New Research Reveals Spectre Vulnerability Persists in Latest AMD and Intel Processors
“More than six years after the Spectre security flaw impacting modern CPU processors came to light, new research has found that the latest AMD and Intel processors are still susceptible to speculative execution attacks.
The attack, disclosed by ETH Zürich researchers Johannes Wikner and Kaveh Razavi, aims to undermine the Indirect Branch Predictor Barrier (IBPB) on x86 chips, a crucial mitigation against speculative execution attacks.”
Binaré’s platform will check your IoT device, e.g. processor, for a wide range of vulnerabilities and security issues and will give you a detailed report on them. Make a step towards security of your business already today: try our FREE Demo at https://binare.io/!
More information about the incident:
https://thehackernews.com/2024/10/new-research-reveals-spectre.html?&web_view=true
Critical Flaw in Synology Camera Firmware Expose Devices to RCE and DoS Attacks
“Synology has issued a security advisory, Synology-SA-24:17, warning of critical vulnerabilities in several of its camera firmware products, including Synology Camera BC500, TC500, and CC400W. The vulnerabilities, which could allow remote attackers to execute arbitrary code, bypass security constraints, and initiate denial-of-service (DoS) attacks, pose a significant risk to users if not addressed immediately.”
Binaré’s platform will check your IoT device, e.g. camera, for a wide range of vulnerabilities and security issues and will give you a detailed report on them. Make a step towards security of your business already today: try our FREE Demo at https://binare.io/!
More information about the incident:
https://securityonline.info/critical-flaw-in-synology-camera-firmware-expose-devices-to-rce-and-dos-attacks/?&web_view=true#google_vignette
Helmholz REX100 Industrial Routers Found Vulnerable to Critical Security Exploits
“CERT@VDE has issued a security advisory disclosing multiple vulnerabilities in Helmholz REX100 industrial routers, potentially allowing unauthorized access and remote code execution.
The Helmholz REX100, an industrial Ethernet router designed to facilitate secure remote access to industrial equipment, has been found to contain several critical vulnerabilities. These security flaws pose a significant risk to organizations utilizing the REX100 for managing and monitoring their operational technology (OT) environments.”
Binaré’s platform will check your IoT device, e.g. router, for a wide range of vulnerabilities and security issues and will give you a detailed report on them. Make a step towards security of your business already today: try our FREE Demo at https://binare.io/!
More information about the incident:
https://securityonline.info/helmholz-rex100-industrial-routers-found-vulnerable-to-critical-security-exploits/?&web_view=true
EU Adopts Cyber Resilience Act for Connected Devices
“The European Union Council has officially adopted the Cyber Resilience Act (CRA) which will introduce EU-wide cybersecurity requirements for products with digital elements.
From smart doorbells and speakers to baby monitors, the regulation will apply to all products that are connected either directly or indirectly to another device or network.
The new regulation aims to fill the gaps, clarify the links and make the existing cybersecurity legislative framework more coherent, ensuring that products with digital components, for example Internet of Things (IoT) products, are made secure throughout the supply chain and throughout their lifecycle.”
Binaré provides IoT device manufacturers with a platform that checks an IoT device for a wide range of vulnerabilities and security issues (including SBoM/Software-Bill-of-Materials and risky components dependencies) and gives an IoT device manufacturer a detailed report on them. Make a step towards security of your IoT business already today: try our FREE Demo at https://binare.io/!
More information about the incident:
https://www.infosecurity-magazine.com/news/eu-adopts-cyber-resilience-act/?&web_view=true
Zyxel Devices Targeted by Malicious Actors: Urgent Firmware Update Required
“A recent security announcement from security researcher Serhii Boiarynov at the Zyxel EMEA team has uncovered malicious activity targeting Zyxel security appliances. Attackers are exploiting previously known vulnerabilities in the ATP and USG FLEX series to steal credentials and gain unauthorized access via SSL VPN tunnels. This activity has been traced to devices running outdated firmware versions, specifically between ZLD V4.32 and ZLD V5.38.”
Binaré’s platform will check your IoT device for a wide range of vulnerabilities and security issues and will give you a detailed report on them. Make a step towards security of your business already today: try our FREE Demo at https://binare.io/!
More information about the incident:
https://securityonline.info/zyxel-devices-targeted-by-malicious-actors-urgent-firmware-update-required/?&web_view=true
CVE-2024-41798 (CVSS 9.8): Siemens SENTRON PAC3200 Meters Vulnerable to Easy Attacks, No Patch!
“A newly disclosed vulnerability (CVE-2024-41798) in Siemens SENTRON PAC3200 power meters could allow attackers to gain administrative access with alarming ease. The vulnerability, assigned a CVSS score of 9.8, highlights a critical weakness in the device’s security design.”
Binaré’s platform will check your IoT device, e.g. smart meter, for a wide range of vulnerabilities and security issues and will give you a detailed report on them. Make a step towards security of your business already today: try our FREE Demo at https://binare.io/!
More information about the incident:
https://securityonline.info/cve-2024-41798-cvss-9-8-siemens-sentron-pac3200-meters-vulnerable-to-easy-attacks-no-patch/?&web_view=true
Free icons courtesy of flaticon.com by authors: Those Icons, Freepik, Wichai.wi, Smashicons.