iMyFone LockWiper

iMyFone LockWiper

Helps you bypass the iPhone passcode in case you forgot it and the device became unusable or you have to wait for a long time before attempting to unlock it again

FULL VERSION + CRACK
Flvto Youtube Downloader

Flvto Youtube Downloader

With this simple and intuitive application, you can swiftly download all your favorite online videos to your computer, in just a couple of moves

FULL VERSION + CRACK
Voicemod

Voicemod

Real-time voice changer that works with any application and comes equipped with an extensive collection of voices and ambient effects

FULL VERSION + CRACK
Dolby Access

Dolby Access

Take advantage of stunning sound quality and realism in your multimedia experiences, with sound that surrounds you with the help of this app that gives you a free trial of Dolby Atmos.

FULL VERSION + CRACK
Logic Pro X

Logic Pro X

A fully-featured recoding studio that provides a complete set of tools for musicians who need to write, record, edit and mix music

FULL VERSION + CRACK

IT News

Feb 24
The two companies plan to team up with telcos to sell 5G-enabled augmented reality technology for remote collaboration.
Feb 21
Apple has joined a veritable who's who of tech vendors in the FIDO Alliance who see standardized, two-factor authentication as the way forward for device log-in.
Feb 21
Google bought Cornerstone Technology, whose technology facilitates moving mainframe applications to the cloud.
Feb 21
SAP and IBM offer a new (certified) home for big databases in SAP HANA Enterprise Cloud.
Feb 20
40% year-over year SD-WAN growth through 2022 is being fueled by relationships built between vendors including Cisco, VMware, Juniper, and Arista and service provders AWS, Microsoft Azure, Google Anthos, and IBM RedHat.
Feb 19
Vulnerabilities in unvalidated peripheral firmware such as WiFi adapters, cameras, and network interface controllers give attackers control over systems.
Feb 19
Creating an immutable ledger to track metadata associated with published content shows promise as a method for identifying authentic news.

Categories

ICS security: Popular building management system vulnerable to takeover

Security researchers found a remotely exploitable critical vulnerability in a building management system used by businesses, hospitals, factories and other organizations to control things like ventilation, temperature, humidity, air pressure, lighting, secure doors and more. The vendor has released a firmware update, but hundreds of these systems are still exposed on the internet, highlighting the risks of remote management for ICS devices.

The vulnerability, tracked as CVE-2019-9569, was discovered by researchers from security firm McAfee and affects enteliBUS Manager (eBMGR), a control system that can be used to manage different I/O switches connected to things like sensors, alarms, motors, locks, valves and other industrial equipment. The system can also serve as a router for linking multiple Building Automation Control Network (BACnet) segments.

The eBMGR is made by a company called Delta Controls that's headquartered in British Columbia, Canada, but which has offices and sells its products around the world. The discovered issue is a buffer overflow vulnerability located in the BACnet stack that results in remote code execution when exploited successfully. Attackers can trigger it by sending maliciously crafted packets to the vulnerable devices, which does not require authentication or user interaction.

To demonstrate the attack, the McAfee researchers created an exploit that deploys a malware program on the device which gives attackers remote control capabilities over the device. While they don't plan to release exploit code at this time, the researchers presented their findings at the DEF CON security conference in Las Vegas.

"Consider for a moment a positive pressure room in a hospital, the kind typically used to keep out contaminants during surgeries," McAfee security researcher Mark Bereza said in a blog post. "Managing rooms such as these is a typical application for the eBMGR and it does not take an overactive imagination to envision what kind of damage a bad actor could cause if they disrupted such a sensitive environment."

Steve Povolny, the head of Advanced Threat Research at McAfee, tells CSO that since BACnet is a UDP-based protocol, the vulnerability can easily be exploited by broadcasting messages to the entire network. He also added that devices can be attacked over the internet and that it's not unusual for such control systems to be exposed for remote management.

Vulnerable devices found worldwide

Between February and April, McAfee found nearly 600 eBMGR controllers running vulnerable firmware versions (571848 and prior) on the internet. However, other publicly exposed Delta Controls devices share the same firmware as eBMGR and are also likely to be vulnerable. McAfee estimated the total number of targets at around 1,600, but many more exist inside enterprise networks and can be attacked if not properly isolated from the other systems.

Most of the internet-connected controllers are located in North America with 53% in the U.S. and 35% in Canada. However, vulnerable devices were also observed in the U.K., Ireland, Italy, Germany, New Zealand, Singapore, Japan, Australia and other countries.

An analysis of their IP addresses revealed that almost a third of them are operated by organizations from the education sector, followed by telecommunications, real estate, medical, food, government, hospitality and banking.

"Consider some of the industries we found that could be impacted," the McAfee researchers said. "Industries such as hospitals, government and telecommunication may have severe consequences when these systems malfunction."

While inside a hospital a potential attack can impact human life, in a datacenter scenario attackers could disable the temperature controls and alarm and let the servers crash and suffer physical damage, which could lead to significant downtime and loss of data.

Delta Controls responds effectively

McAfee commended Delta for its response to this issue and its commitment to the vulnerability coordination and fixing process. While the company observed new eBMGR controllers being connected to the internet during the monitoring period, it also observed many more being taken offline.

"We encourage research groups to responsibly disclose vulnerabilities to our team," Delta Controls said in a statement on its website. "Likewise, Delta Controls, Inc., is committed to regularly communicating cybersecurity information to our customers and our industry."

The focus of much ICS security research is on PLCs and SCADA systems used in manufacturing plants, public utilities, gas and oil refineries and other critical infrastructure environments. However, attacks against building automation systems like eBMGR could also have an impact on human life and these devices are more likely to be left exposed on the internet for remote management purposes.

"A principle of least privilege policy may be appropriate, and a network isolation or protected network segment may help provide boundaries of access to adversaries," said Douglas McKee, a senior security researcher with McAfee's Advanced Threat Research team. "An awareness of security research and an appropriate patching strategy can minimize exposure time for known vulnerabilities. We recommend a thorough review and validation of each of these important security tenants to bring these critical assets under the same scrutiny as other infrastructure."

This story, "ICS security: Popular building management system vulnerable to takeover" was originally published by CSO.