Thousands Of End-Of-Life Cisco Routers Exposed To RCE Attacks

“Over 19,000 end-of-life Cisco VPN routers on the Internet are exposed to attacks targeting a remote command execution exploit chain. By chaining two security flaws, threat actors can bypass authentication (CVE-2023-20025) and execute arbitrary commands (CVE-2023-2002) on the underlying operating system of Cisco Small Business RV016, RV042, RV042G, and RV082 routers.”

Binaré’s platform will check your IoT device, e.g. router, for a wide range of vulnerabilities and security issues and will give you a detailed report on them. Make a step towards security of your business already today: try our FREE Demo at https://binare.io/!

More information about the incident:
https://www.bleepingcomputer.com/news/security/over-19-000-end-of-life-cisco-routers-exposed-to-rce-attacks/?&web_view=true

EU Cyber Resilience Regulation Could Result In Millions Of Fines

“The EU Commission’s Cyber Resilience Act (CRA) is intended to close the digital fragmentation problem surrounding devices and systems with network connections – from printers and routers to smart household appliances and industrial control systems. Industrial networks and critical infrastructures require special protection. The financial fines for affected manufacturers and distributors are therefore severe: up to 15 million euros or 2.5 percent of global annual revenues in the past fiscal year – the larger number counts.”

Binaré can help IoT device manufacturers, businesses and government organizations on their 𝐰𝐚𝐲 𝐭𝐨𝐰𝐚𝐫𝐝𝐬 𝐈𝐨𝐓 𝐜𝐲𝐛𝐞𝐫𝐬𝐞𝐜𝐮𝐫𝐢𝐭𝐲 𝐬𝐭𝐚𝐧𝐝𝐚𝐫𝐝𝐬 𝐚𝐧𝐝 𝐫𝐞𝐠𝐮𝐥𝐚𝐭𝐢𝐨𝐧 𝐜𝐨𝐦𝐩𝐥𝐢𝐚𝐧𝐜𝐞 by revealing vulnerabilities in their devices that could have obviously prevented them from passing cybersecurity certification programs. Binaré offers more affordable & 𝐟𝐚𝐬𝐭𝐞𝐫 𝐰𝐚𝐲 𝐲𝐨𝐮𝐫 𝐈𝐨𝐓 𝐝𝐞𝐯𝐢𝐜𝐞 𝐠𝐞𝐭𝐬 𝐜𝐞𝐫𝐭𝐢𝐟𝐢𝐞𝐝 which is extremely important in the current dynamic cybersecurity realities. IoT security certifications with Binare’s platform is cost-efficient (2x-10x ROI, fraction of a cost) & time-efficient (get the initial report/dashboard within minutes).

More information about the incident:
https://www.helpnetsecurity.com/2023/01/19/eu-cyber-resilience-regulation-fines/?web_view=true

High Severity Vulnerabilities Identified In Netcomm & TP-Link Routers

“Security vulnerabilities have been disclosed in Netcomm and TP-Link routers, some of which could be weaponized to achieve remote code execution. The flaws, tracked as CVE-2022-4873 and CVE-2022-4874, concern a case of stack-based buffer overflow and authentication bypass and impact Netcomm router models NF20MESH, NF20, and NL1902 running firmware versions earlier than R6B035.”

Binaré’s platform will check your IoT device, e.g. router, for a wide range of vulnerabilities and security issues and will give you a detailed report on them. Make a step towards security of your business already today: try our FREE Demo at https://binare.io/!

More information about the incident:
https://thehackernews.com/2023/01/critical-security-vulnerabilities.html?&web_view=true

4,000+ Sophos Firewall Devices Found Vulnerable To RCE Attacks

“Over 4,000 Sophos Firewall appliances exposed to Internet access are vulnerable to attacks targeting a critical remote code execution (RCE) vulnerability. Sophos disclosed this code injection flaw (CVE-2022-3236) found in the User Portal and Webadmin of Sophos Firewall in September and also released hotfixes for multiple Sophos Firewall versions (official fixes were issued three months later, in December 2022).”

Binaré recommends smart device manufacturers as well as businesses that use smart devices to check them for vulnerabilities with Binaré’s automated IoT vulnerability management and firmware analysis platform to make the use of these devices safe. Assess the security risk your IoT device possesses for FREE with our Demo here: https://binare.io/.

More information about the incident:
https://www.bleepingcomputer.com/news/security/over-4-000-sophos-firewall-devices-vulnerable-to-rce-attacks/?&web_view=true

InHand Industrial Router Vulnerabilities Expose Internal OT Networks To Attacks

“A series of vulnerabilities affecting industrial routers made by InHand Networks could allow hackers to bypass security systems and gain access to internal operational technology (OT) networks from the internet.”

Binaré’s platform will check your IoT device, e.g. router, for a wide range of vulnerabilities and security issues and will give you a detailed report on them. Make a step towards security of your business already today: try our FREE Demo at https://binare.io/!

More information about the incident:
https://www.securityweek.com/inhand-industrial-router-vulnerabilities-expose-internal-ot-networks-attacks/?web_view=true

100+ Siemens PLC Models Vulnerable To Firmware Takeover

“Security researchers have disclosed multiple architectural vulnerabilities in Siemens SIMATIC and SIPLUS S7-1500 programmable logic controllers (PLCs) that could be exploited by a malicious actor to stealthily install firmware on affected devices and take control of them. Discovered by Red Balloon Security, the issues are tracked as CVE-2022-38773 (CVSS score: 4.6), with the low severity stemming from the prerequisite that exploitation requires physical tampering of the device.”

Binaré’s platform will check your IoT device, e.g. PLC, for a wide range of vulnerabilities and security issues and will give you a detailed report on them. Make a step towards security of your business already today: try our FREE Demo at https://binare.io/!

More information about the incident:
https://thehackernews.com/2023/01/over-100-siemens-plc-models-found.html?&web_view=true

Qualcomm UEFI Vulnerabilities Expose Microsoft, Lenovo, Samsung Devices To Attacks

“Many devices made by Microsoft, Lenovo, Samsung and likely others are affected by potentially serious UEFI firmware vulnerabilities in Qualcomm Snapdragon chips.”

Binaré provides you not only with the platform but also with professional services that will help your business to avoid cyberattacks. Get an improved cybersecurity posture with Binaré’s expert and advisory services! Sign up here https://try.binare.io/get_in_touch and we will reach out to you as soon as possible.

More information about the incident:
https://www.securityweek.com/qualcomm-uefi-flaws-expose-microsoft-lenovo-samsung-devices-attacks/?web_view=true

Free icons courtesy of flaticon.com by authors: Smashicons, Vectorslab, Freepik, kerismaker, Dragon Icons, Shuvo.Das

Leave a Reply