Security Vulnerabilities Newsletter: Top News Rundown (Weeks 41/44-2024)

New Research Reveals Spectre Vulnerability Persists in Latest AMD and Intel Processors

“More than six years after the?Spectre security flaw ?impacting modern CPU processors came to light, new research has found that the latest AMD and Intel processors are still susceptible to speculative execution attacks.

The attack,?disclosed ?by ETH Zürich researchers Johannes Wikner and Kaveh Razavi, aims to undermine the Indirect Branch Predictor Barrier (IBPB ) on x86 chips, a crucial mitigation against speculative execution attacks.”

Binaré’s platform will check your IoT device, e.g. processor, for a wide range of vulnerabilities and security issues and will give you a detailed report on them. Make a step towards security of your business already today: try our FREE Demo at?https://binare.io/ !

More information about the incident: https://thehackernews.com/2024/10/new-research-reveals-spectre.html?&web_view=true

#BinareInfographic: The Strong & Urgent Need to Perform Binary (IoT Firmware) Security Analysis

Discover and download more infographics HERE

Critical Flaw in Synology Camera Firmware Expose Devices to RCE and DoS Attacks

“Synology has issued a security advisory,?Synology-SA-24:17, warning of critical vulnerabilities in several of its camera firmware products, including Synology Camera BC500, TC500, and CC400W. The vulnerabilities, which could allow remote attackers to execute arbitrary code, bypass security constraints, and initiate denial-of-service (DoS) attacks, pose a significant risk to users if not addressed immediately.”

Binaré’s platform will check your IoT device, e.g. camera, for a wide range of vulnerabilities and security issues and will give you a detailed report on them. Make a step towards security of your business already today: try our FREE Demo at?https://binare.io/ !

More information about the incident: https://securityonline.info/critical-flaw-in-synology-camera-firmware-expose-devices-to-rce-and-dos-attacks/?&web_view=true#google_vignette

#BinareCaseStudy: Binare’s Firmware Analysis & Monitoring Platform Brings Significant Value For Telecom Companies

Realized the urgent need to protect Telecom IoT devices against cyberattacks? Find out how Binare can help telecom companies to secure their IoT devices by downloading the full case study HERE

Helmholz REX100 Industrial Routers Found Vulnerable to Critical Security Exploits

“CERT@VDE has issued a security advisory disclosing multiple vulnerabilities in Helmholz REX100 industrial routers, potentially allowing unauthorized access and remote code execution.

The Helmholz REX100, an industrial Ethernet router designed to facilitate secure remote access to industrial equipment, has been found to contain several critical vulnerabilities.?These security flaws pose a significant risk to organizations utilizing the REX100 for managing and monitoring their operational technology (OT) environments.”

Binaré’s platform will check your IoT device, e.g. router, for a wide range of vulnerabilities and security issues and will give you a detailed report on them. Make a step towards security of your business already today: try our FREE Demo at?https://binare.io/ !

More information about the incident: https://securityonline.info/helmholz-rex100-industrial-routers-found-vulnerable-to-critical-security-exploits/?&web_view=true

#BinareVideo:?Binare's Educational Insights | Did you know that...?

Found the video insightful? Subscribe to Binare's Youtube channel HERE

EU Adopts Cyber Resilience Act for Connected Devices

“The European Union Council has officially adopted the Cyber Resilience Act (CRA) which will introduce EU-wide cybersecurity requirements for products with digital elements.

From smart doorbells and speakers to baby monitors, the regulation will apply to all products that are connected either directly or indirectly to another device or network.

The new regulation aims to fill the gaps, clarify the links and make the existing cybersecurity legislative framework more coherent, ensuring that products with digital components, for example?Internet of Things (IoT) products , are made secure throughout the supply chain and throughout their lifecycle.”

Binaré provides IoT device manufacturers with a platform that checks an IoT device for a wide range of vulnerabilities and security issues (including SBoM/Software-Bill-of-Materials and risky components dependencies) and gives an IoT device manufacturer a detailed report on them. Make a step towards security of your IoT business already today: try our FREE Demo at?https://binare.io/ !

More information about the incident: https://www.infosecurity-magazine.com/news/eu-adopts-cyber-resilience-act/?&web_view=true

#BinareNews: Learn about Critical Importance of Binary IoT Firmware Analysis & SBOM in Numbers & Facts with Binare.io

More news for reading available in Binare's blog & news section

CVE-2024-41798 (CVSS 9.8): Siemens SENTRON PAC3200 Meters Vulnerable to Easy Attacks, No Patch!

“A newly?disclosed ?vulnerability (CVE-2024-41798) in Siemens SENTRON PAC3200 power meters could allow attackers to gain administrative access with alarming ease. The vulnerability, assigned a CVSS score of 9.8, highlights a critical weakness in the device’s security design.”

Binaré’s platform will check your IoT device, e.g. smart meter, for a wide range of vulnerabilities and security issues and will give you a detailed report on them. Make a step towards security of your business already today: try our FREE Demo at?https://binare.io/ !

More information about the incident: https://securityonline.info/cve-2024-41798-cvss-9-8-siemens-sentron-pac3200-meters-vulnerable-to-easy-attacks-no-patch/?&web_view=true

Free icons courtesy of flaticon.com by authors: Those Icons, Freepik, Wichai.wi, Smashicons.