The IoT Under Siege: The Resurgence of the Mirai-Based Gayfemboy Botnet

The IoT Under Siege: The Resurgence of the Mirai-Based Gayfemboy Botnet

Researchers at FortiGuard Labs have tracked a new wave of activity from the Gayfemboy botnet. This malware exploits known vulnerabilities in DrayTek, TP-Link, Raisecom, and Cisco devices, showcasing evolved attack strategies and a resurgence in activity. The Gayfemboy botnet was first discovered in February 2024, leveraging not only the code from the basic version of … Read more

International Radio Encryption Algorithm Reveals ‘Backdoor’

International Radio Encryption Algorithm Reveals 'Backdoor'

The Terrestrial Trunked Radio (TETRA) standard, developed by the European Telecommunications Standards Institute (ETSI), is one of the most widely used radio encryption communication standards globally. It is extensively adopted by communication equipment manufacturers such as Motorola and Sepura, with applications spanning over 100 countries, primarily for encrypted communications in police, rescue, military, and critical … Read more

Vulnerability-Free Attacks on Drones: The Huge Potential of Electromagnetic Fault Injection Attacks

Vulnerability-Free Attacks on Drones: The Huge Potential of Electromagnetic Fault Injection Attacks

Phone | 010-82030532 Mobile | 18501361766 WeChat | tech9999 Email | [email protected] Source: Drones Author: Drones A recent study has demonstrated the potential of Electromagnetic Fault Injection (EMFI) attacks on drones, with experts showcasing how to attack drones that have no known vulnerabilities. This research was conducted by IOActive, a company specializing in cybersecurity research … Read more

Zephyr v4.2.0 Release

Zephyr v4.2.0 Release

Zephyr v4.2.0 was released on schedule on July 18, 2025, with support until March 18, 2026. Release file: https://github.com/zephyrproject-rtos/zephyr/releases/tag/v4.2.0 Release Notes: https://docs.zephyrproject.org/latest/releases/release-notes-4.2.html Release Blog: https://www.zephyrproject.org/zephyr-rtos-4-2-now-available-introduces-renesas-rx-support-usb-video-class-and-more/ Migration Guide (from 4.1.0 to 4.2.0): https://docs.zephyrproject.org/latest/releases/migration-guide-4.2.html Supporting Video: https://www.youtube.com/watch?v=25xrHzeaw5w The official release blog provides a detailed overview of the new features and highlights of v4.2.0. The release notes contain … Read more

Report: The Energy Sector is the Biggest Victim of Industrial Control System Attacks

Report: The Energy Sector is the Biggest Victim of Industrial Control System Attacks

Anheng Information Frontline news on cybersecurity, emergency response solutions, and in-depth analysis of technical hotspots Follow Us According to a report released by Kaspersky Lab on March 26, the number of cyberattacks faced by the energy sector far exceeds that of other industries, and many security vulnerabilities disclosed in 2017 have significantly impacted various products … Read more

FireEye 2016 Industrial Control System Vulnerability Trend Report: Missed Warnings and Exposed Industrial Environments

FireEye 2016 Industrial Control System Vulnerability Trend Report: Missed Warnings and Exposed Industrial Environments

The role of industrial control systems in power grids, power plants, water supply stations, oil and gas production, food and beverage manufacturing, and transportation systems is akin to that of a technological mule. What is often overlooked is that our society relies on these systems to ensure smooth operations. However, a new research report released … Read more

PerfektBlue Vulnerabilities Threaten Infotainment Systems in Mercedes, Volkswagen, and Skoda Vehicles

PerfektBlue Vulnerabilities Threaten Infotainment Systems in Mercedes, Volkswagen, and Skoda Vehicles

Recently, the cybersecurity research organization PCA Cyber Security discovered a set of serious vulnerabilities named “PerfektBlue” that exist in the BlueSDK Bluetooth framework from OpenSynergy, which could allow remote attacks on infotainment systems in millions of vehicles worldwide. BlueSDK is a widely used Bluetooth solution in the automotive industry, supporting both classic Bluetooth and low-energy … Read more

CNNVD Report on Multiple Remote Code Execution Vulnerabilities in VxWorks

CNNVD Report on Multiple Remote Code Execution Vulnerabilities in VxWorks

Recently, VxWorks officially released multiple security vulnerability announcements, including the VxWorks buffer overflow vulnerability (CNNVD-201907-1499, CVE-2019-12256), VxWorks security vulnerabilities (CNNVD-201907-1497, CVE-2019-12255), and several other vulnerabilities. VxWorks 7, VxWorks 6.5-6.9, and VxWorks versions using the Interpeak standalone network stack are all affected by these vulnerabilities. Attackers who successfully exploit these vulnerabilities can perform remote code execution … Read more

FreeRTOS Part Six: Security

FreeRTOS Part Six: Security

Bob continues his open-source FreeRTOS series. In this sixth part, he will explore security issues and preventive measures when using FreeRTOS. A few years ago, before the advent of the internet, I consulted a friend working at Bell Labs about network security issues. At that time, Bell Telephone Company enjoyed a government-sanctioned monopoly over the … Read more

Critical Sudo Vulnerabilities Allow Local Users to Gain Root Access on Linux, Affecting Major Distributions

Critical Sudo Vulnerabilities Allow Local Users to Gain Root Access on Linux, Affecting Major Distributions

Cybersecurity researchers have disclosed two security vulnerabilities in the Sudo command-line utility for Linux and Unix-like operating systems, which could allow local attackers to escalate their privileges to root access on vulnerable machines. The vulnerabilities are briefly described as follows: CVE-2025-32462 (CVSS Score: 2.8) – Sudo versions prior to 1.9.17p1, when used with a sudoers … Read more