2018 and Firmware - Cyber Security Informer

Android devices shipped with backdoored firmware as part of the BADBOX network

Security Affairs

OCTOBER 8, 2023

Researchers warn that more than 70,000 Android smartphones, CTV boxes, and tablets were shipped with backdoored firmware as part of BADBOX network. Cybersecurity researchers at Human Security discovered a global network of consumer products, dubbed BADBOX, with firmware backdoors installed and sold through a compromised hardware supply chain.

Firmware

Firmware Mobile Malware Retail

MY TAKE: Why locking down ‘firmware’ has now become the next big cybersecurity challenge

The Last Watchdog

JUNE 10, 2019

Locking down firmware. Starks Federal Communications Commission member Geoffrey Starks recently alluded to the possibility that China may have secretly coded the firmware in Huawei’s equipment to support cyber espionage and cyber infrastructure attacks. telecoms by Chinese tech giant Huawei.

Firmware

Firmware Cybersecurity Technology Engineering

SHARED INTEL: How ‘memory attacks’ and ‘firmware spoilage’ circumvent perimeter defenses

The Last Watchdog

NOVEMBER 20, 2019

Related: Ransomware remains a scourge The former has been accused of placing hidden backdoors in the firmware of equipment distributed to smaller telecom companies all across the U.S. percent from 2018. Firmware is on everything from hard drives, motherboards and routers to office printers and smart medical devices.

Firmware

Firmware Hacking Software Surveillance

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

37 hardware and firmware vulnerabilities: A guide to the threats

CSO Magazine

AUGUST 11, 2022

In January 2018, the entire computer industry was put on alert by two new processor vulnerabilities dubbed Meltdown and Spectre that defeated the fundamental OS security boundaries separating kernel and user space memory.

Firmware

Firmware Manufacturing

Update now! ASUS fixes nine security flaws

Malwarebytes

JUNE 19, 2023

ASUS has released firmware updates for several router models fixing two critical and several other security issues. You will find the latest firmware available for download from the ASUS support page or the appropriate product page. The Asuswrt-Merlin New Gen is an open source firmware alternative for Asus routers.

Firmware

Firmware VPN Risk Cybersecurity

MyBook Users Urged to Unplug Devices from Internet

Krebs on Security

JUNE 25, 2021

The My Book Live and My Book Live Duo devices received its final firmware update in 2015. ” Western Digital’s brief advisory includes a link to an entry in the National Vulnerability Database for CVE-2018-18472. Examine the CVE attached to this flaw and you’ll notice it was issued in 2018.

Internet

Internet Internet Backups Small Business

ASUS addressed critical flaws in some router models

Security Affairs

JUNE 19, 2023

ASUS addressed critical vulnerabilities in multiple router models, urging customers to immediately install firmware updates. ASUS is warning customers to update some router models to the latest firmware to address critical vulnerabilities. CVE-2018-1160 is an out-of-bounds write issue that resides in dsi_opensess.c.

Firmware

Firmware VPN Wireless Passwords

How to hack Wincor Cineo ATMs to bypass black-box attack protections and withdraw cash

Security Affairs

NOVEMBER 1, 2021

An attacker with access to the dispenser controller’s USB port can install an outdated or modified firmware version to bypass the encryption and make cash withdrawals. A research published by Positive Technologies in 2018 revealed that 69 percent of ATMs were vulnerable to such attacks and could be easily hacked in a few minutes.

Hacking

Hacking Firmware Encryption Manufacturing

Devices from Dell, HP, and Lenovo used outdated OpenSSL versions

Security Affairs

NOVEMBER 25, 2022

The researchers discovered the issue by analyzing firmware images used devices from the above manufacturers. The experts analyzed one of the core frameworks EDKII used as a part of any UEFI firmware which has its own submodule and wrapper over the OpenSSL library ( OpensslLib ) in the CryptoPkg component. that dates back to 2009.

Firmware

Firmware Manufacturing Hacking Software

HP releases firmware updates for two critical RCE flaws in Inkjet Printers

Security Affairs

AUGUST 6, 2018

HP has released firmware updates that address two critical remote code execution vulnerabilities in some models of inkjet printers. HP has released firmware updates to address two critical RCE flaws affecting some Inkjet printers. Go to the Upgrading Printer Firmware page and follow the instructions provided to install the firmware.

Firmware

Firmware Advertising Software Hacking

Measuring the Security of IoT Devices

Schneier on Security

OCTOBER 3, 2019

Data Collected: 22 Vendors 1,294 Products 4,956 Firmware versions 3,333,411 Binaries analyzed Date range of data: 2003-03-24 to 2019-01-24 (varies by vendor, most up to 2018 releases). [.]. They look at the actual firmware. It represents a wide range of either found in the home, enterprise or government deployments.

IoT

IoT Firmware Data collection Architecture

Netgear fixes a critical RCE that could allow to takeover Flagship Nighthawk routers

Security Affairs

MARCH 8, 2020

Netgear has addressed a critical remote code execution vulnerability that could be exploited by an unauthenticated attacker to take over AC Router Nighthawk (R7800) hardware running firmware versions prior to 1.0.2.68. NETGEAR strongly recommends that you download the latest firmware as soon as possible.”

Firmware

Firmware Wireless Advertising Authentication

BotenaGo botnet targets millions of IoT devices using 33 exploits

Security Affairs

NOVEMBER 11, 2021

Ax with firmware 1.04b12 and earlier CVE-2016-1555 Netgear WN604 before 3.3.3 CVE-2017-6077 NETGEAR DGN2200 devices with firmware through 10.0.0.50 Beta, D6220, D6400, D7000 CVE-2018-10561, CVE-2018-10562 GPON home routers CVE-2013-3307 Linksys X3000 1.0.03 CVE-2018-10088 XiongMai uc-httpd 1.0.0 A2pvI042j1.d26m

IoT

IoT Firmware Malware Wireless

New tech on SSDs to stop ransomware spread

CyberSecurity Insiders

SEPTEMBER 10, 2021

Presenting their find at the IEEE International Conference on Distributed Computing Systems in 2018, a team of researchers refined their invention even further that led to the innovation of a firmware that blocks ransomware from encrypting data on a computer network.

Ransomware

Ransomware Firmware Antivirus Encryption

Experts found 9 NAS flaws that expose LenovoEMC, Iomega Devices to hack

Security Affairs

OCTOBER 3, 2018

The vulnerabilities are traked as CVE-2018-9074 , CVE-2018-9075 , CVE-2018-9076 , CVE-2018-9077 , CVE-2018-9078 , CVE-2018-9079 , CVE-2018-9080 , CVE-2018-9081 and CVE-2018-9082. 20 and publicly disclosed the vulnerabilities on September 30. Pierluigi Paganini.

Hacking

Hacking Firmware Advertising Backups

US and UK link new Cyclops Blink malware to Russian state hackers?

Security Affairs

FEBRUARY 23, 2022

Cyclops Blink is believed to be a replacement for the VPNFilter botnet, which was first exposed in 2018 and at the time was composed of more than 500,000 compromised routers and network-attached storage (NAS) devices. The malware leverages the firmware update process to achieve persistence.

Malware

Malware Firmware Architecture Firewall

New Cring ransomware deployed targeting unpatched Fortinet VPN devices

Security Affairs

APRIL 7, 2021

Attackers are actively exploiting the CVE-2018-13379 flaw in Fortinet VPN to deploy the Cring ransomware to organizations in the industrial sector. “The primary causes of the incident include the use of an outdated and vulnerable firmware version on the Fortigate VPN server (version 6.0.2 ” continues Kaspersky.

VPN

VPN Ransomware Antivirus Firmware

ESET warns of three flaws that affect over 100 Lenovo notebook models

Security Affairs

APRIL 19, 2022

Lenovo warns of vulnerabilities in its Unified Extensible Firmware Interface (UEFI) shipped with at least 100 notebook models. The vulnerabilities affecting the Lenovo UEFI result from the use of two UEFI firmware drivers, named SecureBackDoor and SecureBackDoorPeim respectively. ” reads the advisory published by Lenovo.

Firmware

Firmware Manufacturing Hacking Cybersecurity

AT&T Alien Labs finds new Golang malware (BotenaGo) targeting millions of routers and IoT devices with more than 30 exploits

CyberSecurity Insiders

NOVEMBER 11, 2021

Ax with firmware 1.04b12 and earlier. NETGEAR DGN2200 devices with firmware through 10.0.0.50. CVE-2018-10561, CVE-2018-10562. CVE-2018-10088. Multiple ZyXEL network-attached storage (NAS) devices running firmware version 5.2, Affected products include: NAS326 before firmware V5.21(AAZF.7)C0

Malware

Malware IoT Firmware Authentication

A new Zerobot variant spreads by exploiting Apache flaws

Security Affairs

DECEMBER 22, 2022

the malware operators have removed CVE-2018-12613, a phpMyAdmin vulnerability that could allow threat actors to view or execute files. Maintain device health with updates: Make sure devices are up to date with the latest firmware and patches. . “Since the release of Zerobot 1.1, ” reads the analysis published by Microsoft.

IoT

IoT DDOS Malware Firmware

Beastmode Mirai botnet now includes exploits for Totolink routers

Security Affairs

APRIL 2, 2022

The threat actors added TOTOLINK exploits just a week after the exploit codes were publicly released on GitHub in the attempt to compromise the largest number of devices as possible before the owners upgrade to the latest firmware releases. TOTOLINK has already addressed these flaws with the release of new firmware for vulnerable devices.

DDOS

DDOS Firmware Surveillance IoT

335,923 out of 489,337 Fortinet firewalls vulnerable to CVE-2023-27997

Security Affairs

JULY 3, 2023

For this reason, if the customer has SSL-VPN enabled, Fortinet is advising customers to take immediate action to upgrade to the most recent firmware release. Experts recommend organizations using FortiGate firewall, or anything else powered by FortiOS, to follow Fortinet’s advisory for this issue and upgrade their firmware immediately.

Firewall

Firewall VPN Firmware Internet

Cisco says its RV routers will no longer receive updates

Security Affairs

JANUARY 15, 2021

Cisco announced it will no longer release firmware updates to fix 74 vulnerabilities affecting its RV routers, which reached end-of-life (EOL). Cisco will no longer release firmware updates to address 74 vulnerabilities affecting some of its RV routers that reached end-of-life (EOL). ” reads the advisory.

Small Business

Small Business Firmware Software Hacking

Decoding Security 127: We Got Conned

SiteLock

AUGUST 27, 2021

Up next, Black Hat, one of the world’s largest information security conferences, took place in early August 2018 in Sin City. A topic of importance came from Kryptowire, a mobile security research firm that found firmware vulnerabilities in as many as 10 million Android devices in the United States that have remote escalation privileges.

Small Business

Small Business Artificial Intelligence Firmware IoT

HP bug bounty programs now covers flaws in cartridges

Security Affairs

OCTOBER 3, 2020

“The program underscores HP’s commitment to delivering defense-in-depth across all aspects of printing—including supply chain, cartridge chip, cartridge packaging, firmware and printer hardware.” HP covered printers in its bug bounty program since 2018 paying rewards that range between $500 and $10,000 per flaw.

Firmware

Firmware Advertising Hacking Cybersecurity

Cyclops Blink malware: US and UK authorities issue alert

Malwarebytes

FEBRUARY 24, 2022

But the NCSC warns that it is likely that Sandworm is capable of compiling the same or very similar malware for other architectures and firmware. When it comes to infected appliances, Cyclops Blink persists on reboot and throughout the legitimate firmware update process.

Malware

Malware Firewall Firmware DDOS

Guardzilla Security Video System Footage exposed online

Security Affairs

DECEMBER 29, 2018

. “During the 0DAYALLDAY Research Event a vulnerability was discovered ( CVE-2018-5560 ) in the Guardzilla Security Video System Model #: GZ521W. The vulnerability lies within the design and implementation of Amazon Simple Storage Service (S3) credentials inside the Guardzilla Security Camera firmware.”

Firmware

Firmware Surveillance IoT Passwords

QSnatch malware infected over 62,000 QNAP NAS Devices

Security Affairs

JULY 28, 2020

The first campaign likely began in early 2014 and continued until mid-2017, while the second started in late 2018 and was still active in late 2019. The experts observed that once a device has been infected, the malicious code can prevent the installation of firmware updates. ” reads the alert.

Malware

Malware Firmware Advertising Manufacturing

ICS Reconnaissance Attacks – Introduction to Exploiting Modbus

IT Security Guru

SEPTEMBER 27, 2023

Securing and attacking Modbus has therefore been a topic for years, and it was first in 2018 that the Modbus Security protocol (MSP) was published, nearly 40 years after the initial introduction of Modbus. To help mitigate this issue, the Modbus Security Protocol was developed and released in 2018.

Authentication

Authentication Firmware Firewall Network Security

Tens of flaws in Samsung SmartThings Hub expose smart home to attack

Security Affairs

JULY 29, 2018

“Cisco Talos recently discovered several vulnerabilities present within the firmware of the Samsung SmartThings Hub.” Samsung SmartThings Hub runs a Linux-based firmware and allows for communications with various IoT devices using various wireless standards Zigbee, Z-Wave, and Bluetooth. RCE Chain – CVE-2018-3911.

Firmware

Firmware IoT Advertising Wireless

Simplifying Titan Security Key options for our users

Google Security

AUGUST 9, 2021

In 2018, Google introduced the Titan Security Key as a direct defense against credential phishing. All Titan Security Keys are built with a hardware secure element chip that includes firmware engineered by Google to verify the key’s integrity. These keys will be available for all users starting tomorrow, August 10.

Mobile

Mobile Phishing Firmware Retail

Cisco ASA is affacted by a privilege escalation flaw. Patch it now!

Security Affairs

DECEMBER 23, 2018

A privilege escalation vulnerability tracked as CVE-2018-15465 affects the Cisco Adaptive Security Appliance (ASA) software. The flaw was discovered by experts at Tenable that explained that an authenticated remote unprivileged user can change or download the running configuration or replace the appliance firmware where they shouldn’t.

Firmware

Firmware Authentication Software Advertising

BLEEDINGBIT Bluetooth flaws in TI chips expose enterprises to remote attacks

Security Affairs

NOVEMBER 1, 2018

The BLEEDINGBIT vulnerabilities affect several Texas Instruments chips, the CVE-2018-16986 flaw affects CC2640 and CC2650 chips running BLE-STACK 2.2.1 “The security vulnerability for CVE-2018-16986 is present in these TI chips when scanning is used (e.g. to address the CVE-2018-16986 flaw. or earlier.

Firmware

Firmware Manufacturing IoT Mobile

STEPS FORWARD: Regulators are on the move to set much needed IoT security rules of the road

The Last Watchdog

SEPTEMBER 5, 2023

In 2018, UK regulators got the regulatory ball rolling taking steps that would eventually result in mandated minimum requirements for IoT data storage, communications and firmware update capabilities. other European nations and Singapore soon began moving in this direction, as well.

IoT

IoT Government Internet Internet

Sony Bravia Smart TVs affected by a critical vulnerability

Security Affairs

OCTOBER 6, 2018

The most severe vulnerability tracked as CVE-2018-16593 is a command-injection flaw that resides in the Sony application Photo Sharing Plus that allows users to share multimedia content from their mobile devices via Sony Smart TVs. . Click the Firmware update link for details about how to check the software version.

Wireless

Wireless IoT Advertising Firmware

Hacking the infotainment system used in Mercedes-Benz cars

Security Affairs

MAY 19, 2021

The experts focused their analysis on the Mercedes-Benz User Experience (MBUX) infotainment system, which was first presented by the carmaker in 2018. Four vulnerabilities could be exploited by attackers remotely control some functions of the vehicle, fortunately, none could be used to control physical features of the cars.

Hacking

Hacking Firmware Engineering Software

U.S. Organizations Continue to Use Banned Chinese Tech

SecureWorld News

SEPTEMBER 30, 2021

CISA encourages users and administrators to review Hikvision's Security Advisory HSRC-202109-01 and apply the latest firmware updates. In 2018, the U.S. See security researcher Watchful IP's technical blogpost for more information.". agencies and organizations using Chinese technology. still using banned Chinese tech.

Firmware

Firmware Surveillance Government Technology

Experts demonstrate how to unlock several Honda models via Rolling-PWN attack

Security Affairs

JULY 10, 2022

But the recommended mitigation strategy is to upgrade the vulnerable BCM firmware through Over-the-Air (OTA) Updates if feasible. However, some old vehicles may not support OTA.” ” the experts recommended. Follow me on Twitter: @securityaffairs and Facebook.

Firmware

Firmware Marketing Engineering Hacking

Spectre and Meltdown Attacks Against Microprocessors

Schneier on Security

JANUARY 5, 2018

The second is that some of the patches require updating the computer's firmware. In November, Intel released a firmware update to fix a vulnerability in its Management Engine (ME): another flaw in its microprocessors. 2018 will be the year of microprocessor vulnerabilities, and it's going to be a wild ride.

Firmware

Firmware Software Engineering Phishing

A daily average of 80,000 printers exposed online via IPP

Security Affairs

JUNE 23, 2020

This info includes printer names, locations, models, firmware versions, organization names, and even WiFi network names. In December 2018, the TheHackerGiraffe used the Printer Exploitation Toolkit (PRET) to hijack +50k vulnerable printers to Promote PewDiePie YouTube Channel. ” continues the report. .

Internet

Internet Internet Firmware Advertising

TP-Link fixes 2 Remote Code Execution flaws in TL-R600VPN SOHO Router and other issues

Security Affairs

NOVEMBER 20, 2018

The vulnerabilities are two remote code execution (RCE) flaws(CVE-2018-3950, CVE-2018-3951), a denial-of-service issue (CVE-2018-3948), and a server information disclosure bug (CVE-2018-394). The CVE-2018-3948 DoS flaw affects the URI-parsing function of the TL-R600VPN HTTP server.

Authentication

Authentication Advertising Firmware Hacking

Security Affairs newsletter Round 180 – News of the week

Security Affairs

SEPTEMBER 16, 2018

Once again thank you! · Domestic Kitten – An Iranian surveillance operation under the radar since 2016. · The main source of infection on ICS systems was the internet in H1 2018. · A growing number of iOS apps collect and sell location data. · Chinese LuckyMouse APT has been using a digitally signed network filtering driver in recent (..)

Firmware

Firmware Advertising Surveillance Data breaches

ZoomEye IoT search engine cached login passwords for tens of thousands of Dahua DVRs

Security Affairs

JULY 16, 2018

Anubhav explained that the passwords are related to Dahua DVRs running very old firmware that is known to be affected by a five-year-old vulnerability tracked as CVE-2013-6117. Even if the vulnerability has been patched, many Dahua devices are still running ancient firmware. — Ankit Anubhav (@ankit_anubhav) July 13, 2018.

IoT

IoT Engineering Passwords Firmware

Cybersecurity Agencies Reveal the Top Exploited Vulnerabilities of 2021

eSecurity Planet

APRIL 28, 2022

CVE-2018-13379. CVE-2018-0171. It suggests that companies should use a centralized patch management system while regularly updating their software, applications, operating systems, and firmware on IT network assets. Microsoft Netlogon Remote Protocol (MS-NRPC). Elevation of privilege. CVE-2020-0688. CVE-2019-11510.

Cybersecurity

Cybersecurity Software Firmware Internet

Android devices shipped with backdoored firmware as part of the BADBOX network

MY TAKE: Why locking down ‘firmware’ has now become the next big cybersecurity challenge

Webinars

Trending Sources

SHARED INTEL: How ‘memory attacks’ and ‘firmware spoilage’ circumvent perimeter defenses

Webinars

37 hardware and firmware vulnerabilities: A guide to the threats

Update now! ASUS fixes nine security flaws

MyBook Users Urged to Unplug Devices from Internet

ASUS addressed critical flaws in some router models

How to hack Wincor Cineo ATMs to bypass black-box attack protections and withdraw cash

Devices from Dell, HP, and Lenovo used outdated OpenSSL versions

HP releases firmware updates for two critical RCE flaws in Inkjet Printers

Measuring the Security of IoT Devices

Netgear fixes a critical RCE that could allow to takeover Flagship Nighthawk routers

BotenaGo botnet targets millions of IoT devices using 33 exploits

New tech on SSDs to stop ransomware spread

Experts found 9 NAS flaws that expose LenovoEMC, Iomega Devices to hack

US and UK link new Cyclops Blink malware to Russian state hackers?

New Cring ransomware deployed targeting unpatched Fortinet VPN devices

ESET warns of three flaws that affect over 100 Lenovo notebook models

AT&T Alien Labs finds new Golang malware (BotenaGo) targeting millions of routers and IoT devices with more than 30 exploits

A new Zerobot variant spreads by exploiting Apache flaws

Beastmode Mirai botnet now includes exploits for Totolink routers

335,923 out of 489,337 Fortinet firewalls vulnerable to CVE-2023-27997

Cisco says its RV routers will no longer receive updates

Decoding Security 127: We Got Conned

HP bug bounty programs now covers flaws in cartridges

Cyclops Blink malware: US and UK authorities issue alert

Guardzilla Security Video System Footage exposed online

QSnatch malware infected over 62,000 QNAP NAS Devices

ICS Reconnaissance Attacks – Introduction to Exploiting Modbus

Tens of flaws in Samsung SmartThings Hub expose smart home to attack

Simplifying Titan Security Key options for our users

Cisco ASA is affacted by a privilege escalation flaw. Patch it now!

BLEEDINGBIT Bluetooth flaws in TI chips expose enterprises to remote attacks

STEPS FORWARD: Regulators are on the move to set much needed IoT security rules of the road

Sony Bravia Smart TVs affected by a critical vulnerability

Hacking the infotainment system used in Mercedes-Benz cars

U.S. Organizations Continue to Use Banned Chinese Tech

Experts demonstrate how to unlock several Honda models via Rolling-PWN attack

Spectre and Meltdown Attacks Against Microprocessors

A daily average of 80,000 printers exposed online via IPP

TP-Link fixes 2 Remote Code Execution flaws in TL-R600VPN SOHO Router and other issues

Security Affairs newsletter Round 180 – News of the week

ZoomEye IoT search engine cached login passwords for tens of thousands of Dahua DVRs

Cybersecurity Agencies Reveal the Top Exploited Vulnerabilities of 2021

Stay Connected