Advertising, Architecture, Firmware and Information Security

PixieFail: Nine flaws in UEFI open-source reference implementation could have severe impacts

Security Affairs

JANUARY 18, 2024

Unified Extensible Firmware Interface (UEFI) is a specification that defines the architecture of the platform firmware used for booting the computer hardware and its interface for interaction with the operating system. ” states CERT/CC. . ” states CERT/CC.

Firmware

Firmware DNS Advertising Architecture

AMD is going to patch UEFI SMM callout privilege escalation flaw

Security Affairs

JUNE 22, 2020

AMD is going to release patches for a flaw affecting the System Management Mode (SMM) of the Unified Extensible Firmware Interface (UEFI). The vulnerability was discovered by the security researcher Danny Odler, it resides in the AMD’s Mini PC could allow attackers to manipulate secure firmware and execute arbitrary code.

Firmware

Firmware Architecture Advertising Manufacturing

CVE-2019-0090 flaw affects Intel Chips released in the last 5 years

Security Affairs

MARCH 7, 2020

The CVE-2019-0090 vulnerability affects the firmware running on the ROM of the Intel’s Converged Security and Management Engine (CSME). Intel CSME is responsible for initial authentication of Intel-based systems by loading and verifying all other firmware for modern platforms.” x, SPS_E3_05.00.04.027.0.

Firmware

Firmware Technology Advertising Authentication

Second-ever UEFI rootkit used in North Korea-themed attacks

Security Affairs

OCTOBER 5, 2020

The experts were investigating several suspicious UEFI firmware images when discovered four components, some of which were borrowing the source code a Hacking Team spyware. The firmware malware is based on code associated with HackingTeam’s VectorEDK bootkit, with minor changes. ” concludes the report. Pierluigi Paganini.

Firmware

Firmware Spyware Surveillance Hacking

Multiple DDoS botnets were observed targeting Zyxel devices

Security Affairs

JULY 22, 2023

The cause of the vulnerability is the improper error message handling in Zyxel ZyWALL/USG series firmware versions 4.60 through 4.73, VPN series firmware versions 4.60 through 5.35, USG FLEX series firmware versions 4.60 through 5.35, and ATP series firmware versions 4.60 through 5.35.

DDOS

DDOS Firmware VPN Firewall

Pink Botnet infected over 1.6 Million Devices, it is one of the largest botnet ever seen

Security Affairs

NOVEMBER 1, 2021

The botnet was created to launch DDoS attacks and to insert advertisements in the legitimate HTTP traffic of the victims, most of which are in China (96%). The botnet leverages a robust architecture based on a combination of third-party services, P2P, and Command & Control servers. million devices.

Architecture

Architecture DDOS Advertising DNS

Mozi Botnet is responsible for most of the IoT Traffic

Security Affairs

SEPTEMBER 20, 2020

. “Our analysis of this particular sample indicates the file executes on microprocessor without interlocked pipelined stages (MIPS) architecture. This is an extension understood by machines running reduced instruction set computer (RISC) architecture, which is prevalent on many IoT devices.” ” continues the analysis.

IoT

IoT DDOS Architecture Passwords

Lemon Group gang pre-infected 9 million Android devices for fraudulent activities

Security Affairs

MAY 19, 2023

Infected devices were used for multiple malicious activities, including traffic redirections through mobile proxies, info-stealing, click fraud, and social media and online messaging accounts and monetization via advertisements. It will launch intrusive advertisements when victims are using legitimate applications.

Mobile

Mobile Advertising Malware Cybercrime

Expert found a critical RCE zero-day in TP-Link Wi-Fi Extenders

Security Affairs

JUNE 18, 2019

.” The RCE flaw affects TP-Link Wi-Fi Extender models RE365, RE650, RE350 and RE500 running firmware version 1.0.2, The extender operates on the MIPS architecture, like many routers, the zero-day flaw can be triggered. The extender operates on the MIPS architecture, like many routers, the zero-day flaw can be triggered.

Architecture

Architecture Advertising Firmware IoT

Silex malware bricks thousands of IoT devices in a few hours

Security Affairs

JUNE 26, 2019

The only way to recover infected devices is to manually reinstall the device’s firmware. The IoT malware is targeting any Unix-like system with default login credentials, according to Cashdollar it leverages a Bash shell version to target any architecture running a Unix like OS. pic.twitter.com/Ue661ku0fy — Larry W.

IoT

IoT Malware Advertising Firmware

Android Botnet leverages ADB ports and SSH to spread

Security Affairs

JUNE 22, 2019

In order to determine what miner to deliver, the bot collects system information, such as manufacturer, hardware details, and processor architecture. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. The script for a. sh reveals shows that the attackers can choose from three different miners.

Cryptocurrency

Cryptocurrency Malware Advertising Firmware

IoT Secure Development Guide

Pen Test Partners

OCTOBER 9, 2023

There is no concrete method to follow as it will rely on contents of the decomposed design from Step 2, but typical examples might include the following: Intellectual property in the device firmware. Deploy malicious firmware. link] [link] Have a software/firmware update mechanism. Cryptographic keys on the device or pod.

IoT

IoT Firmware Mobile Manufacturing

Mukashi, the new Mirai variant that targets Zyxel NAS

Security Affairs

MARCH 21, 2020

. “ Mukashi brute forces the logins using different combinations of default credentials, while informing its command and control (C2) server of the successful login attempts. Multiple, if not all, Zyxel NAS products running firmware versions up to 5.21 Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

DDOS

DDOS Authentication Advertising Firmware

What is Incident Response? Ultimate Guide + Templates

eSecurity Planet

JULY 25, 2023

Malvertising: Malicious advertisements that are distributed through legitimate ad networks can lead users to infected websites or trigger downloads of malware. Architecture model: A diagram or description of the network and system architecture used to understand possible attack surfaces.

Software

Software Data breaches DDOS Ransomware

Cyber Security Informer

PixieFail: Nine flaws in UEFI open-source reference implementation could have severe impacts

AMD is going to patch UEFI SMM callout privilege escalation flaw

Trending Sources

CVE-2019-0090 flaw affects Intel Chips released in the last 5 years

Second-ever UEFI rootkit used in North Korea-themed attacks

Multiple DDoS botnets were observed targeting Zyxel devices

Pink Botnet infected over 1.6 Million Devices, it is one of the largest botnet ever seen

Mozi Botnet is responsible for most of the IoT Traffic

Lemon Group gang pre-infected 9 million Android devices for fraudulent activities

Expert found a critical RCE zero-day in TP-Link Wi-Fi Extenders

Silex malware bricks thousands of IoT devices in a few hours

Android Botnet leverages ADB ports and SSH to spread

IoT Secure Development Guide

Mukashi, the new Mirai variant that targets Zyxel NAS

What is Incident Response? Ultimate Guide + Templates

Stay Connected