ZuoRAT Home-Office Routers Spying On North American & European Networks
“A never-before-seen remote access trojan dubbed ZuoRAT has been singling out small office/home office (SOHO) routers as part of a sophisticated campaign targeting North American and European networks.” According to Lumen Black Lotus Labs researchers, the malware gives permission the third-party to pivot into the local network and gain access to additional systems on the LAN by hijacking network communications to maintain an undetected foothold. The targeted by the malicious campaign routers are from ASUS, Cisco, DrayTek, and NETGEAR.
Binaré’s platform will check your IoT device, e.g. router, for a wide range of vulnerabilities and security issues and will give you a detailed report on them. Make a step towards security of your business already today: try our FREE Demo at https://binare.io/!
More information about the incident:
https://thehackernews.com/2022/06/zuorat-malware-hijacking-home-office.html?&web_view=true
Mitel MiVoice VoIP Appliances Under Cyberattack
A zero-day RCE vulnerability (CVE-2022-29499) has been exploited by cybercriminals on Linux-based Mitel MiVoice VoIP appliances. “According to researchers, the exploit was used for gaining initial access to an attempted ransomware attack.” Currently over 21,000 Mitel devices are publicly accessible online, mostly located in the U.S. and the U.K.
Binaré’s platform will check your IoT device, e.g. VoIP device, for a wide range of vulnerabilities and security issues and will give you a detailed report on them. Make a step towards security of your business already today: try our FREE Demo at https://binare.io/!
More information about the incident:
https://cyware.com/news/attacker-targets-rce-bug-in-mitel-mivoice-voip-appliances-374c5eb8
Automotive Fabric Supplier TB Kawashima Announces Cyberattack
“TB Kawashima, part of the Japanese automotive component manufacturer Toyota Boshoku of the Toyota Group of companies, announced that one of its subsidiaries has been hit by a cyberattack.” The company suspects that an attack comes from the LockBit ransomware group. TB Kawashima’s offices and plants are spread over the U.S., China, Thailand, Indonesia, and India.
Binaré believes that the security of the automotive industry deserves special attention as it is tightly connected to the lives of human beings. Binaré is concerned about the security of your hardware. Come to our web page and check your hardware with our FREE Demo! The link for the web page: https://binare.io/.
More information about the incident:
https://www.bleepingcomputer.com/news/security/automotive-fabric-supplier-tb-kawashima-announces-cyberattack/?&web_view=true
Ukrainian Telcos Targeted By DarkCrystal RAT
“Ukraine has been facing constant cyberattacks since the geopolitical warfare started.” Recently, Ukrainian telecommunications operators have been targeted by malicious hackers. In detail, “threat actors are sharing malspam messages with the subject ‘Free Primary Legal Aid’ to disseminate the DarkCrystal RAT or DCRat onto victims’ systems.”
Binaré believes that the security of the telecommunications industry deserves special attention as this industry owns/operates a myriad of IoT devices at its networks. Binaré is concerned about the security of your Telecom IoT device. Read how Binaré can help telcos to improve their cybersecurity posture here: https://blog.binare.io/resources/binare-case-studies/.
More information about the incident:
https://cyware.com/news/darkcrystal-rat-targets-ukrainian-telcos-71a5c81f
Several ICS Vendors Affected By OT:Icefall Vulnerabilities
“Several industrial control system (ICS) vendors impacted by the recently-disclosed OT:Icefall vulnerabilities have released advisories to inform customers about the impact of the flaws and to provide mitigations.” OT:Icefall is a collection of 56 security flaws found by Forescout researchers across the products of ten companies that make operational technology (OT) systems. The affected products include engineering workstations, PLCs, distributed control systems, building controllers, safety instrumented systems, remote terminal units, and SCADA systems.
Binaré provides IoT device manufacturers with a platform that checks an IoT device for a wide range of vulnerabilities and security issues (including SBoM/Software-Bill-of-Materials and risky components dependencies) and gives an IoT device manufacturer a detailed report on them. Make a step towards the security of your IoT business already today: try our FREE Demo at https://binare.io/!
More information about the incident:
https://www.securityweek.com/affected-ics-vendors-start-responding-oticefall-vulnerabilities?&web_view=true
QNAP NAS Devices Exposed to RCE Attacks
QNAP has informed its customers hat some of its Network Attached Storage (NAS) devices are vulnerable to attacks that would exploit a PHP vulnerability allowing remote code execution. It has been reported that affected versions are 7.1.x below 7.1.33, 7.2.x below 7.2.24, and 7.3.x below 7.3.11.
Binaré offers a security-testing platform to prevent international businesses from cyber-attacks. Binaré is concerned about the security of the IoT device your business is using. Come to our web page and assess the security risk your IoT device possesses with our FREE Demo! The link for the web page: https://binare.io/.
More information about the incident:
https://www.bleepingcomputer.com/news/security/critical-php-flaw-exposes-qnap-nas-devices-to-rce-attacks/?&web_view=true
Free icons courtesy of flaticon.com by authors: Freepik, Konkapp