Mitel VoIP Systems Under Lorenz Ransomware Attack
“The operators behind the Lornenz ransomware operation have been observed exploiting a now-patched critical security flaw in Mitel MiVoice Connect to obtain a foothold into target environments for follow-on malicious activities.” The vulnerability exploited can be tracked as CVE-2022-29499, remote code execution security issue.
Binaré’s platform will check your IoT device, e.g. VoIP device, for a wide range of vulnerabilities and security issues and will give you a detailed report on them. Make a step towards security of your business already today: try our FREE Demo at https://binare.io/!
More information about the incident:
https://thehackernews.com/2022/09/lorenz-ransomware-exploit-mitel-voip.html
D-Link Routers Under Mirai Variant MooBot Botnet Attack
“A variant of the Mirai botnet known as MooBot is co-opting vulnerable D-Link devices into an army of denial-of-service bots by taking advantage of multiple exploits.” MooBot was first discovered in September 2019 and has previously affected LILIN digital video recorders and Hikvision video surveillance products. The high-severity security flaws in D-Link devices being currently exploited by MooBot botnet: CVE-2015-2051 (D-Link HNAP SOAPAction Header Command Execution Vulnerability), CVE-2018-6530 (D-Link SOAP Interface Remote Code Execution Vulnerability), CVE-2022-26258 (D-Link Remote Command Execution Vulnerability), CVE-2022-28958 (D-Link Remote Command Execution Vulnerability).
Binaré’s platform will check your IoT device, e.g. router, for a wide range of vulnerabilities and security issues and will give you a detailed report on them. Make a step towards security of your business already today: try our FREE Demo at https://binare.io/!
More information about the incident:
https://thehackernews.com/2022/09/mirai-variant-moobot-botnet-exploiting.html
55 Berghof PLCs Compromised By GhostSec Hacktivist Group Across Israel
Industrial cybersecurity firm OTORIO published a message that the GhostSec hacktivist group gained control over 55 Berghof programmable logic controllers (PLCs) across Israeli organizations and platforms. “OTORIO assesses that such security gaps can be extremely dangerous in the OT (operating technology) environment since they can affect physical processes and, in some cases, even lead to life-threatening situations.”
Binaré’s platform will check your IoT device, e.g. PLC, for a wide range of vulnerabilities and security issues and will give you a detailed report on them. Make a step towards security of your business already today: try our FREE Demo at https://binare.io/!
More information about the incident:
https://industrialcyber.co/critical-infrastructure/ghostsec-hacktivist-group-compromise-55-berghof-plcs-across-israel-otorio-discloses/
Netgear Router Models Affected By Arbitrary Code Execution via FunJSQ
“The FunJSQ module is used in various Netgear routers and Orbi WiFi systems, the issues affecting it were discovered in May 2022 and are now fixed.” NETGEAR devices with the flawed module discovered by the researchers include R9000, R7800, RAX200, RAX120, R6230, R6260, RAX40. The affected Orbi WiFi Systems are RBR20, RBS20, RBR50, RBS50.
Binaré’s platform will check your IoT device, e.g. router, for a wide range of vulnerabilities and security issues and will give you a detailed report on them. Make a step towards security of your business already today: try our FREE Demo at https://binare.io/!
More information about the incident:
https://securityaffairs.co/wordpress/135887/security/netgear-game-acceleration-module-flaw.html?web_view=true
EU To Introduce Rules To Mitigate Cybersecurity Risks Of Smart Devices
According to draft European Union rules announced earlier this month, smart devices connected to the internet will have to be assessed for their cybersecurity risks. “Companies face fines of as much as 15 million euros ($15 million) or up to 2.5% of their total global turnover if they fail to comply with the European Commission’s proposed law known as the Cyber Resilience Act, which will require manufacturers to fix any problems that are identified.”
Binaré can help IoT device manufacturers, businesses and government organizations on their 𝐰𝐚𝐲 𝐭𝐨𝐰𝐚𝐫𝐝𝐬 𝐈𝐨𝐓 𝐜𝐲𝐛𝐞𝐫𝐬𝐞𝐜𝐮𝐫𝐢𝐭𝐲 𝐬𝐭𝐚𝐧𝐝𝐚𝐫𝐝𝐬 𝐚𝐧𝐝 𝐫𝐞𝐠𝐮𝐥𝐚𝐭𝐢𝐨𝐧 𝐜𝐨𝐦𝐩𝐥𝐢𝐚𝐧𝐜𝐞 by revealing vulnerabilities in their devices that could have obviously prevented them from passing cybersecurity certification programs. Binaré offers more affordable & 𝐟𝐚𝐬𝐭𝐞𝐫 𝐰𝐚𝐲 𝐲𝐨𝐮𝐫 𝐈𝐨𝐓 𝐝𝐞𝐯𝐢𝐜𝐞 𝐠𝐞𝐭𝐬 𝐜𝐞𝐫𝐭𝐢𝐟𝐢𝐞𝐝 which is extremely important in the current dynamic cybersecurity realities. IoT security certifications with Binare’s platform is cost-efficient (2x-10x ROI, fraction of a cost) & time-efficient (get the initial report/dashboard within minutes).
More information about the incident:
https://www.reuters.com/technology/eu-proposes-rules-targeting-smart-devices-with-cybersecurity-risks-2022-09-15/?&web_view=true
Free icons courtesy of flaticon.com by authors: kerismaker, freepik, vectorsmarket15, kiranshastry.