Year-long Malware Campaign Aimed At German Automakers
German companies in the automotive industry have been targeted by password-stealing malware for years. Both German car manufacturers and car dealerships are among the targets. “The infection chain begins with an email sent to specific targets containing an ISO disk image file that bypasses many internet security controls.”
Binaré believes that the security of the automotive industry deserves special attention as it is tightly connected to the lives of human beings. Binaré is concerned about the security of your hardware. Come to our web page and check your hardware with our FREE Demo! The link for the web page: https://binare.io/.
More information about the incident:
https://www.bleepingcomputer.com/news/security/german-automakers-targeted-in-year-long-malware-campaign/?&web_view=true
Agricultural Machinery Producer AGCO Under Ransomware Attack
AGCO, a leading US-based agricultural machinery maker, has announced it was hit by a ransomware attack affecting some of its production facilities. The extent of the attack is still under investigation, however, in general, any production disruption caused by the ransomware attack could have a significant supply chain impact on the production and delivery of equipment.
Binare believes that securing the agricultural sector is also very important. Binaré’s platform will check your IoT device for a wide range of vulnerabilities and security issues and will give you a detailed report on them. Make a step towards the security of your business already today: try our FREE Demo at https://binare.io/!
More information about the incident:
https://www.bleepingcomputer.com/news/security/us-agricultural-machinery-maker-agco-hit-by-ransomware-attack/?&web_view=true
Zyxel Warns of Security Flaws Affecting Firewalls, APs, & Controllers
“Zyxel has published a security advisory to warn admins about multiple vulnerabilities affecting a wide range of firewall, AP, and AP controller products.” The security flaws do not score for critical, but still can be exploited by malicious third parties. Zyxel products are used by large organizations. The four flaws disclosed in Zyxel’s advisory are CVE-2022-0734 (medium severity), CVE-2022-26531 (medium severity), CVE-2022-26532 (high severity), CVE-2022-0910 (medium severity).
Binaré recommends smart device manufacturers as well as businesses that use smart devices to check them for vulnerabilities with Binaré’s automated IoT vulnerability management and firmware analysis platform to make the use of these devices safe. Assess the security risk your IoT device possesses for FREE with our Demo here: https://binare.io/.
More information about the incident:
https://www.bleepingcomputer.com/news/security/zyxel-warns-of-flaws-impacting-firewalls-aps-and-controllers/?&web_view=true
QNAP Devices Under DeadBolt Ransomware Attacks
The Taiwanese producer of NAS appliances, known as QNAP, informed its customers about undergoing DeadBolt ransomware attacks. The attacks target NAS devices running QTS 4.3.6 and QTS 4.4.1. The vendor advises its users TO install the latest security updates.
Binaré offers a security-testing platform to prevent international businesses from cyber-attacks. Binaré is concerned about the security of the IoT device your business is using. Come to our web page and assess the security risk your IoT device possesses with our FREE Demo! The link for the web page: https://binare.io/.
More information about the incident:
https://cyware.com/news/deadbolt-ransomware-attacks-target-qnap-devices-58f2d4eb
Hackable Tesla Cars, Bluetooth Locks
According to cybersecurity researchers, millions of digital locks worldwide, including on Tesla cars, can be remotely unlocked by hackers exploiting a vulnerability in Bluetooth technology. “NCC Group said any smart locks using BLE technology, including residential smart locks, could be unlocked in the same way.”
Binaré believes that the security of the automotive industry deserves special attention as it is tightly connected to the lives of human beings. Binaré is concerned about the security of your hardware. Come to our web page and check your hardware with our FREE Demo! The link for the web page: https://binare.io/.
More information about the incident:
https://www.reuters.com/technology/tesla-cars-bluetooth-locks-vulnerable-hackers-researchers-2022-05-17/?&web_view=true
Critical Vulnerabilities Discovered in InHand Industrial Routers
17 vulnerabilities have been identified in a wireless industrial router made by InHand Networks. Among those are security flaws that can be exploited to get root access by getting a user to click on a malicious link. The security weaknesses are hiding in the InRouter 302 compact industrial LTE router that is widely used in the hospitality, financial, automotive, utilities, retail, public safety, and energy sectors.
Binaré’s platform will check your IoT device, e.g. router, for a wide range of vulnerabilities and security issues and will give you a detailed report on them. Make a step towards the security of your business already today: try our FREE Demo at https://binare.io/!
More information about the incident:
https://www.securityweek.com/critical-vulnerabilities-provide-root-access-inhand-industrial-routers?&web_view=true
Critical Vulnerability Identified in F5 BIG-IP Devices
A critical RCE vulnerability tracked as CVE-2022-1388, has been identified in BIG-IP networking devices. The vulnerability affects the BIG-IP iControl REST authentication component and allows remote third parties to bypass authentication and run commands on the device with elevated privileges. “The vulnerable devices are mostly used in the enterprise and may allow attackers to exploit the flaw for gaining initial access to networks and spreading laterally to other devices.”
Binaré offers a security-testing platform to prevent businesses worldwide from cyber-attacks. Binaré is concerned about the security of the IoT device your business is using. Come to our web page and check your device with our FREE Demo! The link for the web page: https://binare.io/.
More information about the incident:
https://cyware.com/news/critical-flaw-identified-in-f5-big-ip-devices-cf00c8cd
“Augury” Vulnerability Identified in Apple Silicon & Mobile Chips
Researchers recently published a paper describing a security flaw called Augury that affects Apple’s M1, M1 Max, and A14 processors. It might also affect older A-series chips and newer M1 relatives. Augury vulnerability hasn’t been exploited yet. However, once exploited it can leak data that neither the core nor any instructions have read.
Binaré’s platform will protect your IoT device from firmware attacks. Make a step towards the security of your business already today: try our FREE Demo at https://binare.io/!
More information about the incident:
https://www.techspot.com/news/94452-augury-vulnerability-discovered-apple-silicon-mobile-chips.html?&web_view=true
Free icons courtesy of flaticon.com by authors: Freepik, phatplus, berkahicon, Nualnoi Kinkaeo, Eucalyp