article thumbnail

‘CosmicStrand’ Highlights Ongoing Firmware Risks

Security Boulevard

You’re not imagining things; new firmware threats are appearing more often. The most recent is CosmicStrand, which exploits the Unified Extensible Firmware Interface (UEFI) to avoid detection.

article thumbnail

Security Vulnerabilities in Android Firmware

Schneier on Security

Researchers have discovered and revealed 146 vulnerabilities in various incarnations of Android smartphone firmware. And since they're firmware bugs, in many cases there is no ability to patch them. android firmware smartphones supplychain vulnerabilitiesThe vulnerabilities were found by scanning the phones of 29 different Android makers, and each is unique to a particular phone or maker.

Firmware 178
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Backdoor Built into Android Firmware

Schneier on Security

In July 2017, security firm Dr. Web reported that its researchers had found Triada built into the firmware of several Android devices , including the Leagoo M5 Plus, Leagoo M8, Nomu S10, and Nomu S20. Thursday's report also said the supply chain attack was pulled off by one or more partners the manufacturers used in preparing the final firmware image used in the affected devices. android backdoors crime firmware google malware phones supplychain

Firmware 203
article thumbnail

AMI Brings Secure Firmware to the Open Compute Project

Security Boulevard

The pool of available open source resilient firmware keeps growing. This week, dynamic firmware maker AMI announced the contribution of its Tektagon OpenEdition Platform Root of Trust to the Open Compute Project (OCP).

article thumbnail

Firmware: Beyond Securing the Software Stack

Security Boulevard

The post Firmware: Beyond Securing the Software Stack appeared first on Security Boulevard. Picture a house equipped with state-of-the-art alarm systems, sensors, locks and cameras. From the outside, the house might seem reasonably protected against potential intruders.

article thumbnail

December Firmware Threat Report

Security Boulevard

The post December Firmware Threat Report appeared first on Security Boulevard. This month’s report is going to dive into predictions in the device/IT supply chain space, relevant to our industry, and based on existing trends that all point to The Supplyocalpyse: Appetite for Destruction.

article thumbnail

November Firmware Threat Report

Security Boulevard

The post November Firmware Threat Report appeared first on Security Boulevard. Whether it’s the Executive Office, the average consumer, or the threat actors, all eyes are on the security of the technology supply chain.

article thumbnail

CosmicStrand, a new sophisticated UEFI firmware rootkit linked to China?

Security Affairs

Kaspersky uncovered a new UEFI firmware rootkit, tracked as CosmicStrand, which it attributes to an unknown Chinese-speaking threat actor. Researchers from Kaspersky have spotted a UEFI firmware rootkit, named CosmicStrand, which has been attributed to an unknown Chinese-speaking threat actor.

article thumbnail

Researchers Discover Dangerous Firmware-Level Rootkit

Dark Reading

MoonBounce is the latest in a small but growing number of implants found hidden in a computer's Unified Extensible Firmware Interface (UEFI

Firmware 108
article thumbnail

Defending Firmware in the Firmament

Security Boulevard

The post Defending Firmware in the Firmament appeared first on Security Boulevard. The recent attacks against the ViaSat satellite network in February and March of this year have gone largely unnoticed amid the din of the Russian assault on Ukraine.

article thumbnail

Some firmware bugs in HP business devices are yet to be fixed

Security Affairs

Six high-severity firmware bugs affecting several HP Enterprise devices are yet to be patched, some of them since July 2021. In terms of impact at scale, firmware supply chain problems are one of the major challenges.” SecurityAffairs – hacking, firmware bugs).

article thumbnail

MoonBounce: the dark side of UEFI firmware

SecureList

At the end of 2021, we were made aware of a UEFI firmware-level compromise through logs from our Firmware Scanner , which has been integrated into Kaspersky products since the beginning of 2019. Our discovery: a sophisticated implant within UEFI firmware. What happened?

Firmware 111
article thumbnail

CosmicStrand: the discovery of a sophisticated UEFI firmware rootkit

SecureList

In this report, we present a UEFI firmware rootkit that we called CosmicStrand and attribute to an unknown Chinese-speaking threat actor. This suggests that a common vulnerability may exist that allowed the attackers to inject their rootkit into the firmware’s image. Introduction.

Firmware 110
article thumbnail

Microsoft Finds New NETGEAR Firmware Vulnerabilities

Heimadal Security

The post Microsoft Finds New NETGEAR Firmware Vulnerabilities appeared first on Heimdal Security Blog. Cybersecurity News firmware firmware vulnerabilities iot devices microsoft NETGEAR vulnerability

article thumbnail

Conti leaked chats confirm that the gang’s ability to conduct firmware-based attacks

Security Affairs

The analysis of the internal chats of the Conti ransomware group revealed the gang was working on firmware attack techniques. The analysis of Conti group’s chats , which were leaked earlier this year, revealed that the ransomware gang has been working on firmware attack techniques.

article thumbnail

Over 100 Siemens PLC Models Found Vulnerable to Firmware Takeover

The Hacker News

Security researchers have disclosed multiple architectural vulnerabilities in Siemens SIMATIC and SIPLUS S7-1500 programmable logic controllers (PLCs) that could be exploited by a malicious actor to stealthily install firmware on affected devices and take control of them.

article thumbnail

September Firmware Threat Report

Security Boulevard

Spyware found embedded in UEFI and MBR firmware - ran undetected for years. The post September Firmware Threat Report appeared first on Security Boulevard. Security Bloggers Network threat report

article thumbnail

Firmware attacks, a grey area in cybersecurity of organizations

Security Affairs

A new report published by Microsoft revealed that 80% of global enterprises were victims of a firmware-focused cyberattack. The study pointed out that only 29% of the targeted organizations have allocated budgets to protect firmware. SecurityAffairs – hacking, firmware attacks).

article thumbnail

Reverse Engineering Obfuscated Firmware for Vulnerability Analysis

Security Boulevard

Another difficulty is the firmware itself becoming a challenge to reverse, if it was compiled for an obsolete architecture and commercial disassemblers can’t properly reconstruct it. The post Reverse Engineering Obfuscated Firmware for Vulnerability Analysis appeared first on Nozomi Networks.

article thumbnail

Latest Firmware Flaws in Qualcomm Snapdragon Need Attention

Dark Reading

The issue concerns the boot layer of ARM chips, which are driving a low-power mobile ecosystem that includes 5G smartphones and base stations

Firmware 100
article thumbnail

Intel Chipset Firmware Actively Targeted by Conti Group

Dark Reading

Conti threat actors are betting chipset firmware is updated less frequently than other software — and winning big, analysts say

article thumbnail

TrickBot's New Tactic Threatens Firmware

Dark Reading

A newly discovered module checks machines for flaws in the UEFI/BIOS firmware so malware can evade detection and persist on a device

article thumbnail

Don’t Let the Fox Watch the Henhouse: Securing Firmware

Security Boulevard

As organizations look to address those challenges, it’s critical to start with what is arguably the most integral piece of the supply chain: the firmware layer. Firmware is, essentially, the foundational code within a device.

article thumbnail

March Firmware Threat Report

Security Boulevard

The post March Firmware Threat Report appeared first on Security Boulevard. While the media and industry is telling you that the hybrid/cyber conflict surrounding the invasion of Ukraine has been underwhelming, nothing could be further from the truth.

article thumbnail

June Firmware Threat Report

Security Boulevard

The post June Firmware Threat Report appeared first on Security Boulevard. Not just one, but four. That’s how many vulnerabilities Eclypsium researchers discovered in Dell’s BIOSConnect feature. Taken together, this chain of vulnerabilities has a CVSS score of 8.3

article thumbnail

December Firmware Threat Report

Security Boulevard

The post December Firmware Threat Report appeared first on Security Boulevard. What a December! Let’s see if we can write a threat report without mentioning log4j. Possible? Let’s find out!

article thumbnail

Microsoft's new security tool will discover firmware vulnerabilities, and more, in PCs and IoT devices

Tech Republic Security

Devices have multiple OSs and firmware running, and most organisations don't know what they have or if it's secure. Microsoft will use ReFirm to make it easier to find out without being an expert

Firmware 169
article thumbnail

New Lenovo UEFI Firmware Vulnerabilities Affect Millions of Laptops

The Hacker News

Three high-impact Unified Extensible Firmware Interface (UEFI) security vulnerabilities have been discovered impacting various Lenovo consumer laptop models, enabling malicious actors to deploy and execute firmware implants on the affected devices.

Firmware 113
article thumbnail

Binarly Coordinates Patches for 3 Firmware Flaws With Dell

Dark Reading

The latest three memory corruption flaws in Dell BIOS highlights the challenges of fixing firmware vulnerabilities

article thumbnail

New UEFI Firmware Flaws Reported in Several Lenovo Notebook Models

The Hacker News

PC maker Lenovo has addressed yet another set of three shortcomings in the Unified Extensible Firmware Interface (UEFI) firmware affecting several Yoga, IdeaPad, and ThinkBook devices.

article thumbnail

Experts found 23 flaws in UEFI firmware potentially impact millions of devices

Security Affairs

Researchers discovered tens of vulnerabilities in UEFI firmware code used by the major device manufacturers. Researchers at firmware security company Binarly have discovered 23 vulnerabilities in UEFI firmware code used by the major device makers.

article thumbnail

UEFI firmware vulnerabilities affect at least 25 computer vendors

Bleeping Computer

Researchers from firmware protection company Binarly have discovered critical vulnerabilities in the UEFI firmware from InsydeH2O used by multiple computer vendors such as Fujitsu, Intel, AMD, Lenovo, Dell, ASUS, HP, Siemens, Microsoft, and Acer. [.].

Firmware 111
article thumbnail

Black Hat Asia: Firmware Supply-Chain Woes Plague Device Security

Dark Reading

The supply chain for firmware development is vast, convoluted, and growing out of control: patching security vulnerabilities can take up to two years.

article thumbnail

New UEFI firmware flaws impact over 70 Lenovo laptop models

Bleeping Computer

The UEFI firmware used in several laptops made by Lenovo is vulnerable to three buffer overflow vulnerabilities that could enable attackers to hijack the startup routine of Windows installations. [.].

Firmware 110
article thumbnail

Lenovo UEFI firmware driver bugs affect over 100 laptop models

Bleeping Computer

Lenovo has published a security advisory on vulnerabilities that impact its Unified Extensible Firmware Interface (UEFI) loaded on at least 100 of its laptop models. [.].

Firmware 111
article thumbnail

Dynamic analysis of firmware components in IoT devices

SecureList

As a rule, this means that the source code of the device’s firmware is unavailable and all the researcher can use is the user manual and a few threads on some user forum discussing the device’s operation.

article thumbnail

Protecting Your Fortinet Devices With Firmware Security

Security Boulevard

The post Protecting Your Fortinet Devices With Firmware Security appeared first on Security Boulevard. Vulnerabilities in enterprise network and security devices are being aggressively targeted by APT and ransomware threat actors as initial access vectors into enterprises.

article thumbnail

How Microsoft is using hardware to secure firmware

Tech Republic Security

Even full disk encryption can't keep you secure if your PC firmware is compromised, so Secured-core PCs will use the CPU to check if UEFI is telling the truth about secure boot

Firmware 142
article thumbnail

Conti ransomware targeted Intel firmware for stealthy attacks

Bleeping Computer

Researchers analyzing the leaked chats of the notorious Conti ransomware operation have discovered that teams inside the Russian cybercrime group were actively developing firmware hacks. [.].

Firmware 103
article thumbnail

New UEFI Firmware Vulnerabilities Impact Several Lenovo Notebook Models

The Hacker News

Consumer electronics maker Lenovo on Tuesday rolled out fixes to contain three security flaws in its UEFI firmware affecting over 70 product models.

Firmware 112
article thumbnail

Millions of Laptops Impacted by Lenovo UEFI Firmware Vulnerabilities

Heimadal Security

Researchers have recently identified three Lenovo UEFI firmware vulnerabilities of high impact located in various Lenovo laptop models that consumers use. By successfully exploiting these flaws, threat actors can deploy and execute firmware implants on the impacted devices.

article thumbnail

May Firmware Threat Report

Security Boulevard

The post May Firmware Threat Report appeared first on Security Boulevard. Sometimes it takes a thunderstorm before seeing positive outcomes and real change: Cyber May Flowers, if you will.

article thumbnail

Unsigned Firmware running on peripherals could expose Windows, Linux systems to hack

Security Affairs

Peripheral devices with unsigned firmware can expose Windows and Linux machines to hack, warn experts from firmware security firm Eclypsium. Many peripheral devices do not verify that firmware is properly signed with a high quality public/private key before running the code.