CISA Warns Of Flaws In Hitachi Energy Products
American CISA, Cybersecurity and Infrastructure Security Agency, has published six advisories to inform organizations about the availability of security patches and notifications for security flaws affecting Hitachi Energy products. The affected surfaces include RTU500 series bidirectional communication interface, Relion protection and control IEDs, Retail Operations and Counterparty Settlement and Billing (CSB) software, the Asset Performance Management (APM) Edge software for transformers, and the PCM600 update manager. The vulnerabilities identified could potentially allow hackers to trigger a DoS condition, execute arbitrary code, eavesdrop on traffic, access or modify data, install untrusted software packages.
Binaré provides you not only with the platform but also with professional services that will help your business to avoid cyberattacks. Get an improved cybersecurity posture with Binaré’s expert and advisory services! Sign up here https://try.binare.io/get_in_touch and we will reach out to you as soon as possible.
More information about the incident:
https://securityaffairs.co/wordpress/125269/security/cisa-warns-hitachi-energy-flaws.html
Insulin Pump Management Vulnerability Could Lead To Device Takeover
Researchers have identified a high-severity vulnerability in the Omnipod Insulin Management System which could allow a malicious third-party to utilize replay-like techniques to send several programming commands of their choice to a targeted OmniPod device. “After obtaining the nonce-word the attacker can send any of these commands without the consent of the user and without any alerts displaying on the user’s devices”.
Binaré has come up with a solution that prevents businesses from cyber-attacks. Binaré is concerned about the security of IoT device your business is using. Come to our web page and check your device with our FREE Demo! The link for the web page: https://binare.io/.
More information about the incident:
https://omnipod.lyrebirds.dk/
New UK Law: Huge Fines & A Ban On Default Passwords
The UK government has introduced new legislation to protect smart devices in people’s homes from being hacked. Default passwords for internet-connected devices will be banned, and companies which do not comply will face huge fines. Cyber-criminals are actively targeting products from phones and smart TVs, to home speakers and internet-connected dishwashers. Hackers who can get an access to one vulnerable device can then proceed to access entire home networks and steal confidential data.
Binare’s firmware analysis & monitoring platform will check your IoT device for cybersecurity certification compliance. Check your firmware/IoT device for FREE with our Demo here: https://binare.io/.
More information about the incident:
https://www.bbc.com/news/technology-59400762
6 Million Sky Routers Exposed To Takeover Attacks For 17 Months
“Around six million Sky Broadband customer routers in the UK were affected by a critical vulnerability that took over 17 months to roll out a fix to customers”. Malicious actors could easily exploit the disclosed security vulnerability, DNS rebinding flaw, if the user had not changed the default admin password, or a malicious actor could brute-force the credentials. The result of the exploitation would be to compromise the customer’s home network, change the router’s configuration, and potentially pivot to other internal devices.
Binaré’s platform will check your IoT device, e.g. router, for a wide range of vulnerabilities and security issues and will give you a detailed report on them. Make a step towards security of your business already today: try our FREE Demo at https://binare.io/!
More information about the incident:
https://www.bleepingcomputer.com/news/security/six-million-sky-routers-exposed-to-takeover-attacks-for-17-months/
QNAP Warns Of New Malware Targeting Its NAS Devices
Taiwanese hardware vendor QNAP has recently released a new security advisory that warns users that a new strain of crypto-mining malware is targeting its network-attached storage (NAS) devices. While the infections are under investigation, QNAP told customers to be proactive and take measures against the attacks, such as updating their devices’ operating systems (known as QTS or QuTS) and all QNAP add-on apps.
Binaré recommends smart device manufacturers as well as businesses that use smart devices to check them for vulnerabilities with Binaré’s automated IoT vulnerability management and firmware analysis platform to make the use of these devices safe. Assess the security risk your IoT device possesses for FREE with our Demo here: https://binare.io/.
More information about the incident:
https://therecord.media/qnap-warns-of-new-crypto-miner-targeting-its-nas-devices/?web_view=true
Millions Of Users Affected By Security Flaws In Common Wi-Fi Routers
Cybersecurity researchers and editors with the German IT magazine CHIP have discovered 226 potential security weaknesses in nine Wi-Fi routers from known manufacturers (Asus, AVM, D-Link, Netgear, Edimax, TP-Link, Synology, and Linksys). Millions of users are potentially affected by these security bugs. The most common issues discovered by the experts:
- Outdated Linux kernel in the firmware
- Outdated multimedia and VPN functions
- Presence of hardcoded credentials
- The use of insecure communication protocols and weak default passwords
Binaré’s platform will check your IoT device, e.g. router, for a wide range of vulnerabilities and security issues and will give you a detailed report on them. Make a step towards security of your business already today: try our FREE Demo at https://binare.io/!
More information about the incident:
https://securityaffairs.co/wordpress/125286/hacking/vulnerabilities-common-wi-fi-routers.html?web_view=true
Critical Security Vulnerability Identified In Several HP Printer Models
Cybersecurity researchers recently disclosed eight-year-old security flaws affecting 150 different multifunction HP Inc printers (MFPs) that could be potentially exploited by a malicious third-party to take control of vulnerable devices, pilfer sensitive information, and infiltrate enterprise networks to mount other attacks.
Binaré’s platform will check your IoT device, e.g. printer, for a wide range of vulnerabilities and security issues and will give you a detailed report on them. Make a step towards security of your business already today: try our FREE Demo at https://binare.io/!
More information about the incident:
https://thehackernews.com/2021/11/critical-wormable-security-flaw-found.html?&web_view=true
Free icons courtesy of flaticon.com by authors: Freepik, Flat Icons, smashingstocks, srip