Firmware, InfoSec and Internet - Cyber Security Informer

CISA Order Highlights Persistent Risk at Network Edge

Krebs on Security

JUNE 15, 2023

government agency in charge of improving the nation’s cybersecurity posture is ordering all federal agencies to take new measures to restrict access to Internet-exposed networking equipment. The directive comes amid a surge in attacks targeting previously unknown vulnerabilities in widely used security and networking appliances.

Risk

Risk VPN Internet Internet

Hacking IoT & RF Devices with BürtleinaBoard

Security Affairs

JULY 28, 2020

Flashing Firmware: Flashing BUSSide firmware inside the NodeMCU is quick and easy: # apt-get install esptool # git clone [link] # esptool --port /dev/ttyUSB0 write_flash 0x00000 BUSSide/FirmwareImages/*.bin. his majesty, the Firmware). In a couple of minutes you should get extracted the firmware. What do you do?

IoT

IoT Hacking Firmware InfoSec

News alert: Sternum and ChargePoint collaborate to enhance ChargePoint Home Flex Security

The Last Watchdog

JANUARY 22, 2024

ChargePoint, with its last firmware update, has disabled the HTTP server and updated the NTP client to address the issues. As part of ChargePoint’s commitment to customer security, the company encourages researchers to collaborate with ChargePoint InfoSec to identify potential new vulnerabilities in its products or environment.

IoT

IoT InfoSec Firmware Manufacturing

How to Reverse Engineer, Sniff & Bruteforce Vulnerable RF Adult Toys with WHID Elite

Security Affairs

AUGUST 2, 2019

With all these data we can finally compose the packet that is transmitted to trigger the Vibration mode: Now we are ready to give it a try with the Standalone Firmware of WHID Elite and see if it is able to decode them too. Which means, we can easily fuzz and thus exhaust the space between them with the main WHID Elite Firmware.

Engineering

Engineering Firmware InfoSec Advertising

Security Podcasting, Hacking Stories, and The State of Firmware Security with Paul Asadoorian

Security Boulevard

JUNE 25, 2023

Paul also shares with us some of his greatest hacking stories and don’t miss our lively […] The post Security Podcasting, Hacking Stories, and The State of Firmware Security with Paul Asadoorian appeared first on Shared Security Podcast.

Firmware

Firmware Hacking Internet Internet

[Full-Disclosure] HideezKey 2 FAIL: How a good idea turns into a SPF (Security Product Failure)

Security Affairs

MAY 7, 2021

This will help me later in the case I will be able to obtain a firmware that eventually is encrypted (i.e. Just to be 100% sure I won’t fry the board while attempting the firmware dump, I double-checked with the multimeter that the pinout of the SWD interface was still correct. known-plaintext attack). And indeed it was!

Firmware

Firmware Passwords Password Management Encryption

Hacking IoT devices with Focaccia-Board: A Multipurpose Breakout Board to hack hardware in a clean and easy way!

Security Affairs

FEBRUARY 18, 2020

Successfully dumped the smartlock’s firmware. And after having successfully dumped the firmware we can proceed at extracting some valuable evidences for the forensics case. I just used the lower part of F-B’s PCB to connect those ugly flying cables that were non-standard DuPont wires. About the author: Luca Bongiorni.

IoT

IoT Hacking Firmware Advertising

Y2k + 20: risk, COVID and "the Internet issue"

Notice Bored

JANUARY 9, 2021

If you don't believe me, just ask to see your organisation's inventory containing pertinent details of every single IT device - the manufacturers, models, serial numbers, software and firmware revisions, latest test status, remediation/replacement plans and so on. The sheer scale of the Internet problem is the real issue. Yeah, right.

Internet

Internet Internet Risk InfoSec

Hacking Radio Blasting Systems for Fun & Explosions

Security Affairs

AUGUST 5, 2019

A quick search on the internet returned many products related to the topic. With all these data we can finally compose the packet that is transmitted to trigger the 1st charge on Area 01: Now we are ready to give it a try with the Standalone Firmware of WHID Elite and see if it is able to decode them too. . And guess what?

Hacking

Hacking Firmware Engineering Advertising

USBsamurai for Dummies: How To Make a Malicious USB Implant & Bypass Air-Gapped Environments for 10$. The Dumb-Proof Guide.

Security Affairs

SEPTEMBER 26, 2019

With this article I wanna bring more light regarding: Which are the differences between C-U0007 & C-U0012 How to Build USBsamurai with a C-U0012 How to flash the C-U0012 with the LIGHTSPEED Firmware How to Flash the C-U0007 with the G700 firmware to achieve better performances and get the Air-Gap Bypass feature How to setup LOGITacker.

Firmware

Firmware Encryption Advertising InfoSec

The Hacker Mind Podcast: Hacking Voting Systems

ForAllSecure

OCTOBER 29, 2020

held a pilot of a new Internet voting system. The confidentiality, integrity, and availability of it all -- you know, the classic CIA triad in infosec. More individual states’ voting systems were exposed and also addressable from the internet. Alex Halderman, a professor who was then with the University of Michigan.

Hacking

Hacking Mobile Software Technology

The Hacker Mind Podcast: Hacking Voting Systems

ForAllSecure

OCTOBER 29, 2020

held a pilot of a new Internet voting system. The confidentiality, integrity, and availability of it all -- you know, the classic CIA triad in infosec. More individual states’ voting systems were exposed and also addressable from the internet. Alex Halderman, a professor who was then with the University of Michigan.

Hacking

Hacking Mobile Software Technology

The Hacker Mind Podcast: Hacking Voting Systems

ForAllSecure

OCTOBER 20, 2020

held a pilot of a new Internet voting system. The confidentiality, integrity, and availability of it all -- you know, the classic CIA triad in infosec. More individual states’ voting systems were exposed and also addressable from the internet. Alex Halderman, a professor who was then with the University of Michigan.

Hacking

Hacking Mobile Software Technology

The Hacker Mind Podcast: Hacking Industrial Control Systems

ForAllSecure

APRIL 26, 2022

But also war over the internet. The updates are done through firmware, firmware updates that we get from the vendor. Their security researchers know that maybe they have firmware or maybe they found a program or something somewhere. Well, this is where we're going to start analyzing some firmware. Physical war.

Hacking

Hacking Manufacturing Energy and Utilities Firmware

The Hacker Mind Podcast: The Right To Repair

ForAllSecure

FEBRUARY 10, 2021

To answer these questions, Paul Roberts, Editor-in-Chief of the Security Ledger, has founded securepairs.org , a group of infosec experts who are volunteering their free time to fight for the digital right to repair in local legislation. ” So should analyzing a device’s firmware for security flaws be considered illegal?

InfoSec

InfoSec Manufacturing Technology Software

The Hacker Mind Podcast: The Right To Repair

ForAllSecure

FEBRUARY 10, 2021

To answer these questions, Paul Roberts, Editor-in-Chief of the Security Ledger, has founded securepairs.org , a group of infosec experts who are volunteering their free time to fight for the digital right to repair in local legislation. ” So should analyzing a device’s firmware for security flaws be considered illegal?

InfoSec

InfoSec Manufacturing Technology Software

Cyber Security Informer

CISA Order Highlights Persistent Risk at Network Edge

Hacking IoT & RF Devices with BürtleinaBoard

Trending Sources

News alert: Sternum and ChargePoint collaborate to enhance ChargePoint Home Flex Security

How to Reverse Engineer, Sniff & Bruteforce Vulnerable RF Adult Toys with WHID Elite

Security Podcasting, Hacking Stories, and The State of Firmware Security with Paul Asadoorian

[Full-Disclosure] HideezKey 2 FAIL: How a good idea turns into a SPF (Security Product Failure)

Hacking IoT devices with Focaccia-Board: A Multipurpose Breakout Board to hack hardware in a clean and easy way!

Y2k + 20: risk, COVID and "the Internet issue"

Hacking Radio Blasting Systems for Fun & Explosions

USBsamurai for Dummies: How To Make a Malicious USB Implant & Bypass Air-Gapped Environments for 10$. The Dumb-Proof Guide.

The Hacker Mind Podcast: Hacking Voting Systems

The Hacker Mind Podcast: Hacking Voting Systems

The Hacker Mind Podcast: Hacking Voting Systems

The Hacker Mind Podcast: Hacking Industrial Control Systems

The Hacker Mind Podcast: The Right To Repair

The Hacker Mind Podcast: The Right To Repair

Stay Connected