OpenSSL Publishes Patches For 2 Critical Security Flaws
The maintenance team of OpenSSL has fixed two high-severity vulnerabilities in its software that could be exploited in denial-of-service (DoS) attacks and could have been used to skip certification verification. Both flaws, known as CVE-2021-3449 and CVE-2021-3450, have been fixed in a latest version OpenSSL 1.1.1k that was released on Thursday, 25th of March. OpenSSL is a software library used to secure communications sent over a computer network. Whilst CVE-2021-3449 concerns a hidden DoS vulnerability stemming from NULL pointer dereferencing that could lead to a crash of an OpenSSL TLS server in the certain circumstances, CVE-2021-3450 is related to an X509_V_FLAG_X509_STRICT flag that activates additional security checks of certificates.
Binaré offers an effective solution to check your software for a wide range of vulnerabilities and security issues. Check your software for FREE with our Demo here: https://binare.io/!
More information about the incident can be found here: https://thehackernews.com/2021/03/openssl-releases-patches-for-2-high.html
Hacked PHP’s Git Server – Hidden Way To Its Source Code
The official Git server of the PHP programming language has been hacked in a software supply chain attack: Unidentified hackers “pushed unauthorized updates to insert a secret backdoor into its source code”. In particular, the two malicious updates were pushed to the self-hosted “php-src” repository hosted on the git.php.net server on the behalf of Rasmus Lerdorf, the author of the PHP programming language, and Nikita Popov, a software developer at Jetbrains. The changes in the source code were marked as “Fix Typo” in order to be invisible and undetected.
Binaré provides you not only with the platform but also with professional services that will help your business to avoid cyberattacks. Get an improved cybersecurity posture with Binaré’s expert and advisory services! Sign up here https://try.binare.io/get_in_touch and we will reach out to you as soon as possible.
More information about the incident can be found here: https://thehackernews.com/2021/03/phps-git-server-hacked-to-insert-secret.html
Pre-Installed Malware Dropper Identified On German Gigaset Android Phones
Users of Gigaset smart phones get undesired apps that are installed via a pre-installed system update app, package name com.redstone.ota.ui. The issue affects not only Gigaset phones but also devices from plenty of other manufacturers. The list of affected devices includes Gigaset GS270, Gigaset GS160, Siemens GS270, Siemens GS160, Alps P40pro, and Alps S20pro+. The malicious Update App installs a trojan in three versions that is able to:
- Send SMS and WhatsApp messages
- Redirect users to malicious game websites
- Download additional malware-laced apps
Binaré is concerned about the security of IoT device your business is using. Come to our web page and check your device with our FREE Demo! The link for the web page: https://binare.io/.
More information about the incident can be found here:
https://thehackernews.com/2021/04/pre-installed-malware-dropper-found-on.html?
New Cring Ransomware Attacks Fortinet VPN Devices
A new human-operated ransomware, called as Cring, exploits a vulnerability affecting Fortinet VPNs to breach and encrypt industrial sector companies’ networks. According to Kaspersky researchers, the hackers exploit the CVE-2018-13379 vulnerability in unpatched Internet-exposed Fortigate SSL VPN servers. The attack targets industrial enterprises in European countries and so far in at least one case an attack led to a temporary shutdown of the industrial process since servers used to control the industrial process became encrypted.
Binaré has come up with a solution that prevents businesses from cyber-attacks. Binaré is concerned about the security of IoT device your business is using. Come to our web page and check your device with our FREE Demo! The link for the web page: https://binare.io/.
More information about the incident can be found here: https://www.bleepingcomputer.com/news/security/new-cring-ransomware-hits-unpatched-fortinet-vpn-devices/
https://thehackernews.com/2021/04/hackers-exploit-unpatched-vpns-to.html
Whistleblower States Ubiquiti Networks Data Breach Was Tragic
A whistleblower that commented on a data breach suffered by Ubiquiti Networks adds that the incident could be described as ‘catastrophic’. The incident happened in the beginning of January: On 11th of January, Ubiquiti Networks, a provider of the networking equipment and Internet of Things (IoT) devices, started to send out emails to users telling them about a recent security breach. The organization claimed that unauthorized third-party got an access to Ubiquiti systems where account information was stored: names, email addresses, password credentials, home addresses and phone numbers.
Binaré provides IoT device manufacturers with a platform that checks an IoT device for a wide range of vulnerabilities and security issues (including SBoM/Software-Bill-of-Materials and risky components dependencies) and gives an IoT device manufacturer a detailed report on them. Make a step towards the security of your IoT business already today: try our FREE Demo at https://binare.io/!
More information about the incident can be found here:
https://www.zdnet.com/google-amp/article/whistleblower-claims-ubiquiti-networks-data-breach-was-catastrophic/
Zero-Day Flaw Affects Cisco SOHO Routers
Cisco claims that it will not fix a vulnerability identified in its three small business router models (RV110W, RV130, and RV215W) and one VPN firewall device (RV130W). The bug has received a rating of 9.8 out of 10.0 (high severity) but is not going to be patched, according Cisco, as the devices “have entered the end-of-life process”. The company comments on the reason behind the incident: “The flaw is due to improper validation of user-supplied input in the web-based management interface”. However, it should be noted, that this is not a first incident when Cisco SOHO routers have been hacked: In 2019 another similar vulnerability, known as CVE-2019-1663, was exploited and referred to “Cisco’s reliance on the use of insecure C programming language, such as strcpy (string copy)”.
Binaré’s platform will check your IoT device, e.g. router, for a wide range of vulnerabilities and security issues and will give you a detailed report on them. Make a step towards the security of your business already today: try our FREE Demo at https://binare.io/!
More information about the incident can be found here:
https://threatpost.com/zero-day-bug-soho-routers/165321/
Free icons courtesy of flaticon.com by authors: Freepik, Pixel Perfect, Smashicons