New Alerts for IBM, Pepperl+Fuchs, ABB, Dell, and Linux. 

BLURtooth is a new Bluetooth attack.  Devices supporting both Bluetooth BR/EDR and LE using Cross-Transport Key Derivation (CTKD) for pairing are vulnerable to key overwrite, which enables an attacker to to gain additional access to profiles or services that are not restricted by reducing the encryption key strength or overwriting an authenticated key with an unauthenticated key.  

Mitsubishi Electric has patched a vulnerability in MC Works64 and MC Works32 initially reported in June.   

QNAP is just fixing some vulnerabilities initially publicized in January 2019, part of SOHOpelessy Broken 2.0.



Security Wizardry Cyber Threat Intelligence - The Radar Page

Security Wizardry Radar Page provides vulnerability details and visibility for a variety of software and industries.
https://radar.securitywizardry.com

BLURtooth vulnerability lets attackers overwrite Bluetooth authentication keys | ZDNet

All devices using the Bluetooth standard 4.0 through 5.0 are vulnerable. Patches not immediately available.
https://www.zdnet.com/article/blurtooth-vulnerability-lets-attackers-overwrite-bluetooth-authentication-keys/

MITSUBISHI ELECTRIC Global website


https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2020-002_en.pdf

Multiple Vulnerabilities in Helpdesk - Technical Advisory | QNAP


https://www.qnap.com/en/security-advisory/qsa-20-05