Samsung Shipped ‘100 Million’ Phones with Flawed Encryption

Academics at Tel Aviv University in Israel have discovered that recent Android-based Samsung phones shipped with design flaws that allow the extraction of secret cryptographic keys. In all, the researchers estimate 100 million Samsung devices were vulnerable when they identified the encryption flaw last year.

Binaré’s platform will check your IoT device, e.g. smart phone, for a wide range of vulnerabilities and security issues and will give you a detailed report on them. Make a step towards security of your business already today: try our FREE Demo at https://binare.io/!

More information about the incident:
https://www.theregister.com/2022/02/23/samsung_encryption_phones/?&web_view=true

New Poisoned Pipeline Execution Attacks

Security researcher has presented a new way to abuse the permissions inside Source Code Management (SCM) repositories. This technique, called Poisoned Pipeline Execution (PPE), may result in Continuous Integration (CI) poisoning or poisoned pipeline attacks.

Binaré has come up with a solution that prevents businesses from cyber-attacks. Binaré is concerned about the security of IoT device your business is using. Come to our web page and check your device with our FREE Demo! The link for the web page: https://binare.io/.  

More information about the issue:
https://cyware.com/news/poisoned-pipeline-execution-attacks-a-new-wave-of-threats-1e38edee

Zero-day Vulnerabilities in Nooie Baby Monitors Enable Video Feed Hijack

Security vulnerabilities identified in baby monitors from Nooie could allow attackers to either access the camera feed or execute malicious code on vulnerable devices. Researchers from infosec firm Bitdefender achieved remote code execution (RCE) capabilities on two models from the range of Nooie’s Baby Cam infant monitoring devices.

Binaré’s platform will check your IoT device, e.g. baby monitor, for a wide range of vulnerabilities and security issues and will give you a detailed report on them. Make a step towards security of your business already today: try our FREE Demo at https://binare.io/!

More information about the incident:
https://portswigger.net/daily-swig/zero-day-vulnerabilities-in-nooie-baby-monitors-could-allow-video-feed-hijack?&web_view=true

DeadBolt Affects QNAP Hard, 3600 Devices Compromised

A new ransomware operation, named DeadBolt, has been encrypting internet-exposed QNAP NAS devices around the world. So far, the ransomware has targeted 3,600 devices.

Binaré provides you not only with the platform but also with professional services that will help your business to avoid cyberattacks. Get an improved cybersecurity posture with Binaré’s expert and advisory services! Sign up here https://try.binare.io/get_in_touch and we will reach out to you as soon as possible.

More information about the incident:
https://cyware.com/news/deadbolt-hits-qnap-hard-3600-devices-impacted-23d6988d

Unpatched Security Bugs in Medical Wearables Open Door to Patient Tracking, Data Theft

Analysts with Kaspersky Labs reported finding 33 vulnerabilities last year in the most widely used data transfer protocol for internet of things (IoT) medical devices, known as MQTT — that’s 10 more than the previous year. All of them put patient data at risk, the team warned.

Binaré recommends smart device manufacturers as well as businesses that use smart devices to check them for vulnerabilities with Binaré’s automated IoT vulnerability management and firmware analysis platform to make the use of these devices safe. Assess the security risk your IoT device possesses for FREE with our Demo here: https://binare.io/.

More information about the issue:
https://threatpost.com/unpatched-security-bugs-medical-wearables-patient-tracking-data-theft/178150/?web_view=true

Millions of Devices From Major Vendors Impacted by Two Dozen UEFI Vulnerabilities

Researchers at firmware security company Binarly have identified nearly two dozen vulnerabilities in UEFI firmware code used by the world’s largest device makers. According to Binarly, the 23 high-severity vulnerabilities could impact millions of enterprise devices, such as laptops, servers, routers, network appliances, industrial control systems (ICS), and edge computing devices. There are more than 25 affected vendors, including HP, Lenovo, Fujitsu, Microsoft, Intel, Dell, Bull (Atos) and Siemens.

Binare’s firmware analysis & monitoring platform will check your IoT device for wide-ranging devastating vulnerabilities. Check your firmware/IoT device for FREE with our Demo here: https://binare.io/.

More information about the incident:
https://www.securityweek.com/two-dozen-uefi-vulnerabilities-impact-millions-devices-major-vendors?&web_view=true

Outdated IoT Healthcare Devices – Major Security Threat

More than half (53%) of the IoT (internet of things) and internet of medical things (IoMT) devices used in healthcare contain critical cybersecurity risks, according to The State of IoMT Device Security report by Cynerio, which analyzed devices from more than 300 hospitals in the US.

Binaré’s platform will check your IoT device, e.g. medical device, for a wide range of vulnerabilities and security issues and will give you a detailed report on them. Make a step towards security of your business already today: try our FREE Demo at https://binare.io/!

More information about the issue:
https://www.csoonline.com/article/3648592/outdated-iot-healthcare-devices-pose-major-security-threats.html#tk.rss_all?&web_view=true

277,000 Routers Exposed to Eternal Silence Attacks via UPnP

A malicious campaign known as ‘Eternal Silence’ is abusing Universal Plug and Play (UPnP) turns your router into a proxy server used to launch malicious attacks while hiding the location of the threat actors. Out of 3,500,000 UPnP routers found online, 277,000 are vulnerable to UPnProxy, and 45,113 of them have already been infected by hackers.

Binaré’s platform will check your IoT device, e.g. router, for a wide range of vulnerabilities and security issues and will give you a detailed report on them. Make a step towards security of your business already today: try our FREE Demo at https://binare.io/!

More information about the incident:
https://www.bleepingcomputer.com/news/security/277-000-routers-exposed-to-eternal-silence-attacks-via-upnp/?&web_view=true

Free icons courtesy of flaticon.com by authors: Roundicons, Eucalyp, Freepik, GOWI, Eucalyp, Flat Icons, vectorsmarket15

Leave a Reply