Expert insights. Personalized for you.
Firmware Related Topics 
Schneier on Security
NOVEMBER 18, 2019
Researchers have discovered and revealed 146 vulnerabilities in various incarnations of Android smartphone firmware. And since they're firmware bugs, in many cases there is no ability to patch them. android firmware smartphones supplychain vulnerabilitiesThe vulnerabilities were found by scanning the phones of 29 different Android makers, and each is unique to a particular phone or maker.
Schneier on Security
JUNE 21, 2019
In July 2017, security firm Dr. Web reported that its researchers had found Triada built into the firmware of several Android devices , including the Leagoo M5 Plus, Leagoo M8, Nomu S10, and Nomu S20. Thursday's report also said the supply chain attack was pulled off by one or more partners the manufacturers used in preparing the final firmware image used in the affected devices. android backdoors crime firmware google malware phones supplychain
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Security Boulevard
AUGUST 24, 2021
The post Firmware: Beyond Securing the Software Stack appeared first on Security Boulevard. Picture a house equipped with state-of-the-art alarm systems, sensors, locks and cameras. From the outside, the house might seem reasonably protected against potential intruders.
Security Boulevard
APRIL 5, 2022
The post Defending Firmware in the Firmament appeared first on Security Boulevard. The recent attacks against the ViaSat satellite network in February and March of this year have gone largely unnoticed amid the din of the Russian assault on Ukraine.
Security Affairs
JUNE 2, 2022
The analysis of the internal chats of the Conti ransomware group revealed the gang was working on firmware attack techniques. The analysis of Conti group’s chats , which were leaked earlier this year, revealed that the ransomware gang has been working on firmware attack techniques.
Dark Reading
JANUARY 20, 2022
MoonBounce is the latest in a small but growing number of implants found hidden in a computer's Unified Extensible Firmware Interface (UEFI
The Hacker News
APRIL 19, 2022
Three high-impact Unified Extensible Firmware Interface (UEFI) security vulnerabilities have been discovered impacting various Lenovo consumer laptop models, enabling malicious actors to deploy and execute firmware implants on the affected devices.
SecureList
JANUARY 20, 2022
At the end of 2021, we were made aware of a UEFI firmware-level compromise through logs from our Firmware Scanner , which has been integrated into Kaspersky products since the beginning of 2019. Our discovery: a sophisticated implant within UEFI firmware. What happened?
Dark Reading
JUNE 2, 2022
Conti threat actors are betting chipset firmware is updated less frequently than other software — and winning big, analysts say
Security Boulevard
MARCH 22, 2022
Another difficulty is the firmware itself becoming a challenge to reverse, if it was compiled for an obsolete architecture and commercial disassemblers can’t properly reconstruct it. The post Reverse Engineering Obfuscated Firmware for Vulnerability Analysis appeared first on Nozomi Networks.
Heimadal Security
JULY 2, 2021
The post Microsoft Finds New NETGEAR Firmware Vulnerabilities appeared first on Heimdal Security Blog. Cybersecurity News firmware firmware vulnerabilities iot devices microsoft NETGEAR vulnerability
Security Boulevard
APRIL 6, 2022
The post March Firmware Threat Report appeared first on Security Boulevard. While the media and industry is telling you that the hybrid/cyber conflict surrounding the invasion of Ukraine has been underwhelming, nothing could be further from the truth.
Security Boulevard
SEPTEMBER 30, 2021
Spyware found embedded in UEFI and MBR firmware - ran undetected for years. The post September Firmware Threat Report appeared first on Security Boulevard. Security Bloggers Network threat report
Bleeping Computer
JUNE 2, 2022
Researchers analyzing the leaked chats of the notorious Conti ransomware operation have discovered that teams inside the Russian cybercrime group were actively developing firmware hacks. [.].
Security Affairs
APRIL 5, 2021
A new report published by Microsoft revealed that 80% of global enterprises were victims of a firmware-focused cyberattack. The study pointed out that only 29% of the targeted organizations have allocated budgets to protect firmware. SecurityAffairs – hacking, firmware attacks).
Security Boulevard
JANUARY 3, 2022
The post December Firmware Threat Report appeared first on Security Boulevard. What a December! Let’s see if we can write a threat report without mentioning log4j. Possible? Let’s find out!
The Hacker News
JUNE 2, 2022
An analysis of leaked chats from the notorious Conti ransomware group earlier this year has revealed that the syndicate has been working on a set of firmware attack techniques that could offer a path to accessing privileged code on compromised devices.
The Hacker News
MARCH 8, 2022
Cybersecurity researchers on Tuesday disclosed 16 new high-severity vulnerabilities in various implementations of Unified Extensible Firmware Interface (UEFI) firmware impacting multiple HP enterprise devices. have been uncovered in HP's UEFI firmware.
Security Boulevard
JUNE 24, 2021
The post June Firmware Threat Report appeared first on Security Boulevard. Not just one, but four. That’s how many vulnerabilities Eclypsium researchers discovered in Dell’s BIOSConnect feature. Taken together, this chain of vulnerabilities has a CVSS score of 8.3
Dark Reading
MAY 12, 2022
The supply chain for firmware development is vast, convoluted, and growing out of control: patching security vulnerabilities can take up to two years.
Security Boulevard
APRIL 2, 2021
As organizations look to address those challenges, it’s critical to start with what is arguably the most integral piece of the supply chain: the firmware layer. Firmware is, essentially, the foundational code within a device.
Bleeping Computer
APRIL 19, 2022
Lenovo has published a security advisory on vulnerabilities that impact its Unified Extensible Firmware Interface (UEFI) loaded on at least 100 of its laptop models. [.].
Bleeping Computer
MAY 19, 2022
Netgear is pushing out fixes for a bad Orbi firmware update released earlier this month that prevents users from accessing the device's admin console. [.].
Bleeping Computer
FEBRUARY 2, 2022
Researchers from firmware protection company Binarly have discovered critical vulnerabilities in the UEFI firmware from InsydeH2O used by multiple computer vendors such as Fujitsu, Intel, AMD, Lenovo, Dell, ASUS, HP, Siemens, Microsoft, and Acer. [.].
Security Affairs
FEBRUARY 1, 2022
Researchers discovered tens of vulnerabilities in UEFI firmware code used by the major device manufacturers. Researchers at firmware security company Binarly have discovered 23 vulnerabilities in UEFI firmware code used by the major device makers.
Heimadal Security
APRIL 20, 2022
Researchers have recently identified three Lenovo UEFI firmware vulnerabilities of high impact located in various Lenovo laptop models that consumers use. By successfully exploiting these flaws, threat actors can deploy and execute firmware implants on the impacted devices.
Troy Hunt
NOVEMBER 23, 2020
Let's drill into all that and then go deeper into custom firmware and soldering too. Flashing Custom Firmware and Soldering I propose that we all need to find our own paths in terms of just how dirty we want to get our hands when playing with IoT.
Security Boulevard
NOVEMBER 2, 2021
The post Protecting Your Fortinet Devices With Firmware Security appeared first on Security Boulevard. Vulnerabilities in enterprise network and security devices are being aggressively targeted by APT and ransomware threat actors as initial access vectors into enterprises.
Dark Reading
DECEMBER 3, 2020
A newly discovered module checks machines for flaws in the UEFI/BIOS firmware so malware can evade detection and persist on a device
Dark Reading
MARCH 21, 2022
The latest three memory corruption flaws in Dell BIOS highlights the challenges of fixing firmware vulnerabilities
Dark Reading
APRIL 19, 2022
Three flaws present in consumer laptops can give attackers a way to drop highly persistent malware capable of evading methods to remove it, security vendor says
The Hacker News
JANUARY 21, 2022
A previously undocumented firmware implant deployed to maintain stealthy persistence as part of a targeted espionage campaign has been linked to the Chinese-speaking Winnti advanced persistent threat group (APT41).
Security Affairs
MARCH 9, 2022
Researchers disclosed 16 high-severity flaws in different implementations of Unified Extensible Firmware Interface (UEFI) firmware impacting multiple HP enterprise devices. HP addressed the flaws with the release of HP UEFI Firmware February 2022 security updates issued in February.
Zero Day
JANUARY 21, 2022
The highly targeted attack reveals a new level of sophistication in attacks against UEFI firmware
Security Boulevard
MAY 26, 2021
The post May Firmware Threat Report appeared first on Security Boulevard. Sometimes it takes a thunderstorm before seeing positive outcomes and real change: Cyber May Flowers, if you will.
Threatpost
OCTOBER 14, 2020
Intel's addition of memory encryption to its upcoming 3rd generation Xeon Scalable processors matches AMD's Secure Memory Encryption (SME) feature.
The Hacker News
FEBRUARY 1, 2022
As many as 23 new high severity security vulnerabilities have been disclosed in different implementations of Unified Extensible Firmware Interface (UEFI) firmware used by numerous vendors, including Bull Atos, Fujitsu, HP, Juniper Networks, Lenovo, among others.
Threatpost
FEBRUARY 18, 2020
A lack of proper code-signing verification and authentication for firmware updates opens the door to information disclosure, remote code execution, denial of service and more.
Security Boulevard
APRIL 27, 2021
The post Cigent Technology Extends Firmware to Secure SSDs appeared first on Security Boulevard.
Security Affairs
FEBRUARY 18, 2020
Peripheral devices with unsigned firmware can expose Windows and Linux machines to hack, warn experts from firmware security firm Eclypsium. Many peripheral devices do not verify that firmware is properly signed with a high quality public/private key before running the code.
Security Affairs
APRIL 22, 2022
Taiwanese vendor QNAP warns users to update their NAS Firmware to fix Apache HTTP flaws addressed in the Apache HTTP server last month. The post QNAP firmware updates fix Apache HTTP vulnerabilities in its NAS appeared first on Security Affairs.
Threatpost
APRIL 1, 2021
A vast majority of companies in a global survey from Microsoft report being a victim of a firmware-focused cyberattack, but defense spending lags, but defense spending lags.
Dark Reading
NOVEMBER 22, 2017
Another big firmware security issue affecting Intel processors, requires OEM updates
176 
Let's personalize your content