Security Vulnerabilities Newsletter: Top News Rundown (Weeks 1/5-2024)

Critical RCE Vulnerability Uncovered in Juniper SRX Firewalls and EX Switches

“Juniper Networks has released updates to fix a critical remote code execution (RCE) vulnerability in its SRX Series firewalls and EX Series switches. The issue, tracked as?CVE-2024-21591, is rated 9.8 on the CVSS scoring system.”

Binaré’s platform will check your IoT device, e.g. switch, for a wide range of vulnerabilities and security issues and will give you a detailed report on them. Make a step towards security of your business already today: try our FREE Demo at?https://binare.io/ !

More information about the incident:? https://thehackernews.com/2024/01/critical-rce-vulnerability-uncovered-in.html?&web_view=true

#BinareInfographic: Binare's IoT Security Platform vs. X-Ray Machine

Discover and download more infographics HERE

Hackers can Infect Network-Connected Wrenches to Install Ransomware

“Researchers have unearthed nearly two dozen vulnerabilities that could allow hackers to sabotage or disable a popular line of network-connected wrenches that factories around the world use to assemble sensitive instruments and devices.

The vulnerabilities, reported Tuesday by researchers from security firm Nozomi, reside in the?Bosch Rexroth Handheld Nutrunner NXA015S-36V-B . The cordless device, which wirelessly connects to the local network of organizations that use it, allows engineers to tighten bolts and other mechanical fastenings to precise torque levels that are critical for safety and reliability. When fastenings are too loose, they risk causing the device to overheat and start fires. When too tight, threads can fail and result in torques that are too loose.”

Binaré’s platform will check your IoT device, e.g. network-connected wrench, for a wide range of vulnerabilities and security issues and will give you a detailed report on them. Make a step towards security of your business already today: try our FREE Demo at?https://binare.io/ !

More information about the incident: https://arstechnica.com/security/2024/01/network-connected-wrenches-used-in-factories-can-be-hacked-for-sabotage-or-ransomware/#:~:text=Researchers%20have%20unearthed%20nearly%20two,assemble%20sensitive%20instruments%20and%20devices . ?

#BinareCaseStudy: Binare’s Firmware Analysis & Monitoring Platform Brings Significant Value?For Telecom Companies

Realized the urgent need to protect Telecom IoT devices against cyberattacks? Find out how Binare can help Telecom organizations to secure their IoT devices by downloading the full case study HERE

Finland Warns of Akira Ransomware Wiping NAS and Tape Backup Devices

“The Finish National Cybersecurity Center (NCSC-FI) is informing?of increased?Akira ransomware activity in December, targeting companies in the country and?wiping backups.

The agency says that the threat actor’s attacks accounted for six out of the seven cases of ransomware incidents?reported last month.”

Binaré’s platform will check your IoT device, e.g. NAS device, for a wide range of vulnerabilities and security issues and will give you a detailed report on them. Make a step towards security of your business already today: try our FREE Demo at?https://binare.io/ !

More information about the incident: https://www.bleepingcomputer.com/news/security/finland-warns-of-akira-ransomware-wiping-nas-and-tape-backup-devices/#:~:text=The%20Finish%20National%20Cybersecurity%20Center,ransomware%20incidents%20reported%20last%20month .

#BinareVideo:?Binare's Webinars Insights || EUHubs4Data IoT-SESOD project wrap-up

Found the video insightful? Subscribe to Binare's Youtube channel HERE

New UEFI Vulnerabilities Send Firmware Devs Industry Wide Scrambling

“UEFI firmware from five of the leading suppliers contains vulnerabilities that allow attackers with a toehold in a user’s network to infect connected devices with malware that runs at the firmware level.

The vulnerabilities, which collectively have been dubbed PixieFail by the researchers who discovered them, pose a threat mostly to public and private data centers and possibly other enterprise settings. People with even minimal access to such a network—say a paying customer, a low-level employee, or an attacker who has already gained limited entry—can exploit the vulnerabilities to infect connected devices with a malicious UEFI.”

Binaré?offers a security-testing platform?to prevent various businesses from cyberattacks. Binaré is concerned about security of the?IoT device your business is using. Come to our web page and?assess the security risk your IoT device possesses?with our FREE Demo! The link for the web page:?https://binare.io/ .

More information about the incident:? https://arstechnica.com/security/2024/01/new-uefi-vulnerabilities-send-firmware-devs-across-an-entire-ecosystem-scrambling/

#BinareBlog: ROI in IoT Cybersecurity: What & Why

More articles for reading available in Binare's blog & news section

HP CEO Evokes James Bond-Style Hack via Ink Cartridges

“Last Thursday, HP CEO Enrique Lores addressed the company’s controversial practice of bricking printers when users load them with third-party ink. Speaking to?CNBC Television , he said, “We have seen that you can embed viruses in the cartridges. Through the cartridge, [the virus can] go to the printer, [and then] from the printer, go to the network.”

That frightening scenario could help explain why HP, which was hit this month with another?lawsuit over its Dynamic Security system , insists on deploying it to printers.”

Binaré’s platform will check your IoT device for a wide range of vulnerabilities and security issues and will give you a detailed report on them. Make a step towards security of your business already today: try our FREE Demo at?https://binare.io/ !

More information about the incident: https://arstechnica.com/gadgets/2024/01/hp-ceo-blocking-third-party-ink-from-printers-fights-viruses/

Free icons courtesy of flaticon.com by authors: Digital, Uniconlabs, Shuvo.Das, Freepik, Vichanon Chaimsuk.