2019, Architecture, Firmware and Information Security

2019

Architecture

Firmware

Information Security

CVE-2019-0090 flaw affects Intel Chips released in the last 5 years

Security Affairs

MARCH 7, 2020

A new vulnerability, tracked as CVE-2019-0090 , affects all Intel chips that could allow attackers to bypass every hardware-enabled security technology. Security experts from Positive Technologies warn of a new vulnerability, tracked as CVE-2019-0090, that affects all Intel processors that were released in the past 5 years.

Firmware

Firmware Technology Advertising Authentication

AMD is going to patch UEFI SMM callout privilege escalation flaw

Security Affairs

JUNE 22, 2020

AMD is going to release patches for a flaw affecting the System Management Mode (SMM) of the Unified Extensible Firmware Interface (UEFI). The vulnerability was discovered by the security researcher Danny Odler, it resides in the AMD’s Mini PC could allow attackers to manipulate secure firmware and execute arbitrary code.

Firmware

Firmware Architecture Advertising Manufacturing

Join 29,000+

Insiders

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

Trending Sources

Second-ever UEFI rootkit used in North Korea-themed attacks

Security Affairs

OCTOBER 5, 2020

The experts were investigating several suspicious UEFI firmware images when discovered four components, some of which were borrowing the source code a Hacking Team spyware. The firmware malware is based on code associated with HackingTeam’s VectorEDK bootkit, with minor changes. ” concludes the report.

Firmware

Firmware Spyware Surveillance Hacking

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

US and UK link new Cyclops Blink malware to Russian state hackers?

Security Affairs

FEBRUARY 23, 2022

The Cyclops Blink malware has been active since at least June 2019, it targets WatchGuard Firebox and other Small Office/Home Office (SOHO) network devices. ” reads the advisory published by the UK National Cyber Security Centre. The malware leverages the firmware update process to achieve persistence.

Malware

Malware Firmware Architecture Firewall

Pink Botnet infected over 1.6 Million Devices, it is one of the largest botnet ever seen

Security Affairs

NOVEMBER 1, 2021

The number of infected devices is impressive, on 2019-11-30 a trusted security partner in the US informed Qihoo 360’s Netlab Cybersecurity reported to have observed 1,962,308 unique daily active IPs from the Pink botnet targeting its systems.

Architecture

Architecture DDOS Advertising Firmware

Mozi Botnet is responsible for most of the IoT Traffic

Security Affairs

SEPTEMBER 20, 2020

The Mozi botnet accounted for 90% of the IoT network traffic observed between October 2019 and June 2020, IBM reported. Mozi is an IoT botnet that borrows the code from Mirai variants and the Gafgyt malware , it appeared on the threat landscape in late 2019. ” continues the analysis.

IoT

IoT DDOS Architecture Passwords

A new Zerobot variant spreads by exploiting Apache flaws

Security Affairs

DECEMBER 22, 2022

includes several new flaws, including: Vulnerability Affected software CVE-2017-17105 Zivif PR115-204-P-RS CVE-2019-10655 Grandstream CVE-2020-25223 WebAdmin of Sophos SG UTM CVE-2021-42013 Apache CVE-2022-31137 Roxy-WI CVE-2022-33891 Apache Spark ZSL-2022-5717 MiniDVBLinux. “Since the release of Zerobot 1.1,

IoT

IoT DDOS Malware Firmware

Silex malware bricks thousands of IoT devices in a few hours

Security Affairs

JUNE 26, 2019

Cashdollar (@_larry0) June 25, 2019. The only way to recover infected devices is to manually reinstall the device’s firmware. pic.twitter.com/gUjWCdSIQO — Ankit Anubhav (@ankit_anubhav) June 25, 2019. pic.twitter.com/Ue661ku0fy — Larry W. ” reported ZDnet. The IP address ( 185[.]162[.]235[.]5

IoT

IoT Malware Advertising Firmware

Kali Linux 2024.1 Release (Micro Mirror)

Kali Linux

FEBRUARY 27, 2024

We are lucky to benefit from a very generous sponsorship from Cloudflare since 2019. Kali Blog Recap Since our last release, we did the following blog posts : The great non-free-firmware transition Kali Linux DEI Promise Community Shout-Outs These are people from the public who have helped Kali and the team for the last release.

Software

Software Firmware VPN Internet

A Spectre proof-of-concept for a Spectre-proof web

Google Security

MARCH 12, 2021

Posted by Stephen Röttger and Artur Janc, Information Security Engineers Three years ago, Spectre changed the way we think about security boundaries on the web. We've confirmed that this proof-of-concept, or its variants, function across a variety of operating systems, processor architectures, and hardware generations.

Engineering

Engineering Architecture Software Firmware

McAfee Enterprise ATR Uncovers Vulnerabilities in Globally Used B. Braun Infusion Pump

McAfee

AUGUST 24, 2021

From the 1960’s to 2000 infusion pumps were mostly electromechanical devices with some embedded electronics, but the turn of the century delivered “smarter” devices with better safety mechanisms and the possibility to program them, which slowly opened the door to information security challenges.

Computers and Electronics

Computers and Electronics Authentication Software Risk

Cyber Security Informer

CVE-2019-0090 flaw affects Intel Chips released in the last 5 years

AMD is going to patch UEFI SMM callout privilege escalation flaw

Webinars

Trending Sources

Second-ever UEFI rootkit used in North Korea-themed attacks

Webinars

US and UK link new Cyclops Blink malware to Russian state hackers?

Pink Botnet infected over 1.6 Million Devices, it is one of the largest botnet ever seen

Mozi Botnet is responsible for most of the IoT Traffic

A new Zerobot variant spreads by exploiting Apache flaws

Silex malware bricks thousands of IoT devices in a few hours

Kali Linux 2024.1 Release (Micro Mirror)

A Spectre proof-of-concept for a Spectre-proof web

McAfee Enterprise ATR Uncovers Vulnerabilities in Globally Used B. Braun Infusion Pump

Stay Connected