Security Vulnerabilities Newsletter: Top News Rundown (Weeks 23/26-2023)

Mirai Variant Targets Multiple IoT Vulnerabilities in Recent Campaign

“The latest spotted Mirai botnet variant has been identified in two ongoing campaigns that started on March 14 and spiked in April and June.

• The variant targets around 22 known security issues in various connected products such as routers, DVRs, NVRs, WiFi communication dongles, thermal monitoring systems, access control systems, and solar power generation monitors. 
• Some of these affected products are from D-Link, Nagios, Arris, Zyxel, TP-Link, SolarView, Nortek, Tenda, and MediaTek.”

Binaré provides IoT device manufacturers with a platform that checks an IoT device for a wide range of vulnerabilities and security issues (including SBoM/Software-Bill-of-Materials and risky components dependencies) and gives an IoT device manufacturer a detailed report on them. Make a step towards security of your IoT business already today: try our FREE Demo at https://binare.io/!

More information about the incident: 
https://cyware.com/news/mirai-variant-targets-multiple-iot-vulnerabilities-in-recent-campaign-2898a4c7

New Condi Malware Hijacking TP-Link Wi-Fi Routers for DDoS Botnet Attacks

“A new malware called Condi has been observed exploiting a security vulnerability in TP-Link Archer AX21 (AX1800) Wi-Fi routers to rope the devices into a distributed denial-of-service (DDoS) botnet.Fortinet FortiGuard Labs said the campaign has ramped up since the end of May 2023. Condi is the work of a threat actor who goes by the online alias zxcr9999 on Telegram and runs a Telegram channel called Condi Network to advertise their warez.”

Binaré’s platform will check your IoT device, e.g. router, for a wide range of vulnerabilities and security issues and will give you a detailed report on them. Make a step towards security of your business already today: try our FREE Demo at https://binare.io/!

More information about the incident:
https://thehackernews.com/2023/06/new-condi-malware-hijacking-tp-link-wi.html?&web_view=true

OT:Icefall: Vulnerabilities Identified in Wago Controllers

“Forescout Technologies has disclosed the details of three vulnerabilities impacting operational technology (OT) products from Wago and Schneider Electric. The flaws were identified as part of the OT:Icefall research that has led to the public disclosure of 61 vulnerabilities impacting more than 100 OT products from 13 vendors. After an initial set of 56 vulnerabilities disclosed in June 2022, Forescout shared the details of three more flaws in November 2022, and is now adding two new bugs to the list, while also sharing information on a previously identified but not disclosed issue.”

Binaré’s platform will check your IoT device, e.g. PLC, for a wide range of vulnerabilities and security issues and will give you a detailed report on them. Make a step towards security of your business already today: try our FREE Demo at https://binare.io/!

More information about the incident
https://www.securityweek.com/oticefall-vulnerabilities-identified-in-wago-controllers/?web_view=true

A Simple Bug Exposed Access To Thousands Of Smart Security Alarm Systems

“U.S. power and electronics giant Eaton has fixed a security vulnerability that allowed a security researcher to remotely access thousands of smart security alarm systems. Security researcher Vangelis Stykas said he found the vulnerability in Eaton’s SecureConnect, a cloud-based system that allows customers to remotely access, manage, and arm and disarm their security alarm systems from a mobile app. Stykas said the vulnerability allowed anyone to sign up as a new user and assign that account to any other group of users, including a “root” group, which has access to all of the smart alarm systems connected to Eaton’s cloud.”

Binaré’s platform will check your IoT device, e.g. smart alarm system, for a wide range of vulnerabilities and security issues and will give you a detailed report on them. Make a step towards security of your business already today: try our FREE Demo at https://binare.io/!

More information about the incident:
https://techcrunch.com/2023/06/16/eaton-secureconnect-security-alarm-vulnerability/?&web_view=true&guccounter=1&guce_referrer=aHR0cHM6Ly9jeXdhcmUuY29tLw&guce_referrer_sig=AQAAAHBSIUuxhxMxy-_gimDTHK_oixU9Q3C2q7pA2GEFtMRF0YToN2BEFUX2OSMkuxiihZoLj1nxmdS3GRJz1dY2O2t8aVny3EBYJRfZbcWGLCFQBPW1FKZehh4oK3U6U6tku8F5j9bthsv127Cecv9Qio8YEslIsARcwUjuWtdskQg3

IoT Botnet DDoS Attacks Threaten Global Telecom Networks, Nokia

“A recent report from Nokia’s Threat Intelligence Center sheds light on the alarming rise of IoT botnet DDoS attacks targeting telecom networks worldwide. The study reveals a fivefold increase in such attacks over the past year, with cybercriminals exploiting insecure IoT devices and profit-driven hacking collectives. This surge in malicious activity initially observed during the Russia-Ukraine conflict, has now spread to various regions globally, jeopardizing critical infrastructure and services beyond telecom networks.”

Case Studies

More information about the incident:
https://www.hackread.com/iot-botnet-ddos-attacks-telecom-networks-nokia/?web_view=true

Free icons courtesy of flaticon.com by authors: Smashicons, Freepik, Eucalyp, Awicon.