Security Boulevard

AUGUST 3, 2022

You’re not imagining things; new firmware threats are appearing more often. The most recent is CosmicStrand, which exploits the Unified Extensible Firmware Interface (UEFI) to avoid detection. The post ‘CosmicStrand’ Highlights Ongoing Firmware Risks appeared first on Security Boulevard. The researchers were unable to.

Firmware 98

Firmware Risk Mobile Malware 98

Tech Republic Security

MARCH 14, 2023

A possible Chinese attack campaign on compromised unpatched SonicWall SMA edge devices stayed undetected since 2021 and could persist even through firmware updates. The post Attack campaign on edge appliance: undetected since 2021 and resists firmware update appeared first on TechRepublic.

Firmware 126

Firmware Cybersecurity 126

Security Boulevard

OCTOBER 26, 2022

The pool of available open source resilient firmware keeps growing. This week, dynamic firmware maker AMI announced the contribution of its Tektagon OpenEdition Platform Root of Trust to the Open Compute Project (OCP). The post AMI Brings Secure Firmware to the Open Compute Project appeared first on Security Boulevard.

Firmware 98

Firmware Malware Cybersecurity 98

The Hacker News

NOVEMBER 9, 2022

PC maker Lenovo has addressed yet another set of three shortcomings in the Unified Extensible Firmware Interface (UEFI) firmware affecting several Yoga, IdeaPad, and ThinkBook devices. dbx): all simply from an OS," Slovak cybersecurity firm ESET explained in a series of tweets.

Firmware 98

Firmware Cybersecurity 98

The Hacker News

MARCH 8, 2022

Cybersecurity researchers on Tuesday disclosed 16 new high-severity vulnerabilities in various implementations of Unified Extensible Firmware Interface (UEFI) firmware impacting multiple HP enterprise devices. have been uncovered in HP's UEFI firmware. The shortcomings, which have CVSS scores ranging from 7.5

Firmware 118

Firmware Cybersecurity 118

Heimadal Security

APRIL 20, 2022

Researchers have recently identified three Lenovo UEFI firmware vulnerabilities of high impact located in various Lenovo laptop models that consumers use. By successfully exploiting these flaws, threat actors can deploy and execute firmware implants on the impacted devices.

Firmware 117

Firmware Cybersecurity 117

The Hacker News

JULY 13, 2022

Consumer electronics maker Lenovo on Tuesday rolled out fixes to contain three security flaws in its UEFI firmware affecting over 70 product models.

Firmware 110

Firmware Cybersecurity 110

Security Affairs

DECEMBER 30, 2021

iLOBleed, is a previously undetected rootkit that was spotted targeting the HP Enterprise’s Integrated Lights-Out ( iLO ) server management technology to tamper with the firmware modules and wipe data off the infected systems. This malware has been used by hackers for some time and we have been monitoring its performance.

Firmware 135

Firmware Malware System Administration Technology 135

Security Boulevard

AUGUST 24, 2021

The post Firmware: Beyond Securing the Software Stack appeared first on Security Boulevard. However, if a savvy thief managed to infiltrate the residence through its crawl space, the very foundation of the house might be putting the overall security of the home at risk.

Firmware 119

Firmware Software Risk Security Awareness 119

Security Boulevard

JULY 9, 2021

Register for our July 14 webinar and learn how you can get ahead of fast-growing firmware attacks today. Earlier this month we did an analysis of the President’s Executive Order on Improving the Nation’s Cybersecurity (You Can’t Unsee the Rabbit: Perspectives on the […]. Sometimes you just need to stop, stretch, and pick up the can.

Firmware 124

Firmware Cybersecurity 124

The Last Watchdog

NOVEMBER 20, 2019

Related: Ransomware remains a scourge The former has been accused of placing hidden backdoors in the firmware of equipment distributed to smaller telecom companies all across the U.S. These happen to represent two prime examples of cyber attack vectors that continue to get largely overlooked by traditional cybersecurity defenses.

Firmware 174

Firmware Hacking Software Surveillance 174

Security Affairs

JUNE 2, 2022

The analysis of the internal chats of the Conti ransomware group revealed the gang was working on firmware attack techniques. The analysis of Conti group’s chats , which were leaked earlier this year, revealed that the ransomware gang has been working on firmware attack techniques. ” reads the post published by Eclypsium.

Firmware 103

Firmware Engineering Ransomware Malware 103

CSO Magazine

APRIL 28, 2021

A recent security post warned that firmware attacks are on the rise. They cited a survey of 1,000 cybersecurity decision makers at enterprises across multiple industries in the UK, US, Germany, Japan, and China finding that that 80% of firms have experienced at least one firmware attack in the past two years.

Firmware 98

Firmware Cybersecurity 98

Heimadal Security

JULY 2, 2021

The post Microsoft Finds New NETGEAR Firmware Vulnerabilities appeared first on Heimdal Security Blog. Tracked as PSV-2020-0363, PSV-2020-0364, and PSV-2020-0365, they range in CVSS rating from high (7.4) to critical (9.4). Microsoft reported […].

Firmware 98

Firmware Identity Theft IoT Cybersecurity 98

Security Affairs

FEBRUARY 18, 2020

Peripheral devices with unsigned firmware can expose Windows and Linux machines to hack, warn experts from firmware security firm Eclypsium. An attacker could exploit the lack of checks to execute malicious firmware and perform malicious actions on both Windows and Linux systems, such as the installation of persistent backdoors.

Firmware 118

Firmware Hacking Authentication Advertising 118

Security Boulevard

APRIL 2, 2021

As organizations look to address those challenges, it’s critical to start with what is arguably the most integral piece of the supply chain: the firmware layer. Firmware is, essentially, the foundational code within a device.

Firmware 88

Firmware Software Risk Government 88

Security Affairs

MARCH 9, 2022

Researchers disclosed 16 high-severity flaws in different implementations of Unified Extensible Firmware Interface (UEFI) firmware impacting multiple HP enterprise devices. The most severe of the vulnerabilities discovered by the researchers are memory corruption issues affecting the System Management Mode (SMM) of the firmware.

Firmware 72

Firmware Hacking Technology Cybersecurity 72

Dark Reading

APRIL 28, 2023

Software bugs are ubiquitous, and we're familiar with hardware threats. But what about the gap in the middle? Two researchers at Black Hat Asia will attempt to focus our attention there.

Firmware 99

Firmware Cybersecurity Software 99

Security Boulevard

AUGUST 3, 2022

Firmware security has undergone an incredible transformation over the past several years. What was once an often forgotten and overlooked part of the technology stack has become one of the most active battlegrounds between cybersecurity attackers and defenders. Firmware is where the stakes are highest.

Firmware 59

Firmware Technology Cybersecurity 59

Malwarebytes

JULY 28, 2021

Researchers at RandoriSec have found serious vulnerabilities in the firmware provided by UDP Technology to Geutebrück and many other IP camera vendors. According to the researchers the firmware supplier UDP Technology fails to respond to their reports despite numerous mails and LinkedIn messages. History lessons. Mitigation.

Firmware 117

Firmware Technology Authentication IoT 117

Security Affairs

SEPTEMBER 29, 2020

While the AgeLocker ransomware continues to target QNAP NAS systems, the Taiwanese vendor urges customers to update the firmware and apps. Taiwanese vendor QNAP is urging its customers to update the firmware and apps installed on their network-attached storage (NAS) devices to prevent AgeLocker ransomware infections.

Firmware 125

Firmware Encryption Ransomware Advertising 125

Security Affairs

APRIL 22, 2022

Taiwanese vendor QNAP warns users to update their NAS Firmware to fix Apache HTTP flaws addressed in the Apache HTTP server last month. Taiwanese vendor QNAP warns users to update their NAS Firmware to address Apache HTTP vulnerabilities, tracked as CVE-2022-22721 and CVE-2022-23943 , addressed in the Apache HTTP server in March.

Firmware 88

Firmware Hacking Cybersecurity Internet 88

Security Boulevard

APRIL 27, 2021

The post Cigent Technology Extends Firmware to Secure SSDs appeared first on Security Boulevard. Cigent Data Defense is based on an existing D³E for Windows platform that can employed in a standalone fashion or in combination with K2 Secure SSDs provided by Cigent.

Firmware 102

Firmware Technology Encryption Authentication 102

SC Magazine

JUNE 2, 2021

ReFirm provides drag-and-drop automated firmware analysis, which Microsoft hopes will provide security insight for industrial IoT products, where security personnel often struggle to look inside built-in hardware. “Firmware is kind of the software that we politely ignore today,” he said.

Firmware 77

Firmware IoT Technology Media 77

Security Boulevard

JUNE 25, 2023

Paul also shares with us some of his greatest hacking stories and don’t miss our lively […] The post Security Podcasting, Hacking Stories, and The State of Firmware Security with Paul Asadoorian appeared first on Shared Security Podcast.

Firmware 52

Firmware Hacking Internet Internet 52

Security Boulevard

JULY 15, 2022

NIST Special Publication 800-53, Security and Privacy Controls for Information Systems and Organizations, is easily one of the most foundational documents in modern cybersecurity. The post SP 800-53 Makes Supply Chain and Firmware a Priority – But Are You Listening? appeared first on Security Boulevard.

Firmware 64

Firmware Cybersecurity 64

Security Boulevard

APRIL 3, 2021

This weekend on security news in review, we have some new data on firmware attacks against global enterprises, insights into how much damage ransomware has caused the healthcare industry, and the Department of Homeland Security laying out a new cybersecurity strategy. .

Firmware 80

Firmware Hacking Healthcare Ransomware 80

Security Boulevard

JANUARY 5, 2023

Complete Title : USENIX Security '22 - Tobias Scharnowski, Nils Bars, Moritz Schloegel, Eric Gustafson, Marius Muench, Giovanni Vigna, Christopher Kruegel, Thorsten Holz, Ali Abbasi - ‘Fuzzware: Using Precise MMIO Modeling For Effective Firmware Fuzzing’.

Firmware 52

Firmware Education InfoSec Cybersecurity 52

Heimadal Security

JULY 15, 2021

x firmware. x Firmware: SonicWall Security Notification Released appeared first on Heimdal Security Blog. This targets the Secure Mobile Access (SMA) 100 series and Secure Remote Access (SRA) devices. These products are unpatched and run the EOL (end-of-life) 8.x What’s the goal? […].

Firmware 82

Firmware Ransomware Mobile Risk 82

Dark Reading

SEPTEMBER 11, 2019

It's time for cybersecurity manufacturers and solution providers to step up and show leadership in addressing firmware security. Read why and how.

Firmware 72

Firmware Manufacturing Cybersecurity 72

Security Affairs

AUGUST 18, 2019

Intel released security updates to address high-severity vulnerabilities in NUC firmware, the Processor Identification Utility, and the Computing Improvement Program. Intel Patch Tuesday for August 2019 addressed high-severity vulnerabilities in NUC firmware, Processor Identification Utility, and Computing Improvement Program.

Firmware 85

Firmware Authentication Advertising Hacking 85

Dark Reading

JUNE 22, 2020

Networking devices sold under at least one major brand have a firmware vulnerability that allows hackers to take control of the device, a cybersecurity firm claims.

Firmware 84

Firmware Cybersecurity 84

CSO Magazine

OCTOBER 4, 2022

Dell Technologies has announced a raft of new cybersecurity resources to help customers simplify zero-trust adoption and improve their cyber resiliency. To read this article in full, please click here

Cybersecurity 79

Cybersecurity Firmware Architecture Technology 79

Security Boulevard

SEPTEMBER 1, 2023

Permalink The post BSides Cheltenham 2023 – Stephen – All Your Firmwares Are Belong To Us: A Guide To Successful Acquisition appeared first on Security Boulevard. Many thanks to BSides Cheltenham for publishing their presenter’s outstanding BSides Cheltenham 2023 security content on the organizations’ YouTube channel.

Firmware 45

Firmware Architecture CISO Education 45

NSTIC

JUNE 22, 2023

NIST’s IoT cybersecurity guidance has long recognized the importance of secure software development (SSDF) practices, highlighted by the NIST IR 8259 series—such as the recommendation for documentation in Action 3.d These development practices can also provide

IoT 64

IoT Manufacturing Cybersecurity Firmware 64

CSO Magazine

MARCH 1, 2023

A Unified Extensible Firmware Interface (UEFI) bootkit called BlackLotus is found to be capable of bypassing an essential platform security feature, UEFI Secure Boot , according to researchers from Slovakia-based cybersecurity firm ESET. Secure Boot is designed to ensure that the system boots only with trusted software and firmware.

Firmware 110

Firmware Malware Software Cybersecurity 110

CyberSecurity Insiders

DECEMBER 6, 2022

Netwrix, a cybersecurity vendor that makes data security easy, today released key IT security trends that will affect organizations of all sizes in 2023. To address this threat, organizations of all sizes while conducting a risk assessment need to take into account the vulnerabilities of all third-party software or firmware.

Cybersecurity 116

Cybersecurity Cybercrime Social Engineering Firmware 116