Firmware, Information Security and Technology

China-linked APT BlackTech was spotted hiding in Cisco router firmware

Security Affairs

SEPTEMBER 27, 2023

US and Japanese authorities warn that a China-linked APT BlackTech planted backdoor in Cisco router firmware to hack the businesses in both countries. The group targeted organizations in multiple sectors, including defense, government, electronics, telecommunication, technology, media, telecommunication industries.

Firmware

Firmware Telecommunications System Administration Malware

Three UEFI Firmware flaws found in tens of Lenovo Notebook models

Security Affairs

JULY 13, 2022

IT giant Lenovo released security fixes to address three vulnerabilities that impact the UEFI firmware shipped with over 70 product models. A remote attacker can trigger these flaws to execute arbitrary code on the vulnerable systems in the early stages of the boot avoiding the detection of security features.

Firmware

Firmware Hacking Technology Information Security

Sophos backports fix for CVE-2022-3236 for EOL firewall firmware versions due to ongoing attacks

Security Affairs

DECEMBER 13, 2023

Sophos backports the patch for CVE-2022-3236 for end-of-life (EOL) firewall firmware versions due to ongoing attacks exploiting the issue. No action is required if organizations have upgraded their firewalls to a supported firmware version after September 2022. All the vulnerable devices are running end-of-life (EOL) firmware.

Firmware

Firmware Firewall Internet Internet

Webinars

Human-Centered Cyber Security Training: Driving Real Impact on Security Culture

MORE WEBINARS

New iLOBleed Rootkit, the first time ever that malware targets iLO firmware

Security Affairs

DECEMBER 30, 2021

iLOBleed, is a previously undetected rootkit that was spotted targeting the HP Enterprise’s Integrated Lights-Out ( iLO ) server management technology to tamper with the firmware modules and wipe data off the infected systems. This malware has been used by hackers for some time and we have been monitoring its performance.

Firmware

Firmware Malware System Administration Technology

HP addressed 16 UEFI firmware flaws impacting laptops, desktops, PoS systems

Security Affairs

MARCH 9, 2022

Researchers disclosed 16 high-severity flaws in different implementations of Unified Extensible Firmware Interface (UEFI) firmware impacting multiple HP enterprise devices. This knowledge base is crucial for developing effective mitigations and defense technologies for device security.”, Pierluigi Paganini.

Firmware

Firmware Hacking Technology Cybersecurity

Security Podcasting, Hacking Stories, and The State of Firmware Security with Paul Asadoorian

Security Boulevard

JUNE 25, 2023

Paul also shares with us some of his greatest hacking stories and don’t miss our lively […] The post Security Podcasting, Hacking Stories, and The State of Firmware Security with Paul Asadoorian appeared first on Shared Security Podcast.

Firmware

Firmware Hacking Internet Internet

Qualcomm Snapdragon flaws impact Lenovo, Microsoft, Lenovo, and Samsung devices

Security Affairs

JANUARY 9, 2023

Tens of software vulnerabilities affected Qualcomm firmware and impacted the devices of Microsoft, Lenovo, and Samsung. Qualcomm January 2023 security bulletin addressed 22 software vulnerabilities in its Snapdragon suite. CVE-2022-33265 (CVSS Score 7.3) – the flaw is an Information exposure in Powerline Communication Firmware.

Firmware

Firmware Manufacturing Software Hacking

CVE-2019-0090 flaw affects Intel Chips released in the last 5 years

Security Affairs

MARCH 7, 2020

A new vulnerability, tracked as CVE-2019-0090 , affects all Intel chips that could allow attackers to bypass every hardware-enabled security technology. Security experts from Positive Technologies warn of a new vulnerability, tracked as CVE-2019-0090, that affects all Intel processors that were released in the past 5 years.

Firmware

Firmware Technology Advertising Authentication

How to hack Wincor Cineo ATMs to bypass black-box attack protections and withdraw cash

Security Affairs

NOVEMBER 1, 2021

Positive Technologies researchers Vladimir Kononovich and Alexey Stennikov have discovered security flaws Wincor Cineo ATMs that could be exploited to bypass Black-Box attack protections and withdraw cash. ” explained Vladimir Kononovich, Senior Specialist of ICS Security at Positive Technologies. score of 6.8.

Hacking

Hacking Firmware Encryption Manufacturing

MI5 chief warns of Chinese cyber espionage reached an unprecedented scale

Security Affairs

OCTOBER 22, 2023

“If you’re working today at the cutting edge of technology then geopolitics is interested in you, even if you’re not interested in geopolitics.” ” Commercial businesses in the technology sector of any size, especially small companies and start-ups and researchers, are more exposed to Chinese espionage. .

Telecommunications

Telecommunications Technology Government Firmware

Chipmaker Qualcomm warns of three actively exploited zero-days

Security Affairs

OCTOBER 4, 2023

.” The three critical issues fixed by the chipmaker are: Public ID Security Rating CVSS Rating Technology Area Date Reported CVE-2023-24855 Critical Critical (CVSS Score 9.8) WLAN Firmware Internal CVE-2023-24855 : Use of Out-of-range Pointer Offset in Modem. Modem Internal CVE-2023-28540 Critical Critical (CVSS Score 9.1)

Firmware

Firmware Surveillance Authentication Manufacturing

5Ghoul flaws impact hundreds of 5G devices with Qualcomm, MediaTek chips

Security Affairs

DECEMBER 9, 2023

A set of flaws, collectively called 5Ghoul, in the firmware implementation of 5G mobile network modems from major vendors impacts Android and iOS devices. Such a family of vulnerabilities are present in the firmware implementation of 5G mobile network modems from major chipset vendors i.e., Qualcomm and MediaTek.”

Firmware

Firmware Mobile Software Hacking

Binarly released the free online scanner to detect the CVE-2024-3094 Backdoor

Security Affairs

APRIL 2, 2024

Researchers from the firmware security firm Binarly released a free online scanner to detect the CVE-2024-3094 Backdoor Last week, Microsoft engineer Andres Freund discovered a backdoor issue in the latest versions of the “xz” tools and libraries. The vulnerability was tracked as CVE-2024-3094 and received a CVSS score of 10.

Firmware

Firmware Authentication Engineering Hacking

Netgear Routers impacted by FunJSQ Game Acceleration Module flaw

Security Affairs

SEPTEMBER 19, 2022

Researchers at security and compliance assessment firm Onekey warns of an arbitrary code execution via FunJSQ, which is a third-party module developed by Xiamen Xunwang Network Technology for online game acceleration, that impacts multiple Netgear router models. present in the majority of NETGEAR firmware images in our corpus.”

Firmware

Firmware Passwords Technology Hacking

BadPower attack could burn your device through fast charging

Security Affairs

JULY 21, 2020

Researchers devised a technique dubbed BadPower to alter the firmware of fast chargers to cause damage to connected systems or cause the device to catch fire. BadPower consists of corrupting the firmware of fast chargers. “Most BadPower problems can be fixed by updating the device firmware.”

Firmware

Firmware Manufacturing Advertising Hacking

Experts found multiple flaws in AudioCodes desk phones and Zoom’s Zero Touch Provisioning (ZTP)

Security Affairs

AUGUST 14, 2023

The procedures allow administrators to provide device information such as server addresses, account information, and firmware updates. The server is used to provide configurations and firmware updates to the devices. In this scenario, an attacker can act as a rogue server and distribute malicious firmware.

Firmware

Firmware Authentication Passwords Hacking

New BrakTooth flaws potentially impact millions of Bluetooth-enabled devices

Security Affairs

SEPTEMBER 2, 2021

A set of 16 security flaws in commercial Bluetooth stacks, collectively tracked as BrakTooth , can be exploited by threat actors to execute arbitrary code and crash the devices via DoS attacks. Crashes generally trigger a fatal assertion, segmentation faults due to a buffer or heap overflow within the SoC firmware.

Firmware

Firmware Manufacturing IoT Technology

US and UK link new Cyclops Blink malware to Russian state hackers?

Security Affairs

FEBRUARY 23, 2022

US and UK cybersecurity and law enforcement agencies published a joint security advisory about a new malware, dubbed Cyclops Blink, that has been linked to the Russian-backed Sandworm APT group. The malware leverages the firmware update process to achieve persistence.

Malware

Malware Firmware Architecture Firewall

Decoding Security 127: We Got Conned

SiteLock

AUGUST 27, 2021

Breaking news last week, the NIST (National Institute of Standards and Technology) Small Business Cybersecurity Act was signed into law. Up next, Black Hat, one of the world’s largest information security conferences, took place in early August 2018 in Sin City. Straight on the heels of Black Hat was DEF CON 26.

Small Business

Small Business Artificial Intelligence Firmware IoT

AMD is going to patch UEFI SMM callout privilege escalation flaw

Security Affairs

JUNE 22, 2020

AMD is going to release patches for a flaw affecting the System Management Mode (SMM) of the Unified Extensible Firmware Interface (UEFI). The vulnerability was discovered by the security researcher Danny Odler, it resides in the AMD’s Mini PC could allow attackers to manipulate secure firmware and execute arbitrary code.

Firmware

Firmware Architecture Advertising Manufacturing

3.5m IP cameras exposed, with US in the lead

Security Affairs

DECEMBER 14, 2022

And while cosmetic security measures are in place, security leaders have long warned that technologies produced by Chinese companies can be exploited by China’s government. What is more, the overwhelming majority of internet-facing cameras are manufactured by Chinese companies. Surge in internet-facing cameras.

Surveillance

Surveillance Manufacturing Passwords Internet

CISA recommends vendors to fix BrakTooth issues after the release of PoC tool

Security Affairs

NOVEMBER 4, 2021

.” BrakTooth is a set of 16 security flaws in commercial Bluetooth stacks that can be exploited by threat actors to execute arbitrary code and crash the devices via DoS attacks.

Firmware

Firmware Manufacturing Technology Engineering

Tainted password-cracking software for industrial systems used to spread P2P Sality bot

Security Affairs

JULY 15, 2022

Dragos experts investigated an infection of DirectLogic PLCs from Automation Direct, they performed reverse engineering of the password cracking tool and discovered it did not crack the password at all, rather, it exploited a vulnerability in the firmware to retrieve the password on command. ” reads the advisory published by Dragos.

Passwords

Passwords Software Firmware Malware

Practical coexistence attacks on billions of WiFi chips allow data theft and traffic manipulation

Security Affairs

DECEMBER 13, 2021

A group of researchers from the University of Darmstadt, University of Brescia, CNIT, and the Secure Mobile Networking Lab, have discovered security vulnerabilities in WiFi chips that can be exploited to extract passwords and manipulate traffic on a WiFi chip by targeting a device’s Bluetooth component. Pierluigi Paganini.

Wireless

Wireless Firmware Mobile Passwords

Multiple flaws in CODESYS V3 SDK could lead to RCE or DoS?

Security Affairs

AUGUST 13, 2023

An attacker can trigger the flaw to gain remote code execution and conduct denial-of-service attacks under specific conditions, exposing operational technology (OT) environments to hacking. could put operational technology (OT) infrastructure at risk of attacks, such as remote code execution (RCE) and denial of service (DoS).”

Authentication

Authentication Firmware Hacking Passwords

Security Affairs newsletter Round 284

Security Affairs

OCTOBER 4, 2020

Apple addresses four vulnerabilities in macOS Google removes 17 Joker -infected apps from the Play Store Microsoft took down 18 Azure AD apps used by Chinese Gadolinium APT Mount Locker ransomware operators demand multi-million dollar ransoms Putin proposes new information security collaboration to US, including no-hack pact for election REvil ransomware (..)

Ransomware

Ransomware Firmware Advertising Insurance

Flaws in Dell BIOSConnect feature affect 128 device models

Security Affairs

JUNE 24, 2021

The PC maker released client-side BIOS firmware updates to address the other two flaws. “Technology vendors of all types are increasingly implementing over-the-air update processes to make it as easy as possible for their customers to keep their firmware up to date and recover from system failures. Pierluigi Paganini.

Firmware

Firmware Hacking Technology Ransomware

Elon Musk Buys Twitter, Forgotten BIOS Updates, T-Shirt Outwits Facial Recognition

Security Boulevard

MAY 1, 2022

More than 100 different Lenovo laptop computers contain firmware-level vulnerabilities which is a great reminder about making sure you update the BIOS on your computer. The post Elon Musk Buys Twitter, Forgotten BIOS Updates, T-Shirt Outwits Facial Recognition appeared first on The Shared Security Show.

Firmware

Firmware Cybersecurity Surveillance Technology

SonicWall released patch for actively exploited SMA 100 zero-day

Security Affairs

FEBRUARY 4, 2021

SonicWall has released a security patch to address the zero-day flaw actively exploited in attacks against the SMA 100 series appliances. SonicWall this week released firmware updates (version 10.2.0.5-29sv) 29sv) to address an actively exploited zero-day vulnerability in Secure Mobile Access (SMA) 100 series appliances.

Firmware

Firmware Mobile Media Internet

QNAP extends security Updates for some EOL devices

Security Affairs

FEBRUARY 15, 2022

. “EOL models may lack computational capabilities, be short on operational memory, be unable to receive up-to-date component drivers, or possess other technical constraints or deprecated technology,” states the Taiwanese vendor.

Firmware

Firmware Ransomware Encryption Hacking

Trusted Platform Module (TPM) 2.0 flaws could impact billions of devices

Security Affairs

MARCH 3, 2023

that could potentially lead to information disclosure or privilege escalation. The Trusted Platform Module (TPM) technology is a hardware-based solution that provides secure cryptographic functions to the operating systems on modern computers, making it resistant to tampering.

Firmware

Firmware IoT Authentication Hacking

Nine flaws in CyberPower and Dataprobe solutions expose data centers to hacking

Security Affairs

AUGUST 13, 2023

CyberPower is a prominent supplier of data center hardware and infrastructure solutions, with a specific focus on cutting-edge power protection technologies and effective power management systems. CVE-2023-3266: Improperly Implemented Security Check for Standard (Auth Bypass; CVSS 7.5) CVE-2023-3261: Buffer Overflow (DOS; CVSS 7.5)

Hacking

Hacking Firmware Authentication Software

FBI warns of ransomware attacks targeting the food and agriculture sector

Security Affairs

SEPTEMBER 3, 2021

“Cyber criminal threat actors exploit network vulnerabilities to exfiltrate data and encrypt systems in a sector that is increasingly reliant on smart technologies, industrial control systems, and internet-based automation systems. Install updates/patch operating systems, software, and firmware as soon as they are released.

Ransomware

Ransomware Passwords Backups Firmware

Ranzy Locker ransomware hit tens of US companies in 2021

Security Affairs

OCTOBER 26, 2021

The victims include the construction subsector of the critical manufacturing sector, the academia subsector of the government facilities sector, the information technology sector, and the transportation sector.” Install updates/patch operating systems, software, and firmware as soon as updates/patches are released.

Ransomware

Ransomware Firmware Antivirus Accountability

Red TIM Research (RTR) team discovers a bug on Ericsson Network Manager

Security Affairs

MARCH 18, 2022

In fact, Ericsson Network Manager is an Operations support system (‘OSS’ according to network jargon) , which allows the management of all the devices interconnected to it, ensuring the management of configurations, firmware updates and all automation and maintenance operations of an advanced mobile radio network.

Mobile

Mobile Firmware Architecture Technology

GUEST ESSAY: The story behind how DataTribe is helping to seed ‘Cybersecurity Valley’ in Maryland

The Last Watchdog

JUNE 4, 2019

Within these government labs and agencies, taking place is a groundswell of innovation in deep technology cyber disciplines to the tune of billions of dollars annually over the past three decades. In Silicon Valley, the initial technology seeds were planted in World War II, when the U.S.

Cybersecurity

Cybersecurity Computers and Electronics Technology Marketing

Security Affairs newsletter Round 420 by Pierluigi Paganini – International edition

Security Affairs

MAY 21, 2023

million NPM packages found containing the TurkoRat infostealer Lemon Group gang pre-infected 9 million Android devices for fraudulent activities Apple fixed three new actively exploited zero-day vulnerabilities KeePass 2.X

Data breaches

Data breaches Cybercrime Ransomware Passwords

CISA is warning of vulnerabilities in GE Power Management Devices

Security Affairs

MARCH 23, 2021

The vendor released security updates for all these devices and urges customers to update their installs, it also released mitigations to address the flaws. “GE strongly recommends users with impacted firmware versions update their UR devices to UR firmware Version 8.10, or greater to resolve these vulnerabilities.

Firmware

Firmware VPN Firewall Risk

CISA, FBI shared a joint advisory to warn of Zeppelin ransomware attacks

Security Affairs

AUGUST 13, 2022

The ransomware was involved in attacks aimed at technology and healthcare, defense contractors, educational institutions, manufacturers, companies across Europe, the United States, and Canada.

Ransomware

Ransomware Encryption Firmware Backups

Million of Telestar Digital GmbH IoT radio devices can be remotely hacked

Security Affairs

SEPTEMBER 10, 2019

The hardware of the terminals is equipped with Shenzen technology, while the firmware is based on BusyBox Linux Debian. . Automatic updates are available via Wi-Fi and can be installed by setting IoT radio devices back to factory settings and downloading the latest firmware version. .

IoT

IoT Hacking Firmware Advertising

Russia-linked APT28 compromised Ubiquiti EdgeRouters to facilitate cyber operations

Security Affairs

FEBRUARY 28, 2024

. “These operations have targeted various industries, including Aerospace & Defense, Education, Energy & Utilities, Governments, Hospitality, Manufacturing, Oil & Gas, Retail, Technology, and Transportation. Upgrade to the latest firmware version. Change any default usernames and passwords.

Energy and Utilities

Energy and Utilities Government Firewall Malware

FBI warns of ransomware threat to food and agriculture

Malwarebytes

SEPTEMBER 3, 2021

In any industry that is developing and adopting new technology at pace you can expect growing pains and security is often the last thing on the developers’ minds. But the sector is only as secure as the technology it relies on, so our food supply requires secure IoT devices and Cloud services for food and agriculture too.

Ransomware

Ransomware Manufacturing Passwords Internet

FBI and CISA are warning of APT actors targeting Fortinet FortiOS servers

Security Affairs

APRIL 2, 2021

It is likely that the APT actors are scanning for these vulnerabilities to gain access to multiple government, commercial, and technology services networks” reads the joint advisory published by FBI and CISA. Attackers were exploiting the flaw in the attempt to access multiple government, commercial, and technology services networks.

Passwords

Passwords Government Firmware Accountability

Topic-specific example 11/11: secure development

Notice Bored

OCTOBER 22, 2021

Most if not all developments involve information (requirements/objectives, specifications, plans, status/progress reports etc.) and potentially substantial information risks. so the policy could cover those aspects, ballooning in scope from what was presumably intended when the standard was drafted. The end is nigh!

Risk

Risk Firmware Software Information Security

China-linked APT BlackTech was spotted hiding in Cisco router firmware

Three UEFI Firmware flaws found in tens of Lenovo Notebook models

Webinars

Trending Sources

Sophos backports fix for CVE-2022-3236 for EOL firewall firmware versions due to ongoing attacks

Webinars

New iLOBleed Rootkit, the first time ever that malware targets iLO firmware

HP addressed 16 UEFI firmware flaws impacting laptops, desktops, PoS systems

Security Podcasting, Hacking Stories, and The State of Firmware Security with Paul Asadoorian

Qualcomm Snapdragon flaws impact Lenovo, Microsoft, Lenovo, and Samsung devices

CVE-2019-0090 flaw affects Intel Chips released in the last 5 years

How to hack Wincor Cineo ATMs to bypass black-box attack protections and withdraw cash

MI5 chief warns of Chinese cyber espionage reached an unprecedented scale

Chipmaker Qualcomm warns of three actively exploited zero-days

5Ghoul flaws impact hundreds of 5G devices with Qualcomm, MediaTek chips

Binarly released the free online scanner to detect the CVE-2024-3094 Backdoor

Netgear Routers impacted by FunJSQ Game Acceleration Module flaw

BadPower attack could burn your device through fast charging

Experts found multiple flaws in AudioCodes desk phones and Zoom’s Zero Touch Provisioning (ZTP)

New BrakTooth flaws potentially impact millions of Bluetooth-enabled devices

US and UK link new Cyclops Blink malware to Russian state hackers?

Decoding Security 127: We Got Conned

AMD is going to patch UEFI SMM callout privilege escalation flaw

3.5m IP cameras exposed, with US in the lead

CISA recommends vendors to fix BrakTooth issues after the release of PoC tool

Tainted password-cracking software for industrial systems used to spread P2P Sality bot

Practical coexistence attacks on billions of WiFi chips allow data theft and traffic manipulation

Multiple flaws in CODESYS V3 SDK could lead to RCE or DoS?

Security Affairs newsletter Round 284

Flaws in Dell BIOSConnect feature affect 128 device models

Elon Musk Buys Twitter, Forgotten BIOS Updates, T-Shirt Outwits Facial Recognition

SonicWall released patch for actively exploited SMA 100 zero-day

QNAP extends security Updates for some EOL devices

Trusted Platform Module (TPM) 2.0 flaws could impact billions of devices

Nine flaws in CyberPower and Dataprobe solutions expose data centers to hacking

FBI warns of ransomware attacks targeting the food and agriculture sector

Ranzy Locker ransomware hit tens of US companies in 2021

Red TIM Research (RTR) team discovers a bug on Ericsson Network Manager

GUEST ESSAY: The story behind how DataTribe is helping to seed ‘Cybersecurity Valley’ in Maryland

Security Affairs newsletter Round 420 by Pierluigi Paganini – International edition

CISA is warning of vulnerabilities in GE Power Management Devices

CISA, FBI shared a joint advisory to warn of Zeppelin ransomware attacks

Million of Telestar Digital GmbH IoT radio devices can be remotely hacked

Russia-linked APT28 compromised Ubiquiti EdgeRouters to facilitate cyber operations

FBI warns of ransomware threat to food and agriculture

FBI and CISA are warning of APT actors targeting Fortinet FortiOS servers

Topic-specific example 11/11: secure development

Stay Connected