KiwiSDR Product Has Been Discovered To Be Exposed For Years
KiwiSDR is a hardware that uses a software-defined radio to track transmissions in a local area and stream them over the Internet. On Wednesday 14th of July, users got to know that for many years their devices and networks were exposed: the devices had been equipped with a backdoor that allowed the KiwiSDR creator to log in to the devices with administrative system rights. Then the remote third-party could make configuration changes and access data not just for the KiwiSDR but in many cases to the Raspberry Pi, BeagleBone Black, or other computing devices the SDR hardware is connected to.
Binaré recommends all networking hardware manufacturers as well as businesses that use networking hardware to check it for vulnerabilities with Binaré’s automated IoT vulnerability management and firmware analysis platform to make the use of these devices safe. Assess the security risk your IoT device possesses for FREE with our Demo here: https://binare.io/.
More information about the incident can be found here: https://arstechnica.com/gadgets/2021/07/for-years-a-backdoor-in-popular-kiwisdr-product-gave-root-to-project-developer/
SonicWall Warns Its Customers – Secure VPN Hardware Bugs Under Attack
SonicWall published an urgent announcement that some of its present legacy secure VPN appliances have been under cyber attack. Security vendor advises its customers to patch its enterprise secure VPN hardware to thwart an “imminent ransomware campaign using stolen credentials” that’s exploiting security holes in current models and those running legacy firmware. The targets of the ransomware campaign are the company’s Secure Mobile Access (SMA) 100 series and Secure Remote Access (SRA) secure VPN appliances with both unpatched and end-of-life (EoL) 8.x firmware. Read about another SonicWall breach in Binare’s previous news rundown: https://blog.binare.io/2021/03/23/security-vulnerabilities-newsletter-top-news-rundown-weeks-10-11-2021/.
Binaré has come up with a solution that prevents businesses from cyber-attacks. Binaré is concerned about the security of IoT device your business is using. Come to our web page and check your device with our FREE Demo! The link for the web page: https://binare.io/.
More information about the incident can be found here:
https://threatpost.com/sonicwall-vpn-bugs-attack/167824/
https://www.zdnet.com/article/sonicwall-releases-urgent-notice-about-imminent-ransomware-targeting-firmware/
Critical Vulnerability Discovered In Schneider Electric Modicon PLCs
Armis researchers found out a new security flaw, tracked as CVE-2021-22779, in Schneider Electric (SE) Modicon programmable logic controllers: the vulnerability bypasses security mechanisms added to these PLCs to prevent abuse of undocumented Modbus commands. The undocumented commands allow full control over the PLC: overwriting critical memory regions, leaking sensitive memory data, or invoking internal functions. According to Armis researchers, these commands can be exploited to take over the PLC and gain native code execution on the device which can be used to change the operation of the PLC, while hiding the alterations from the engineering workstation that manages the PLC. The attack is of unauthenticated type and requires only network access to the targeted PLCs.
Binaré provides IoT device manufacturers with a platform that checks an IoT device for a wide range of vulnerabilities and security issues (including SBoM/Software-Bill-of-Materials and risky components dependencies) and gives an IoT device manufacturer a detailed report on them. Make a step towards security of your IoT business already today: try our FREE Demo at https://binare.io/!
More information about the incident can be found here:
https://www.armis.com/research/modipwn/
https://medium.com/tenable-techblog/examining-crypto-and-bypassing-authentication-in-schneider-electric-plcs-m340-m580-f37cf9f3ff34
https://www.theregister.com/2021/07/13/armis_schneider_electric_flaw/
Another Unpatched Windows Printer Spooler Flaw Discovered
Barely a week after Microsoft announced about an unpatched security vulnerability in the Windows Print Spooler service, probably another zero-day security vulnerability in the same component has been revealed, which makes it the fourth printer-related security issue to be discovered in recent weeks. Read about Microsoft “PrintNightmare” incident in Binare’s previous news rundown: https://blog.binare.io/2021/07/07/security-vulnerabilities-newsletter-top-news-rundown-weeks-26-27-2021/. A newly discovered vulnerability allows a hacker to execute arbitrary code with SYSTEM privileges on a vulnerable Windows machine by connecting to a malicious print server under their control.
Ensuring security of office equipment is essential and Binaré is ready to help with that! Binaré’s platform will check your printer for a wide range of vulnerabilities and security issues and will give you a detailed report on them. Make a step towards the security of your business already today: try our FREE Demo at https://binare.io/!
More information about the incident can be found here: https://thehackernews.com/2021/07/researcher-uncover-yet-another.html
iPhone WiFi Crash Bug
The iPhone Wifi bug has turned to be worse than initially thought after mobile security firm ZecOps showed how the bug could be used for remote code execution attacks. According to Danish security researcher Carl Schou who discovered the bug, the bug could crash any up-to-date iPhone that connected to an access point or WiFi network. As WiFi network names are written on disk in certain files, every time the iPhone tried to connect to a WiFi network, iOS would read those files and crash and reboot in a loop. In the beginning, the security issue was considered as quite a big deal before iOS experts discovered that disabling WiFi and resetting iOS network settings would clear those local files of the problematic network name and allow users to use their WiFi feature again.
Binaré highlights that the bigger is the business, the more complicated and costly are the consequences of the cyber attack. Binaré advises big business players to integrate cybersecurity as part of their business, for example, by using Binaré’s automated IoT vulnerability management and firmware analysis platform. Check your firmware/IoT device for FREE with our Demo here: https://binare.io/.
More information about the incident can be found here: https://therecord.media/that-iphone-wifi-crash-bug-is-far-worse-than-initially-thought/
Critical Vulnerability Identified In D-Link Routers
Cisco Talos, the threat intelligence research team of Cisco, has recently discovered several high-severity security bugs in the router of D-LINK, DIR-3040, which is an AC3000-based wireless internet router. The vulnerability is easily exploitable and allows an attacker to execute arbitrary code to gain access to the sensitive data and also disable a device through a denial of service attack. In sum, the security analysts have detected 5 high-severity flaws including hardcoded password vulnerabilities, command injection vulnerabilities, and information disclosure vulnerabilities that are tracked as CVE-2021-21816, CVE-2021-21817, CVE-2021-21818, CVE-2021-21819 & CVE-2021-21820.
Binaré’s platform will check your IoT device, e.g. router, for a wide range of vulnerabilities and security issues and will give you a detailed report on them. Make a step towards security of your business already today: try our FREE Demo at https://binare.io/!
More information about the incident can be found here: https://cybersecuritynews.com/d-link-critical-flaw-let-attackers-execute-arbitrary-code/
Millions of Printers Worldwide Found To Be Vulnerable
SentinelLabs, the Threat Intelligence and Malware Analysis Division of American cybersecurity startup, has recently identified a critical flaw in HP, Samsung, and Xerox printer drivers. It has been almost 16 years that HP, Samsung, and Xerox are releasing printers worldwide with the vulnerable driver. The discovered vulnerability is tracked as CVE-2021-3438 and has a CVSS score of 8.8 indicating high-severity. An exploitation of kernel driver vulnerability can lead an unprivileged third-party to a SYSTEM account and run code in kernel mode. One of the obvious abuses of such flaws are that they could be used to bypass security products.
Binaré’s platform will check your IoT device, e.g. printer, for a wide range of vulnerabilities and security issues and will give you a detailed report on them. Make a step towards security of your business already today: try our FREE Demo at https://binare.io/!
More information about the incident can be found here: https://labs.sentinelone.com/cve-2021-3438-16-years-in-hiding-millions-of-printers-worldwide-vulnerable/
Free icons courtesy of flaticon.com by authors: Freepik