & Presenters: Haoqiang Wang, Yiwei Fang (Institute of Information Engineering, Chinese Academy of Sciences; School of Cyber Security, University of Chinese Academy of Sciences; Indiana University Bloomington), Yichen Liu (Indiana University Bloomington), Ze Jin (Institute of Information Engineering, Chinese Academy of Sciences; School of Cyber Security, University of Chinese Academy…
-
NDSS 2025 EAGLEYE: Exposing Hidden Web Interfaces In loT Devices Via Routing Analysis
Session4A: IoT Security Authors, Creators & Presenters: Hangtian Liu (Information Engineering University), Lei Zheng (Institute for Network Sciences and Cyberspace (INSC), Tsinghua University), Shuitao Gan (Laboratory for Advanced Computing and Intelligence Engineering), Chao Zhang (Institute for Network Sciences and Cyberspace (INSC), Tsinghua University), Zicong Gao (Information Engineering University), Hongqi Zhang (Henan Key Laboratory of Information…
-
Telecommunications Network Security: Defending Against Nation State APTs with Unified AI Defense
The global telecommunications ecosystem has entered its most dangerous cyber era.As 5G, O RAN, cloud workloads, and massive IoT ecosystems expand, telecom networks have become the number one target for nation-state APTs. Attacks like Salt Typhoon, labeled the worst telecom breach in U.S. history, prove one reality: Traditional enterprise security tools cannot defend networks operating…
-
Telecommunications Network Security: Defending Against Nation State APTs with Unified AI Defense
The global telecommunications ecosystem has entered its most dangerous cyber era.As 5G, O RAN, cloud workloads, and massive IoT ecosystems expand, telecom networks have become the number one target for nation-state APTs. Attacks like Salt Typhoon, labeled the worst telecom breach in U.S. history, prove one reality: Traditional enterprise security tools cannot defend networks operating…
-
Der Wettlauf um Sicherheit in einer Ära KI-gesteuerter Bedrohungen
Unternehmen benötigen Technologien, die Echtzeit-Transparenz und KI-gestützte Analyse über IT-, OT-, IoT- und medizinische Systeme hinweg ermöglichen. So lassen sich verdächtige Aktivitäten schneller erkennen, priorisieren und eindämmen First seen on infopoint-security.de Jump to article: www.infopoint-security.de/der-wettlauf-um-sicherheit-in-einer-aera-ki-gesteuerter-bedrohungen/a42949/
-
Aircraft cabin IoT leaves vendor and passenger data exposed
The expansion of IoT devices in shared, multi-vendor environments, such as aircraft cabins, has created tension between the benefits of data collaboration and the risks to … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/11/25/aircraft-cabin-iot-privacy-exposure/
-
NDSS 2025 Deanonymizing Device Identities Via Side-Channel Attacks In Exclusive-Use IoTs
Tags: attack, authentication, conference, data, data-breach, exploit, flaw, identity, Internet, iot, leak, mitigation, network, privacy, side-channel, strategy, threat, vulnerability, wifiSession4A: IoT Security Authors, Creators & Presenters: Christopher Ellis (The Ohio State University), Yue Zhang (Drexel University), Mohit Kumar Jangid (The Ohio State University), Shixuan Zhao (The Ohio State University), Zhiqiang Lin (The Ohio State University) PAPER Deanonymizing Device Identities via Side-channel Attacks in Exclusive-use IoTs & Mitigation Wireless technologies like Bluetooth Low Energy (BLE)…
-
Recognizing and responding to cyber threats: What differentiates NDR, EDR and XDR
Tags: access, attack, automation, breach, cloud, communications, computer, cyber, cybersecurity, data, data-breach, defense, detection, edr, endpoint, firewall, intelligence, iot, malware, microsoft, monitoring, network, siem, software, sql, strategy, technology, threat, tool, windowsEDR identifies noticeable changes at the endpoint EDR, the oldest of the three detection technologies, monitors endpoints to mitigate attacks on them. Endpoints are network devices such as PCs, file servers, smartphones and IoT devices that connect to the network to communicate. A software agent is used to inventory EDR malware and suspicious activity detected…