CyberSecurityBoard
Sponsor Register Login

InHand Industrial Router Vulnerabilities Expose OT Networks to Attacks

InHand industrial routers have recently been found to have several vulnerabilities that can potentially let attackers take control of systems connected to the industrial networks. According to a report by security firm CyberX, the vulnerabilities can be exploited both remotely and locally, threatening OT networks that rely on such routers. The vulnerabilities, which are mainly related to authentication, authorization and encryption, can be exploited to execute arbitrary code, information disclosure and denial of service on the target system. The base OS of the router is VxWorks 6.9.4, which is an operating system for embedded systems. The InHand industrial router is mainly used in manufacturing, oil and gas industry, public transport and pharmaceuticals etc. It has more than 30,000 installations in over 30 countries. According to the researchers, these vulnerabilities can allow attackers to gain access to sensitive OT networks, allowing them to monitor, disrupt and damage the affected system. They further noted that such attacks can lead to a disruption in production, resulting in loss of revenue and even illegal access to intellectual property. To mitigate such attacks, it is highly recommended that users of InHand industrial routers upgrade to the latest version of the device and also ensure adherence to air-gapped security policies. It is also important to conduct regular cyber security assessments to prevent and respond to any threats in time.

This Cyber News was published on www.securityweek.com. Publication date: Sun, 22 Jan 2023 10:48:00 +0000


Cyber News related to InHand Industrial Router Vulnerabilities Expose OT Networks to Attacks

InHand Industrial Router Vulnerabilities Expose OT Networks to Attacks - InHand industrial routers have recently been found to have several vulnerabilities that can potentially let attackers take control of systems connected to the industrial networks. According to a report by security firm CyberX, the vulnerabilities can ...
1 year ago Securityweek.com
Recapping Cisco industrial IoT's journey: A year of security, simplification and innovation - In this blog, we'll take a look back at the key topics and trends that defined the industrial IoT journey in 2023. Empowering our industrial customers to digitize and secure operations at the same time has been prevalent in every conversation this ...
1 year ago Feedpress.me
Palo Alto Networks and IBM to Jointly Provide AI-Powered Security Offerings - PRESS RELEASE. SANTA CLARA, Calif. and ARMONK, N.Y., May 15, 2024 /PRNewswire/ - Palo Alto Networks, the global cybersecurity leader, and IBM, a leading provider of hybrid cloud and AI, today announced a broad-reaching partnership to deliver ...
7 months ago Darkreading.com
9 Best DDoS Protection Service Providers for 2024 - eSecurity Planet content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More. One of the most powerful defenses an organization can employ against distributed ...
1 year ago Esecurityplanet.com
Ransomware, Data Breaches Inundate OT & Industrial Sector - Three-quarters of industrial firms suffered a ransomware attack in the past year, with far more compromises affecting operational technology than ever before - representing a surge in attacks driven by both the industrial sector's vulnerability and ...
1 year ago Darkreading.com
Industrial Defender Risk Signal, a Risk-Based Vulnerability Management Solution for OT Security - PRESS RELEASE. FOXBOROUGH, Mass. , Jan. 3, 2024 /PRNewswire/ - Industrial Defender, the leading provider of OT asset data and cybersecurity solutions for industrial organizations, is excited to announce the launch of the Industrial Defender Risk ...
11 months ago Darkreading.com
Darktrace and Garland Technology Collaborate to Help Businesses Secure Operational Technology Environments - PRESS RELEASE. CAMBRIDGE, England, Jan. 24, 2024 /PRNewswire/ - Darktrace, a global leader in cyber security AI, and Garland Technology, a leading manufacturer of network TAP, aggregator, packet broker, data diode and inline bypass solutions, today ...
10 months ago Darkreading.com
Palo Alto Networks and Deloitte Expand Strategic Alliance Globally - 1, 2024 /PRNewswire/ -- Palo Alto Networks (NASDAQ: PANW) and Deloitte today announced an expansion of their strategic alliance into EMEA and JAPAC regions, making Palo Alto Networks® AI-powered cybersecurity solutions and joint offerings available ...
2 months ago Darkreading.com
A Leader in 2024 Forrester Enterprise Firewall Solutions Wave - Palo Alto Networks has long recognized these challenges, which is why we’ve built a network security platform that not only protects but also fosters business growth and innovation in today’s complex environment. We believe the recognition of ...
2 months ago Paloaltonetworks.com
Cyber Insights 2023: ICS and Operational Technology - The result is more than a dozen features on subjects ranging from AI, quantum encryption, and attack surface management to venture capital, regulations, and criminal gangs. At the same time, ICS/OT is facing an expanding attack surface caused by ...
1 year ago Securityweek.com
Coming Soon to Wi-SUN Field Area Network: Versatility to connect sensors with low power and high throughput capabilities - The Catalyst IR8140 Heavy Duty Series Router will be Cisco's first router to support new Capabilities for FAN 1.1. In 2019 the Wi-SUN Alliance introduced the first certified products implementing Field Area Network 1.0, which is a secure, ...
9 months ago Feedpress.me
CVE-2023-41317 - The Apollo Router is a configurable, high-performance graph router written in Rust to run a federated supergraph that uses Apollo Federation 2. Affected versions are subject to a Denial-of-Service (DoS) type vulnerability which causes the Router to ...
1 year ago
CVE-2024-32971 - Apollo Router is a configurable, graph router written in Rust to run a federated supergraph that uses Apollo Federation 2. The affected versions of Apollo Router contain a bug that in limited circumstances, could lead to unexpected operations being ...
7 months ago
Cisco wins Manufacturing Solution of the Year award for integrating industrial security with networking - Industrial security can be a complex undertaking, and yet OT security is quintessential for modern Industrial IoT operations. IIoT systems generally contain a variety of interconnected systems and technologies, each with its own security needs. Some ...
11 months ago Feedpress.me
IT and OT cybersecurity: A holistic approach - In comparison, OT refers to the specialized systems that control physical processes and industrial operations. OT Technologies include industrial control systems, SCADA systems and programmable logic controllers that directly control physical ...
11 months ago Securityintelligence.com
CVE-2020-1632 - In a certain condition, receipt of a specific BGP UPDATE message might cause Juniper Networks Junos OS and Junos OS Evolved devices to advertise an invalid BGP UPDATE message to other peers, causing the other peers to terminate the established BGP ...
3 years ago
E80 Group secures its AGVs with Cisco industrial solutions and Italtel system integration - These are the conditions for which E80 Group, an Italian multinational, based in Viano, Italy, builds its autonomous and laser guided vehicles that can move around a facility, transport materials, and interact with other machines and systems in ...
6 months ago Feedpress.me
Industrial Defender Risk Signal integrates threat intelligence and business context - Industrial Defender introduced Industrial Defender Risk Signal, its new risk-based vulnerability management solution. Building upon the company's robust vulnerability assessment capabilities, Industrial Defender Risk Signal intelligently prioritizes ...
11 months ago Helpnetsecurity.com
GE Historian Software Vulnerabilities Can be Exploited by Hackers - Hackers now have the capability to exploit vulnerabilities in General Electric’s (GE) Historian software. Such vulnerabilities could potentially be utilized for industrial espionage, disruption, or other malicious activities. The GE Historian ...
1 year ago Securityweek.com
Unpatched Rapid SCADA Vulnerabilities Expose Industrial Organizations to Attacks - The Rapid SCADA open source industrial automation platform is affected by several vulnerabilities that could allow hackers to gain access to sensitive industrial systems, but the flaws remain unpatched. The US cybersecurity agency CISA published an ...
11 months ago Securityweek.com
Research Shows 163% ROI with Palo Alto Networks Software Firewalls - Good news is here for cloud and network security professionals who need proven, cost-effective solutions that substantially reduce downtime and breaches across a range of cloud and virtualized environments. Palo Alto Networks software firewalls not ...
1 year ago Paloaltonetworks.com
PoC exploit released for RCE zero-day in D-Link EXO AX4800 routers - The D-Link EXO AX4800 router is vulnerable to remote unauthenticated command execution that could lead to complete device takeovers by attackers with access to the HNAP port. The D-Link DIR-X4860 router is a high-performance Wi-Fi 6 router capable of ...
7 months ago Bleepingcomputer.com
Exploit released for Palo Alto PAN-OS bug used in attacks, patch now - Exploit code is now available for a maximum severity and actively exploited vulnerability in Palo Alto Networks' PAN-OS firewall software. Tracked as CVE-2024-3400, this security flaw can let unauthenticated threat actors execute arbitrary code as ...
8 months ago Bleepingcomputer.com
The year of Mega Ransomware attacks with unprecedented impact on global organizations - A Staggering 1 in every 10 organizations worldwide hit by attempted Ransomware attacks in 2023, surging 33% from previous year, when 1 in every 13 organisations received ransomware attacks Throughout 2023, organizations around the world have each ...
11 months ago Blog.checkpoint.com
Zcaler ThreatLabz 2024 VPN Risk Report - The growing sophistication of cyberthreats alongside the expansion of remote workforces and cloud technologies have exposed significant vulnerabilities in VPNs. Due to their legacy architecture, VPNs grant overly broad network access once credentials ...
7 months ago Cybersecurity-insiders.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)