Stay updated on Ubiquiti-related cybersecurity news, insights, and updates with in-depth analysis on information security trends and threats.
Search across headline titles and summaries.
Background for this topic.
Ubiquiti is a brand widely recognized for its production of networking equipment and technology products designed for businesses and consumers. In the realm of information security, Ubiquiti becomes a topic of interest due to various aspects ranging from the security features of its devices to the company's responsiveness to security incidents such as data breaches or software vulnerabilities.
Ubiquiti's significance in information security stems from the need to protect the network infrastructure that ubiquitously supports internet communication and data transfer. Security issues related to Ubiquiti may include the analysis of their product’s security measures, discussions on the strengths and weaknesses of their technology, and reports on any security flaws or breaches that have impacted the company or its users. Keeping track of such occurrences and updates is vital for IT professionals and users who rely on Ubiquiti products for their networking solutions to ensure their systems remain secure against potential threats.
Weekly headline count for the current query.
Ubiquiti has released security updates to patch three maximum severity vulnerabilities in UniFi OS that can be exploited by remote attackers without privileges. [...]
The maximum-severity vulnerability, which hasn’t been exploited in the wild yet, affects software customers use to manage networking devices. The post Ubiquiti defect poses account takeover risk for UniFi Networking Application users appeared first on CyberScoop.
Ubiquiti has patched two vulnerabilities in the UniFi Network Application, including a maximum-severity flaw that may allow attackers to take over user accounts. [...]
In the cloud, patches disseminate automatically. On your computer, you get notified. IoT devices, meanwhile, can escape attention for years on end.
Cisco warns about a large-scale credential brute-forcing campaign targeting VPN and SSH services on Cisco, CheckPoint, Fortinet, SonicWall, and Ubiquiti devices worldwide. [...]
The routers were hijacked to steal credentials, proxy traffic, and host phishing pages and custom tools
In a new joint advisory, cybersecurity and intelligence agencies from the U.S. and other countries are urging users of Ubiquiti EdgeRouter to take protective measures, weeks after a botnet comprising infected routers was felled by law enforcement as part of an operation codenamed Dying Ember
Non-techies told to master firmware upgrades and firewall rules. For the infosec hardheads: have some IOCs Authorities from eleven nations have delivered a sequel to the January takedown of a botnet run by Russia on compromised Ubiquiti Edge OS routers – in the form of a warning that Russia may try again, so owners of the devices should take precautions.…
APT28 Used Hacked Ubiquiti Routers for Hashed Password Relay AttacksA campaign by Russian military intelligence to convert Ubiquiti routers into a platform for a global cyberespionage operation began as early as 2022, U.S. and foreign intelligence agencies said. The U.S. disrupted a botnet built by a hacking unit of Russian military's Main Intelligence Directorate.
Russian APT28 military hackers are using compromised Ubiquiti EdgeRouters to evade detection, the FBI says in a joint advisory issued with the NSA, the U.S. Cyber Command, and international partners. [...]
GRU Hackers Commandeered 'Moobot' for CyberespionageThe U.S. federal government says it disrupted a criminal botnet that Russian military intelligence had converted into a platform for global cyberespionage. The malware targets Linux-based IoT devices - in this case, routers made by New York manufacturer Ubiquiti.
The FBI took down a botnet of small office/home office (SOHO) routers used by Russia's Main Intelligence Directorate of the General Staff (GRU) to proxy malicious traffic and to target the United States and its allies in spearphishing and credential theft attacks. [...]
Since yesterday, customers of Ubiquiti networking devices, ranging from routers to security cameras, have reported seeing other people's devices and notifications through the company's cloud services. [...]
The defendant was also ordered to pay $1.6m in restitution and forfeit property used for the crimes
A former employee of Ubiquiti has been sentenced to six years in jail after he pleaded guilty to posing as an anonymous hacker and a whistleblower in an attempt to extort almost $2 million worth of cryptocurrency while working at the company
And a $1.6m bill after Nickolas Sharp has been sentenced to six years in prison and ordered to pay almost $1.6 million to his former employer Ubiquiti – after stealing gigabytes of corporate data and then trying to extort almost $2 million from the biz while posing as an anonymous hacker.…
Nickolas Sharp, a former senior developer of Ubiquiti, was sentenced to six years in prison for stealing company data, attempting to extort his employer, and aiding the publication of misleading news articles that severely impacted the firm's market capitalization. [...]
Nickolas Sharp now faces up to 35 years in prison A former Ubiquiti Networks employee accused of hatching an elaborate plot to first steal nearly $2 million from his employer, extort more, then later orchestrating a smear campaign against the company pleaded guilty to multiple felony charges Thursday.…
Nickolas Sharp, a former Ubiquiti employee who managed the networking device maker's cloud team, pled guilty today to stealing gigabytes worth of files from Ubiquiti's network and trying to extort his employer while posing as an anonymous hacker and a whistleblower. [...]
Last year, I posted a series of articles about a purported “breach” at Ubiquiti. My sole source for that reporting was the person who has since been indicted by federal prosecutors for his alleged wrongdoing – which includes providing false… Read More »