View profile

Security Vulnerabilities Newsletter: Top News Rundown (Weeks 19/20-2022)

Security Vulnerabilities Newsletter: Top News Rundown
Security Vulnerabilities Newsletter: Top News Rundown (Weeks 19/20-2022)

Researchers Find Potential Way to Run Malware on iPhone Even When it's OFF
Source: Pexels.Com
Source: Pexels.Com
The iOS Find My feature has a safety loophole that can lead to infecting the iPhone even if the phone is off.
Academic researchers from the Secure Mobile Networking Lab (SEEMOO) at the Technical University of Darmstadt have identified a unique way of infecting an iPhone by loading malware while the phone is off.
Researchers will present their findings at the ACM Conference on Security and Privacy in Wireless Mobile Networks/ WiseSec 2022.
______________________________________________
Binaré’s platform will check your IoT device, e.g. UPS device, for a wide range of vulnerabilities and security issues and will give you a detailed report on them. Make a step towards the security of your business already today: try our FREE Demo at https://binare.io/!
More information about the incident:
#WeeklyInfographic: Critical Importance of Binary IoT Firmware Analysis & SBoM in Numbers & Facts
Source: Blog.binare.io/resources/binare-infographics/
Source: Blog.binare.io/resources/binare-infographics/
Europe Agrees to Adopt New NIS2 Directive Aimed at Hardening Cybersecurity
Source: Pexels.Com
Source: Pexels.Com
The European Parliament announced a “provisional agreement” aimed at improving cybersecurity and resilience of both public and private sector entities in the European Union.
The revised directive, called “NIS2” (short for network and information systems), is expected to replace the existing legislation on cybersecurity that was established in July 2016.
The revamp sets ground rules, requiring companies in the energy, transport, financial markets, health, and digital infrastructure sectors to adhere to risk management measures and reporting obligations.
______________________________________________
Binaré’s platform will check your IoT device, e.g. UPS device, for a wide range of vulnerabilities and security issues and will give you a detailed report on them. Make a step towards the security of your business already today: try our FREE Demo at https://binare.io/!
More information about the incident:
#WeeklyExpert Opinion
Source: Renew Europe
Source: Renew Europe
Microsoft detects massive surge in Linux XorDDoS malware activity
Source: Pexels.Com
Source: Pexels.Com
A stealthy and modular malware used to hack into Linux devices and build a DDoS botnet has seen a massive 254% increase in activity during the last six months, as Microsoft revealed today.
This malware (active since at least 2014) is known as XorDDoS (or XOR DDoS) due to its use of XOR-based encryption when communicating with command-and-control (C2) servers and being employed to launch distributed denial-of-service (DDoS) attacks.
As the company revealed, the botnet’s success is likely due to its extensive use of various evasion and persistence tactics which allow it to remain stealthy and hard to remove.
______________________________________________
Binaré’s platform will check your IoT device, e.g. UPS device, for a wide range of vulnerabilities and security issues and will give you a detailed report on them. Make a step towards the security of your business already today: try our FREE Demo at https://binare.io/!
More information about the incident:
#WeeklyVideo: Binare x EUHubs4Data || IoT-SESOD project
Binare x EUHubs4Data ||  IoT-SESOD project
Binare x EUHubs4Data || IoT-SESOD project
CISA: Unpatched F5 BIG-IP Devices Under Active Attack
Source: Pexels.Com
Source: Pexels.Com
The Cybersecurity Infrastructure and Security Agency (CISA) has issued a warning about active exploits against unpatched F5 Network’s BIG-IP systems. 
A patch for the vulnerability (CVE-2022-1388) was issued on May 4; since then, working proof-of-concept exploits have circulated among cybercriminals, making it easier for even less-skilled attackers to take advantage, CISA explains. 
______________________________________________
Binaré’s platform will check your IoT device, e.g. UPS device, for a wide range of vulnerabilities and security issues and will give you a detailed report on them. Make a step towards the security of your business already today: try our FREE Demo at https://binare.io/!
More information about the incident:
#WeeklyFact from the world of Software as a Service
Hackers Begin Exploiting Recent Zyxel Firewalls RCE Vulnerability
Source: Pexels.Com
Source: Pexels.Com
The U.S. Cybersecurity and Infrastructure Security Agency on Monday added two security flaws, including the recently disclosed remote code execution bug affecting Zyxel firewalls, to its Known Exploited Vulnerabilities Catalog, citing evidence of active exploitation.
Tracked as CVE-2022-30525, the vulnerability is rated 9.8 for severity and relates to a command injection flaw in select versions of the Zyxel firewall that could enable an unauthenticated adversary to execute arbitrary commands on the underlying operating system.
______________________________________________
Binaré’s platform will check your IoT device, e.g. UPS device, for a wide range of vulnerabilities and security issues and will give you a detailed report on them. Make a step towards the security of your business already today: try our FREE Demo at https://binare.io/!
More information about the incident:
Binare's Services Insights || Why & how to take care of security of IoT?
Binare's Services Insights || Why & how to take care of security of IoT?
Binare's Services Insights || Why & how to take care of security of IoT?
Did you enjoy this issue?
Security Vulnerabilities Newsletter: Top News Rundown

Stay up to date about recent security breaches by signing up for the Security Vulnerabilities Newsletter

In order to unsubscribe, click here.
If you were forwarded this newsletter and you like it, you can subscribe here.
Powered by Revue
Kympinkatu 3c, 40320 Jyväskylä, Finland