ClickStudios PasswordState Data Breach Resulted In A Supply Chain Attack
Australian security software company ClickStudios informed their global customer base about the data breach via e-mail. The data breach allowed hackers to push a malicious update to company’s flagship enterprise password manager Passwordstate to steal customer passwords. Based on the amount of company’s customers, it can be estimated that the cyber attack might affect the work of 29 000 enterprises including Fortune 500 customers. According to ClickStudios, the supply chain attack started with an update of the Passwordstate app. Although ClickStudios recommended its customers that use password manager to reset all the stored passwords, VPNs, Firewall, Switches and local accounts, it should be noted that Passwordstate is connected to numerous crucial areas of a company such as API integration, access control, two-factor authentication which makes Passwordstate an attractive target for potential cyber attacks.
Binaré provides you not only with the platform but also with professional services that will help your business to avoid cyberattacks. Get an improved cybersecurity posture with Binaré’s expert and advisory services! Sign up here https://try.binare.io/get_in_touch and we will reach out to you as soon as possible.
More information about the incident can be found here:
https://lordx64.medium.com/initial-analysis-of-passwordstate-supply-chain-attack-backdoor-code-aaff1df389e4
https://www.zdnet.com/article/enterprises-need-to-change-passwords-following-clickstudios-passwordstate-attack/
Feral Terror Vulnerability Identified In Some Netgear Smart Switches
So called Feral Terror flaw has been discovered in 17 models of NETGEAR managed smart switches and requires firmware upgrading. The vulnerability has received a CVSS rating of 8.8 out of 10.0 which indicates high severity of the flaw. The flaw allows a LAN-based attacker to run any Linux shell commands without any authorization as root. The switches that are accessible through an Internet IP address require immediate patching.
Binaré recommends all networking hardware manufacturers as well as businesses that use networking hardware to check it for vulnerabilities with Binaré’s automated IoT vulnerability management and firmware analysis platform to make the use of these devices safe. Check your IoT device for FREE with our Demo here: https://binare.io/.
More information about the incident can be found here:
https://gynvael.coldwind.pl/?id=733&
Critical Vulnerabilities Identified In The Qualcomm IPQ40xx Family Of Chips
Cybersecurity researchers have found 4 vulnerabilities to exploit in the IPQ40xx chips – widespread System-on-Chip (SoC) solutions for consumer and enterprise networking products. The SoC is made by by Qualcomm, a multinational corporation that creates semiconductors, software, and services related to wireless technology. The following CVEs were assigned to these flaws: CVE-2020-11256, CVE-2020-11257, CVE-2020-11258 and CVE-2020-11259. All the vulnerabilities have received a CVSS rating of 9.3 out of 10.0 which indicates high severity of the flaws. IPQ40xx chips are included into design of many devices like like the ASUS RT-AC58U, Cisco Meraki MR33 and Aruba AP-365. In general, IPQ40xx chips are these days widely present on mobile phones, Smart TVs, set-top-boxes and ECUs. The cybersecurity researchers advise OEMs to roll out software updates as soon as possible.
Binaré advises OEMs to use Binaré’s automated IoT vulnerability management and firmware analysis platform to check their products for a wide range of vulnerabilities and security issues before selling them to IoT device manufacturers. Check your firmware/IoT device for FREE with our Demo here: https://binare.io/.
More information about the incident can be found here:
https://raelize.com/blog/qualcomm-ipq40xx-an-unexpected-cup-of-tee/ https://www.zdnet.com/article/qualcomm-chip-vulnerability-found-in-millions-of-google-samsung-and-lg-phones/
Patch Against FlagAttacks – A Dozen Of WiFi Security Vulnerabilities Discovered
Security researcher Mathy Vanhoef has discovered numerous flaws that affect literally every device that uses WiFi. However, many attacks require user interaction and, therefore, are hard to abuse, according to the researcher. The WiFi vulnerabilities identified concern:
- The ability to inject plaintext frames
- The ability of devices to accept any unencrypted frame
- The ability of devices to accept plaintext aggregated frames
- The ability of WiFi frames to be fragmented
- The ability of receivers to reassemble WiFi frames
Several networking device manufacturers such as Cisco and Juniper have already released patches for some of their affected products whilst Sierra is not planning to update some of its affected products. Discovered WiFi vulnerabilities have received a CVSS rating of between 4.8 to 6.5. out of 10.0 which indicates medium severity of the flaws.
Binaré offers the security-testing platform to prevent international businesses from cyber-attacks. Binaré is concerned about the security of IoT device your business is using. Come to our web page and check your IoT device for WiFi security vulnerabilities with our FREE Demo! The link for the web page: https://binare.io/.
More information about the incident can be found here:
https://www.zdnet.com/article/time-to-patch-against-fragattacks-but-good-luck-with-home-routers-and-iot-devices/
Cybercriminal Attackers Hacked The US Colonial Pipeline
On May 7 an American oil pipeline system that provides fuel supply to mainly to the Southeastern United States suffered a ransomware cyberattack that affected computerized equipment managing the pipeline. A ransomware attack cut off nearly a half of the East Coast’s fuel supply. The incident has been acknowledged as one of the largest disruptions of American critical infrastructure by hackers in history. The investigation into the nature and scope of this incident is ongoing, according to Colonial Pipeline’s short public statement.
This incident is a bright example of how important it is to secure critical systems at the national level and especially energy systems. Binaré offers the security-testing platform not only for private businesses using ICS/SCADA/PLC but also for public institutions. Book a meeting with our team and we will help you to check your IoT devices, firmware or environment for vulnerabilities. Sign up here https://try.binare.io/get_in_touch and we will get in touch with you as soon as possible!
More information about the incident can be found here:
https://www.wired.com/story/colonial-pipeline-ransomware-attack/
Free icons courtesy of flaticon.com by authors: Flat Icons, phatplus, smalllikeart, Freepik, Eucalyp