Researchers discover new vulnerabilities that affect millions of routers, IoT and OT devices from more than 150 vendors.
A warning was issued by researchers and the U.S. Cybersecurity Infrastructure Security Agency about several vulnerabilities affecting the TCP/IP stacks. Millions of internet-of-things devices and embedded systems are affected.
Security researchers called these vulnerabilities Amnesia:33, based on the number of issues found and the fact that they mostly affect the device’s memory. Four of them are critical and facilitate a wide range of attacks, like:
- remote code execution
- information leak
- denial of service
- memory corruption
Researchers have previously found other TCP/IP issues, with related vulnerability sets Ripple20 and Urgent/11. Amnesia:33 affects multiple TCP/IP stacks that are not owned by a single company, making these vulnerabilities hard to patch. For protection, experts recommend disabling or blocking IPv6 traffic when unnecessary, relying on internal DNS servers as much as possible, and monitoring network packages for corrupted packets.
Check the source.
- Most Companies Aren’t Ready For The Greatest Cyber Threat Of 2021 – RansomwareOne would think that ransomware, currently the most significant cyber threat out there, keeps all organizations on edge and […]
- Patch These 5 Vulnerabilities Now To Protect Your Company From Ransomware AttacksHackers are actively exploiting years-old security vulnerabilities to launch ransomware attacks because organizations skip on patching them. Some of […]
- Fileless And Encrypted Malware Saw Massive Growth in Q2 2021A new report analyzing malware trends in the second quarter of 2021 shows that cyber threats are becoming stealthier, […]
- Massive Phishing Attack Hits At Least 6,000 Coinbase UsersCrypto exchange Coinbase confirmed that funds were stolen from at least 6,000 accounts in a vast phishing attack this […]
- The 3 Top Ransomware Threats Might Surprise YouNo, it’s not Revil, Ragnar Locker, BlackMatter, or Conti to make it to the top three ransomware threats responsible […]