Voicemod

Voicemod

Real-time voice changer that works with any application and comes equipped with an extensive collection of voices and ambient effects

FULL VERSION + CRACK
Flvto Youtube Downloader

Flvto Youtube Downloader

With this simple and intuitive application, you can swiftly download all your favorite online videos to your computer, in just a couple of moves

FULL VERSION + CRACK
iMyFone LockWiper

iMyFone LockWiper

Helps you bypass the iPhone passcode in case you forgot it and the device became unusable or you have to wait for a long time before attempting to unlock it again

FULL VERSION + CRACK
Logic Pro X

Logic Pro X

A fully-featured recoding studio that provides a complete set of tools for musicians who need to write, record, edit and mix music

FULL VERSION + CRACK
Internet Download Manager (IDM)

Internet Download Manager (IDM)

Push your Internet connection to the limits and cleverly organize or synchronize download processes with this powerful application

FULL VERSION + CRACK

IT News

Sep 20
Decommissioning a data center is lot more complicated than shutting down servers and switches. Here's what you should keep in mind.
Sep 20
The world's fourth-largest bank said cryptocurrency will allow near real-time money movement and cut out settlement middlemen, thus reducing costs from fees.
Sep 20
Researchers gained access to a Smominru command-and-control server to get details on compromised devices and scope of the attack.
Sep 19
Researchers were able to achieve amplification rates of up to 15,300%. Some mitigations are possible.
Sep 18
France and Germany are the latest nations to come out against cryptocurrencies, saying they will block Facebook's Libra as it poses a risk to consumers and "the monetary sovereignty" of European nations.
Sep 18
During its OpenWorld event this week, the company also unveiled plans to have its Digital Assistant integrate with Microsoft's Teams collaboration platform.
Sep 18
Oracle adds more automation, business networking, recruitment tools and a plethora of digital assistants to its cloud apps.

Categories

ICS security: Popular building management system vulnerable to takeover

Security researchers found a remotely exploitable critical vulnerability in a building management system used by businesses, hospitals, factories and other organizations to control things like ventilation, temperature, humidity, air pressure, lighting, secure doors and more. The vendor has released a firmware update, but hundreds of these systems are still exposed on the internet, highlighting the risks of remote management for ICS devices.

The vulnerability, tracked as CVE-2019-9569, was discovered by researchers from security firm McAfee and affects enteliBUS Manager (eBMGR), a control system that can be used to manage different I/O switches connected to things like sensors, alarms, motors, locks, valves and other industrial equipment. The system can also serve as a router for linking multiple Building Automation Control Network (BACnet) segments.

The eBMGR is made by a company called Delta Controls that's headquartered in British Columbia, Canada, but which has offices and sells its products around the world. The discovered issue is a buffer overflow vulnerability located in the BACnet stack that results in remote code execution when exploited successfully. Attackers can trigger it by sending maliciously crafted packets to the vulnerable devices, which does not require authentication or user interaction.

To demonstrate the attack, the McAfee researchers created an exploit that deploys a malware program on the device which gives attackers remote control capabilities over the device. While they don't plan to release exploit code at this time, the researchers presented their findings at the DEF CON security conference in Las Vegas.

"Consider for a moment a positive pressure room in a hospital, the kind typically used to keep out contaminants during surgeries," McAfee security researcher Mark Bereza said in a blog post. "Managing rooms such as these is a typical application for the eBMGR and it does not take an overactive imagination to envision what kind of damage a bad actor could cause if they disrupted such a sensitive environment."

Steve Povolny, the head of Advanced Threat Research at McAfee, tells CSO that since BACnet is a UDP-based protocol, the vulnerability can easily be exploited by broadcasting messages to the entire network. He also added that devices can be attacked over the internet and that it's not unusual for such control systems to be exposed for remote management.

Vulnerable devices found worldwide

Between February and April, McAfee found nearly 600 eBMGR controllers running vulnerable firmware versions (571848 and prior) on the internet. However, other publicly exposed Delta Controls devices share the same firmware as eBMGR and are also likely to be vulnerable. McAfee estimated the total number of targets at around 1,600, but many more exist inside enterprise networks and can be attacked if not properly isolated from the other systems.

Most of the internet-connected controllers are located in North America with 53% in the U.S. and 35% in Canada. However, vulnerable devices were also observed in the U.K., Ireland, Italy, Germany, New Zealand, Singapore, Japan, Australia and other countries.

An analysis of their IP addresses revealed that almost a third of them are operated by organizations from the education sector, followed by telecommunications, real estate, medical, food, government, hospitality and banking.

"Consider some of the industries we found that could be impacted," the McAfee researchers said. "Industries such as hospitals, government and telecommunication may have severe consequences when these systems malfunction."

While inside a hospital a potential attack can impact human life, in a datacenter scenario attackers could disable the temperature controls and alarm and let the servers crash and suffer physical damage, which could lead to significant downtime and loss of data.

Delta Controls responds effectively

McAfee commended Delta for its response to this issue and its commitment to the vulnerability coordination and fixing process. While the company observed new eBMGR controllers being connected to the internet during the monitoring period, it also observed many more being taken offline.

"We encourage research groups to responsibly disclose vulnerabilities to our team," Delta Controls said in a statement on its website. "Likewise, Delta Controls, Inc., is committed to regularly communicating cybersecurity information to our customers and our industry."

The focus of much ICS security research is on PLCs and SCADA systems used in manufacturing plants, public utilities, gas and oil refineries and other critical infrastructure environments. However, attacks against building automation systems like eBMGR could also have an impact on human life and these devices are more likely to be left exposed on the internet for remote management purposes.

"A principle of least privilege policy may be appropriate, and a network isolation or protected network segment may help provide boundaries of access to adversaries," said Douglas McKee, a senior security researcher with McAfee's Advanced Threat Research team. "An awareness of security research and an appropriate patching strategy can minimize exposure time for known vulnerabilities. We recommend a thorough review and validation of each of these important security tenants to bring these critical assets under the same scrutiny as other infrastructure."

This story, "ICS security: Popular building management system vulnerable to takeover" was originally published by CSO.