Numerous Security Issues Identified In Netgear Nighthawk R6700 Routers
Netgear Nighthawk R6700v3 routers running the latest firmware are affected by several vulnerabilities. The most important of these security bugs results in an authenticated attacker being able to inject commands that would be executed when the device checks for updates. “Tracked as CVE-2021-20173, the issue exists because unsanitized input is being sent to system() calls in the upnpd binary. The attacker can send requests from the SOAP interface to force update checks and trigger the execution of commands.”
Binaré’s platform will check your IoT device, e.g. router, for a wide range of vulnerabilities and security issues and will give you a detailed report on them. Make a step towards security of your business already today: try our FREE Demo at https://binare.io/!
More information about the incident:
https://www.securityweek.com/multiple-vulnerabilities-impact-netgear-nighthawk-r6700-routers?&web_view=true
FIN7 Hackers Target US companies with BadUSB Devices to Install Ransomware
“The US Federal Bureau of Investigation says that FIN7, an infamous cybercrime group that is behind the Darkside and BlackMatter ransomware operations, has sent malicious USB devices to US companies over the past few months in the hopes of infecting their systems with malware and carrying out future attacks.” According to FBI, if recipients plugged the USB thumb drives into their computers, the devices would execute a BadUSB attack, where the USB drive would register itself as a keyboard instead and send a series of preconfigured automated keystrokes to the user’s PC.
Binaré has come up with a solution that prevents businesses from cyber-attacks. Binaré is concerned about the security of IoT device your business is using. Come to our web page and check your device with our FREE Demo! The link for the web page: https://binare.io/.
More information about the incident:
https://therecord.media/fbi-fin7-hackers-target-us-companies-with-badusb-devices-to-install-ransomware/
New Guidance Addresses Role of Manufacturers in Medical Device Security
The Healthcare Supply Chain Association has recently published two guides that outline key privacy and cybersecurity considerations for medical devices, targeted at healthcare delivery organizations and manufacturers. “The guides aim to support both manufacturers and providers with protecting patient safety and privacy and include recommendations for medical device security terms and conditions for purchasing contacts to support the rapid adoption of cybersecurity measures in healthcare.”
Binaré recommends smart device manufacturers as well as businesses that use smart devices to check them for vulnerabilities with Binaré’s automated IoT vulnerability management and firmware analysis platform to make the use of these devices safe. Assess the security risk your IoT device possesses for FREE with our Demo here: https://binare.io/.
More information about the incident:
https://www.scmagazine.com/analysis/iot/new-guidance-tackles-role-of-manufacturers-in-medical-device-security-patient-safety?&web_view=true
New Ways to Hide Malware Inside SSD Firmware Discovered
Korean cybersecurity researchers have developed a new set of attacks against Solid-State Drives (SSDs). “The attacks target drives with flex capacity features and hidden areas on the device called over-provisioning areas used by SSD makers for performance optimization on storage systems based on NAND flash.”
Binaré’s platform will protect your IoT device from firmware attacks. Make a step towards security of your business already today: try our FREE Demo at https://binare.io/!
More information about the incident:
https://cyware.com/news/new-ways-to-hide-malware-inside-ssd-firmware-discovered-baa1a2f7
KCodes NetUSB Flaw Exposes Millions of Routers to RCE Attacks
A high-severity remote code execution vulnerability tracked as CVE-2021-45388 has been identified in the KCodes NetUSB kernel module, used by millions of router devices from different vendors. “Successfully exploiting this flaw would allow a remote threat actor to execute code in the kernel, and although some restrictions apply, the impact is broad and could be severe.”
Binaré’s platform will check your IoT device, e.g. router, for a wide range of vulnerabilities and security issues and will give you a detailed report on them. Make a step towards security of your business already today: try our FREE Demo at https://binare.io/!
More information about the incident:
https://www.bleepingcomputer.com/news/security/kcodes-netusb-bug-exposes-millions-of-routers-to-rce-attacks/?&web_view=true
Free icons courtesy of flaticon.com by authors: Umeicon, Freepik, smalllikeart, vectorsmarket15