Security Vulnerabilities Newsletter: Top News Rundown (Weeks 19/22-2024)

Set of bugs puts software company and IoT device makers into motion

“Cybersecurity researchers and Internet of Things (IoT) technology companies say they worked together to eliminate four software vulnerabilities that could have given malicious hackers deep access to networks.?

The bugs were in Kalay, a tool that companies deploy to manage and communicate with the IoT devices they produce. Kalay users include device manufacturer Roku, the baby monitor maker Owlet and wireless camera seller Wyze.??

More than 100 million devices worldwide could be affected based on the number of vendors using the tool. Researchers from cybersecurity company Bitdefender framed it as a potentially serious software supply-chain issue.”

Binaré’s platform will check your IoT device, e.g. baby monitor, for a wide range of vulnerabilities and security issues and will give you a detailed report on them. Make a step towards security of your business already today: try our FREE Demo at?https://binare.io/!

More information about the incident: https://therecord.media/throughtek-kalay-software-vulnerabilities-roku-wyze-owlet?&web_view=true?

#BinareInfographic: Binare’s IoT Security Platform vs. X-Ray Machine

Discover and download more infographics HERE

11 Vulnerabilities Found in GE Ultrasound Devices

“Security researchers have identified nearly a dozen vulnerabilities in certain GE HealthCare ultrasound products that could allow malicious actors with physical access to the devices to implant ransomware or access and manipulate patient data stored on the affected devices, says a new report published Tuesday by Nozomi Networks.”

Binaré’s platform will check your IoT device, e.g. ultrasound device, for a wide range of vulnerabilities and security issues and will give you a detailed report on them. Make a step towards security of your business already today: try our FREE Demo at?https://binare.io/!

More information about the incident: https://www.bankinfosecurity.com/report-11-vulnerabilities-found-in-ge-ultrasound-devices-a-25228?&web_view=true?

#BinareCaseStudy: Binare’s Firmware Analysis & Monitoring Platform Brings Significant Value For Telecom Companies

Realized the urgent need to protect Telecom IoT devices against cyberattacks? Find out how Binare can help telecom companies to secure their IoT devices by downloading the full case study HERE

New “Goldoon” Botnet Targeting D-Link Devices

“In April, FortiGuard Labs observed a new botnet targeting a D-Link vulnerability from nearly a decade ago, CVE-2015-2051. This vulnerability allows remote attackers to execute arbitrary commands via a GetDeviceSettings action on the HNAP interface. As a result, an attacker can create a crafted HTTP request with a malicious command embedded in the header.”

Binaré’s platform will check your IoT device, e.g. router, for a wide range of vulnerabilities and security issues and will give you a detailed report on them. Make a step towards security of your business already today: try our FREE Demo at?https://binare.io/!

More information about the incident:? https://www.fortinet.com/blog/threat-research/new-goldoon-botnet-targeting-d-link-devices?&web_view=true

#BinareVideo:?Binare x EUHubs4Data || IoT-SESOD project

Found the video insightful? Subscribe to Binare's Youtube channel HERE

New Cuttlefish malware infects routers to monitor traffic for credentials

“A new malware named ‘Cuttlefish’ has been spotted infecting enterprise-grade and small office/home office (SOHO) routers to monitor data that passes through them and steal authentication information.

Lumen Technologies’ Black Lotus Labs examined the new malware and reports that Cuttlefish creates a proxy or VPN tunnel on the compromised router to exfiltrate data discreetly while bypassing security measures that detect unusual sign-ins.

The malware can also perform DNS and HTTP hijacking within private IP spaces, interfering with internal communications and possibly introducing more payloads.”

Binaré’s platform will check your IoT device, e.g. router, for a wide range of vulnerabilities and security issues and will give you a detailed report on them. Make a step towards security of your business already today: try our FREE Demo at?https://binare.io/!

More information about the incident:? https://www.bleepingcomputer.com/news/security/new-cuttlefish-malware-infects-routers-to-monitor-traffic-for-credentials/?&web_view=true#google_vignette

#BinareNews: Digital Twins: Earth, Forest, Water by CSC: Event Overview By Binare Team

More news for reading available in Binare's blog & news section

New ATM Malware Family Emerged In The Threat Landscape

“A threat actor is advertising a new ATM malware family that claims to be able of compromised 99% of devices in Europe. The threat actor is offering the malware for $30,000,?he claims that the “EU ATM Malware”?is designed from scratch and that can also target approximately?60% of ATMs worldwide.

If the claims are true, this malware poses a significant threat to the global banking industry. According to the announcement, the ATM malware can target machines manufactured by multiple leading vendors, including Diebold Nixdorf, Hyosung, Oki, Bank of America, NCR, GRG, and Hitachi.”

Binaré’s platform will check your IoT device, e.g. ATM, for a wide range of vulnerabilities and security issues and will give you a detailed report on them. Make a step towards security of your business already today: try our FREE Demo at?https://binare.io/!

More information about the incident: https://securityaffairs.com/163732/malware/eu-atm-malware.html?web_view=true

Free icons courtesy of flaticon.com by authors: Freepik, Roundicons Premium, Acellalelo.