Researchers discover new vulnerabilities that affect millions of routers, IoT and OT devices from more than 150 vendors.
A warning was issued by researchers and the U.S. Cybersecurity Infrastructure Security Agency about several vulnerabilities affecting the TCP/IP stacks. Millions of internet-of-things devices and embedded systems are affected.
Security researchers called these vulnerabilities Amnesia:33, based on the number of issues found and the fact that they mostly affect the device’s memory. Four of them are critical and facilitate a wide range of attacks, like:
- remote code execution
- information leak
- denial of service
- memory corruption
Researchers have previously found other TCP/IP issues, with related vulnerability sets Ripple20 and Urgent/11. Amnesia:33 affects multiple TCP/IP stacks that are not owned by a single company, making these vulnerabilities hard to patch. For protection, experts recommend disabling or blocking IPv6 traffic when unnecessary, relying on internal DNS servers as much as possible, and monitoring network packages for corrupted packets.
Check the source.
Read More
- Massive $59M Facebook Phishing Campaign Steals Nearly 400M CredentialsThreat actors have managed to net a staggering $59 million and steal hundreds of millions of credentials in a […]
- Human Error is a Top Security Risk in 2022, New Report ShowsA new report from Verizon warns about the human error as being one of the most frequent causes of […]
- Paying The Ransom – An Open Invitation For A Second Attack, 2022 Report WarnsWhether the unlucky victim of a ransomware attack ends up paying the ransom or not, they are still susceptible […]
- FBI: Business Email Compromise – a $43B ScamA new FBI report warns of a staggering spike in hacking activities using the Business Email Compromise technique (BEC), […]
- NVIDIA Confirms Employee Credentials And Proprietary Data Stolen During CyberattackNVIDIA confirmed the Lapsus$ cyberattack and the data leak that followed, saying it first became aware of the security […]