[ninux-roma] Fwd: NVENTAWires - Ubiquiti Networks, aggiornamento sulla sicurezza

Matteo Pedani matteo at pedani.it
Fri May 20 10:07:59 CEST 2016 

---------- Forwarded message ----------
From: NVENTAWires.it <info at nventawires.it>
Date: 2016-05-18 9:45 GMT+02:00
Subject: NVENTAWires - Ubiquiti Networks, aggiornamento sulla sicurezza
To: matteo at pedani.it


NVENTAWires srl | via Ferdinando I d'Aragona, 87
81028, Santa Maria a Vico (CE)
Tel. +39 0823 1606 730 | P.IVA: IT03955890615
mail: info at nventawires.it
View this email in your browser
<http://us3.campaign-archive1.com/?u=13c723899412c0a21c3e47162&id=91e3e3bae5&e=555c26c12d>

<http://nventawires.us3.list-manage2.com/track/click?u=13c723899412c0a21c3e47162&id=6c68f5835a&e=555c26c12d>

*UBIQUITI Networks*
Importante aggiornamento sulla sicurezza
Gentile cliente,

le inoltriamo questa comunicazione da parte di Ubiquiti Networks:

Gentile Cliente,

durante la scorsa settimana abbiamo ricevuto un insolito numero di
segnalazioni per dispositivi Ubiquiti compromessi o infettati con virus.
Ubiquiti vuole avvisarla delle potenzialità di questo attacco e fornire
alcune informazioni utili per proteggere i suoi dispositivi e prevenire
quello che sta accadendo.

Questo riguarda solo i dispositivi che utilizzano firmware obsoleti.

Ubiquiti fornisce uno strumento di correzione da utilizzare nel caso in cui
un dispositivo della sua rete sia stato infettato:
https://community.ubnt.com/t5/airMAX-General-Discussion/Malware-Removal-Tool-05-15-2016/m-p/1564953#U1564953
<http://nventawires.us3.list-manage1.com/track/click?u=13c723899412c0a21c3e47162&id=7231562086&e=555c26c12d>

Ubiquiti consiglia i seguenti accorgimenti per assicurare la protezione dei
suoi dispositivi:
1)    Aggiorni il firmware all’ultima versione! Sono presenti diverse
vulnerabilità sulla sicurezza che abbiamo risolto nell’ultimo anno.
2)    Blocchi l’accesso alla gestione delle interfacce (SSH, HTTP, HTTPS)
dall’esterno/accessi pubblici attraverso le impostazioni del firewall
3)    Cambi le credenziali di accesso di default ubnt/ubnt

Per qualsiasi Informazione scriveteci (support at ubnt.com).

Cordiali saluti
Ubiquiti Networks
________________________________________

Hi all,

In the last week we’ve seen an unusual number of reports about Ubiquiti
devices being compromised and getting infected with a virus/worm.

We wanted to reach out to as many customers as possible to warn of the
potential for this attack and provide some information to help protect your
devices and prevent this from happening.

This only affects devices using outdated firmware.

We have provided a fix / patch tool you can use in case any devices on your
network have become affected:
https://community.ubnt.com/t5/airMAX-General-Discussion/Malware-Removal-Tool-05-15-2016/m-p/1564953#U1564953
<http://nventawires.us3.list-manage.com/track/click?u=13c723899412c0a21c3e47162&id=877b419830&e=555c26c12d>

We also strongly encourage the following tips to ensure your devices are
protected:
1) Run the latest firmware! There are various security vulnerabilities we
have fixed in the last year.
2) Block access to management interfaces (SSH, HTTP, HTTPS) from
outside/public access via firewall rules
3) Change default ubnt/ubnt login credentials

If you have any questions, please email us (support at ubnt.com).

Best Regards,

Ubiquiti Networks
IMPORTANT
What We Know

In recent days, we’ve seen virus activity taking network devices offline.
In most cases, devices are reset to factory defaults. In other cases,
devices are still operational, but inaccessible. The virus is using an
HTTP/HTTPS exploit that doesn’t require authentication. Simply having a
radio with out-of-date firmware and having its HTTP (port 80)/HTTPS (port
443) interface exposed to the Internet is enough to get infected.
Checking Your Devices

Devices running the following firmware are *NOT* affected:

Ensure the Safety of Your Devices







Ubiquiti takes these threats seriously and has created a patch and an
Android app to diagnose and fix the problem. To check your devices and
remove the virus, please use *the removal tool*
<http://nventawires.us3.list-manage2.com/track/click?u=13c723899412c0a21c3e47162&id=b62837422a&e=555c26c12d>




Note: The tool has the ability to upgrade airMAX M series devices to
airOS® v5.6.5, which completely disables custom script usage.

If a device is inaccessible, TFTP recovery will be required to reset it to
factory defaults.

<http://nventawires.us3.list-manage.com/track/click?u=13c723899412c0a21c3e47162&id=06f1eaa8f1&e=555c26c12d>


*Copyright © *|2015|* *|NVENTAWires SRL|*, All rights reserved.*
Stai ricevendo questa email perche' hai sottoscirtto le comunicazione
durante la registrazione del tuo account con nventawires.it

*Our mailing address is:*
NVENTAWIRES SRL
Via Ferdinando I D'Aragona
Santa Maria a Vico, CE 81028
Italy

Add us to your address book
<http://nventawires.us3.list-manage.com/vcard?u=13c723899412c0a21c3e47162&id=017ad302f4>


unsubscribe from this list
<http://nventawires.us3.list-manage1.com/unsubscribe?u=13c723899412c0a21c3e47162&id=017ad302f4&e=555c26c12d&c=91e3e3bae5>
update subscription preferences
<http://nventawires.us3.list-manage.com/profile?u=13c723899412c0a21c3e47162&id=017ad302f4&e=555c26c12d>





-- 
*Matteo Pedani*

www.pedani.it
mobile +39  3343637690
phone +39 0699341466
phone +39 069415152
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://ml.ninux.org/pipermail/roma/attachments/20160520/5ea43d82/attachment-0001.html>

More information about the Roma mailing list