Unsaflok Flaw Can Let Hackers Unlock Millions Of Hotel Doors
“Researchers disclosed vulnerabilities today that impact 3 million Saflok electronic RFID locks deployed in 13,000 hotels and homes worldwide, allowing the researchers to easily unlock any door in a hotel by forging a pair of keycards.”
Binaré provides IoT device manufacturers with a platform that checks an IoT device for a wide range of vulnerabilities and security issues (including SBoM/Software-Bill-of-Materials and risky components dependencies) and gives an IoT device manufacturer a detailed report on them. Make a step towards security of your IoT business already today: try our FREE Demo at https://binare.io/!
More information about the incident:
https://www.bleepingcomputer.com/news/security/unsaflok-flaw-can-let-hackers-unlock-millions-of-hotel-doors/?&web_view=true
QNAP Warns Of Critical Auth Bypass Flaw In Its NAS Devices
“QNAP warns of vulnerabilities in its NAS software products, including QTS, QuTS hero, QuTScloud, and myQNAPcloud, that could allow attackers to access devices. The Taiwanese Network Attached Storage (NAS) device maker disclosed three vulnerabilities that can lead to an authentication bypass, command injection, and SQL injection. While the last two require the attackers to be authenticated on the target system, which significantly lessens the risk, the first (CVE-2024-21899) can be executed remotely without authentication and is marked as “low complexity.””
Binaré’s platform will check your IoT device, e.g. NAS device, for a wide range of vulnerabilities and security issues and will give you a detailed report on them. Make a step towards security of your business already today: try our FREE Demo at https://binare.io/!
More information about the incident:
https://www.bleepingcomputer.com/news/security/qnap-warns-of-critical-auth-bypass-flaw-in-its-nas-devices/?&web_view=true
Critical Fortinet Flaw May Impact 150,000 Exposed Devices
“Scans on the public web show that approximately 150,000 Fortinet FortiOS and FortiProxy secure web gateway systems are vulnerable to CVE-2024-21762, a critical security issue that allows executing code without authentication. America’s Cyber Defense Agency CISA confirmed last month that attackers are actively exploiting the flaw by adding it to its Known Exploited Vulnerabilities (KEV) catalog.”
Binaré’s platform will check your IoT device for a wide range of vulnerabilities and security issues and will give you a detailed report on them. Make a step towards security of your business already today: try our FREE Demo at https://binare.io/!
More information about the incident:
https://www.bleepingcomputer.com/news/security/critical-fortinet-flaw-may-impact-150-000-exposed-devices/?&web_view=true
Eken Camera Doorbells Allow Ill-Intentioned Individuals To Spy On You
“Researchers from Consumer Reports (CR) discovered severe vulnerabilities in doorbell cameras manufactured by the Chinese company Eken Group Ltd. The company produces video doorbells under the brand names EKEN and Tuck, its products are by major retailers, including Amazon, Walmart, Shein, Sears and Temu. The security flaws could allow threat actors to view footage from the devices or control them completely.”
Binaré’s platform will check your IoT device, e.g. video camera, for a wide range of vulnerabilities and security issues and will give you a detailed report on them. Make a step towards security of your business already today: try our FREE Demo at https://binare.io/!
More information about the incident:
https://securityaffairs.com/159883/hacking/eken-camera-doorbells-flaws.html?web_view=true
Chinese PC-maker Acemagic Customized Its Own Machines To Get Infected With Malware
“Chinese PC maker Acemagic has admitted some of its products shipped with pre-installed malware. YouTuber The Net Guy found malware on Acemagic mini PCs when he tested them in early February. He didn’t have to work hard to find it: within a few minutes of booting the machine, Windows Defender reported the presence of the Bladabindi malware – a known backdoor that steals users’ info and can also install other malicious programs.”
Binaré’s platform will check your IoT device, e.g. PC, for a wide range of vulnerabilities and security issues and will give you a detailed report on them. Make a step towards security of your business already today: try our FREE Demo at https://binare.io/!
More information about the incident:
https://www.theregister.com/2024/02/29/acemagic_chinese_pc_malware_infection/?&web_view=true
South Korea Says Semiconductor Industry Targeted By Cyber-Spies From North
“North Korean hackers breached at least two South Korean microchip equipment companies in recent months, stealing product design drawings and facility site photos, according to South Korea’s spy agency. The National Intelligence Service (NIS) did not disclose the names of the victims but said that hackers used living-off-the-land techniques to attack them. This approach involves using tools already present in the targeted system, rather than external malicious software, making such attacks harder to detect.”
Binaré offers a security-testing platform to prevent various businesses from cyberattacks. Binaré is concerned about security of the IoT device your business is using. Come to our web page and assess the security risk your IoT device possesses with our FREE Demo! The link for the web page: https://binare.io/.
More information about the incident:
https://therecord.media/south-korea-semiconductor-industry-espionage-north-korea?&web_view=true
Free icons courtesy of flaticon.com by authors: Freepik, Flat Icons, VectorPortal, Good Ware.