Security Blog
Security Alert!
Network-Connected Wrench Vulnerability
DATE(S) ISSUED:
1/11/24
SUBJECT:
Vulnerability in a network-connected wrench having potential safety issues
OVERVIEW:
Security researchers from Nozomi have discovered 23 vulnerabilities in the Bosch Rexroth Handheld Nutrunner NXA015S-36V-B, a cordless wrench used in factories worldwide for precise torque applications. The device connects wirelessly to local networks, allowing engineers to tighten bolts accurately. Exploiting these vulnerabilities could enable hackers to install malware, potentially leading to the sabotage or disabling of the wrenches, causing safety and reliability issues. Bosch Rexroth has acknowledged the vulnerabilities and is working on a patch scheduled for release at the end of January 2024.
USERS AFFECTED:
- Consumers
- Factories
- Organizations
RISK:
- Safety Risks
- Sabotage of Manufacturing Processes
- Malware Installation
- Operational Disruption
- Data Security Concerns
REFERENCES:
arstechnica.com:
Hackers can infect network-connected wrenches to install ransomware
Critical iOS fixes - Patch your Apple Devices Now (12/2/23)
DATE(S) ISSUED:
11/30/23
SUBJECT:
iPhone Security Flaws
OVERVIEW:
Apple has released iOS 17.1.2, along with a warning to update now. iOS 17.1.2 fixes two iPhone security flaws—both of which are already being used in real-life attacks. There is also an update to MacOS and Safari for older Macs. Here is the link to the Apple Security Page.
USERS AFFECTED:
- Any person who owns an Apple device(s)
RISK:
- Any user clicking on the "malvertisements" or ads containing malware are subject to the installation of malware on their device
RECOMMENDATIONS:
We recommend the following actions be taken:
- Update Apple devices as soon as possible including iPhones, MacOS, and Safari for older Macs.
REFERENCES:
support.apple.com:
Apple security releases - Apple Support
Malicious Google Ads Installing Malware
DATE(S) ISSUED:
11/20/23
SUBJECT:
Malicious Google Ads Trick WinSCP Users into Installing Malware
OVERVIEW:
Beware of a sophisticated cyber threat known as SEO#LURKER! Cybersecurity experts have uncovered a malicious scheme targeting users searching for WinSCP. Attackers manipulate search results and Google ads to lure unsuspecting individuals into downloading malware instead of legitimate software. These deceptive ads redirect to compromised websites, leading to a fake WinSCP site where a seemingly genuine installer hides malicious Python scripts. Victims, particularly in the U.S., are targeted through geoblocking. This tactic isn't new; similar attacks have targeted PyCharm users.
USERS AFFECTED:
- Users exposed to and clicking on lookalike WinSCP website, winccp[.]net.
RISK:
- Any user clicking on the "malvertisements" or ads containing malware are subject to the installation of malware on their device
RECOMMENDATIONS:
We recommend the following actions be taken:
- Before clicking on an ad, confirm that it is legitimate
- If you are unsure an ad is legitimate, search for the ads official website and continue from there
- Report ad to google if it is suspicious
REFERENCES:
thehackernews.com:
https://thehackernews.com/2023/11/beware-malicious-google-ads-trick.html?m=1