Security Boulevard

AUGUST 24, 2021

The post Firmware: Beyond Securing the Software Stack appeared first on Security Boulevard. However, if a savvy thief managed to infiltrate the residence through its crawl space, the very foundation of the house might be putting the overall security of the home at risk.

Firmware 119

Firmware Software Risk Security Awareness 119

Security Affairs

APRIL 2, 2025

The researchers speculate that threat actors behind this variant have compromised the supply chain, so stores may not even suspect that they are selling smartphones infected with Triada “The new version of the malware is distributed in the firmware of infected Android devices. It is located in the system framework. 231 banking malware.

Malware 118

Malware Cryptocurrency Mobile Firmware 118

Security Boulevard

AUGUST 3, 2022

You’re not imagining things; new firmware threats are appearing more often. The most recent is CosmicStrand, which exploits the Unified Extensible Firmware Interface (UEFI) to avoid detection. The post ‘CosmicStrand’ Highlights Ongoing Firmware Risks appeared first on Security Boulevard. The researchers were unable to.

Firmware 98

Firmware Risk Mobile Malware 98

Security Affairs

FEBRUARY 20, 2021

Security provider SonicWall released a new firmware update for an SMA-100 zero-day vulnerability that was exploited in attacks. SonicWall has released a second firmware update for the SMA-100 zero-day vulnerability that was exploited in attacks in the wild. Early February, SonicWall released the first firmware updates (version 10.2.0.5-29sv)

Firmware 100

Firmware Mobile Hacking Information Security 100

Security Affairs

SEPTEMBER 6, 2021

Security researcher ValdikSS found malware preinstalled in four low-budget push-button mobile phones available for sale on Russian e-stores. A Russian security researcher that goes online with the name of ValdikSS has found malware preinstalled in four low-budget push-button mobile phones available for sale on Russian e-stores.

Mobile 140

Mobile Malware Firmware Manufacturing 140

SC Magazine

FEBRUARY 3, 2021

SonicWall made available a critical patch for two vulnerabilities in its Secure Mobile Access 100 series products featuring 10.x x firmware. SonicWall today made available a critical patch for two vulnerabilities in its Secure Mobile Access 100 series products featuring 10.x SonicWall’s firmware update to version 10.2.0.5-29sv

Firmware 95

Firmware Mobile InfoSec Passwords 95

Krebs on Security

JANUARY 11, 2021

The warning from Ubiquiti carries particular significance because the company has made it fairly difficult for customers using the latest Ubiquiti firmware to interact with their devices without first authenticating through the company’s cloud-based systems. Click on ‘Security’ from the left-hand menu. Change your password.

Passwords 362

Passwords Authentication Firmware Accountability 362

CyberSecurity Insiders

NOVEMBER 25, 2021

From backdoors- As the Korean giant creates, validates and manufactures its computing devices all on its own, its every piece of hardware, wiring and firmware is securely drafted at its high secure R&D plants & factories in the world. So, the question of unauthorized backdoors being present on any of its devices gets eliminated.

Mobile 132

Mobile Firmware Manufacturing Passwords 132

Heimadal Security

JULY 15, 2021

This targets the Secure Mobile Access (SMA) 100 series and Secure Remote Access (SRA) devices. x firmware. x Firmware: SonicWall Security Notification Released appeared first on Heimdal Security Blog. These products are unpatched and run the EOL (end-of-life) 8.x What’s the goal? […].

Firmware 98

Firmware Ransomware Mobile Risk 98

Bleeping Computer

JANUARY 14, 2024

GrapheneOS, a privacy and security-focused Android-based operating system, has posted a series of tweets on X suggesting that Android should introduce frequent auto-reboots to make it harder for forensic software vendors to exploit firmware flaws and spy on the users. [.]

Firmware 108

Firmware Software Mobile 108

Security Affairs

AUGUST 27, 2018

The research revealed that millions of mobile devices from eleven smartphone vendors are vulnerable to attacks carried out using AT commands. The team published a website containing the list of phone models and firmware versions that expose the AT interface. camera control). In many cases, the commands are not documented by vendors.

Mobile 105

Mobile Firmware Advertising Telecommunications 105

Troy Hunt

NOVEMBER 25, 2020

I also looked at custom firmware and soldering and why, to my mind, that was a path I didn't need to go down at this time. Let's got through the options: Firmware Patching I'll start with the devices themselves and pose a question to you: can you remember the last time you patched the firmware in your light globes? Or vibrator.

IoT 363

IoT Firmware Risk Encryption 363

Security Affairs

MARCH 9, 2025

.” reads the report published by the researchers “Exploitation of this hidden functionality would allow hostile actors to conduct impersonation attacks andpermanently infect sensitive devices such as mobile phones, computers, smart locks or medical equipment bybypassing code audit controls.”

Manufacturing 124

Manufacturing IoT Firmware Mobile 124

Security Affairs

MAY 1, 2025

SonicWall confirmed that threat actors actively exploited two vulnerabilities impacting its SMA100 Secure Mobile Access (SMA) appliances. SonicWall revealed that attackers actively exploited two security vulnerabilities, tracked as CVE-2023-44221 and CVE-2024-38475 , in its SMA100 Secure Mobile Access appliances.

Firmware 66

Firmware Mobile VPN Authentication 66

Penetration Testing

APRIL 28, 2025

In a newly released report, Kaspersky Labs warns of an alarming evolution in the Triada Trojan, a notorious The post Triada Trojan Evolves: Pre-Installed Android Malware Now Embedded in Device Firmware appeared first on Daily CyberSecurity.

Firmware 89

Firmware Malware Cybersecurity Mobile 89

Troy Hunt

JANUARY 24, 2020

I was left with a zero-byte file on my unit which we tried to recover to no avail.

Firmware 266

Firmware Mobile 266

The Hacker News

JUNE 20, 2024

Cybersecurity researchers have disclosed details of a now-patched security flaw in Phoenix SecureCore UEFI firmware that affects multiple families of Intel Core desktop and mobile processors.

Firmware 139

Firmware Mobile Cybersecurity 139

Security Affairs

APRIL 13, 2022

Researchers discovered five vulnerabilities that can be exploited to remotely hack hospital Aethon’s TUG autonomous mobile robots. A TUG is an autonomous mobile robot designed for hospitals by Aethon. Cynerio ethically disclosed the issues to Aethon and the vendor addressed it with the release of firmware updates.

Mobile 111

Mobile Hacking Firmware Surveillance 111

Bleeping Computer

JULY 17, 2021

CISA is warning of threat actors targeting "a known, previously patched, vulnerability" found in SonicWall Secure Mobile Access (SMA) 100 series and Secure Remote Access (SRA) products with end-of-life firmware. [.].

Firmware 139

Firmware Ransomware Mobile 139

Dark Reading

JANUARY 9, 2023

The issue concerns the boot layer of ARM chips, which are driving a low-power mobile ecosystem that includes 5G smartphones and base stations.

Firmware 107

Firmware Mobile 107

The Hacker News

DECEMBER 8, 2023

A collection of security flaws in the firmware implementation of 5G mobile network modems from major chipset vendors such as MediaTek and Qualcomm impact USB and IoT modems as well as hundreds of smartphone models running Android and iOS.

Firmware 144

Firmware IoT Mobile 144

Security Affairs

JULY 18, 2021

Threat actors could target unpatched devices belonging to Secure Mobile Access (SMA) 100 series and Secure Remote Access (SRA) families. x firmware in an imminent ransomware campaign using stolen credentials.” The exploitation targets a known vulnerability that has been patched in newer versions of firmware.”.

Ransomware 136

Ransomware Firmware Mobile InfoSec 136

Malwarebytes

JUNE 13, 2024

Google has notified Pixel users about an actively exploited vulnerability in their phones’ firmware. Firmware is the code or program which is embedded into hardware devices. The CVE for this vulnerability is: CVE-2024-32896 : an elevation of privilege (EoP) issue in Pixel firmware.

Firmware 143

Firmware Spyware Mobile Software 143

Bleeping Computer

MARCH 9, 2023

A suspected Chinese hacking campaign has been targeting unpatched SonicWall Secure Mobile Access (SMA) appliances to install custom malware that establish long-term persistence for cyber espionage campaigns. [.]

Firmware 103

Firmware Malware Mobile Hacking 103

Tech Republic Security

AUGUST 18, 2017

The hack exposes firmware code, and could be a major blow to iOS security, a key component of Apple's hardware strategy.

Firmware 117

Firmware Mobile Hacking 117

Security Affairs

JANUARY 25, 2022

Threat actors are actively exploiting a critical flaw (CVE-2021-20038) in SonicWall’s Secure Mobile Access (SMA) gateways addressed in December. Threat actors are actively exploiting a critical flaw, tracked as CVE-2021-20038 , in SonicWall’s Secure Mobile Access (SMA) gateways addressed by the vendor in December.

Mobile 98

Mobile Passwords Firmware Firewall 98

Security Affairs

JANUARY 24, 2025

SonicWall is waring customers of a critical security vulnerability, tracked as CVE-2025-23006 (CVSS score of 9,8) impacting its Secure Mobile Access (SMA) 1000 Series appliances. The malware was well tailored to the system to provide stability and maintain persistence, even in the case of installation of firmware upgrades.

Firmware 70

Firmware Malware Authentication Mobile 70

Krebs on Security

JUNE 25, 2021

The My Book Live and My Book Live Duo devices received its final firmware update in 2015. But these products also make it simple for users to access their files remotely over the Internet using a mobile app. . “In some cases, this compromise has led to a factory reset that appears to erase all data on the device.

Internet 332

Internet Internet Backups Small Business 332

Security Affairs

AUGUST 23, 2022

It allows a remote or local client to connect and operate in the “mysh” console application, which must first be installed on the device or initially present in its firmware. To avoid the risk of becoming a victim of such malware attacks, experts recommend to purchase mobile devices only from official stores and legitimate distributors.

Mobile 98

Mobile Firmware Malware Wireless 98

CyberSecurity Insiders

JULY 16, 2021

Therefore, customers using Secure Mobile Access (SMA) 100 series and Secure Remote Access (SRA) products are being urged to disconnect those devices from internet as they are on the verge of getting cyber attacked and injected with file encrypting malware as its 8.x x firmware is going to reach its EOL aka End of Life.

Ransomware 145

Ransomware Firmware Cyber Attacks Firewall 145

Security Boulevard

JUNE 20, 2024

in the Phoenix SecureCore UEFI firmware that runs on multiple families of Intel Core desktop and mobile processors. The post UEFIcanhazbufferoverflow: Widespread Impact from Vulnerability in Popular PC and Server Firmware appeared first on Security Boulevard.

Firmware 59

Firmware Mobile 59

Security Affairs

JULY 15, 2021

Threat actors could target unpatched devices belonging to Secure Mobile Access (SMA) 100 series and Secure Remote Access (SRA) families. x firmware in an imminent ransomware campaign using stolen credentials.” “The exploitation targets a known vulnerability that has been patched in newer versions of firmware.”

Firmware 116

Firmware Ransomware Passwords Mobile 116

Security Boulevard

JULY 3, 2024

Cybersecurity researchers have recently uncovered a UEFI vulnerability in the Phoenix SecureCore UEFI firmware, which affects a variety of Intel Core desktop and mobile processors. This now-patched vulnerability, identified as CVE-2024-0762 with a CVSS score of 7.5, has been termed “UEFIcanhazbufferoverflow.”

Firmware 105

Firmware Mobile Cybersecurity 105

Security Affairs

APRIL 7, 2020

The malware is distributed as a popular cleaner and speed optimization app for mobile devices, most of the infections reported by Kaspersky are in Russia (80.56%), India (3.43%), and Algeria (2.43%). In this case, reflashing is pointless, so it would be worth considering alternative firmwares for your device.

Malware 145

Malware Firmware Manufacturing Advertising 145

Security Affairs

DECEMBER 15, 2020

The CVE-2020-25183 is an improper authentication issue that could be exploited by an attacker to bypass the authentication between the MCL Smart Patient Reader and the Medtronic MyCareLink Smart mobile app. The flaw could be exploited by an attacker to remotely execute code taking over the device. ” states the advisory.

Firmware 138

Firmware Authentication Mobile IoT 138

Bleeping Computer

FEBRUARY 21, 2023

Google has presented a plan to strengthen the firmware security on secondary Android SoCs (systems on a chip) by introducing mechanisms like control flow integrity, memory safety systems, and compiler-based sanitizers. [.]

Firmware 73

Firmware Mobile 73

Penetration Testing

MAY 7, 2025

SonicWall has released a security advisory detailing multiple vulnerabilities affecting its Secure Mobile Access (SMA) 100 series products. The post Multi Vulnerabilities Found in SonicWall SMA 100 Series Prompt Urgent Security Update appeared first on Daily CyberSecurity.

Mobile 72

Mobile Cybersecurity Firmware 72