2015 and Firmware - Cyber Security Informer

MY TAKE: Why locking down ‘firmware’ has now become the next big cybersecurity challenge

The Last Watchdog

JUNE 10, 2019

Locking down firmware. Starks Federal Communications Commission member Geoffrey Starks recently alluded to the possibility that China may have secretly coded the firmware in Huawei’s equipment to support cyber espionage and cyber infrastructure attacks. telecoms by Chinese tech giant Huawei.

Firmware

Firmware Cybersecurity Technology Engineering

Unsigned Firmware running on peripherals could expose Windows, Linux systems to hack

Security Affairs

FEBRUARY 18, 2020

Peripheral devices with unsigned firmware can expose Windows and Linux machines to hack, warn experts from firmware security firm Eclypsium. An attacker could exploit the lack of checks to execute malicious firmware and perform malicious actions on both Windows and Linux systems, such as the installation of persistent backdoors.

Firmware

Firmware Hacking Authentication Advertising

Another 0-Day Looms for Many Western Digital Users

Krebs on Security

JULY 2, 2021

Countless Western Digital customers saw their MyBook Live network storage drives remotely wiped in the past month thanks to a bug in a product line the company stopped supporting in 2015, as well as a previously unknown zero-day flaw. “We strongly encourage moving to the My Cloud OS5 firmware,” the statement reads.

Firmware

Firmware Passwords Internet Internet

QNAP urges users to update NAS firmware and app to prevent infections

Security Affairs

SEPTEMBER 29, 2020

While the AgeLocker ransomware continues to target QNAP NAS systems, the Taiwanese vendor urges customers to update the firmware and apps. Taiwanese vendor QNAP is urging its customers to update the firmware and apps installed on their network-attached storage (NAS) devices to prevent AgeLocker ransomware infections.

Firmware

Firmware Ransomware Encryption Advertising

Intel addresses High-Severity flaws in NUC Firmware and other tools

Security Affairs

AUGUST 18, 2019

Intel released security updates to address high-severity vulnerabilities in NUC firmware, the Processor Identification Utility, and the Computing Improvement Program. Intel Patch Tuesday for August 2019 addressed high-severity vulnerabilities in NUC firmware, Processor Identification Utility, and Computing Improvement Program.

Firmware

Firmware Authentication Advertising Hacking

Flaws in firmware expose almost any modern PC to Cold Boot Attacks

Security Affairs

SEPTEMBER 13, 2018

New Firmware Flaws Resurrect Cold Boot Attacks. A team of security researchers demonstrated that the firmware running on nearly all modern computers is vulnerable to cold boot attacks. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. concludes the experts. Pierluigi Paganini.

Firmware

Firmware Encryption Advertising Passwords

D-Link releases a security firmware update that only fixes 3 out 6 issues in DIR-865L home routers

Security Affairs

JUNE 13, 2020

D-Link has released a firmware update to address three security flaws impacting the DIR-865L home router model, but left some issue unpatched. D-Link has recently released a firmware update to address three out of six security flaws impacting the DIR-865L wireless home router. Pierluigi Paganini.

Firmware

Firmware Wireless Advertising Risk

Netgear fixes a critical RCE that could allow to takeover Flagship Nighthawk routers

Security Affairs

MARCH 8, 2020

Netgear has addressed a critical remote code execution vulnerability that could be exploited by an unauthenticated attacker to take over AC Router Nighthawk (R7800) hardware running firmware versions prior to 1.0.2.68. NETGEAR strongly recommends that you download the latest firmware as soon as possible.”

Firmware

Firmware Wireless Advertising Authentication

Second-ever UEFI rootkit used in North Korea-themed attacks

Security Affairs

OCTOBER 5, 2020

The experts were investigating several suspicious UEFI firmware images when discovered four components, some of which were borrowing the source code a Hacking Team spyware. In 2015, the hacker who breached the systems of the Italian surveillance firm Hacking Team leaked a 400GB package containing hacking tools and exploits codes.

Firmware

Firmware Spyware Surveillance Hacking

NSA publishes guidance on UEFI Secure Boot customization

Security Affairs

SEPTEMBER 16, 2020

The US National Security Agency (NSA) published guidance on the Unified Extensible Firmware Interface (UEFI) Secure Boot customization. The United States National Security Agency (NSA) has published guidance on how the Unified Extensible Firmware Interface (UEFI) Secure Boot feature that can be customized organizations.

Firmware

Firmware Advertising Manufacturing Malware

MyBook Users Urged to Unplug Devices from Internet

Krebs on Security

JUNE 25, 2021

The My Book Live and My Book Live Duo devices received its final firmware update in 2015. . “In some cases, this compromise has led to a factory reset that appears to erase all data on the device. We understand that our customers’ data is very important.

Internet

Internet Internet Backups Small Business

CVE-2019-0090 flaw affects Intel Chips released in the last 5 years

Security Affairs

MARCH 7, 2020

The CVE-2019-0090 vulnerability affects the firmware running on the ROM of the Intel’s Converged Security and Management Engine (CSME). Intel CSME is responsible for initial authentication of Intel-based systems by loading and verifying all other firmware for modern platforms.” x, SPS_E3_05.00.04.027.0. .”

Firmware

Firmware Technology Advertising Authentication

HP releases firmware updates for two critical RCE flaws in Inkjet Printers

Security Affairs

AUGUST 6, 2018

HP has released firmware updates that address two critical remote code execution vulnerabilities in some models of inkjet printers. HP has released firmware updates to address two critical RCE flaws affecting some Inkjet printers. Go to the Upgrading Printer Firmware page and follow the instructions provided to install the firmware.

Firmware

Firmware Advertising Software Hacking

Researchers warn of QNAP NAS attacks in the wild

Security Affairs

AUGUST 31, 2020

Hackers target QNAP NAS devices running multiple firmware versions vulnerable to a remote code execution (RCE) flaw addressed by the vendor 3 years ago. QNAP addressed the vulnerability with the release of firmware version 4.3.3 Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. on July 21, 2017.

Firmware

Firmware Advertising Malware Internet

AMD is going to patch UEFI SMM callout privilege escalation flaw

Security Affairs

JUNE 22, 2020

AMD is going to release patches for a flaw affecting the System Management Mode (SMM) of the Unified Extensible Firmware Interface (UEFI). The vulnerability was discovered by the security researcher Danny Odler, it resides in the AMD’s Mini PC could allow attackers to manipulate secure firmware and execute arbitrary code.

Firmware

Firmware Architecture Advertising Manufacturing

BotenaGo botnet targets millions of IoT devices using 33 exploits

Security Affairs

NOVEMBER 11, 2021

Below is the list of exploits used by the bot: Vulnerability Affected devices CVE-2020-8515 DrayTek Vigor2960 1.3.1_Beta, Vigor3900 1.4.4_Beta, and Vigor300B 1.3.3_Beta, 1.4.2.1_Beta, and 1.4.4_Beta devices CVE-2015-2051 D-Link DIR-645 Wired/Wireless Router Rev. Ax with firmware 1.04b12 and earlier CVE-2016-1555 Netgear WN604 before 3.3.3

IoT

IoT Firmware Malware Wireless

D-Link addressed 5 flaws on some router models, some of them reached EoL

Security Affairs

JULY 25, 2020

The vendor pointed out that DAP-1522 and DIR-816L models that have reached their “end of support” phase, this means that these devices running firmware versions v1.42 (and below) and v12.06.B09 Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Firmware

Firmware Advertising Authentication Hacking

xHelper, the Unkillable Android malware that re-Installs after factory reset

Security Affairs

APRIL 7, 2020

Upon the installation, the malicious app registers itself as a foreground service and extracts an encrypted payload that gathers information about the victim’s device (android_id, manufacturer, model, firmware version, etc.) In this case, reflashing is pointless, so it would be worth considering alternative firmwares for your device.

Malware

Malware Firmware Manufacturing Advertising

BadPower attack could burn your device through fast charging

Security Affairs

JULY 21, 2020

Researchers devised a technique dubbed BadPower to alter the firmware of fast chargers to cause damage to connected systems or cause the device to catch fire. BadPower consists of corrupting the firmware of fast chargers. “Most BadPower problems can be fixed by updating the device firmware.”

Firmware

Firmware Manufacturing Advertising Hacking

Researchers found allegedly intentional backdoors in FTTH devices from Chinese vendor C-Data

Security Affairs

JULY 10, 2020

The backdoor accounts in the firmware of 29 FTTH Optical Line Termination (OLT) devices from popular vendor C-Data. The security duo, composed of Pierre Kim and Alexandre Torres, disclosed seven vulnerabilities in the firmware of FTTH OLT devices manufactured by C-Data. ” reads the analysis published by the experts.

Firmware

Firmware Accountability Advertising Manufacturing

Botnet operators target multiple zero-day flaws in LILIN DVRs

Security Affairs

MARCH 23, 2020

Netlab shared its findings with LILIN on January 19, 2020, and the vendor addressed the issues with the release of the firmware update (version 2.0b60_20200207). The new firmware released by the vendors validated the hostname passed as input to prevent command execution. ” reads the advisory published by Netlab.

Firmware

Firmware Surveillance Manufacturing Advertising

Tails OS version 4.5 supports the Secure Boot

Security Affairs

APRIL 10, 2020

Errata C specification (or higher), when the Secure Boot is enabled the OS is loaded only after all the firmware checks pass. Until today, users who wanted to use Tails operating system on their machine had to disable the Secure Boot, opening the door to firmware attacks. The security feature is part of the UEFI 2.3.1

Firmware

Firmware Advertising Encryption Internet

New Ttint IoT botnet exploits two zero-days in Tenda routers

Security Affairs

OCTOBER 5, 2020

According to the experts, Tenda routers running a firmware version between AC9 to AC18 are vulnerable to the attack. “We recommend that Tenda router users check their firmware and make necessary update.” ” ~ Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

IoT

IoT Firmware Advertising DNS

Hackers target zero-day flaws in enterprise Draytek network devices

Security Affairs

MARCH 28, 2020

On February 10, 2020, the Taiwanese manufacturer DrayTek issued a security bulletin to address the vulnerability with the release of the firmware program 1.5.1. On the 6th Feb, we released an updated firmware to address this issue.” firmware or later. .” firmware or later. ” reads the security bulletin.

Firmware

Firmware VPN Accountability Advertising

Intel addresses high severity flaw in Processor Diagnostic Tool

Security Affairs

JULY 11, 2019

The second vulnerability addressed by Intel affects SSD DC S4500/S4600 series firmware, it could be exploited by an attacker with physical access for privilege escalation. The flaw has been classified as “medium severity,” it affects firmware versions prior to SCV10150. ” reads the analysis published by Intel. Pierluigi Paganini.

Firmware

Firmware Advertising Authentication Hacking

WAGO Industrial Switches affected by multiple flaws

Security Affairs

JUNE 13, 2019

The company has already fixed the issues with the release of firmware versions 1.2.2.S0, “The industrial managed switch series 852 from WAGO is affected by multiple vulnerabilities such as old software components embedded in the firmware. The expert also found hardcoded private keys for the SSH daemon in the device’s firmware.

Firmware

Firmware Passwords Advertising IoT

QSnatch malware infected over 62,000 QNAP NAS Devices

Security Affairs

JULY 28, 2020

The experts observed that once a device has been infected, the malicious code can prevent the installation of firmware updates. The two agencies urge organizations to ensure their devices have not been previously infected, they recommend a full factory reset of the device before performing the firmware upgrade.

Malware

Malware Firmware Advertising Manufacturing

Hacking IoT & RF Devices with BürtleinaBoard

Security Affairs

JULY 28, 2020

Flashing Firmware: Flashing BUSSide firmware inside the NodeMCU is quick and easy: # apt-get install esptool # git clone [link] # esptool --port /dev/ttyUSB0 write_flash 0x00000 BUSSide/FirmwareImages/*.bin. his majesty, the Firmware). In a couple of minutes you should get extracted the firmware. What do you do?

IoT

IoT Hacking Firmware Advertising

Yubico is replacing for free YubiKey FIPS devices due to security weakness

Security Affairs

JUNE 14, 2019

of the firmware. “An issue exists in the YubiKey FIPS Series devices with firmware version 4.4.2 there is no released firmware version 4.4.3) Yubico discovered the flaw in March and addressed it with the release of the firmware version 4.4.5 “The issue only affects certain use cases and scenarios. .

Firmware

Firmware Advertising Passwords Authentication

Guardzilla Security Video System Footage exposed online

Security Affairs

DECEMBER 29, 2018

The vulnerability lies within the design and implementation of Amazon Simple Storage Service (S3) credentials inside the Guardzilla Security Camera firmware.” This was determined through static analysis of the firmware shipping with the device. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Firmware

Firmware Surveillance IoT Passwords

79 Netgear router models affected by a dangerous Zero-day

Security Affairs

JUNE 18, 2020

Nichols discovered that the vulnerability affects 758 different firmware versions that run on 79 Netgear routers. Oldest firmware versions have been released as far back as 2007. The expert discovered the vulnerability in the web server component that is implemented in vulnerable Netgear router firmware. Pierluigi Paganini.

Firmware

Firmware Internet Internet Advertising

Both Mirai and Hoaxcalls IoT botnets target Symantec Web Gateways

Security Affairs

MAY 19, 2020

which is a product that became end-of-life (EOL) in 2015 and end-of-support-life (EOSL) in 2019.” “There is no evidence to support any other firmware versions are vulnerable at this point in time and these findings have been shared with Symantec.” ” reads the analysis published by Palo Alto Networks.

IoT

IoT DDOS Authentication Advertising

Expert found multiple critical issues in MoFi routers

Security Affairs

SEPTEMBER 8, 2020

“Several firmware versions have been released, but some of the vulnerabilities have not been fully patched.” ” The vendor has released roughly 10 firmware updates since the vulnerabilities have been reported. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Firmware

Firmware Wireless Authentication Advertising

10-year-old vulnerability in Avaya VoIP Phones finally fixed

Security Affairs

AUGUST 10, 2019

“The bug affecting the open source software was reported in 2009, yet its presence in the phone’s firmware remained unnoticed until now. Avaya addressed the issue with the release of new firmware on June 25. Affected models are 9600 Series, J100 Series or B189 running firmware version 6.8.1 Only the H.323

Firmware

Firmware IoT Advertising Software

Router Vulnerability and the VPNFilter Botnet

Schneier on Security

JUNE 11, 2018

One, a piece of the code is identical to one found in another piece of malware, called BlackEnergy , that was used in the December 2015 attack against Ukraine's power grid. If you want to make sure your router cannot be reinfected, you need to update the firmware with any security patches from the manufacturer.

Malware

Malware Firmware Internet Internet

Infecting Canon EOS DSLR camera with ransomware over the air

Security Affairs

AUGUST 12, 2019

Searching online the expert first found an encrypted firmware, he found on a forum a Portable ROM Dumper , (a custom firmware update file that once loaded, dumps the memory of the camera into the SD Card) that allowed him to dump the camera’s firmware and load it into his disassembler (IDA Pro). Pierluigi Paganini.

Ransomware

Ransomware Firmware Wireless Encryption

SonicWall released patch for actively exploited SMA 100 zero-day

Security Affairs

FEBRUARY 4, 2021

SonicWall this week released firmware updates (version 10.2.0.5-29sv) “SonicWall is announcing the availability of an SMA 100 series firmware 10.2.0.5-29sv We have confirmed that the Shellshock attack has been mitigated by patches that we released in 2015. 29sv update to patch a zero-day vulnerability on SMA 100 series 10.x

Firmware

Firmware Mobile Media Internet

Experts found undocumented access feature in Siemens SIMATIC PLCs

Security Affairs

NOVEMBER 17, 2019

The researchers focused their analysis on the firmware integrity verification process implemented in the Siemens SIMATIC S7-1200 PLC. The attacker could access the feature by sending a special command via the universal asynchronous receiver-transmitter (UART) interface the boot process, before the PLC firmware is loaded.

Firmware

Firmware Advertising Manufacturing Risk

Flaws in device drivers from 20 vendors allow hackers to install a persistent backdoor

Security Affairs

AUGUST 11, 2019

Experts at firmware security firm Eclypsium have conducted a study on the device drivers from major vendors and discovered serious issues in over 40 drivers from 20 companies. “ a vulnerable driver could also give an attacker access to the “negative” firmware rings that lie beneath the operating system. Pierluigi Paganini.

Firmware

Firmware Malware Advertising Technology

Updates provided by Red Hat for BootHole cause systems to hang

Security Affairs

JULY 31, 2020

This week, firmware security company Eclypsium reported that billions of Windows and Linux devices are affected by a serious GRUB2 bootloader issue (CVE-2020-10713), dubbed BootHole , that can be exploited to install a stealthy malware. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Firmware

Firmware Advertising Hacking Malware

HP bug bounty programs now covers flaws in cartridges

Security Affairs

OCTOBER 3, 2020

“The program underscores HP’s commitment to delivering defense-in-depth across all aspects of printing—including supply chain, cartridge chip, cartridge packaging, firmware and printer hardware.” The company pointed out that non-HP supplies could include chips of unknown origin that may run untrusted firmware.

Firmware

Firmware Advertising Hacking Cybersecurity

Western Digital: Disconnect My Book Live drives immediately

SC Magazine

JUNE 25, 2021

Western Digital stopped supporting My Live drives in 2015, and have not updated their firmware since. Western Digital stopped supporting My Live drives in 2015, and have not updated their firmware since then. Hackers appeared to be taking advantage of a vulnerability first published in 2019. AnneElizH/CC BY-SA 4.0/[link].

Firmware

Firmware Media Internet Internet

Cable Haunt flaw exposes 200M+ Broadcom-based cable modems at remote hijacking

Security Affairs

JANUARY 10, 2020

A flaw, dubbed Cable Haunt, in Broadcom’s cable modem firmware exposed as many as 200 million home broadband gateways in Europe alone, at risk of remote hijackings. With almost no cable modem tested being secure without a firmware update, the number of modems initially vulnerable in Europe is estimated to be close to this number.”

Firmware

Firmware DNS Manufacturing Advertising

A daily average of 80,000 printers exposed online via IPP

Security Affairs

JUNE 23, 2020

This info includes printer names, locations, models, firmware versions, organization names, and even WiFi network names. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. ” continues the report. . Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Internet

Internet Internet Firmware Advertising

MY TAKE: Why locking down ‘firmware’ has now become the next big cybersecurity challenge

Unsigned Firmware running on peripherals could expose Windows, Linux systems to hack

Trending Sources

Another 0-Day Looms for Many Western Digital Users

QNAP urges users to update NAS firmware and app to prevent infections

Intel addresses High-Severity flaws in NUC Firmware and other tools

Flaws in firmware expose almost any modern PC to Cold Boot Attacks

D-Link releases a security firmware update that only fixes 3 out 6 issues in DIR-865L home routers

Netgear fixes a critical RCE that could allow to takeover Flagship Nighthawk routers

Second-ever UEFI rootkit used in North Korea-themed attacks

NSA publishes guidance on UEFI Secure Boot customization

MyBook Users Urged to Unplug Devices from Internet

CVE-2019-0090 flaw affects Intel Chips released in the last 5 years

HP releases firmware updates for two critical RCE flaws in Inkjet Printers

Researchers warn of QNAP NAS attacks in the wild

AMD is going to patch UEFI SMM callout privilege escalation flaw

BotenaGo botnet targets millions of IoT devices using 33 exploits

D-Link addressed 5 flaws on some router models, some of them reached EoL

xHelper, the Unkillable Android malware that re-Installs after factory reset

BadPower attack could burn your device through fast charging

Researchers found allegedly intentional backdoors in FTTH devices from Chinese vendor C-Data

Botnet operators target multiple zero-day flaws in LILIN DVRs

Tails OS version 4.5 supports the Secure Boot

New Ttint IoT botnet exploits two zero-days in Tenda routers

Hackers target zero-day flaws in enterprise Draytek network devices

Intel addresses high severity flaw in Processor Diagnostic Tool

WAGO Industrial Switches affected by multiple flaws

QSnatch malware infected over 62,000 QNAP NAS Devices

Hacking IoT & RF Devices with BürtleinaBoard

Yubico is replacing for free YubiKey FIPS devices due to security weakness

Guardzilla Security Video System Footage exposed online

79 Netgear router models affected by a dangerous Zero-day

Both Mirai and Hoaxcalls IoT botnets target Symantec Web Gateways

Expert found multiple critical issues in MoFi routers

10-year-old vulnerability in Avaya VoIP Phones finally fixed

Router Vulnerability and the VPNFilter Botnet

Infecting Canon EOS DSLR camera with ransomware over the air

SonicWall released patch for actively exploited SMA 100 zero-day

Experts found undocumented access feature in Siemens SIMATIC PLCs

Flaws in device drivers from 20 vendors allow hackers to install a persistent backdoor

Updates provided by Red Hat for BootHole cause systems to hang

HP bug bounty programs now covers flaws in cartridges

Western Digital: Disconnect My Book Live drives immediately

Cable Haunt flaw exposes 200M+ Broadcom-based cable modems at remote hijacking

A daily average of 80,000 printers exposed online via IPP

Stay Connected