IoT Cloud Cracked by ‘Open Sesame’ Over-the-Air Attack

December 12, 2024 at 04:13PM Ruijie Networks has patched 10 vulnerabilities in its Reyee cloud management platform, potentially allowing control of thousands of devices. Researchers from Claroty, who developed the “Open Sesame” attack, highlighted weaknesses in device authentication. This could enable attackers to impersonate the cloud platform and exploit connected devices, raising IoT security concerns. … Read more

Two simple give-me-control security bugs found in Optigo network switches used in critical manufacturing

October 2, 2024 at 04:46PM Critical security vulnerabilities with severity scores of 9.3 have been discovered in Optigo’s Spectra Aggregation Switch, potentially allowing remote attackers to inject malware into the OT network management switches running version 1.3.7 and earlier. No patches are available, and the manufacturer has issued workarounds to mitigate the vulnerabilities. The US … Read more