Security Affairs

MAY 16, 2023

China-linked APT group Mustang Panda employed a custom firmware implant targeting TP-Link routers in targeted attacks since January 2023. In most recent attacks observed by Check Point, the threat actors employed custom firmware implant designed explicitly for TP-Link routers. ” reads the report published by Check point.

Firmware 97

Firmware Encryption Malware Hacking 97

Schneier on Security

JUNE 21, 2019

In July 2017, security firm Dr. Web reported that its researchers had found Triada built into the firmware of several Android devices , including the Leagoo M5 Plus, Leagoo M8, Nomu S10, and Nomu S20. That meant the malware could directly tamper with every installed app. Triada also connected to no fewer than 17 command and control servers.

Firmware 255

Firmware Malware Manufacturing Mobile 255

Security Boulevard

AUGUST 3, 2022

You’re not imagining things; new firmware threats are appearing more often. The most recent is CosmicStrand, which exploits the Unified Extensible Firmware Interface (UEFI) to avoid detection. The post ‘CosmicStrand’ Highlights Ongoing Firmware Risks appeared first on Security Boulevard. The researchers were unable to.

Firmware 98

Firmware Risk Network Security Malware 98

Google Security

FEBRUARY 21, 2023

For the purposes of this blog, we refer to the software that runs on all these other processors as “Firmware”. Android’s defense-in-depth strategy also applies to the firmware running on bare-metal environments in these microcontrollers, as they are a critical part of the attack surface of a device.

Firmware 93

Firmware Software Authentication Risk 93

Bleeping Computer

MAY 3, 2023

Orqa, a maker of First Person View (FPV) drone racing goggles, claims that a contractor introduced code into its devices' firmware that acted as a time bomb designed to brick them. [.]

Firmware 92

Firmware Technology 92

Bleeping Computer

MAY 3, 2023

Orqa, a maker of First Person View (FPV) drone racing goggles, claims that a contractor introduced code into its devices' firmware that acted as a time bomb designed to brick them. [.]

Firmware 88

Firmware Ransomware Technology 88

Security Boulevard

OCTOBER 26, 2022

The pool of available open source resilient firmware keeps growing. This week, dynamic firmware maker AMI announced the contribution of its Tektagon OpenEdition Platform Root of Trust to the Open Compute Project (OCP). The post AMI Brings Secure Firmware to the Open Compute Project appeared first on Security Boulevard.

Firmware 98

Firmware Malware Cybersecurity 98

The Hacker News

APRIL 19, 2022

Three high-impact Unified Extensible Firmware Interface (UEFI) security vulnerabilities have been discovered impacting various Lenovo consumer laptop models, enabling malicious actors to deploy and execute firmware implants on the affected devices.

Firmware 143

Firmware 143

Troy Hunt

NOVEMBER 23, 2020

Let's drill into all that and then go deeper into custom firmware and soldering too. Flashing Custom Firmware and Soldering I propose that we all need to find our own paths in terms of just how dirty we want to get our hands when playing with IoT. Why do I need to modify the firmware of such a simple little device?!

Firmware 334

Firmware IoT Wireless Manufacturing 334

Malwarebytes

MARCH 10, 2023

The malware was likely deployed in 2021, and was able to persist on the appliances tenaciously, even surviving firmware upgrades. The malware checked for the presence of a firmware upgrade every ten seconds. The malware was able to steal user credentials and provide shell access.

Firmware 95

Firmware Malware Encryption Cybersecurity 95

Security Affairs

JULY 13, 2022

IT giant Lenovo released security fixes to address three vulnerabilities that impact the UEFI firmware shipped with over 70 product models. The three buffer overflow vulnerabilities in UEFI firmware, tracked as CVE-2022-1890, CVE-2022-1891, and CVE-2022-1892, were discovered by researchers from ESET. Pierluigi Paganini.

Firmware 143

Firmware Hacking Technology Information Security 143

Dark Reading

MARCH 22, 2023

Op[4]'s firmware security platform detects, prioritizes, and remediates exploitable vulnerabilities Internet of Things and embedded systems.

Firmware 98

Firmware IoT Internet Internet 98

SecureList

JANUARY 20, 2022

At the end of 2021, we were made aware of a UEFI firmware-level compromise through logs from our Firmware Scanner , which has been integrated into Kaspersky products since the beginning of 2019. This one is made up of implants found in the UEFI firmware within the SPI flash, a non-volatile storage external to the hard drive.

Firmware 142

Firmware Malware Encryption Passwords 142

Security Affairs

SEPTEMBER 12, 2022

Six high-severity firmware bugs affecting several HP Enterprise devices are yet to be patched, some of them since July 2021. The Binarly security research team reported several HP Enterprise devices are affected by six high-severity firmware vulnerabilities that are yet to be patched, and some of them have been disclosed more than a year ago.

Firmware 107

Firmware Hacking Information Security 107

SecureList

JULY 25, 2022

One of the main draws towards malware nested in such low levels of the operating system is that it is extremely difficult to detect and, in the case of firmware rootkits, will ensure a computer remains in an infected state even if the operating system is reinstalled or the user replaces the machine’s hard drive entirely. Conclusions.

Firmware 141

Firmware Malware DNS Internet 141

The Hacker News

JANUARY 12, 2023

Security researchers have disclosed multiple architectural vulnerabilities in Siemens SIMATIC and SIPLUS S7-1500 programmable logic controllers (PLCs) that could be exploited by a malicious actor to stealthily install firmware on affected devices and take control of them.

Firmware 119

Firmware Architecture 119

The Hacker News

NOVEMBER 9, 2022

PC maker Lenovo has addressed yet another set of three shortcomings in the Unified Extensible Firmware Interface (UEFI) firmware affecting several Yoga, IdeaPad, and ThinkBook devices. The vulnerabilities allow disabling UEFI Secure Boot or restoring factory default Secure Boot databases (incl.

Firmware 108

Firmware Cybersecurity 108

Dark Reading

JANUARY 20, 2022

MoonBounce is the latest in a small but growing number of implants found hidden in a computer's Unified Extensible Firmware Interface (UEFI).

Firmware 142

Firmware 142

Heimadal Security

AUGUST 9, 2021

A new vulnerability in home routers that run Arcadyan firmware wreaks havoc in the world of cybersecurity, being actively taken advantage of by threat actors. The post Exploited Vulnerability Targets Arcadyan Firmware Routers appeared first on Heimdal Security Blog. This bug’s recent activity was discovered by Juniper […].

Firmware 115

Firmware Cybersecurity Authentication 115

Security Affairs

JULY 25, 2022

Kaspersky uncovered a new UEFI firmware rootkit, tracked as CosmicStrand, which it attributes to an unknown Chinese-speaking threat actor. Researchers from Kaspersky have spotted a UEFI firmware rootkit, named CosmicStrand, which has been attributed to an unknown Chinese-speaking threat actor. ” concludes the report.

Firmware 101

Firmware Malware Hacking Information Security 101

Heimadal Security

APRIL 20, 2022

Researchers have recently identified three Lenovo UEFI firmware vulnerabilities of high impact located in various Lenovo laptop models that consumers use. By successfully exploiting these flaws, threat actors can deploy and execute firmware implants on the impacted devices.

Firmware 112

Firmware Cybersecurity 112

The Hacker News

MARCH 8, 2022

Cybersecurity researchers on Tuesday disclosed 16 new high-severity vulnerabilities in various implementations of Unified Extensible Firmware Interface (UEFI) firmware impacting multiple HP enterprise devices. have been uncovered in HP's UEFI firmware. The shortcomings, which have CVSS scores ranging from 7.5

Firmware 144

Firmware Cybersecurity 144

Security Affairs

JUNE 2, 2022

The analysis of the internal chats of the Conti ransomware group revealed the gang was working on firmware attack techniques. The analysis of Conti group’s chats , which were leaked earlier this year, revealed that the ransomware gang has been working on firmware attack techniques. ” reads the post published by Eclypsium.

Firmware 119

Firmware Ransomware Malware Engineering 119

Bleeping Computer

FEBRUARY 2, 2022

Researchers from firmware protection company Binarly have discovered critical vulnerabilities in the UEFI firmware from InsydeH2O used by multiple computer vendors such as Fujitsu, Intel, AMD, Lenovo, Dell, ASUS, HP, Siemens, Microsoft, and Acer. [.].

Firmware 128

Firmware 128

Security Boulevard

APRIL 5, 2022

The post Defending Firmware in the Firmament appeared first on Security Boulevard. The recent attacks against the ViaSat satellite network in February and March of this year have gone largely unnoticed amid the din of the Russian assault on Ukraine.

Firmware 105

Firmware 105

The Hacker News

JANUARY 21, 2022

A previously undocumented firmware implant deployed to maintain stealthy persistence as part of a targeted espionage campaign has been linked to the Chinese-speaking Winnti advanced persistent threat group (APT41).

Firmware 142

Firmware Malware 142

The Hacker News

JULY 13, 2022

Consumer electronics maker Lenovo on Tuesday rolled out fixes to contain three security flaws in its UEFI firmware affecting over 70 product models.

Firmware 140

Firmware Cybersecurity 140

Bleeping Computer

FEBRUARY 21, 2023

Google has presented a plan to strengthen the firmware security on secondary Android SoCs (systems on a chip) by introducing mechanisms like control flow integrity, memory safety systems, and compiler-based sanitizers. [.]

Firmware 77

Firmware Mobile 77

Tech Republic Security

JUNE 18, 2021

Devices have multiple OSs and firmware running, and most organisations don't know what they have or if it's secure. Microsoft will use ReFirm to make it easier to find out without being an expert.

Firmware 214

Firmware IoT 214

Security Boulevard

FEBRUARY 14, 2023

Hack the hardware to find the firmware and swipe the source code of APIs under security testing. The post Exploiting embedded APIs by dumping firmware appeared first on Dana Epp's Blog. The post Exploiting embedded APIs by dumping firmware appeared first on Security Boulevard.

Firmware 52

Firmware Hacking 52

Security Affairs

APRIL 5, 2021

A new report published by Microsoft revealed that 80% of global enterprises were victims of a firmware-focused cyberattack. The study pointed out that only 29% of the targeted organizations have allocated budgets to protect firmware. Firmware vulnerabilities are also exacerbated by a lack of awareness and a lack of automation.”

Firmware 121

Firmware Cybersecurity Encryption Malware 121

Bleeping Computer

JUNE 2, 2022

Researchers analyzing the leaked chats of the notorious Conti ransomware operation have discovered that teams inside the Russian cybercrime group were actively developing firmware hacks. [.].

Firmware 114

Firmware Ransomware Cybercrime Hacking 114

Bleeping Computer

APRIL 19, 2022

Lenovo has published a security advisory on vulnerabilities that impact its Unified Extensible Firmware Interface (UEFI) loaded on at least 100 of its laptop models. [.].

Firmware 136

Firmware 136

Security Boulevard

AUGUST 24, 2021

The post Firmware: Beyond Securing the Software Stack appeared first on Security Boulevard. However, if a savvy thief managed to infiltrate the residence through its crawl space, the very foundation of the house might be putting the overall security of the home at risk.

Firmware 120

Firmware Software Risk Security Awareness 120

Bleeping Computer

JULY 13, 2022

The UEFI firmware used in several laptops made by Lenovo is vulnerable to three buffer overflow vulnerabilities that could enable attackers to hijack the startup routine of Windows installations. [.].

Firmware 126

Firmware 126

Security Affairs

DECEMBER 30, 2021

iLOBleed, is a previously undetected rootkit that was spotted targeting the HP Enterprise’s Integrated Lights-Out ( iLO ) server management technology to tamper with the firmware modules and wipe data off the infected systems. This malware has been used by hackers for some time and we have been monitoring its performance.

Firmware 141

Firmware Malware Hacking System Administration 141

CSO Magazine

DECEMBER 6, 2022

Researchers have found three vulnerabilities in AMI MegaRAC, a baseband management controller (BMC) firmware used by multiple server manufacturers. If exploited, the flaws could allow attackers to remotely control servers, deploy malware and firmware implants, or trigger damaging actions that leave them inoperable.

Firmware 83

Firmware Malware Manufacturing 83