Dark Reading

JANUARY 20, 2022

MoonBounce is the latest in a small but growing number of implants found hidden in a computer's Unified Extensible Firmware Interface (UEFI

Firmware 110

Firmware 110

Schneier on Security

JUNE 21, 2019

In July 2017, security firm Dr. Web reported that its researchers had found Triada built into the firmware of several Android devices , including the Leagoo M5 Plus, Leagoo M8, Nomu S10, and Nomu S20. Thursday's report also said the supply chain attack was pulled off by one or more partners the manufacturers used in preparing the final firmware image used in the affected devices. android backdoors crime firmware google malware phones supplychain

Firmware 205

Firmware Manufacturing Mobile Malware 205

SecureList

JANUARY 20, 2022

At the end of 2021, we were made aware of a UEFI firmware-level compromise through logs from our Firmware Scanner , which has been integrated into Kaspersky products since the beginning of 2019. Our discovery: a sophisticated implant within UEFI firmware. What happened?

Firmware 112

Firmware Passwords Encryption Surveillance 112

Schneier on Security

NOVEMBER 18, 2019

Researchers have discovered and revealed 146 vulnerabilities in various incarnations of Android smartphone firmware. And since they're firmware bugs, in many cases there is no ability to patch them. android firmware smartphones supplychain vulnerabilitiesThe vulnerabilities were found by scanning the phones of 29 different Android makers, and each is unique to a particular phone or maker.

Firmware 166

Firmware 166

Security Boulevard

AUGUST 24, 2021

The post Firmware: Beyond Securing the Software Stack appeared first on Security Boulevard. Picture a house equipped with state-of-the-art alarm systems, sensors, locks and cameras. From the outside, the house might seem reasonably protected against potential intruders.

Firmware 97

Firmware Software Risk Security Awareness 97

Heimadal Security

AUGUST 9, 2021

A new vulnerability in home routers that run Arcadyan firmware wreaks havoc in the world of cybersecurity, being actively taken advantage of by threat actors. The post Exploited Vulnerability Targets Arcadyan Firmware Routers appeared first on Heimdal Security Blog.

Firmware 91

Firmware Authentication Cybersecurity 91

Security Boulevard

JANUARY 3, 2022

The post December Firmware Threat Report appeared first on Security Boulevard. What a December! Let’s see if we can write a threat report without mentioning log4j. Possible? Let’s find out!

Threat Reports 56

Threat Reports Firmware 56

Zero Day

JANUARY 21, 2022

The highly targeted attack reveals a new level of sophistication in attacks against UEFI firmware

Firmware 87

Firmware 87

Heimadal Security

JULY 2, 2021

The post Microsoft Finds New NETGEAR Firmware Vulnerabilities appeared first on Heimdal Security Blog. Cybersecurity News firmware firmware vulnerabilities iot devices microsoft NETGEAR vulnerability

Firmware 82

Firmware Identity Theft IoT Cybersecurity 82

Security Affairs

APRIL 5, 2021

A new report published by Microsoft revealed that 80% of global enterprises were victims of a firmware-focused cyberattack. The study pointed out that only 29% of the targeted organizations have allocated budgets to protect firmware. SecurityAffairs – hacking, firmware attacks).

Firmware 103

Firmware Cybersecurity Encryption Financial Services 103

Dark Reading

DECEMBER 3, 2020

A newly discovered module checks machines for flaws in the UEFI/BIOS firmware so malware can evade detection and persist on a device

Firmware 87

Firmware Malware 87

Security Boulevard

JUNE 24, 2021

The post June Firmware Threat Report appeared first on Security Boulevard. Not just one, but four. That’s how many vulnerabilities Eclypsium researchers discovered in Dell’s BIOSConnect feature. Taken together, this chain of vulnerabilities has a CVSS score of 8.3

Threat Reports 65

Threat Reports Firmware 65

Security Boulevard

NOVEMBER 2, 2021

The post Protecting Your Fortinet Devices With Firmware Security appeared first on Security Boulevard. Vulnerabilities in enterprise network and security devices are being aggressively targeted by APT and ransomware threat actors as initial access vectors into enterprises.

Firmware 82

Firmware Ransomware 82

Security Boulevard

APRIL 2, 2021

As organizations look to address those challenges, it’s critical to start with what is arguably the most integral piece of the supply chain: the firmware layer. Firmware is, essentially, the foundational code within a device.

Firmware 76

Firmware Software Risk Government 76

CSO Magazine

JANUARY 19, 2022

While this year’s Consumer Electronics Show was impacted by COVID, it didn’t stop Lenovo from announcing the first Microsoft Pluton-powered Windows 11 PCs.

Firmware 98

Firmware 98

Dark Reading

JUNE 24, 2021

A feature of the computer maker's update utility does not correctly handle certificates, leaving systems open to firmware-level compromises

Firmware 94

Firmware Risk 94

The Hacker News

JANUARY 21, 2022

A previously undocumented firmware implant deployed to maintain stealthy persistence as part of a targeted espionage campaign has been linked to the Chinese-speaking Winnti advanced persistent threat group (APT41).

Firmware 103

Firmware Malware 103

Security Affairs

DECEMBER 30, 2021

iLOBleed, is a previously undetected rootkit that was spotted targeting the HP Enterprise’s Integrated Lights-Out ( iLO ) server management technology to tamper with the firmware modules and wipe data off the infected systems.

Firmware 113

Firmware Malware System Administration Technology 113

Troy Hunt

NOVEMBER 23, 2020

Let's drill into all that and then go deeper into custom firmware and soldering too. Flashing Custom Firmware and Soldering I propose that we all need to find our own paths in terms of just how dirty we want to get our hands when playing with IoT.

Firmware 262

Firmware IoT Wireless Manufacturing 262

CSO Magazine

JANUARY 21, 2022

While MoonBounce is not the first UEFI rootkit found in the wild -- LoJax , MosaicRegressor are two examples-- these types of implants are not common because they require knowledge of low-level firmware programming.

Firmware 94

Firmware Government Software 94

Dark Reading

MAY 5, 2020

Firmware has become an increasingly prevalent target for hackers. Here's how to stop them

Firmware 113

Firmware 113

Dark Reading

NOVEMBER 22, 2017

Another big firmware security issue affecting Intel processors, requires OEM updates

Firmware 84

Firmware 84

Security Boulevard

MAY 26, 2021

The post May Firmware Threat Report appeared first on Security Boulevard. Sometimes it takes a thunderstorm before seeing positive outcomes and real change: Cyber May Flowers, if you will.

Threat Reports 52

Threat Reports Firmware Cyber Risk Government 52

Dark Reading

OCTOBER 7, 2020

Second-ever sighting of a firmware exploit in the wild is a grim reminder of the dangers of these mostly invisible attacks

Firmware 87

Firmware 87

Security Affairs

DECEMBER 18, 2021

My Cloud OS firmware is reaching the end of support, Western Digital customers have to update their WD My Cloud devices to the latest version. Devices on these older firmware versions will not receive security fixes or technical support.”

Firmware 100

Firmware Architecture Passwords Cyber Attacks 100

Security Affairs

FEBRUARY 18, 2020

Peripheral devices with unsigned firmware can expose Windows and Linux machines to hack, warn experts from firmware security firm Eclypsium. Many peripheral devices do not verify that firmware is properly signed with a high quality public/private key before running the code.

Firmware 103

Firmware Hacking Authentication Manufacturing 103

Security Boulevard

APRIL 27, 2021

The post Cigent Technology Extends Firmware to Secure SSDs appeared first on Security Boulevard.

Firmware 85

Firmware Technology Authentication Encryption 85

Threatpost

OCTOBER 14, 2020

Intel's addition of memory encryption to its upcoming 3rd generation Xeon Scalable processors matches AMD's Secure Memory Encryption (SME) feature.

Firmware 106

Firmware Encryption IoT Hacking 106

Dark Reading

OCTOBER 3, 2019

Federal guidelines can help all organizations pragmatically and meaningfully improve their firmware security

Firmware 86

Firmware 86

Dark Reading

JULY 22, 2019

A recently announced pair of vulnerabilities in server firmware could put enterprise IT at risk

Firmware 87

Firmware Risk 87

Threatpost

FEBRUARY 18, 2020

A lack of proper code-signing verification and authentication for firmware updates opens the door to information disclosure, remote code execution, denial of service and more.

Firmware 104

Firmware Authentication 104

Threatpost

APRIL 1, 2021

A vast majority of companies in a global survey from Microsoft report being a victim of a firmware-focused cyberattack, but defense spending lags, but defense spending lags.

Firmware 97

Firmware Malware 97

Digital Guardian

AUGUST 9, 2021

A vulnerability found in some routers and modems could make the devices vulnerable to authentication bypass and in turn, allow attackers access to sensitive information

Firmware 87

Firmware Authentication 87

CSO Magazine

APRIL 28, 2021

A recent security post warned that firmware attacks are on the rise. However, only 29% of security budgets has been allocated to protect firmware.

Firmware 83

Firmware Cybersecurity 83

Bleeping Computer

DECEMBER 30, 2021

Korean researchers have developed a set of attacks against some solid-state drives (SSDs) that could allow planting malware in a location that's beyond the reach of the user and security solutions. [.]. Security

Firmware 114

Firmware Malware 114

Security Affairs

NOVEMBER 16, 2021

Intel disclosed two high-severity vulnerabilities, tracked as CVE-2021-0157 and CVE-2021-0158, that affect the BIOS firmware in several processor families. The post Intel addresses 2 high-severity issues in BIOS firmware of several processors appeared first on Security Affairs.

Firmware 95

Firmware Risk Hacking 95

Dark Reading

NOVEMBER 30, 2021

More than 150 HP printer models have bugs that could enable attackers to steal data and gain an initial foothold on enterprise networks

Firmware 86

Firmware 86

Tech Republic Security

JUNE 18, 2021

Devices have multiple OSs and firmware running, and most organisations don't know what they have or if it's secure. Microsoft will use ReFirm to make it easier to find out without being an expert

Firmware 146

Firmware IoT 146

Security Boulevard

JULY 9, 2021

Register for our July 14 webinar and learn how you can get ahead of fast-growing firmware attacks today. The post NIST Kicks the Can: Why We Need to Address Firmware Security Now appeared first on Security Boulevard.

Firmware 100

Firmware Cybersecurity 100

Dark Reading

JULY 2, 2021

Microsoft maintains that exploitation of recent Dell vulnerabilities would be blocked on ultra-secure PCs - but most systems do not have the technology yet

Firmware 109

Firmware Technology 109

Dark Reading

MARCH 31, 2021

A new Microsoft-commissioned report finds less than 30% of organizations allocate security budget toward preventing firmware attacks

Firmware 87

Firmware 87

WIRED Threat Level

FEBRUARY 18, 2020

The lax security of supply chain firmware has been a known concern for years—with precious little progress being made. Security Security / Cyberattacks and Hacks

Firmware 87

Firmware Hacking 87

Dark Reading

JUNE 22, 2020

Networking devices sold under at least one major brand have a firmware vulnerability that allows hackers to take control of the device, a cybersecurity firm claims

Firmware 110

Firmware Cybersecurity 110