D-Link Vulnerable Routers Identified
4 days ago the Cybersecurity & Infrastructure Security Agency (CISA) added CVE-2021-45382 to its known exploited vulnerabilities catalog as one that has proven to pose the biggest risks. CISA highly recommends to disconnect the affected products that have reached end of life. “CVE-2021-45382 is a Remote Code Execution (RCE) vulnerability that exists in all series H/W revisions D-Link DIR-810L, DIR-820L/LW, DIR-826L, DIR-830L, and DIR-836L routers via the DDNS function in ncc2 binary file.”
Binaré’s platform will check your IoT device, e.g. router, for a wide range of vulnerabilities and security issues and will give you a detailed report on them. Make a step towards security of your business already today: try our FREE Demo at https://binare.io/!
More information about the incident:
https://blog.malwarebytes.com/exploits-and-vulnerabilities/2022/04/cisa-advises-d-link-users-to-take-vulnerable-routers-offline/?web_view=true
Critical Flaws in Rockwell PLC – Open Door for Hackers to Implant Malicious Code
Two new security bugs have been discovered in Rockwell Automation’s programmable logic controllers (PLCs) that could be exploited by a third-party to inject malicious code on affected systems and stealthily modify automation processes. “The flaws have the potential to disrupt industrial operations and cause physical damage to factories”. One security bug can be tracked as CVE-2022-1161 (CVSS score: 10.0 CRITICAL) and another one – as CVE-2022-1159 (CVSS score: 7.7 HIGH-SEVERITY).
Binaré recommends smart device manufacturers as well as businesses that use smart devices to check them for vulnerabilities with Binaré’s automated IoT vulnerability management and firmware analysis platform to make the use of these devices safe. Assess the security risk your IoT device possesses for FREE with our Demo here: https://binare.io/.
More information about the incident:
https://thehackernews.com/2022/04/critical-bugs-in-rockwell-plc-could.html?&web_view=true
Remote ‘Brokenwire’ Hack Creates Obstacle for Charging of Electric Vehicles
Researchers from the University of Oxford in the UK and Switzerland’s Armasuisse federal agency have discovered a new way to remotely interrupt the charging of electric vehicles. “The attack method, named Brokenwire, involves wirelessly sending malicious signals to the targeted vehicle in order to cause electromagnetic interference and disrupt the charging session.”
Binaré believes that security of automotive industry deserves special attention as it is tightly connected to the lives of human-beings. Binaré is concerned about the security of your hardware. Come to our web page and check your hardware with our FREE Demo! The link for the web page: https://binare.io/.
More information about the incident:
https://www.securityweek.com/remote-brokenwire-hack-prevents-charging-electric-vehicles?&web_view=true
QNAP Warns: NAS Devices Affected by OpenSSL Infinite Loop Vulnerability
QNAP, a Taiwanese company, revealed a number of its network-attached storage (NAS) appliances affected by a recently-disclosed security flaw in the open-source OpenSSL cryptographic library. “Tracked as CVE-2022-0778 (CVSS score: 7.5), the issue relates to a bug that arises when parsing security certificates to trigger a denial-of-service condition and remotely crash unpatched devices.”
Binaré’s platform will check your IoT device, e.g. NAS device, for a wide range of vulnerabilities and security issues and will give you a detailed report on them. Make a step towards security of your business already today: try our FREE Demo at https://binare.io/!
More information about the incident:
https://thehackernews.com/2022/03/qnap-warns-of-openssl-infinite-loop.html?&web_view=true
Wyze Cam Bug – Way for Hackers to Remotely Access your Saved Videos
“A Wyze Cam internet camera vulnerability allows unauthenticated, remote access to videos and images stored on local memory cards and has remained unfixed for almost three years.” The authentication bypass flaw can be tracked as CVE-2019-9564 & was reported to the vendor by researchers at Bitdefender in March 2019.
Binaré’s platform will check your IoT device, e.g. camera, for a wide range of vulnerabilities and security issues and will give you a detailed report on them. Make a step towards security of your business already today: try our FREE Demo at https://binare.io/!
More information about the incident:
https://www.bleepingcomputer.com/news/security/wyze-cam-flaw-lets-hackers-remotely-access-your-saved-videos/?&web_view=true
Free icons courtesy of flaticon.com by authors: mattbadal, Freepik, dreamicons, Vectors Market