Firmware, Malware and Security Defenses

The source code of the BlackLotus UEFI Bootkit was leaked on GitHub

Security Affairs

JULY 14, 2023

Researchers from ESET discovered in March a new stealthy Unified Extensible Firmware Interface ( UEFI ) bootkit, named BlackLotus , that is able to bypass Secure Boot on Windows 11. Secure Boot is a security feature of the latest Unified Extensible Firmware Interface (UEFI) 2.3.1

Firmware

Firmware Malware CISO Hacking

BlackLotus is the first bootkit bypassing UEFI Secure Boot on Windows 11

Security Affairs

MARCH 1, 2023

ESET discovered a stealthy Unified Extensible Firmware Interface (UEFI) bootkit dubbed BlackLotus that is able to bypass the Secure Boot on Windows 11. Researchers from ESET discovered a new stealthy Unified Extensible Firmware Interface ( UEFI ) bootkit, named BlackLotus , that is able to bypass Secure Boot on Windows 11.

Firmware

Firmware Malware Hacking Security Defenses

VulnRecap 1/16/24 – Major Firewall Issues Persist

eSecurity Planet

JANUARY 16, 2024

January 10, 2024 Thousands of WordPress Sites Vulnerable to Malware Injection Type of vulnerability: Cross-site scripting flaw in Popup Builder that allows a malware injection. This threat actor has deployed at least five malware families using the Ivanti products. The fix: Popup Builder released version 4.2.3 20240107.1.xml

Firewall

Firewall Firmware IoT Authentication

Vulnerability Recap 6/10/24 – RCE Attacks in Major Platforms

eSecurity Planet

JUNE 10, 2024

Timothy Hjort discovered these vulnerabilities , which allow the execution of OS commands and the uploading of malicious files, compromising the security of affected devices. The fix: Zyxel issued firmware patches 5.21(AAZF.17)C0 Regularly update anti-malware software and educate your personnel about phishing dangers.

Malware

Malware Authentication Software Telecommunications

VulnRecap 1/22/24 – Watch Chrome, Ivanti, Citrix Issues

eSecurity Planet

JANUARY 22, 2024

This week’s vulnerability news include GitHub credential access, a new Chrome fix, and hidden malware from pirated applications hosted on Chinese websites. Make sure your security teams are regularly checking vendors’ software and hardware updates for any patches, and keep a particular eye on networking equipment.

Authentication

Authentication Malware VPN Mobile

Vulnerability Recap 5/20/24 – Patch Tuesday, Chrome & D-Link

eSecurity Planet

MAY 20, 2024

Microsoft Patch Tuesday takes center stage in this week’s vulnerability news, with a notable SharePoint Server vulnerability that’s been seen alongside Qakbot malware. This one has been active in the wild; SecureList found it to be in use with Qakbot and other strains of malware.

VPN

VPN Firmware Malware Software

How to Prevent Malware: 15 Best Practices for Malware Prevention

eSecurity Planet

OCTOBER 24, 2023

Malware attacks pose a significant risk to both individuals and businesses, infiltrating computer systems, compromising sensitive data and disrupting operations, leading to financial and data loss — and even extortion. Here are 15 important controls and best practices for preventing malware.

Malware

Malware Antivirus Software Passwords

Why Businesses Can’t Afford Anything Less Than Zero Trust in IoT

Security Boulevard

JUNE 23, 2022

39% see malware and ransomware as their biggest risk. 68% of IT and security professionals plan to use zero trust for device security; 42% actually do. AI-based attacks: Bot-based attacks are getting better at mimicking user activity, more easily breaching the low-security defenses of many IoT devices.

IoT

IoT Social Engineering Firmware Risk

How To Set Up a Firewall in 8 Easy Steps + Best Practices

eSecurity Planet

APRIL 30, 2024

Set Secure Firewall Rules & ACLs To prevent unwanted access and ensure effective traffic management, secure your firewall through updating firmware to resolve vulnerabilities and adopting proper configurations prior to installing firewalls in production. Sample Windows Defender Firewall prompts for firewall activation 2.

Firewall

Firewall Architecture Firmware Risk

Weekly Vulnerability Recap – November 6, 2023 – Windows Drivers and Exchange Flaws

eSecurity Planet

NOVEMBER 6, 2023

Non-privileged threat actors can exploit these drivers to gain complete device control, execute arbitrary code, modify firmware, and escalate operating system privileges, posing a significant security risk. Email Address By signing up to receive our newsletter, you agree to our Terms of Use and Privacy Policy.

Software

Software Education Ransomware Firmware

How to Perform a Firewall Audit in 11 Steps (+Free Checklist)

eSecurity Planet

FEBRUARY 21, 2024

Check the Firewall Hardware & Operating System After you’ve prepared all the documentation and know everyone’s roles, one of the early steps in a firewall audit process is a hardware and firmware check. Look at the hardware to see whether it fits your company’s standards and security requirements.

Firewall

Firewall Firmware Software Risk

Barracuda SecureEdge SASE Review 2023

eSecurity Planet

SEPTEMBER 22, 2023

Monitored user activity allows for operations and security to detect anomalous behavior and either enable or block access to resources as needed. Inspected and decrypted traffic blocks malware and malicious URLs through centralized control and filtering based on Barracuda’s cloud-based next generation firewall (NGWF) technology.

Firewall

Firewall Marketing Firmware Technology

2024 State of Cybersecurity: Reports of More Threats & Prioritization Issues

eSecurity Planet

MAY 2, 2024

The vendor reports show that most attackers want credentials, most malware development is in credential-stealing software, and the market for stolen credentials is booming: Cisco: Found 54% of organizations experienced a cybersecurity incident; and of those incidents, 54% involved phishing and 37% involved credentials stuffing.

Cybersecurity

Cybersecurity DDOS Penetration Testing Passwords

VulnRecap 3/4/24 – Ivanti, Ubiquiti, AppLocker Under Attack

eSecurity Planet

MARCH 4, 2024

The fix: To eliminate malware infections, perform a factory reset, upgrade to the latest firmware, change all default usernames and passwords, and adjust firewall rules to block exposure to unwanted remote management services. Email Address By signing up to receive our newsletter, you agree to our Terms of Use and Privacy Policy.

IoT

IoT Internet Internet Ransomware

Cyber Security Informer

The source code of the BlackLotus UEFI Bootkit was leaked on GitHub

BlackLotus is the first bootkit bypassing UEFI Secure Boot on Windows 11

Trending Sources

VulnRecap 1/16/24 – Major Firewall Issues Persist

Vulnerability Recap 6/10/24 – RCE Attacks in Major Platforms

VulnRecap 1/22/24 – Watch Chrome, Ivanti, Citrix Issues

Vulnerability Recap 5/20/24 – Patch Tuesday, Chrome & D-Link

How to Prevent Malware: 15 Best Practices for Malware Prevention

Why Businesses Can’t Afford Anything Less Than Zero Trust in IoT

How To Set Up a Firewall in 8 Easy Steps + Best Practices

Weekly Vulnerability Recap – November 6, 2023 – Windows Drivers and Exchange Flaws

How to Perform a Firewall Audit in 11 Steps (+Free Checklist)

Barracuda SecureEdge SASE Review 2023

2024 State of Cybersecurity: Reports of More Threats & Prioritization Issues

VulnRecap 3/4/24 – Ivanti, Ubiquiti, AppLocker Under Attack

Stay Connected