Researchers Discover Dangerous Firmware-Level Rootkit

Dark Reading

MoonBounce is the latest in a small but growing number of implants found hidden in a computer's Unified Extensible Firmware Interface (UEFI

Backdoor Built into Android Firmware

Schneier on Security

In July 2017, security firm Dr. Web reported that its researchers had found Triada built into the firmware of several Android devices , including the Leagoo M5 Plus, Leagoo M8, Nomu S10, and Nomu S20. Thursday's report also said the supply chain attack was pulled off by one or more partners the manufacturers used in preparing the final firmware image used in the affected devices. android backdoors crime firmware google malware phones supplychain

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

MoonBounce: the dark side of UEFI firmware

SecureList

At the end of 2021, we were made aware of a UEFI firmware-level compromise through logs from our Firmware Scanner , which has been integrated into Kaspersky products since the beginning of 2019. Our discovery: a sophisticated implant within UEFI firmware. What happened?

Security Vulnerabilities in Android Firmware

Schneier on Security

Researchers have discovered and revealed 146 vulnerabilities in various incarnations of Android smartphone firmware. And since they're firmware bugs, in many cases there is no ability to patch them. android firmware smartphones supplychain vulnerabilitiesThe vulnerabilities were found by scanning the phones of 29 different Android makers, and each is unique to a particular phone or maker.

Firmware: Beyond Securing the Software Stack

Security Boulevard

The post Firmware: Beyond Securing the Software Stack appeared first on Security Boulevard. Picture a house equipped with state-of-the-art alarm systems, sensors, locks and cameras. From the outside, the house might seem reasonably protected against potential intruders.

Exploited Vulnerability Targets Arcadyan Firmware Routers

Heimadal Security

A new vulnerability in home routers that run Arcadyan firmware wreaks havoc in the world of cybersecurity, being actively taken advantage of by threat actors. The post Exploited Vulnerability Targets Arcadyan Firmware Routers appeared first on Heimdal Security Blog.

December Firmware Threat Report

Security Boulevard

The post December Firmware Threat Report appeared first on Security Boulevard. What a December! Let’s see if we can write a threat report without mentioning log4j. Possible? Let’s find out!

Chinese APT deploys MoonBounce implant in UEFI firmware

Zero Day

The highly targeted attack reveals a new level of sophistication in attacks against UEFI firmware

Microsoft Finds New NETGEAR Firmware Vulnerabilities

Heimadal Security

The post Microsoft Finds New NETGEAR Firmware Vulnerabilities appeared first on Heimdal Security Blog. Cybersecurity News firmware firmware vulnerabilities iot devices microsoft NETGEAR vulnerability

Firmware attacks, a grey area in cybersecurity of organizations

Security Affairs

A new report published by Microsoft revealed that 80% of global enterprises were victims of a firmware-focused cyberattack. The study pointed out that only 29% of the targeted organizations have allocated budgets to protect firmware. SecurityAffairs – hacking, firmware attacks).

TrickBot's New Tactic Threatens Firmware

Dark Reading

A newly discovered module checks machines for flaws in the UEFI/BIOS firmware so malware can evade detection and persist on a device

June Firmware Threat Report

Security Boulevard

The post June Firmware Threat Report appeared first on Security Boulevard. Not just one, but four. That’s how many vulnerabilities Eclypsium researchers discovered in Dell’s BIOSConnect feature. Taken together, this chain of vulnerabilities has a CVSS score of 8.3

Protecting Your Fortinet Devices With Firmware Security

Security Boulevard

The post Protecting Your Fortinet Devices With Firmware Security appeared first on Security Boulevard. Vulnerabilities in enterprise network and security devices are being aggressively targeted by APT and ransomware threat actors as initial access vectors into enterprises.

Don’t Let the Fox Watch the Henhouse: Securing Firmware

Security Boulevard

As organizations look to address those challenges, it’s critical to start with what is arguably the most integral piece of the supply chain: the firmware layer. Firmware is, essentially, the foundational code within a device.

Microsoft's Pluton security processor tackles hardware, firmware vulnerabilities

CSO Magazine

While this year’s Consumer Electronics Show was impacted by COVID, it didn’t stop Lenovo from announcing the first Microsoft Pluton-powered Windows 11 PCs.

Preinstalled Firmware Updater Puts 128 Dell Models at Risk

Dark Reading

A feature of the computer maker's update utility does not correctly handle certificates, leaving systems open to firmware-level compromises

Chinese Hackers Spotted Using New UEFI Firmware Implant in Targeted Attacks

The Hacker News

A previously undocumented firmware implant deployed to maintain stealthy persistence as part of a targeted espionage campaign has been linked to the Chinese-speaking Winnti advanced persistent threat group (APT41).

New iLOBleed Rootkit, the first time ever that malware targets iLO firmware

Security Affairs

iLOBleed, is a previously undetected rootkit that was spotted targeting the HP Enterprise’s Integrated Lights-Out ( iLO ) server management technology to tamper with the firmware modules and wipe data off the infected systems.

IoT Unravelled Part 2: IP Addresses, Network, Zigbee, Custom Firmware and Soldering

Troy Hunt

Let's drill into all that and then go deeper into custom firmware and soldering too. Flashing Custom Firmware and Soldering I propose that we all need to find our own paths in terms of just how dirty we want to get our hands when playing with IoT.

MoonBounce UEFI implant used by spy group brings firmware security into spotlight

CSO Magazine

While MoonBounce is not the first UEFI rootkit found in the wild -- LoJax , MosaicRegressor are two examples-- these types of implants are not common because they require knowledge of low-level firmware programming.

Designing Firmware Resilience for 3 Top Attack Vectors

Dark Reading

Firmware has become an increasingly prevalent target for hackers. Here's how to stop them

Intel Firmware Flaws Found

Dark Reading

Another big firmware security issue affecting Intel processors, requires OEM updates

May Firmware Threat Report

Security Boulevard

The post May Firmware Threat Report appeared first on Security Boulevard. Sometimes it takes a thunderstorm before seeing positive outcomes and real change: Cyber May Flowers, if you will.

Rare Firmware Rootkit Discovered Targeting Diplomats, NGOs

Dark Reading

Second-ever sighting of a firmware exploit in the wild is a grim reminder of the dangers of these mostly invisible attacks

Western Digital customers have to update their My Cloud devices to latest firmware version

Security Affairs

My Cloud OS firmware is reaching the end of support, Western Digital customers have to update their WD My Cloud devices to the latest version. Devices on these older firmware versions will not receive security fixes or technical support.”

Unsigned Firmware running on peripherals could expose Windows, Linux systems to hack

Security Affairs

Peripheral devices with unsigned firmware can expose Windows and Linux machines to hack, warn experts from firmware security firm Eclypsium. Many peripheral devices do not verify that firmware is properly signed with a high quality public/private key before running the code.

Cigent Technology Extends Firmware to Secure SSDs

Security Boulevard

The post Cigent Technology Extends Firmware to Secure SSDs appeared first on Security Boulevard.

Intel Adds Memory Encryption, Firmware Security to Ice Lake Chips

Threatpost

Intel's addition of memory encryption to its upcoming 3rd generation Xeon Scalable processors matches AMD's Secure Memory Encryption (SME) feature.

How FISMA Requirements Relate to Firmware Security

Dark Reading

Federal guidelines can help all organizations pragmatically and meaningfully improve their firmware security

Firmware Vulnerabilities Show Supply Chain Risks

Dark Reading

A recently announced pair of vulnerabilities in server firmware could put enterprise IT at risk

Lenovo, HP, Dell Peripherals Face Unpatched Firmware Bugs

Threatpost

A lack of proper code-signing verification and authentication for firmware updates opens the door to information disclosure, remote code execution, denial of service and more.

80% of Global Enterprises Report Firmware Cyberattacks

Threatpost

A vast majority of companies in a global survey from Microsoft report being a victim of a firmware-focused cyberattack, but defense spending lags, but defense spending lags.

Router Firmware Vulnerability Bypasses Authentication

Digital Guardian

A vulnerability found in some routers and modems could make the devices vulnerable to authentication bypass and in turn, allow attackers access to sensitive information

3 ways to prevent firmware attacks without replacing systems

CSO Magazine

A recent security post warned that firmware attacks are on the rise. However, only 29% of security budgets has been allocated to protect firmware.

Firmware attack can drop persistent malware in hidden SSD area

Bleeping Computer

Korean researchers have developed a set of attacks against some solid-state drives (SSDs) that could allow planting malware in a location that's beyond the reach of the user and security solutions. [.]. Security

Intel addresses 2 high-severity issues in BIOS firmware of several processors

Security Affairs

Intel disclosed two high-severity vulnerabilities, tracked as CVE-2021-0157 and CVE-2021-0158, that affect the BIOS firmware in several processor families. The post Intel addresses 2 high-severity issues in BIOS firmware of several processors appeared first on Security Affairs.

HP Issues Firmware Updates for Printer Product Vulnerabilities

Dark Reading

More than 150 HP printer models have bugs that could enable attackers to steal data and gain an initial foothold on enterprise networks

Microsoft's new security tool will discover firmware vulnerabilities, and more, in PCs and IoT devices

Tech Republic Security

Devices have multiple OSs and firmware running, and most organisations don't know what they have or if it's secure. Microsoft will use ReFirm to make it easier to find out without being an expert

NIST Kicks the Can: Why We Need to Address Firmware Security Now

Security Boulevard

Register for our July 14 webinar and learn how you can get ahead of fast-growing firmware attacks today. The post NIST Kicks the Can: Why We Need to Address Firmware Security Now appeared first on Security Boulevard.

Secured-Core PCs May Mitigate Firmware Attacks, but Adoption Lags

Dark Reading

Microsoft maintains that exploitation of recent Dell vulnerabilities would be blocked on ultra-secure PCs - but most systems do not have the technology yet

83% of Businesses Hit With a Firmware Attack in Past Two Years

Dark Reading

A new Microsoft-commissioned report finds less than 30% of organizations allocate security budget toward preventing firmware attacks

Hundreds of Millions of PC Components Still Have Hackable Firmware

WIRED Threat Level

The lax security of supply chain firmware has been a known concern for years—with precious little progress being made. Security Security / Cyberattacks and Hacks

Firmware Flaw Allows Attackers to Evade Security on Some Home Routers

Dark Reading

Networking devices sold under at least one major brand have a firmware vulnerability that allows hackers to take control of the device, a cybersecurity firm claims