SecureList

JANUARY 20, 2022

At the end of 2021, we were made aware of a UEFI firmware-level compromise through logs from our Firmware Scanner , which has been integrated into Kaspersky products since the beginning of 2019. This one is made up of implants found in the UEFI firmware within the SPI flash, a non-volatile storage external to the hard drive.

Firmware 144

Firmware Malware Encryption Passwords 144

ForAllSecure

APRIL 22, 2021

In 2013, researcher Nitesh Dhanjani found that a popular brand used simple MD5 hashes of the device's MAC addresses for authentication. It's like using a hash of your street address, as the password for your front door. The next day I cut the string, There's a parallel here to IoT light bulbs that change colors.

IoT 52

IoT Hacking Internet Internet 52

ForAllSecure

APRIL 22, 2021

In 2013, researcher Nitesh Dhanjani found that a popular brand used simple MD5 hashes of the device's MAC addresses for authentication. It's like using a hash of your street address, as the password for your front door. The next day I cut the string, There's a parallel here to IoT light bulbs that change colors.

IoT 52

IoT Hacking Internet Internet 52

SecureList

APRIL 27, 2022

We have previously seen DustSquad use third-party post-exploitation tools, such as the password dumping utility fgdump; but we have now observed new custom C modules, a first for DustSquad, and Delphi downloaders acting as post-exploitation facilitators, able to gather documents of interest for the actor. Other interesting discoveries.

Malware 130

Malware Firmware Government Phishing 130