Kaspersky Lab experts have helped to identify and patch seven previously unknown vulnerabilities in the ThingsPro Suite – an industrial IoT platform, designed for industrial control systems (ICS) data acquisition and remote analysis.
Some of the vulnerabilities found could potentially allow threat actors to gain highly priviledged access to industrial IoT gateways and execute deadly commands. All vulnerabilities identified were reported to and patched by platform developer Moxa.
ThingsPro Suite is an industrial internet of things platform that automatically gathers data from Operational Technology (OT) devices running at the industrial facility and submits it to an IoT cloud for further analysis. However, as much as such platforms are useful to ease IoT integration and maintenance, they can also be dangerous, unless they are developed and integrated with adequate security concerns in mind. As such solutions work as a connecting point between IT and OT security domains, vulnerabilities found in them can potentially allow attackers to gain access to an industrial network.
Within two weeks, Kaspersky Lab ICS CERT security researchers have been conducting a preconceptual study of the product, testing it for vulnerabilities that could be exploited remotely. As a result, seven zero-day vulnerabilities were found. One of the most severe could allow a remote attacker to execute any command on the target IIoT gateway. Another vulnerability made it possible for cybercriminals to gain root privileges, providing the ability to change the device’s configuration. Moreover, its exploitation could be automated, meaning that cybercriminals could automatically compromise multiple Moxa ThingsPro IoT gateways in different enterprises and to even potentially gain access to industrial networks of the organizations.
“Moxa is a trusted and respected brand in the industrial systems world. However, despite the company’s vast expertise and experience, its new product had a number of vulnerabilities, which shows that it is important even for industry leaders to conduct proper cybersecurity tests. We call on all ICS-product developers to act responsibly, performing regular vulnerability checks, treating the security of solutions for industrial systems as an integral and essential part of development,” said Alexander Nochvay, security researcher at Kaspersky Lab.
To keep industrial control systems safe, we advise that companies:
- Restrict access of IoT gateway devices to components of the enterprise’s OT and IT networks to the extent possible;
- Restrict access to IoT gateway devices from the enterprise network and the internet to the extent possible;
- Set up monitoring of remote access to the enterprise’s OT network, as well as monitoring of access to individual ICS components (workstations, servers, and other equipment) inside the OT network;
- Use solutions designed to analyze network traffic, detect and prevent network attacks – at the boundary of the enterprise network and at the boundary of the OT network;
- Use dedicated solutions to monitor and perform deep analysis of network traffic on the OT network and detect attacks on industrial equipment;
- Ensure the security of hosts on the enterprise’s IT and OT networks using solutions that provide protection from malware and cyberattacks.
- Provide cyber-hygiene training to employees, partners and suppliers who have access to the enterprise’s OT network.
- To assist companies in choosing mature OT security solutions, world’s leading research and advisory company Gartner has released its Competitive Landscape: Operational Technology Security report (Authored by: Ruggero Contu, Published on: 29 October 2018).
- Kaspersky Lab was cited for its solutions under the following categories: OT endpoint security, OT network monitoring and visibility, anomaly detection, incident response, and reporting, and OT Security Service. To see the full complimentary copy of report please visit the Gartner website.
Dinesh Nair Appointed as Director for Consumer Business Lenovo India
Global technology leader Lenovo has appointed Dinesh Nair as Director, Consumer Business for India region. Dinesh succeeds Mr. Shailendra Katyal, who has recently been appointed Site Leader for Lenovo India and Managing Director of Lenovo’s PC and smart device business in India.
Dinesh Nair has been an integral part of the Lenovo India consumer business for more than 11 years and has worked successfully across several roles. His most recent role was as the sales & channel management lead for Lenovo’s consumer segment in India. He has handled leadership responsibilities across offline general trade retail, distribution management, field sales, eCommerce, large format retail and category management, and has been a key contributor to the company’s growth journey in India.
“During this difficult time in India, we are working hard to ensure the safety of our employees, partners and customers and I am grateful that we have excellent leaders in place to bring our team together and offer this support. I am proud to hand over the reins of the consumer business to Dinesh. At the same time, this is a demonstration of our commitment to developing talent internally. I am sure he, along with the consumer leadership team, will propel the business to new heights,” said Shailendra Katyal, Managing Director, Lenovo India.
ASUS ROG Announces ROG Masters Asia Pacific eSports Tournament
ASUS ROG will host its first ROG Masters Asia Pacific eSports tournament from March to April 2021. Due to COVID-19 pandemic affecting travel around the region, the tournament will be conducted entirely online, with quarterfinal to final matches livestreamed.
The ROG Masters tournament will feature Counter-Strike: Global Offensive (CS:GO) as the official game title will provide opportunity to teams with enthusiastic players to pitch their skills against each other, as well as the best professional teams from their market and in the region.
The tournament will see various teams from 15 markets across the region vying for the chance to be crowned as the first ROG Masters Asia Pacific Edition CS:GO Champion.
The tournament will be played in three stages played over the course of 2 months:
- Country qualifiers
- Country finals
- Asia Pacific finals
Country qualifiers matches for India will start in the second week of April 2021; 8th April and the finals to be held on the 10th April. The India finals to find the top three teams to represent the country will be livestreamed live on 10th April.
Professional teams from across the region will be automatically placed into seeded positions in the country finals. This gives a greater chance for non-professional, enthusiast teams from India to get through the qualifiers and meet the pro teams in the country finals.
Country Champions will then go on to experience battling winning teams from other APAC markets in the finals that will be livestreamed during 22nd to 25th April 2021.
3 qualifying teams from India finals will stand to win US$800 for first place, US$400 for second place, US$200 for third place. They will then go on to the Asia Pacific finals with the chance to win the following prizes for the championship:
|ROG Masters APAC Championship||APAC Finals (USD/ team)|
Registration and Official Tournament Website
Registration for the first ROG Masters Asia Pacific tournament opens on February 8, 2021 at the tournament’s official website.
Registration closes on February 28, 2021 Further details, match schedules, pro team information as well as rules and regulations can also be found on the tournament website.
Garena Launches Free Fire South Asia Showdown: Battle of the Stars
Garena has announced the Free Fire South Asia Showdown: Battle of the Stars, Free Fire’s first-ever esports tournament for the South Asia region. Taking place on 6 February, the tournament will feature some of the gaming community’s favourite Free Fire streamers and personalities from India, Pakistan, Nepal, and Bangladesh.
The Free Fire community has continued to expand in South Asia and across the world, with the mobile battle royale game the most downloaded mobile game globally in 2020, according to App Annie. Through the Free Fire South Asia Showdown: Battle of the Stars, Garena will look to continue its efforts to excite and delight its fast-growing South Asian community with exciting Free Fire content, and to support and develop the incredible online community in the region.
The Free Fire South Asia Showdown: Battle of the Stars will feature a total of 12 teams. Each team will be led by one of the top 3 streamers from each of the 4 participating nations – chosen by public voting – in this epic clash to determine the best in the region.
The 12 teams will compete in the Battle Royale Squad mode for a slice of the 1 million diamond prize pool. The ultimate winner of this star-studded tournament will receive 500,000 in-game diamonds; the first and and second runners-up will be awarded 300,000 and 200,000 diamonds respectively.
The Free Fire South Asia Showdown: Battle of the Stars will feature some of the most popular streamers and personalities from across South Asia.
The team captains for each nation are:
- Total Gaming (19.4 Million YT Subs)
- Desi Gamers (7.8 Million YT Subs)
- Two-Side Gamers (6.85 Million YT Subs)
- Gaming with Nayeem (1.6 Million YT Subs)
- Illusionist YT (479K YT Subs)
- Gaming With Zihad (698K YT Subs)
- Sooneeta (3.26 Million YT Subs)
- Bshow Mgr (399K YT Subs)
- Tonde Gamer (2.37 Million YT Subs)
- RKG ARMY (1.77 Million YT Subs)
- Unusual Gamer (81K YT Subs)
- The Skinzo FF (75.5K YT Subs)
Fans can witness all the high-octane action by tuning in to the live broadcasts of the Free Fire South Asia Showdown: Battle of the Stars. These will be hosted on Free Fire Esports India YouTube and Facebook, Free Fire Bangladesh Official YouTube and Facebook, as well as on BOOYAH!.
To cater to the diverse South Asian community, the matches will be streamed with live commentary in 5 languages – Bengali, English, Hindi, Nepali and Urdu.
Smartphone5 days ago
iPhone 13 Pro and 13 Pro Max Officially Launched, Check Details
Smartphone5 days ago
Apple iPhone 13 and iPhone 13 Mini Launched, Check Price & Features
Auto Tech5 days ago
Used Vehicle Sales Jumped in First Half of 2021 on Droom
Gadgets5 days ago
iPad Mini with Next-gen Features Launched, Here are The Details
Trending2 days ago
Win Exciting Prizes at TCL Cricket Festival 2021, Know Details Here
Gadgets3 days ago
Bring Joy to Your Parties with Portronics “Dash” Bluetooth Speaker
Smartphone2 days ago
Infinix HOT 11 Series Launched in India, Know Specifications Here
Auto Tech4 days ago
MG Brings New ‘MG Astor’ with AI Assistant