2012 and Firmware - Cyber Security Informer

New UEFI bootkit used to backdoor Windows devices since 2012

Bleeping Computer

OCTOBER 5, 2021

A newly discovered and previously undocumented UEFI (Unified Extensible Firmware Interface) bootkit has been used by attackers to backdoor Windows systems by hijacking the Windows Boot Manager since at least 2012. [.].

Firmware

Researchers Discover UEFI Bootkit Targeting Windows Computers Since 2012

The Hacker News

OCTOBER 5, 2021

Cybersecurity researchers on Tuesday revealed details of a previously undocumented UEFI (Unified Extensible Firmware Interface) bootkit that has been put to use by threat actors to backdoor Windows systems as early as 2012 by modifying a legitimate Windows Boot Manager binary to achieve persistence, once again demonstrating how technology meant to (..)

Firmware

Firmware Technology Cybersecurity

China-linked APT Mustang Panda targets TP-Link routers with a custom firmware implant

Security Affairs

MAY 16, 2023

China-linked APT group Mustang Panda employed a custom firmware implant targeting TP-Link routers in targeted attacks since January 2023. MustangPanda has been active since at least 2012, it targeted American and European entities such as government organizations, think tanks, NGOs , and even Catholic organizations at the Vatican.

Firmware

Firmware Encryption Government Malware

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

Devices from Dell, HP, and Lenovo used outdated OpenSSL versions

Security Affairs

NOVEMBER 25, 2022

The researchers discovered the issue by analyzing firmware images used devices from the above manufacturers. The experts analyzed one of the core frameworks EDKII used as a part of any UEFI firmware which has its own submodule and wrapper over the OpenSSL library ( OpensslLib ) in the CryptoPkg component. that dates back 2012.

Firmware

Firmware Manufacturing Hacking Software

A critical flaw in industrial automation systems opens to remote hack

Security Affairs

NOVEMBER 29, 2020

out of 10 in severity by the industry-standard Common Vulnerability Scoring System (CVSS) and impacts all versions of EtherNet/IP Adapter Source Code Stack prior to 2.28, which was released on November 21, 2012. Tracked as CVE-2020-25159 , the flaw is rated 9.8 This would leave many running in the wild still today.”

Hacking

Hacking Firmware Internet Internet

Experts demonstrate how to unlock several Honda models via Rolling-PWN attack

Security Affairs

JULY 10, 2022

According to the experts, the issue affects all Honda vehicles on the market (From the Year 2012 up to the Year 2022). But the recommended mitigation strategy is to upgrade the vulnerable BCM firmware through Over-the-Air (OTA) Updates if feasible. Therefore, those commands can be used later to unlock the car at will.”

Firmware

Firmware Marketing Engineering Hacking

MyBook Users Urged to Unplug Devices from Internet

Krebs on Security

JUNE 25, 2021

The My Book Live and My Book Live Duo devices received its final firmware update in 2015. “The vulnerability report CVE-2018-18472 affects My Book Live devices originally introduced to the market between 2010 and 2012,” reads a reply from Western Digital that Wizcase posted to its blog.

Internet

Internet Internet Backups Small Business

Both Mirai and Hoaxcalls IoT botnets target Symantec Web Gateways

Security Affairs

MAY 19, 2020

“There is no evidence to support any other firmware versions are vulnerable at this point in time and these findings have been shared with Symantec.” Experts note that the exploit is only effective for authenticated sessions and the affected devices are End of Life (EOL) from 2012. ” concludes Palo Alto Networks.

IoT

IoT DDOS Authentication Advertising

QNAP customers urged to disable AFP to protect against severe vulnerabilities

Malwarebytes

APRIL 28, 2022

of Netatalk was released in July 2012. Western Digital removed Netatalk from its firmware, released on January 10, 2022. Netatalk is a free, open-source implementation of AFP that allows the Unix-like operating systems (that frequently power NAS devices) to serve as a file server for macOS systems. Version 3.0 Not just QNAP.

Firmware

Firmware Backups Internet Internet

Update now: Microsoft patches 97 bugs including 6 zero-days and a wormable one

Malwarebytes

JANUARY 12, 2022

Patches that can cause problems include the following: KB5009624 for Server 2012 R2 KB5009595 for Server 2012 R2 KB5009546 for Server 2016 KB5009557 for Server 2019. The Windows Platform Binary Table is a fixed firmware ACPI (Advanced Configuration and Power Interface) table. It’s unclear if Server 2022 is similarly impacted.

Authentication

Authentication Firmware Passwords Technology

Top 6 Rootkit Threats and How to Protect Yourself

eSecurity Planet

NOVEMBER 7, 2022

Firmware Rootkit. A firmware rootkit uses device or platform firmware to create a persistent malware image in the router, network card, hard drive or the basic input/output system (BIOS). The rootkit is able to remain hidden because firmware is not usually inspected for code integrity.

Firmware

Firmware Malware Antivirus Firewall

Over 19,000 Orange Livebox ADSL modems leak WiFi credentials

Security Affairs

DECEMBER 25, 2018

The flaw tracked as CVE-2018-20377 is known at least since 2012 when Rick Murray described it in a blog post. . “This allows allow any remote user to easily access the device and maliciously modify the device settings or firmware. Mursch also reported that many exposed devices use default credentials (i.e. admin/admin).

Passwords

Passwords Wireless Firmware Advertising

Advanced threat predictions for 2023

SecureList

NOVEMBER 14, 2022

In both cases, we described new UEFI firmware bootkits that managed to propagate malicious components from the deepest layers of the machine up to Windows’ user-land. CobaltStrike, released in 2012, is a threat emulation tool designed to help red teams understand the methods an attacker can use to penetrate a network.

Firmware

Firmware Surveillance Mobile Telecommunications

WizCase Report: Vulnerabilities found in WD My Book, NetGear Stora, SeaGate Home, Medion LifeCloud NAS

Security Affairs

OCTOBER 20, 2018

CVE-2018-18472 – XXE and Unauthenticated Remote Command Execution in Axentra Hipserv NAS firmware. . It’s used in different devices from different vendors, the affected devices sharing the firmware are: Netgear Stora. The company provides a firmware with a web interface that mainly uses PHP as a serverside language.

Firmware

Firmware IoT VPN Authentication

Application Security Testing Evolution and How a Software Bill of Materials Can Help

Veracode Security

SEPTEMBER 23, 2021

On the other hand, static application security testing (SAST) or a manual code review would have found it. My first stint at Veracode was in 2012, after six years working as an application security consultant. The name of the parameter was undocumented and not easy to guess. Here's an example of a CycloneDX SBOM in JSON format: ?

Software

Software Penetration Testing Firmware Government

Feds Warn About Critical Infrastructure Ransomware Attacks, Vulnerabilities

eSecurity Planet

FEBRUARY 15, 2022

Update and patch operating systems, software, and firmware as soon as updates and patches are released. or Windows Server (2008 R2 SP1, 2012 Gold) allows attackers to execute arbitrary code via crafted HTTP requests. Review domain controllers, servers, workstations, and active directories for new or unrecognized user accounts.

Ransomware

Ransomware Encryption Backups Accountability

StripedFly: Perennially flying under the radar

SecureList

OCTOBER 25, 2023

This archive is discreetly hosted on legitimate websites, cleverly disguised as firmware binaries for enigmatic devices labeled “m100” The Bitbucket repository was created on June 21, 2018, under the account of Julie Heilman, and it remains the sole repository associated with this profile. 8, 15.0.0.0/8, 8, 16.0.0.0/8,

Malware

Malware DNS Encryption Cryptocurrency

Application Security Testing Evolution and How a Software Bill of Materials Can Help

Security Boulevard

SEPTEMBER 23, 2021

My first stint at Veracode was in 2012, after six years working as an application security consultant. The name of the parameter was undocumented and not easy to guess. On the other hand, static application security testing (SAST) or a manual code review would have found it. . Application . Container . Framework . Operating System .

Software

Software Penetration Testing Firmware Government

Mobile malware evolution 2020

SecureList

MARCH 1, 2021

The manufacturer of the mobile device preloads an adware application or a component with the firmware. It could only make its way there via another Trojan that exploited system privileges or as part of the firmware. This is a typical example of the kind of old-school text-message scams that were popular in 2011 and 2012.

Mobile

Mobile Malware Adware Banking

Growing Cyber Threats to the Energy and Industrial Sectors

NopSec

DECEMBER 7, 2016

Remember Shamoon, the malware that disabled some 35,000 computers at one of the world’s largest oil companies in 2012? Perhaps most troubling, attackers occasionally target the device firmware of industrial control systems. If you’ve read cybersecurity news lately, you’ve probably heard that it’s back.

Cyber threats

Cyber threats Ransomware Cyber Attacks Manufacturing

The Hacker Mind Podcast: DEF CON Villages

ForAllSecure

AUGUST 2, 2022

And people are talking about hacking control system tackling PLCs and what we quickly realize is they don't they've never touched to be able to say they have no idea what these control systems are how they work their security researchers, you know that that maybe the firmware or maybe they found a program or something somewhere.

Hacking

Hacking Computers and Electronics InfoSec Software

The Hacker Mind Podcast: The Right To Repair

ForAllSecure

FEBRUARY 10, 2021

” So should analyzing a device’s firmware for security flaws be considered illegal? In a moment I’ll talk with someone who is leading the Right to Repair movement in the United States and discuss how current laws impact those who hack digital devices. As Stuart Brand said back in 1984 “information wants to be free.”

InfoSec

InfoSec Manufacturing Technology Software

The Hacker Mind Podcast: The Right To Repair

ForAllSecure

FEBRUARY 10, 2021

” So should analyzing a device’s firmware for security flaws be considered illegal? In a moment I’ll talk with someone who is leading the Right to Repair movement in the United States and discuss how current laws impact those who hack digital devices. As Stuart Brand said back in 1984 “information wants to be free.”

InfoSec

InfoSec Manufacturing Technology Software

Cyber Security Informer

New UEFI bootkit used to backdoor Windows devices since 2012

Researchers Discover UEFI Bootkit Targeting Windows Computers Since 2012

Webinars

Trending Sources

China-linked APT Mustang Panda targets TP-Link routers with a custom firmware implant

Webinars

Devices from Dell, HP, and Lenovo used outdated OpenSSL versions

A critical flaw in industrial automation systems opens to remote hack

Experts demonstrate how to unlock several Honda models via Rolling-PWN attack

MyBook Users Urged to Unplug Devices from Internet

Both Mirai and Hoaxcalls IoT botnets target Symantec Web Gateways

QNAP customers urged to disable AFP to protect against severe vulnerabilities

Update now: Microsoft patches 97 bugs including 6 zero-days and a wormable one

Top 6 Rootkit Threats and How to Protect Yourself

Over 19,000 Orange Livebox ADSL modems leak WiFi credentials

Advanced threat predictions for 2023

WizCase Report: Vulnerabilities found in WD My Book, NetGear Stora, SeaGate Home, Medion LifeCloud NAS

Application Security Testing Evolution and How a Software Bill of Materials Can Help

Feds Warn About Critical Infrastructure Ransomware Attacks, Vulnerabilities

StripedFly: Perennially flying under the radar

Application Security Testing Evolution and How a Software Bill of Materials Can Help

Mobile malware evolution 2020

Growing Cyber Threats to the Energy and Industrial Sectors

The Hacker Mind Podcast: DEF CON Villages

The Hacker Mind Podcast: The Right To Repair

The Hacker Mind Podcast: The Right To Repair

Stay Connected