Firmware and Government - Cyber Security Informer

China-linked APT BlackTech was spotted hiding in Cisco router firmware

Security Affairs

SEPTEMBER 27, 2023

US and Japanese authorities warn that a China-linked APT BlackTech planted backdoor in Cisco router firmware to hack the businesses in both countries. The group targeted organizations in multiple sectors, including defense, government, electronics, telecommunication, technology, media, telecommunication industries.

Firmware

Firmware Telecommunications System Administration Malware

MY TAKE: Why locking down ‘firmware’ has now become the next big cybersecurity challenge

The Last Watchdog

JUNE 10, 2019

Locking down firmware. Starks Federal Communications Commission member Geoffrey Starks recently alluded to the possibility that China may have secretly coded the firmware in Huawei’s equipment to support cyber espionage and cyber infrastructure attacks. telecoms by Chinese tech giant Huawei.

Firmware

Firmware Cybersecurity Technology Engineering

Japanese Government Will Hack Citizens' IoT Devices

Schneier on Security

JANUARY 28, 2019

The Japanese government's decision to log into users' IoT devices has sparked outrage in Japan. However, the government's plan has its technical merits. Further, other devices also come with secret backdoor accounts that in some cases can't be removed without a firmware update. I am interested in the results of this survey.

IoT

IoT Government Firmware Hacking

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

China-linked APT Mustang Panda targets TP-Link routers with a custom firmware implant

Security Affairs

MAY 16, 2023

China-linked APT group Mustang Panda employed a custom firmware implant targeting TP-Link routers in targeted attacks since January 2023. MustangPanda has been active since at least 2012, it targeted American and European entities such as government organizations, think tanks, NGOs , and even Catholic organizations at the Vatican.

Firmware

Firmware Encryption Government Malware

MoonBounce: the dark side of UEFI firmware

SecureList

JANUARY 20, 2022

At the end of 2021, we were made aware of a UEFI firmware-level compromise through logs from our Firmware Scanner , which has been integrated into Kaspersky products since the beginning of 2019. This one is made up of implants found in the UEFI firmware within the SPI flash, a non-volatile storage external to the hard drive.

Firmware

Firmware Malware Encryption Passwords

MoonBounce UEFI implant used by spy group brings firmware security into spotlight

CSO Magazine

JANUARY 21, 2022

Researchers uncovered a stealthy UEFI rootkit that's being used in highly targeted campaigns by a notorious Chinese cyberespionage group with suspected government ties. The group is known for using software supply-chain attacks in the past. They are typically found in the arsenal of well-resourced and sophisticated attacker groups.

Firmware

Firmware Government Software

Don’t Let the Fox Watch the Henhouse: Securing Firmware

Security Boulevard

APRIL 2, 2021

As organizations look to address those challenges, it’s critical to start with what is arguably the most integral piece of the supply chain: the firmware layer. Firmware is, essentially, the foundational code within a device.

Firmware

Firmware Software Risk Government

Cigent Technology Extends Firmware to Secure SSDs

Security Boulevard

APRIL 27, 2021

The post Cigent Technology Extends Firmware to Secure SSDs appeared first on Security Boulevard. Cigent Data Defense is based on an existing D³E for Windows platform that can employed in a standalone fashion or in combination with K2 Secure SSDs provided by Cigent.

Firmware

Firmware Technology Encryption Authentication

May Firmware Threat Report

Security Boulevard

MAY 26, 2021

The SolarWinds and related supply chain attacks put our government through the crucible of painful incident response and restoration efforts. The post May Firmware Threat Report appeared first on Security Boulevard. Sometimes it takes a thunderstorm before seeing positive outcomes and real change: Cyber May Flowers, if you will.

Threat Reports

Threat Reports Firmware Cyber Risk Government

Chinese state-sponsored attack uses custom router implant to target European governments

Tech Republic Security

MAY 22, 2023

The post Chinese state-sponsored attack uses custom router implant to target European governments appeared first on TechRepublic. Learn technical details about this cyberattack, as well as Check Point Research's tips on how to detect and protect against this security threat.

Government

Government Firmware Cybersecurity Network Security

Yubico Security Keys with a Crypto Flaw

Schneier on Security

JULY 1, 2019

government due to a firmware flaw. The company issued a security advisory today that warned of an issue in YubiKey FIPS Series devices with firmware versions 4.4.2 Wow, is this an embarrassing bug : Yubico is recalling a line of security keys used by the U.S. that reduced the randomness of the cryptographic keys it generates.

Firmware

Firmware Passwords Government Encryption

BSides Cheltenham 2023 – Stephen – All Your Firmwares Are Belong To Us: A Guide To Successful Acquisition

Security Boulevard

SEPTEMBER 1, 2023

Permalink The post BSides Cheltenham 2023 – Stephen – All Your Firmwares Are Belong To Us: A Guide To Successful Acquisition appeared first on Security Boulevard. Many thanks to BSides Cheltenham for publishing their presenter’s outstanding BSides Cheltenham 2023 security content on the organizations’ YouTube channel.

Firmware

Firmware Architecture CISO Education

PYSA Ransomware Attacks Targeting Healthcare, Education and Government Institutions, FBI Warns

Hot for Security

MARCH 17, 2021

The Federal Bureau of Investigation has issued a flash alert warning of an increase in PYSA ransomware attacks targeting government entities, educational institutions, private companies and the healthcare sector in the US and the UK. Install updates/patch operating systems, software, and firmware as soon as they are released.

Education

Education Healthcare Government Ransomware

DarkHotel APT uses VPN zero-day in attacks on Chinese government agencies

Security Affairs

APRIL 6, 2020

DarkHotel nation-state actor is exploiting a VPN zero -day to breach Chinese government agencies in Beijing and Shanghai. Chinese security-firm Qihoo 360 has uncovered a hacking campaign conducted by a DarkHotel APT group (APT-C-06) aimed at Chinese government agencies in Beijing and Shanghai. are vulnerable. Pierluigi Paganini.

VPN

VPN Government Advertising Firmware

Measuring the Security of IoT Devices

Schneier on Security

OCTOBER 3, 2019

Data Collected: 22 Vendors 1,294 Products 4,956 Firmware versions 3,333,411 Binaries analyzed Date range of data: 2003-03-24 to 2019-01-24 (varies by vendor, most up to 2018 releases). [.]. It represents a wide range of either found in the home, enterprise or government deployments. They look at the actual firmware.

IoT

IoT Firmware Data collection Architecture

China-linked hackers target government agencies by exploiting flaws in Citrix, Pulse, and F5 systems, and MS Exchange

Security Affairs

SEPTEMBER 15, 2020

CISA published an advisory on China-linked groups targeting government agencies by exploiting flaws in Microsoft Exchange, Citrix, Pulse, and F5 systems. Chinese state-sponsored hackers have probed US government networks looking for vulnerable networking devices that could be compromised with exploits for recently disclosed vulnerabilities.

Government

Government VPN Firmware Energy and Utilities

China-linked APT deployed malware in a network of the Dutch Ministry of Defence

Security Affairs

FEBRUARY 6, 2024

The effects of the attack were limited because of the network segmentation implemented in the government infrastructure. ” The government experts discovered a previously unpublished remote access trojan (RAT), tracked as COATHANGER, specifically designed to target Fortigate appliances. ” continues the report.

Malware

Malware Firmware VPN Backups

UL Launches SafeCyber Platform to Secure IoT

Dark Reading

NOVEMBER 8, 2021

UL’s SafeCyber will allow organizations to manage cybersecurity governance and processes as well as speed up time spent on firmware development.

IoT

IoT Firmware Government Cybersecurity

DHS announces program to mitigate vulnerabilities below the operating system

SC Magazine

MAY 19, 2021

Officials from CISA announced a new initiative to fight firmware vulnerabilities lying beneath the surface of the operating system. Officials from the Cybersecurity and Infrastructure Security Agency announced a new initiative to fight firmware vulnerabilities at the RSA Conference Wednesday afternoon.

Firmware

Firmware Software Risk Government

Security Affairs newsletter Round 439 by Pierluigi Paganini – International edition

Security Affairs

OCTOBER 1, 2023

Patch your TeamCity instance to avoid server hack Is Gelsemium APT behind a targeted attack in Southeast Asian Government?

Artificial Intelligence

Artificial Intelligence Firmware Data breaches Hacking

STEPS FORWARD: Regulators are on the move to set much needed IoT security rules of the road

The Last Watchdog

SEPTEMBER 5, 2023

New government rules coupled with industry standards meant to give formal shape to the Internet of Things (IoT) are rapidly quickening around the globe. After all, government mandates combined with industry standards are the twin towers of public safety. Related: The need for supply chain security This is to be expected.

IoT

IoT Government Internet Internet

Cisco Starts Patching Firmware Bug; Millions of Devices Still Vulnerable

Threatpost

MAY 21, 2019

A flaw in the Secure Boot trusted hardware root-of-trust affects enterprise, military and government network gear, including routers, switches and firewalls.

Firmware

Firmware Firewall Government

Advanced actor targets Fortinet FortiOS in attacks on govt entities

Security Affairs

MARCH 14, 2023

An unknown threat actor is targeting Government entities and large organizations by exploiting a security flaw in Fortinet FortiOS. Fortinet researchers are warning of an advanced threat actor and is targeting governmental or government-related entities. ” concludes the company that also provided Indicators of Compromise.

Firmware

Firmware Government Engineering Malware

TrickBoot feature allows TrickBot bot to run UEFI attacks

Security Affairs

DECEMBER 3, 2020

The infamous TrickBot gets a new improvement, authors added a new feature dubbed “ TrickBoot ” designed to exploit well-known vulnerabilities in the UEFI/BIOS firmware and inject malicious code, such as bootkits. TrickBot, one of the most active botnets, in the world, gets a new improvement by adding a UEFI/BIOS Bootkit Feature.

Firmware

Firmware Malware Manufacturing Hacking

MI5 chief warns of Chinese cyber espionage reached an unprecedented scale

Security Affairs

OCTOBER 22, 2023

Chinese cyber espionage aims at obtaining commercial secrets and intellectual property to advantage the government of Beijing. The espionage activity used different means to conceal the involvement of the Chinese government, including financial investments. ” reported BBC.

Telecommunications

Telecommunications Technology Government Firmware

Vulnerabilities in the iBoot Power Distribution Unit Let Hackers Remotely Shut Down Devices

Hacker Combat

SEPTEMBER 22, 2022

The affected product, according to the government, has been used in numerous nations and businesses, including the crucial manufacturing sector. The vendor has released firmware version 1.42.06162022 to address the problem.

Firmware

Firmware Firewall Manufacturing Internet

Cyclops Blink malware: US and UK authorities issue alert

Malwarebytes

FEBRUARY 24, 2022

But the NCSC warns that it is likely that Sandworm is capable of compiling the same or very similar malware for other architectures and firmware. In light of world news, it’s important to note that the Sandworm group has been known to target Ukrainian companies and government agencies.

Malware

Malware Firewall Firmware DDOS

3.5m IP cameras exposed, with US in the lead

Security Affairs

DECEMBER 14, 2022

And while cosmetic security measures are in place, security leaders have long warned that technologies produced by Chinese companies can be exploited by China’s government. Most analyzed brands (96.44% of the discovered cameras) force users to set passwords or generate unique default passwords on the newest models and firmware versions.

Surveillance

Surveillance Manufacturing Passwords Internet

Russia-linked APT28 compromised Ubiquiti EdgeRouters to facilitate cyber operations

Security Affairs

FEBRUARY 28, 2024

. “As early as 2022, APT28 actors had utilized compromised EdgeRouters to facilitate covert cyber operations against governments, militaries, and organizations around the world.” and foreign governments and military, security, and corporate organizations. Upgrade to the latest firmware version.

Energy and Utilities

Energy and Utilities Government Firewall Malware

Hackers are targeting Soliton FileZen file-sharing servers

Security Affairs

APRIL 25, 2021

Threat actors are exploiting two flaws in the popular file-sharing server FileZen to steal sensitive data from businesses and government organizations. Soliton addressed both flaws in FileZen solutions with the release of firmware versions V4.2.8 and V5.0.3.

System Administration

System Administration Firmware Government Hacking

Fortinet warns of a new actively exploited RCE flaw in FortiOS SSL VPN

Security Affairs

FEBRUARY 9, 2024

The effects of the attack were limited because of the network segmentation implemented in the government infrastructure. The government experts discovered a previously unpublished remote access trojan (RAT), tracked as COATHANGER, specifically designed to target Fortigate appliances. The malware survives reboots and firmware upgrades.

VPN

VPN Firmware Malware Government

Realtek-based routers, smart devices are being gobbled up by a voracious botnet

Malwarebytes

AUGUST 24, 2021

Last time it was a vulnerability in the Arcadyan firmware found in devices distributed by some of today’s biggest router vendors and internet service providers, such as ASUS, Orange, Vodafone, Telstra, Verizon, Deutsche Telekom, and British Telecom. Exactly what Mirai wants. Vulnerabilities. Mitigation. Stay safe, everyone!

Firmware

Firmware IoT Internet Internet

Canada revisits decision to ban Flipper Zero

Malwarebytes

MARCH 22, 2024

In February 2024 the Canadian government announced plans to ban the sale of the Flipper Zero, mainly because of its reported use to steal cars. Flipper Zero made headlines in October because versions running third-party firmware could be used to crash iPhones running iOS 17 (since resolved in iOS 17.2).

Penetration Testing

Penetration Testing Wireless Firmware Retail

US CISA warns of Rockwell Automation ControlLogix flaws

Security Affairs

JULY 14, 2023

CISO recommends installing firmware updates released by Rockwell Automation, it also suggests to properly segmenting networks and implementing detection signatures. In coordination with the U.S. ” reads the advisory published by Dragos.

Firmware

Firmware CISO Hacking Government

Eclypsium Awarded AFWERX SBIR Phase One Contract to Explore Air Force Use of Enterprise Device Security Platform

CyberSecurity Insiders

MAY 7, 2021

With ongoing supply chain attacks burying deep into critical information technology assets, little-known firmware and hardware components stand as some of the highest impact, most unguarded threats facing modern organizations. Eclypsium delivers a comprehensive device security platform for government and commercial organizations.

Firmware

Firmware Small Business Threat Detection Technology

335,923 out of 489,337 Fortinet firewalls vulnerable to CVE-2023-27997

Security Affairs

JULY 3, 2023

For this reason, if the customer has SSL-VPN enabled, Fortinet is advising customers to take immediate action to upgrade to the most recent firmware release. Experts recommend organizations using FortiGate firewall, or anything else powered by FortiOS, to follow Fortinet’s advisory for this issue and upgrade their firmware immediately.

Firewall

Firewall VPN Firmware Internet

Vulnerabilities Detected in These 9 Routers for SMBs

SecureWorld News

DECEMBER 8, 2021

Since the integration of a new kernel into the firmware is costly, no manufacturer was up to date here. IoT Inspector says that "without exception" all responded with prepared firmware patches. The German government says that " manufacturers are liable for damage negligently caused by IT security vulnerabilities in their products.".

Manufacturing

Manufacturing IoT Firmware Small Business

Device manufacturers need to rethink how to lock down IoT

SC Magazine

MAY 27, 2021

A recent Microsoft Security Signals survey found that just 29% of companies have any budget allocated to protect firmware at all. The Security Signals research said that attacks on firmware increased five-fold in four years. Yet security spending doesn’t match the tremendous impact of these devices. Threat actors have noticed.

Manufacturing

Manufacturing IoT Firmware Software

U.S. Organizations Continue to Use Banned Chinese Tech

SecureWorld News

SEPTEMBER 30, 2021

CISA encourages users and administrators to review Hikvision's Security Advisory HSRC-202109-01 and apply the latest firmware updates. government passed the National Defense Authorization Act, banning a slew of Chinese companies from use by the federal government, Hikvision being one of them. still using banned Chinese tech.

Firmware

Firmware Surveillance Government Technology

CISA Order Highlights Persistent Risk at Network Edge

Krebs on Security

JUNE 15, 2023

government agency in charge of improving the nation’s cybersecurity posture is ordering all federal agencies to take new measures to restrict access to Internet-exposed networking equipment. The directive comes amid a surge in attacks targeting previously unknown vulnerabilities in widely used security and networking appliances.

Risk

Risk VPN Internet Internet

Router Vulnerability and the VPNFilter Botnet

Schneier on Security

JUNE 11, 2018

Because of the malware's sophistication, VPNFilter is believed to be the work of a government. The FBI suggested the Russian government was involved for two circumstantial reasons. If you want to make sure your router cannot be reinfected, you need to update the firmware with any security patches from the manufacturer.

Malware

Malware Firmware Internet Internet

NSA, CISA release guidance on hardening remote access via VPN solutions

Security Affairs

SEPTEMBER 29, 2021

Multiple attacks against private organizations and government entities, especially during the pandemic, were carried out by threat actors by exploiting vulnerabilities in popular VPN systems. Multiple ransomware gangs exploited VPN solutions from major vendors, including Fortinet, Ivanti (Pulse), and SonicWall.

VPN

VPN Government Firmware Authentication

The U.S. Is Falling Behind on Encryption Standards – And That’s a Global Problem

eSecurity Planet

JULY 24, 2023

FIPS 140-3 Delays The FIPS 140 standard started in January 1994 with FIPS 140-1, developed by a government and industry working group composed of vendors and users of cryptographic equipment. As quantum computing technology continues to develop, this problem will become a crisis if it can’t be resolved now. Apple corecrypto Module v11.1

Encryption

Encryption Firmware Software Technology

Security Affairs newsletter Round 357 by Pierluigi Paganini

Security Affairs

MARCH 13, 2022

LockBit ransomware group claims to have hacked Bridgestone Americas Attackers use website contact forms to spread BazarLoader malware Russian Internet watchdog Roskomnadzor is going to ban Instagram Ubisoft suffered a cyber security incident that caused a temporary disruption Anonymous hacked Roskomnadzor agency revealing Russian disinformation Open (..)

Data breaches

Data breaches Firmware Hacking Ransomware

China-linked APT BlackTech was spotted hiding in Cisco router firmware

MY TAKE: Why locking down ‘firmware’ has now become the next big cybersecurity challenge

Webinars

Trending Sources

Japanese Government Will Hack Citizens' IoT Devices

Webinars

China-linked APT Mustang Panda targets TP-Link routers with a custom firmware implant

MoonBounce: the dark side of UEFI firmware

MoonBounce UEFI implant used by spy group brings firmware security into spotlight

Don’t Let the Fox Watch the Henhouse: Securing Firmware

Cigent Technology Extends Firmware to Secure SSDs

May Firmware Threat Report

Chinese state-sponsored attack uses custom router implant to target European governments

Yubico Security Keys with a Crypto Flaw

BSides Cheltenham 2023 – Stephen – All Your Firmwares Are Belong To Us: A Guide To Successful Acquisition

PYSA Ransomware Attacks Targeting Healthcare, Education and Government Institutions, FBI Warns

DarkHotel APT uses VPN zero-day in attacks on Chinese government agencies

Measuring the Security of IoT Devices

China-linked hackers target government agencies by exploiting flaws in Citrix, Pulse, and F5 systems, and MS Exchange

China-linked APT deployed malware in a network of the Dutch Ministry of Defence

UL Launches SafeCyber Platform to Secure IoT

DHS announces program to mitigate vulnerabilities below the operating system

Security Affairs newsletter Round 439 by Pierluigi Paganini – International edition

STEPS FORWARD: Regulators are on the move to set much needed IoT security rules of the road

Cisco Starts Patching Firmware Bug; Millions of Devices Still Vulnerable

Advanced actor targets Fortinet FortiOS in attacks on govt entities

TrickBoot feature allows TrickBot bot to run UEFI attacks

MI5 chief warns of Chinese cyber espionage reached an unprecedented scale

Vulnerabilities in the iBoot Power Distribution Unit Let Hackers Remotely Shut Down Devices

Cyclops Blink malware: US and UK authorities issue alert

3.5m IP cameras exposed, with US in the lead

Russia-linked APT28 compromised Ubiquiti EdgeRouters to facilitate cyber operations

Hackers are targeting Soliton FileZen file-sharing servers

Fortinet warns of a new actively exploited RCE flaw in FortiOS SSL VPN

Realtek-based routers, smart devices are being gobbled up by a voracious botnet

Canada revisits decision to ban Flipper Zero

US CISA warns of Rockwell Automation ControlLogix flaws

Eclypsium Awarded AFWERX SBIR Phase One Contract to Explore Air Force Use of Enterprise Device Security Platform

335,923 out of 489,337 Fortinet firewalls vulnerable to CVE-2023-27997

Vulnerabilities Detected in These 9 Routers for SMBs

Device manufacturers need to rethink how to lock down IoT

U.S. Organizations Continue to Use Banned Chinese Tech

CISA Order Highlights Persistent Risk at Network Edge

Router Vulnerability and the VPNFilter Botnet

NSA, CISA release guidance on hardening remote access via VPN solutions

The U.S. Is Falling Behind on Encryption Standards – And That’s a Global Problem

Security Affairs newsletter Round 357 by Pierluigi Paganini

Stay Connected