• Menu
  • Skip to main content
  • Skip to primary sidebar

The Cyber Security News

Latest Cyber Security News

Header Right

  • Latest News
  • Vulnerabilities
  • Cloud Services
cisa warns of ongoing cyber attacks targeting internet connected ups devices

CISA Warns of Ongoing Cyber Attacks Targeting Internet-Connected UPS Devices

You are here: Home / General Cyber Security News / CISA Warns of Ongoing Cyber Attacks Targeting Internet-Connected UPS Devices
March 30, 2022

The U.S. Cybersecurity and Infrastructure Security Company (CISA) and the Office of Vitality (DoE) are jointly warning of attacks in opposition to internet-connected uninterruptible power offer (UPS) gadgets by suggests of default usernames and passwords.

“Organizations can mitigate attacks from their UPS units, which present unexpected emergency ability in a selection of apps when typical electrical power resources are shed, by taking away management interfaces from the internet,” the companies mentioned in a bulletin printed Tuesday.

UPS devices, in addition to offering electric power backups in mission-critical environments, are also geared up with an internet of factors (IoT) functionality, enabling the directors to have out electricity checking and schedule maintenance. But as is usually the case, this kind of attributes can also open up the doorway to destructive attacks.

✔ Approved From Our Partners
AOMEI Backupper Lifetime

Protect and backup your data using AOMEI Backupper. AOMEI Backupper takes secure and encrypted backups from your Windows, hard drives or partitions. With AOMEI Backupper you will never be worried about loosing your data anymore.

Get AOMEI Backupper with 72% discount from an authorized distrinutor of AOMEI: SerialCart® (Limited Offer).

➤ Activate Your Coupon Code


Automatic GitHub Backups

To mitigate towards these kinds of threats, CISA and DoE are advising organizations to enumerate and disconnect all UPS systems from the internet and gate them at the rear of a digital non-public network (VPN) as properly as enforce multi-factor authentication.

The companies have also urged worried entities to update the UPS usernames and passwords to ensure that they don’t match the manufacturing facility default configurations. “This guarantees that likely ahead, danger actors are not able to use their understanding of default passwords to access your UPS,” the advisory browse.

The warnings appear 3 weeks right after Armis scientists disclosed several superior-affect security flaws in APC Wise-UPS units that could be abused by remote adversaries as a physical weapon to obtain and command them in an unauthorized method.

Found this short article intriguing? Comply with THN on Fb, Twitter  and LinkedIn to study additional distinctive content we put up.


Some sections of this post are sourced from:
thehackernews.com

Previous Post: «critical sonicos vulnerability affects sonicwall firewall appliances Critical SonicOS Vulnerability Affects SonicWall Firewall Appliances
Next Post: How to implement passwordless authentication how to implement passwordless authentication»

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Report This Article

Recent Posts

  • Zoom Patches ‘Zero-Click’ RCE Bug
  • Messages Sent Through Zoom Can Expose People to Cyber-Attack
  • Verizon Report: Ransomware, Human Error Among Top Security Risks
  • How Secrets Lurking in Source Code Lead to Major Breaches
  • Learn How Hackers Can Hijack Your Online Accounts Even Before You Create Them
  • UK Government Cybersecurity Advisory Board Applications Now Open
  • Better together: Accelerating security and success for MSPs with automation
  • GoodWill Ransomware Demands People Help the Most Vulnerable
  • McAfee appoints Greg Johnson as new CEO
  • Protecting healthcare from cybercrime

Copyright © TheCyberSecurity.News, All Rights Reserved.