Black Arrow Cyber Consulting
0

Blog

Our weekly Cyber Flash Briefing round up of top open source news and ‘Cyber Tip Tuesday’ videos

Posts tagged hp ilo
Black Arrow Cyber Advisory – 20,000 HP Servers Have Their Management Interface Exposed to the Internet

Black Arrow Cyber Advisory – 20,000 HP Servers Have Their Management Interface Exposed to the Internet

Executive Summary

Integrated Lights Out (iLO) is a low-level management interface on Hewlett-Packard (HP) servers, intended for out-of-band or outside-of-operating system access. The service is most used by IT staff managing the device for remote support operations, such as powering the system off, updating firmware or viewing the display via the network. Despite a recent and serious bug dubbed ‘iLOBleed’, approximately 24,000 iLO devices are still exposed to the internet and searchable with Google.

What’s the risk to me or my business?

HP servers are very common in business settings and remain the popular choice globally. Most of these servers come with iLO pre-installed, which makes them a lucrative target to attackers when vulnerable, particularly given their low-level access. In combination with vulnerabilities like ‘iLOBleed’, remotely exposing iLO to the web presents a low hanging fruit that may be too attractive to pass up.

What can I do?

Check with your IT team or MSP to ensure that you aren’t exposing anything to the web that shouldn’t be there, even beyond iLO. Misconfigurations or services such as Universal Plug and Play (UPNP) can expose devices without your knowledge, leaving you open to attack where the exposed systems are vulnerable.

Need help understanding your gaps, or just want some advice? Get in touch with us.

Read More
Black Arrow Adminblack arrow, black arrow cyber, threat advisory, threat alert, alert, hp, server, hp ilo
Black Arrow Cyber Threat Briefing 31 December 2021

Black Arrow Cyber Threat Briefing 31 December 2021

-The Log4j Flaw Will Take Years to be Fully Addressed

-Copycat And Fad Hackers Will Be The Bane Of Supply Chain Security In 2022

-This Nightmare Incident Shows Why You Really Shouldn't Store Passwords In Your Browser

-Kaspersky Research: 47% of Incident Response Requests Linked to Ransomware

-Global Cyber Attacks from Nation-State Actors Posing Greater Threats

-Y2k22 Bug Is Causing Microsoft Exchange Server To Fail Worldwide: FIP-FS Scan Engine Failed To Load

-External Attackers Can Penetrate Most Local Company Networks

-The Have I Been Pwned Service Now Includes 441K Accounts Stolen By RedLine Malware

Read More
Black Arrow Admincyber, cyber security, infosec, information security, guernsey, gfsc, regulated firms, financial services, aviation, accounting, law firms, legal sector, retail, online, cpni, mi5, ncsc, cisa, fbi, national cyber security centre, gchq, cert, cert.gg, nca, national crime agency, europol, interpol, enisa, nato, threat intel, threat intelligence, threat report, ransomware, executives, msp, mssp, cloud, open source, attack surface, hackers, criminals, dark web, remote code execution, rce, zero-day, databases, microsoft, windows, vulnerability, vulnerabilities, vulnerability management, patch management, patching, external it, fraud, bec, business email compromise, email, social engineering, phishing, spear-phishing, whaling, malware, encryption, fraudsters, scammers, scam, organised crime, criminal actor, criminal actors, supply chain, third parties, cryptocurrencies, cryptomining, apple, mac, macos, ios, iphone, android, iot, credentials, credential stuffing, denial of service, ddos, botnet, apt, nation state actors, china, russia, iran, north korea, ai, cyber warfare, espionage, insurance, cyber insurance, incident response, incident response plan, disaster recovery, disaster recovery plan, drp, business continuity, business continuity planning, insiders, staff, users, training, education and awareness training, education, awareness, human element, human centric security, human centric, weakest link, endpoint protection, antivirus, antimalware, wfh, work from home, dns, critical infrastructure, cni, rootkits, rootkit, shadow it, log4j, log4shell, kaspersky, bugcrowd, y2k22, microsoft exchange, exchange servers, infostealer, redline, haveibeenpwned, haveibeenpwned.com, redline malware, norway, hp ilo, ssd overprovisioning, ssds, ssd, t-mobile, msbuild, fraud detection, blacktech apt, aquatic panda, qnap, shutterfly, babuk, rook ransomware, conti, netgear, netgear nighthawk, lastpass, passwords