Cybersecurity, Firmware and Manufacturing

Cybersecurity in Aviation: Rising Threats and Modernization Efforts

SecureWorld News

JUNE 9, 2025

Most aviation processes are heavily digitized, and in the wake of new cyber threats, airlines and the broader sector must prioritize cybersecurity more than ever before. As airlines upgrade for connected sky-travel and regulators tighten their grip with new rules, the stakes for cybersecurity have never been higher.

Cybersecurity

Cybersecurity Social Engineering Computers and Electronics Risk

U.S. CISA adds PTZOptics camera bugs to its Known Exploited Vulnerabilities catalog

Security Affairs

NOVEMBER 5, 2024

Cybersecurity and Infrastructure Security Agency (CISA) adds PTZOptics PT30X-SDI/NDI camera bugs to its Known Exploited Vulnerabilities catalog. The vulnerabilities impact NDI-enabled pan-tilt-zoom (PTZ) cameras from multiple manufacturers. Affected devices use VHD PTZ camera firmware < 6.3.40 concludes the report.

Firmware

Firmware Manufacturing Authentication IoT

BootKitty Linux UEFI bootkit spotted exploiting LogoFAIL flaws

Security Affairs

DECEMBER 3, 2024

The ‘Bootkitty’ Linux UEFI bootkit exploits the LogoFAIL flaws (CVE-2023-40238) to target systems using vulnerable firmware. Cybersecurity researchers from ESET recently discovered the first UEFI bootkit designed to target Linux systems, called by its authors Bootkitty. ” reads the report.

Firmware

Firmware Manufacturing Malware Authentication

Synology fixed critical flaw impacting millions of DiskStation and BeePhotos NAS devices

Security Affairs

NOVEMBER 6, 2024

Security researcher Rick de Jager demonstrated the vulner ability, called RISK:STATION by cybersecurity firm Midnight Blue, at the Pwn2Own Ireland 2024 hacking contest. 0795 or above) Taiwanese manufacturer QNAP also patched three zero-day vulnerabilities that were exploited by security researchers during the recent Pwn2Own Ireland 2024.

Firmware

Firmware Manufacturing Hacking Media

Unsigned Firmware running on peripherals could expose Windows, Linux systems to hack

Security Affairs

FEBRUARY 18, 2020

Peripheral devices with unsigned firmware can expose Windows and Linux machines to hack, warn experts from firmware security firm Eclypsium. An attacker could exploit the lack of checks to execute malicious firmware and perform malicious actions on both Windows and Linux systems, such as the installation of persistent backdoors.

Firmware

Firmware Hacking Authentication Advertising

Android devices shipped with backdoored firmware as part of the BADBOX network

Security Affairs

OCTOBER 8, 2023

Researchers warn that more than 70,000 Android smartphones, CTV boxes, and tablets were shipped with backdoored firmware as part of BADBOX network. Cybersecurity researchers at Human Security discovered a global network of consumer products, dubbed BADBOX, with firmware backdoors installed and sold through a compromised hardware supply chain.

Firmware

Firmware Mobile Malware Retail

UDP Technology IP Camera firmware vulnerabilities allow for attacker to achieve root

Malwarebytes

JULY 28, 2021

Researchers at RandoriSec have found serious vulnerabilities in the firmware provided by UDP Technology to Geutebrück and many other IP camera vendors. According to the researchers the firmware supplier UDP Technology fails to respond to their reports despite numerous mails and LinkedIn messages. History lessons. Mitigation.

Firmware

Firmware Technology Authentication IoT

GUEST ESSAY: The many ways your supply chain is exposing your company to a cyber attack

The Last Watchdog

MAY 16, 2022

You and your cybersecurity team do everything correctly to safeguard your infrastructure, yet the frightening alert still arrives that you’ve suffered a data breach. The same technologies that make supply chains faster and more effective also threaten their cybersecurity,” writes David Lukic , a privacy, security, and compliance consultant.

Cyber Attacks

Cyber Attacks Firmware Artificial Intelligence Manufacturing

Guest Essay: The urgent need to improve firmware security — especially in OT and IoT routers

The Last Watchdog

AUGUST 26, 2024

The findings focused on outdated software components in router firmware, across sectors from industrial operations to healthcare and critical infrastructure, highlighting associated cyber risks. Equally alarming was the widespread presence of known vulnerabilities, or “n-day” vulnerabilities, in the firmware images.

Firmware

Firmware IoT Manufacturing Cyber Risk

March to 5G could pile on heavier security burden for IoT device manufacturers

SC Magazine

APRIL 9, 2021

As the Department of Defense works on standards to dictate 5G rollout, security requirements may be too much for IoT manufacturers. Of course, many security hurdles for IoT device manufacturers are not specific to 5G. The Internet of Things Cybersecurity Improvement Act of 2020 , which was enacted Dec.

Manufacturing

Manufacturing IoT Firmware Architecture

Medusa Ransomware Warning: CISA and FBI Issue Urgent Advisory

eSecurity Planet

MARCH 17, 2025

The Cybersecurity and Infrastructure Security Agency (CISA), in collaboration with the Federal Bureau of Investigation (FBI) and the Multi-State Information Sharing and Analysis Center (MS-ISAC), has released a joint cybersecurity advisory warning organizations about the escalating threat posed by the Medusa ransomware.

Ransomware

Ransomware Backups Firmware Insurance

Firmware: A New Attack Vector Requiring Industry Leadership

Dark Reading

SEPTEMBER 11, 2019

It's time for cybersecurity manufacturers and solution providers to step up and show leadership in addressing firmware security. Read why and how.

Firmware

Firmware Manufacturing Cybersecurity

IoT Cybersecurity: 5 Major Vulnerabilities and How to Tackle Them

Security Affairs

OCTOBER 13, 2020

IoT devices are exposed to cybersecurity vulnerabilities. However, if you know where the dangers lurk, there is a way to minimize the cybersecurity risks. Here are five significant cybersecurity vulnerabilities with IoT in 2020. The cybersecurity issues related to IoT are a brand-new topic in the niche. Poor credentials.

IoT

IoT Cybersecurity Manufacturing Internet

Why you should secure your embedded server management interfaces

CSO Magazine

JANUARY 14, 2022

All server manufacturers provide this functionality in firmware through a set of chips that run independent of the rest of the server and OS. Over the years, security researchers have found and demonstrated vulnerabilities in the BMC implementations of different server manufacturers and attackers have taken advantage of some of them.

Manufacturing

Manufacturing Firmware Cybersecurity

GUEST ESSAY: The story behind how DataTribe is helping to seed ‘Cybersecurity Valley’ in Maryland

The Last Watchdog

JUNE 4, 2019

With the largest concentration of cybersecurity expertise –– the “oil” — in the world, Maryland is fast changing from the Old Line State into “Cybersecurity Valley.” The foundation of Silicon Valley was set, and today comparable technology development pieces are being laid in Maryland on the cybersecurity front.

Cybersecurity

Cybersecurity Computers and Electronics Technology Marketing

NI CompactRIO controller flaw could allow disrupting production

Security Affairs

DECEMBER 12, 2020

A high-severity vulnerability affecting CompactRIO controllers manufactured by the vendor National Instruments (NI) could allow remote attackers to disrupt production processes in an organization. Cybersecurity and Infrastructure Security Agency (CISA) published a security advisory to warn organizations about the flaw.

Firmware

Firmware Manufacturing Software Authentication

Enhanced capabilities sustain the rapid growth of Vo1d botnet

Security Affairs

FEBRUARY 28, 2025

Unfortunately, manufacturers often sell older OS versions as newer ones. Users may also mistakenly believe TV boxes are more secure than smartphones and are less likely to install antivirus software, increasing their risk when downloading third-party apps or unofficial firmware.

Antivirus

Antivirus Firmware Encryption Manufacturing

How to hack Wincor Cineo ATMs to bypass black-box attack protections and withdraw cash

Security Affairs

NOVEMBER 1, 2021

“According to Vladimir Kononovich, some manufacturers rely on security through obscurity, with proprietary protocols that are poorly studied and the goal of making it difficult for attackers to procure equipment to find vulnerabilities in such devices. Wincor is currently owned by ATM manufacturer giant Diebold Nixdorf.

Hacking

Hacking Firmware Encryption Manufacturing

Mobile Adware makes online banking services as Prime Targets

CyberSecurity Insiders

MARCH 1, 2021

Kaspersky claims that the Android devices mostly those belonging to Chinese OEMs are coming pre-installed with adware and some even in the firmware components. But threat analysts who took part in the research say that some manufactures are indulging in spreading adware simply to receive extra profits.

Adware

Adware Banking Mobile Firmware

High-Severity UEFI Vulnerability Affects Hundreds of Intel CPUs

SecureWorld News

JUNE 20, 2024

A recently discovered high-severity vulnerability in Phoenix Technologies' SecureCore UEFI firmware has raised concerns across the cybersecurity landscape. Due to the broad use of Phoenix SecureCore UEFI firmware, the vulnerability's reach is extensive, impacting potentially a significant number of products globally."

Firmware

Firmware Manufacturing Cyber threats Cybersecurity

Millions of home routers on Mirai Botnet Radar

CyberSecurity Insiders

AUGUST 13, 2021

According to a research carried out by Maryland based Cybersecurity firm Tenable, hackers are targeting millions of home routers to add them to the Mirai botnet radar that is used to launch DDoS Cyber attack campaigns. The post Millions of home routers on Mirai Botnet Radar appeared first on Cybersecurity Insiders.

Firmware

Firmware Malware DDOS Manufacturing

Five Cybersecurity Trends that Will Affect Organizations in 2023

CyberSecurity Insiders

DECEMBER 6, 2022

Netwrix, a cybersecurity vendor that makes data security easy, today released key IT security trends that will affect organizations of all sizes in 2023. To address this threat, organizations of all sizes while conducting a risk assessment need to take into account the vulnerabilities of all third-party software or firmware.

Cybersecurity

Cybersecurity Cybercrime Social Engineering Risk

ESET warns of three flaws that affect over 100 Lenovo notebook models

Security Affairs

APRIL 19, 2022

Lenovo warns of vulnerabilities in its Unified Extensible Firmware Interface (UEFI) shipped with at least 100 notebook models. The Secure boot is a security standard developed by members of the PC industry to ensure that a device boots using only software that is trusted by the Original Equipment Manufacturer (OEM).

Firmware

Firmware Manufacturing Hacking Cybersecurity

SSDF and IoT Cybersecurity Guidance: Building Blocks for IoT Product Security

NSTIC

JUNE 22, 2023

NIST’s IoT cybersecurity guidance has long recognized the importance of secure software development (SSDF) practices, highlighted by the NIST IR 8259 series—such as the recommendation for documentation in Action 3.d These development practices can also provide

IoT

IoT Manufacturing Cybersecurity Firmware

STEPS FORWARD: Regulators are on the move to set much needed IoT security rules of the road

The Last Watchdog

SEPTEMBER 5, 2023

I had an eye-opening conversation about all of this with Steve Hanna , distinguished engineer at Infineon Technologies , a global semiconductor manufacturer based in Neubiberg, Germany. We can’t expect the consumer to be an expert on IoT cybersecurity, that’s just not realistic,” he says. In 2023, the U.S.

IoT

IoT Government Internet Internet

CVE-2021-20090 actively exploited to target millions of IoT devices worldwide

Security Affairs

AUGUST 7, 2021

Threat actors are actively exploiting a critical authentication bypass issue (CVE-2021-20090 ) affecting home routers with Arcadyan firmware. Threat actors actively exploit a critical authentication bypass vulnerability, tracked as CVE-2021-20090 , impacting home routers with Arcadyan firmware to deploy a Mirai bot.

IoT

IoT Firmware Authentication Wireless

Vulnerabilities in the iBoot Power Distribution Unit Let Hackers Remotely Shut Down Devices

Hacker Combat

SEPTEMBER 22, 2022

Researchers from the industrial cybersecurity company Claroty discovered a total of seven flaws with the iBoot-PDU product, including one that might have allowed a remote, unauthenticated attacker to execute arbitrary code. The vendor has released firmware version 1.42.06162022 to address the problem.

Firmware

Firmware Firewall Manufacturing Internet

QSnatch malware infected over 62,000 QNAP NAS Devices

Security Affairs

JULY 28, 2020

US and UK cybersecurity agencies issued a joint advisory about the spread of QSnatch Data-Stealing Malware that already infected over 62,000 QNAP NAS devices. The malicious code specifically targets QNAP NAS devices manufactured by Taiwanese company QNAP, it already infected over 62,000 QNAP NAS devices.

Malware

Malware Firmware Advertising Manufacturing

Experts found backdoors in a popular Auerswald VoIP appliance

Security Affairs

DECEMBER 27, 2021

Researchers found multiple backdoors in popular VoIP (voice over Internet protocol) appliance made by the German manufacturer Auerswald. Researchers from RedTeam Pentesting discovered multiple backdoors in a popular VoIP (voice over Internet protocol) appliance made by the German manufacturer Auerswald. “Firmware Update 8.2B

Firmware

Firmware Manufacturing Passwords Penetration Testing

How to ensure security and trust in connected cars

CyberSecurity Insiders

MARCH 16, 2021

The cars we drive today have become truly connected objects, capable of a variety of functionalities that both users and manufacturers could have only dreamed of in past decades. However, with increased connectivity in our cars, new challenges are arising for both manufacturers and users. Technologies that enable connectivity in cars.

Manufacturing

Manufacturing IoT Technology Cybersecurity

HID Mercury Access Controller flaws could allow to unlock Doors

Security Affairs

JUNE 12, 2022

The flaws impact products manufactured by LenelS2, a provider of advanced physical security solutions (i.e. The experts focused on Carrier’s LenelS2 access control panels, manufactured by HID Mercury. The US Cybersecurity and Infrastructure Security Agency (CISA) has also published an advisory about these vulnerabilities.

Firmware

Firmware Penetration Testing Manufacturing Authentication

Samsung offers Mobile Security protection as below

CyberSecurity Insiders

NOVEMBER 25, 2021

From backdoors- As the Korean giant creates, validates and manufactures its computing devices all on its own, its every piece of hardware, wiring and firmware is securely drafted at its high secure R&D plants & factories in the world. So, why think much about security?

Mobile

Mobile Firmware Manufacturing Passwords

CVE-2024-7261 (CVSS 9.8): Zyxel Patches Critical Vulnerability in Wi-Fi Devices

Penetration Testing

SEPTEMBER 2, 2024

Zyxel, a prominent networking equipment manufacturer, has issued a security advisory urging users to promptly update their firmware to address a critical vulnerability affecting a range of their access points... The post CVE-2024-7261 (CVSS 9.8): Zyxel Patches Critical Vulnerability in Wi-Fi Devices appeared first on Cybersecurity News. (..)

Firmware

Firmware Manufacturing Cybersecurity

The High-Stakes Game of Ensuring IoMT Device Security

SecureWorld News

FEBRUARY 17, 2024

Regrettably, cybersecurity is often an overlooked aspect in the development of many smart devices, and medical devices in particular. In response, manufacturers are intensifying their cybersecurity efforts, incorporating advanced CI/CD workflows to safeguard medical devices from escalating attacks.

Healthcare

Healthcare Manufacturing Internet Internet

Experts hacked 28,000 unsecured printers to raise awareness of printer security issues

Security Affairs

AUGUST 27, 2020

Cybersecurity experts at CyberNews hijacked close to 28,000 unsecured printers worldwide and forced them to print out a guide on printer security. Our selection was based on: Device location (to cover the entire globe) Device manufacturer Protocols used to access the printers. Update your printer firmware to the latest version.

Hacking

Hacking IoT Firmware Internet

Privacy Roundup: Week 3 of Year 2025

Security Boulevard

JANUARY 20, 2025

How cars became the worst product category for privacy Session Covers the extensive data collection (and subsequent sharing with car manufacturers and their affiliates) enabled by modern vehicles; they can collect way beyond location data. Information and summaries provided here are as-is for warranty purposes.

Surveillance

Surveillance Malware Data breaches Scams

SiteLock’s Top Five Cybersecurity Predictions For 2020

SiteLock

AUGUST 27, 2021

It’s safe to say that the volume and magnitude of high-profile data breaches and ransomware attacks that punctuated 2019 really kept the cybersecurity industry on its toes. We’ve analyzed the current state of the industry and packaged up our top five cybersecurity predictions for 2020. In comparison to last year, research.

Cybersecurity

Cybersecurity Phishing Data breaches IoT

How to implant a malware in hidden area of SSDs with Flex Capacity feature

Security Affairs

DECEMBER 31, 2021

An invalidation data region is created by varying the OP area that can be changed by the user or by the firmware manager. However, a threat actor can reduce the size of the OP area using the firmware manager generating an invalid data area. The OP area can be set for example by a maximum of 50%. ” reads the research paper.

Malware

Malware Firmware Manufacturing Media

PwnedPiper flaws in PTS systems affect 80% of major US hospitals

Security Affairs

AUGUST 2, 2021

Cybersecurity researchers disclosed multiple flaws, dubbed PwnedPiper , that left a widely-used pneumatic tube system (PTS) vulnerable to attacks. The flaw affects the Translogic PTS system manufactured by Swisslog Healthcare, which is installed in about 80% of all major hospitals in North America and thousands of hospitals worldwide.

Healthcare

Healthcare Firmware Manufacturing Ransomware

Vulnerability makes hackers hijack video streams from millions of connected cameras

CyberSecurity Insiders

JUNE 29, 2021

Security researchers say that the flaw is related to software component used in cloud surveillance platform ThroughTek that is used by OEMs while manufacturing IP Cameras, baby monitoring cams and pet monitoring solutions along with robotic and battery devices. score to the newly discovered P2P SDK vulnerability.

Firmware

Firmware IoT Surveillance Manufacturing

An RCE in Annke video surveillance product allows hacking the device

Security Affairs

AUGUST 27, 2021

Researchers at industrial and IoT cybersecurity firm Nozomi Networks have discovered a critical flaw affecting a video surveillance product made by Annke, a popular manufacturer of surveillance systems and solutions. The experts performed reverse engineering of the firmware to fully unrestricted SSH access.

Surveillance

Surveillance Hacking Firmware Manufacturing

The Chip War’s Impact on Cybersecurity and the Supply Chain

Security Boulevard

MARCH 28, 2023

The post The Chip War’s Impact on Cybersecurity and the Supply Chain appeared first on Security Boulevard. “The semiconductor supply chain remains one of the most complicated and most critical supply chains that underpin the entire global.

Cybersecurity

Cybersecurity Manufacturing Firmware IoT

EU to Force IoT, Wireless Device Makers to Improve Security

eSecurity Planet

NOVEMBER 1, 2021

The European Union is poised to place more demands on manufacturers to design greater security into their wireless and Internet of Things (IoT) devices. Manufacturers will be required to adhere to the new cybersecurity safeguards when designing and producing these products. Common EU Security Standards. IoT Security Neglected.

Wireless

Wireless IoT Manufacturing Mobile

MITRE and CISA publish the 2021 list of most common hardware weaknesses

Security Affairs

OCTOBER 30, 2021

MITRE and the DHS’s Cybersecurity and Infrastructure Security Agency (CISA) have announced the release of the “2021 Common Weakness Enumeration (CWE) Most Important Hardware Weaknesses” list. MITRE and CISA announced the release of the “2021 Common Weakness Enumeration (CWE) Most Important Hardware Weaknesses” list.

Firmware

Firmware Manufacturing Education Engineering

Cybersecurity in Aviation: Rising Threats and Modernization Efforts

U.S. CISA adds PTZOptics camera bugs to its Known Exploited Vulnerabilities catalog

Trending Sources

BootKitty Linux UEFI bootkit spotted exploiting LogoFAIL flaws

Synology fixed critical flaw impacting millions of DiskStation and BeePhotos NAS devices

Unsigned Firmware running on peripherals could expose Windows, Linux systems to hack

Android devices shipped with backdoored firmware as part of the BADBOX network

UDP Technology IP Camera firmware vulnerabilities allow for attacker to achieve root

GUEST ESSAY: The many ways your supply chain is exposing your company to a cyber attack

Guest Essay: The urgent need to improve firmware security — especially in OT and IoT routers

March to 5G could pile on heavier security burden for IoT device manufacturers

Medusa Ransomware Warning: CISA and FBI Issue Urgent Advisory

Firmware: A New Attack Vector Requiring Industry Leadership

IoT Cybersecurity: 5 Major Vulnerabilities and How to Tackle Them

Why you should secure your embedded server management interfaces

GUEST ESSAY: The story behind how DataTribe is helping to seed ‘Cybersecurity Valley’ in Maryland

NI CompactRIO controller flaw could allow disrupting production

Enhanced capabilities sustain the rapid growth of Vo1d botnet

How to hack Wincor Cineo ATMs to bypass black-box attack protections and withdraw cash

Mobile Adware makes online banking services as Prime Targets

High-Severity UEFI Vulnerability Affects Hundreds of Intel CPUs

Millions of home routers on Mirai Botnet Radar

Five Cybersecurity Trends that Will Affect Organizations in 2023

ESET warns of three flaws that affect over 100 Lenovo notebook models

SSDF and IoT Cybersecurity Guidance: Building Blocks for IoT Product Security

STEPS FORWARD: Regulators are on the move to set much needed IoT security rules of the road

CVE-2021-20090 actively exploited to target millions of IoT devices worldwide

Vulnerabilities in the iBoot Power Distribution Unit Let Hackers Remotely Shut Down Devices

QSnatch malware infected over 62,000 QNAP NAS Devices

Experts found backdoors in a popular Auerswald VoIP appliance

How to ensure security and trust in connected cars

HID Mercury Access Controller flaws could allow to unlock Doors

Samsung offers Mobile Security protection as below

CVE-2024-7261 (CVSS 9.8): Zyxel Patches Critical Vulnerability in Wi-Fi Devices

The High-Stakes Game of Ensuring IoMT Device Security

Experts hacked 28,000 unsecured printers to raise awareness of printer security issues

Privacy Roundup: Week 3 of Year 2025

SiteLock’s Top Five Cybersecurity Predictions For 2020

How to implant a malware in hidden area of SSDs with Flex Capacity feature

PwnedPiper flaws in PTS systems affect 80% of major US hospitals

Vulnerability makes hackers hijack video streams from millions of connected cameras

An RCE in Annke video surveillance product allows hacking the device

The Chip War’s Impact on Cybersecurity and the Supply Chain

EU to Force IoT, Wireless Device Makers to Improve Security

MITRE and CISA publish the 2021 list of most common hardware weaknesses

Stay Connected