Security Vulnerabilities Newsletter: Top News Rundown (Weeks 15/18-2022)

Critical Vulnerabilities Identified in Millions of Aruba & Avaya Switches

Five critical remote code execution vulnerabilities discovered in millions Aruba and Avaya devices. These security flaws can be exploited by cybercriminals to take full control of network switches frequently used in airports, hospitals, and hotels. The security bugs altogether called TLStorm 2.0. “The flaws are said to affect about 10 million devices across HPE’s Aruba and Extreme Networks’ Avaya switching portfolio”.

Binaré’s platform will check your IoT device, e.g. switch, for a wide range of vulnerabilities and security issues and will give you a detailed report on them. Make a step towards security of your business already today: try our FREE Demo at https://binare.io/!

More information about the incident:
https://www.theregister.com/2022/05/03/aruba_avaya_critical_vulns/

Unpatched DNS Related Flaw Affects Numerous IoT Devices

An unpatched security vulnerability has been discovered by cybersecurity researchers that could put under cyber threat numerous IoT devices. “The issue, which was originally reported in September 2021, affects the Domain Name System (DNS) implementation of two popular C libraries called uClibc and uClibc-ng that are used for developing embedded Linux systems.”

Binaré recommends smart device manufacturers as well as businesses that use smart devices to check them for vulnerabilities with Binaré’s automated IoT vulnerability management and firmware analysis platform to make the use of these devices safe. Assess the security risk your IoT device possesses for FREE with our Demo here: https://binare.io/.

More information about the incident:
https://thehackernews.com/2022/05/unpatched-dns-related-vulnerability.html

U.S Cybersecurity Agency List: 2021’s Top 15 Most Exploited Software Security Vulnerabilities

Some of the top exploited security vulnerabilities in 2021:

Other frequently weaponized flaws include:

Binaré offers the security-testing platform to prevent businesses all over the world from cyber-attacks. Binaré is concerned about the security of IoT device your business is using. Come to our web page and check your device with our FREE Demo! The link for the web page: https://binare.io/.

More information about the incident:
https://thehackernews.com/2022/04/us-cybersecurity-agency-lists-2021s-top.html

QNAP Recommends to Mitigate Remote Hacking Bugs Until Patches are Available

“Network-attached storage (NAS) appliance maker QNAP on Wednesday said it’s working on updating its QTS and QuTS operating systems after Netatalk last month released patches to contain seven security flaws in its software.” According to QNAP, the Netatalk vulnerabilities impact the following operating system versions: QTS 5.0.x and later; QTS 4.5.4 and later; QTS 4.3.6 and later; QTS 4.3.4 and later; QTS 4.3.3 and later; QTS 4.2.6 and later; QuTS hero h5.0.x and later; QuTS hero h4.5.4 and later; QuTScloud c5.0.x.

Binaré’s platform will check your IoT device, e.g. NAS device, for a wide range of vulnerabilities and security issues and will give you a detailed report on them. Make a step towards security of your business already today: try our FREE Demo at https://binare.io/!

More information about the incident:
https://thehackernews.com/2022/04/qnap-advises-to-mitigate-remote-hacking.html

Vulnerable Home Cameras Kept Running For Years

The issue is in the Wyze-Cam v1 security camera. Three years ago, cyber-security firm Bitdefender informed Wyze of a security bug that would allow hackers to access any video files that were stored on the camera’s memory card, or even watch users in real time. “Despite the warning, Wyze made no public comment while quietly patching later versions of the cameras and leaving its original devices untouched.”

Binaré’s platform will check your IoT device, e.g. home camera, for a wide range of vulnerabilities and security issues and will give you a detailed report on them. Make a step towards security of your business already today: try our FREE Demo at https://binare.io/!

More information about the incident:
https://www.fox26houston.com/news/home-camera-security-flaw-may-have-allowed-hackers-to-watch-for-years

Vulnerable Unpatched Android Devices Discovered

Android smartphones as well as smart devices running recent versions of the operating system (security patch older than 2021) are found to be vulnerable to a security risk. The “Out-of-Bounds” security vulnerability could allow hackers to commandeer millions of Android devices with a MediaTek or Qualcomm chipset.

Binaré’s platform will check your IoT device, e.g. Android device, for a wide range of vulnerabilities and security issues and will give you a detailed report on them. Make a step towards security of your business already today: try our FREE Demo at https://binare.io/!

More information about the incident:
https://www.neowin.net/news/android-devices-with-security-patch-older-than-dec-2021-remain-vulnerable-to-security-risk/

DVR Devices Under BotenaGo Cyberattack

“Threat analysts have spotted a new variant of the BotenaGo botnet malware, and it’s the stealthiest seen so far, running undetected by any anti-virus engine.” Researchers at Nozomi Networks Labs have recently found a new variant of BotenaGo that appears to have derived from the leaked source code. The sample they analyzed targets Lilin security camera DVR devices.

Binaré’s platform will check your IoT device, e.g. DVR device, for a wide range of vulnerabilities and security issues and will give you a detailed report on them. Make a step towards security of your business already today: try our FREE Demo at https://binare.io/!

More information about the incident:
https://www.bleepingcomputer.com/news/security/new-stealthy-botenago-malware-variant-targets-dvr-devices/

Free icons courtesy of flaticon.com by authors: Freepik, Flat Icons, phatplus

Leave a Reply