Bleeping Computer

FEBRUARY 21, 2023

Google has presented a plan to strengthen the firmware security on secondary Android SoCs (systems on a chip) by introducing mechanisms like control flow integrity, memory safety systems, and compiler-based sanitizers. [.]

Firmware 78

Firmware Mobile 78

SecureList

MARCH 1, 2021

In 2020, Kaspersky mobile products and technologies detected: 5,683,694 malicious installation packages, 156,710 new mobile banking Trojans, 20,708 new mobile ransomware Trojans. Pandemic theme in mobile threats. The mobile malware Trojan-Ransom.AndroidOS.Agent.aq The year in figures. Trends of the year.

Mobile 133

Mobile Malware Adware Banking 133

Bleeping Computer

MARCH 9, 2023

A suspected Chinese hacking campaign has been targeting unpatched SonicWall Secure Mobile Access (SMA) appliances to install custom malware that establish long-term persistence for cyber espionage campaigns. [.]

Firmware 108

Firmware Malware Mobile Hacking 108

CyberSecurity Insiders

NOVEMBER 25, 2021

From backdoors- As the Korean giant creates, validates and manufactures its computing devices all on its own, its every piece of hardware, wiring and firmware is securely drafted at its high secure R&D plants & factories in the world. So, the question of unauthorized backdoors being present on any of its devices gets eliminated.

Mobile 132

Mobile Firmware Manufacturing Passwords 132

Heimadal Security

JULY 15, 2021

This targets the Secure Mobile Access (SMA) 100 series and Secure Remote Access (SRA) devices. x firmware. x Firmware: SonicWall Security Notification Released appeared first on Heimdal Security Blog. These products are unpatched and run the EOL (end-of-life) 8.x What’s the goal? […].

Firmware 75

Firmware Ransomware Mobile Risk 75

Security Affairs

FEBRUARY 20, 2021

Security provider SonicWall released a new firmware update for an SMA-100 zero-day vulnerability that was exploited in attacks. SonicWall has released a second firmware update for the SMA-100 zero-day vulnerability that was exploited in attacks in the wild. Early February, SonicWall released the first firmware updates (version 10.2.0.5-29sv)

Firmware 64

Firmware Mobile Hacking Information Security 64

Dark Reading

JANUARY 9, 2023

The issue concerns the boot layer of ARM chips, which are driving a low-power mobile ecosystem that includes 5G smartphones and base stations.

Firmware 107

Firmware Mobile 107

The Hacker News

DECEMBER 8, 2023

A collection of security flaws in the firmware implementation of 5G mobile network modems from major chipset vendors such as MediaTek and Qualcomm impact USB and IoT modems as well as hundreds of smartphone models running Android and iOS.

Firmware 135

Firmware IoT Mobile 135

Security Affairs

JULY 10, 2023

Resecurity identified the emergence of adversarial mobile Android-based Antidetect Tooling for Mobile OS-Based Fraud. Resecurity has identified the emergence of adversarial mobile Android-based tools (called “mobile anti-detects”), like Enclave and McFly, as a new frontier in fraud tradecraft evolution.

Mobile 59

Mobile Banking Firmware Software 59

Security Affairs

SEPTEMBER 6, 2021

Security researcher ValdikSS found malware preinstalled in four low-budget push-button mobile phones available for sale on Russian e-stores. A Russian security researcher that goes online with the name of ValdikSS has found malware preinstalled in four low-budget push-button mobile phones available for sale on Russian e-stores.

Mobile 109

Mobile Malware Firmware Manufacturing 109

Security Affairs

AUGUST 23, 2022

It allows a remote or local client to connect and operate in the “mysh” console application, which must first be installed on the device or initially present in its firmware. To avoid the risk of becoming a victim of such malware attacks, experts recommend to purchase mobile devices only from official stores and legitimate distributors.

Mobile 93

Mobile Firmware Malware Wireless 93

Security Affairs

APRIL 13, 2022

Researchers discovered five vulnerabilities that can be exploited to remotely hack hospital Aethon’s TUG autonomous mobile robots. A TUG is an autonomous mobile robot designed for hospitals by Aethon. Cynerio ethically disclosed the issues to Aethon and the vendor addressed it with the release of firmware updates.

Mobile 129

Mobile Hacking Firmware Surveillance 129

Security Affairs

JANUARY 25, 2022

Threat actors are actively exploiting a critical flaw (CVE-2021-20038) in SonicWall’s Secure Mobile Access (SMA) gateways addressed in December. Threat actors are actively exploiting a critical flaw, tracked as CVE-2021-20038 , in SonicWall’s Secure Mobile Access (SMA) gateways addressed by the vendor in December.

Mobile 88

Mobile Passwords Firmware Firewall 88

Security Affairs

DECEMBER 9, 2023

A set of flaws, collectively called 5Ghoul, in the firmware implementation of 5G mobile network modems from major vendors impacts Android and iOS devices. Such a family of vulnerabilities are present in the firmware implementation of 5G mobile network modems from major chipset vendors i.e., Qualcomm and MediaTek.”

Firmware 113

Firmware Mobile Software Hacking 113

Security Boulevard

MARCH 8, 2024

By Max Ammann and Emilio López Our application security team leaves no stone unturned; our audits dive deeply into areas ranging from device firmware, operating system kernels, and cloud systems to widely used technology such as mobile and web applications.

Firmware 62

Firmware Mobile Technology 62

Bleeping Computer

JULY 17, 2021

CISA is warning of threat actors targeting "a known, previously patched, vulnerability" found in SonicWall Secure Mobile Access (SMA) 100 series and Secure Remote Access (SRA) products with end-of-life firmware. [.].

Firmware 142

Firmware Mobile Ransomware 142

Security Affairs

AUGUST 27, 2018

The research revealed that millions of mobile devices from eleven smartphone vendors are vulnerable to attacks carried out using AT commands. The team published a website containing the list of phone models and firmware versions that expose the AT interface. camera control). In many cases, the commands are not documented by vendors.

Mobile 83

Mobile Firmware Telecommunications Advertising 83

Malwarebytes

APRIL 3, 2024

CVE-2024-29748 : An elevation of privilege (EoP) vulnerability in the Pixel firmware. Firmware is device-specific software that provides basic machine instructions that allow the hardware to function and communicate with other software running on the device.

Firmware 114

Firmware Software Mobile Risk 114

Security Affairs

JULY 15, 2021

Threat actors could target unpatched devices belonging to Secure Mobile Access (SMA) 100 series and Secure Remote Access (SRA) families. x firmware in an imminent ransomware campaign using stolen credentials.” “The exploitation targets a known vulnerability that has been patched in newer versions of firmware.”

Firmware 109

Firmware Ransomware Passwords Mobile 109

Security Affairs

JULY 18, 2021

Threat actors could target unpatched devices belonging to Secure Mobile Access (SMA) 100 series and Secure Remote Access (SRA) families. x firmware in an imminent ransomware campaign using stolen credentials.” The exploitation targets a known vulnerability that has been patched in newer versions of firmware.”.

Ransomware 115

Ransomware Firmware Mobile InfoSec 115

The Hacker News

MARCH 10, 2023

A suspecting China-linked hacking campaign has been observed targeting unpatched SonicWall Secure Mobile Access (SMA) 100 appliances to drop malware and establish long-term persistence.

Malware 80

Malware Firmware Mobile Hacking 80

SecureList

MARCH 20, 2024

Introduction Malware for mobile devices is something we come across very often. million malware, adware, and riskware attacks on mobile devices. Among the mobile platforms, Android remains the most popular target operating system for cybercriminals. In 2023 , our technologies blocked 33.8 Collects system information (e.g.

Malware 85

Malware Mobile Firmware Spyware 85

CyberSecurity Insiders

JULY 16, 2021

Therefore, customers using Secure Mobile Access (SMA) 100 series and Secure Remote Access (SRA) products are being urged to disconnect those devices from internet as they are on the verge of getting cyber attacked and injected with file encrypting malware as its 8.x x firmware is going to reach its EOL aka End of Life.

Ransomware 145

Ransomware Firmware Cyber Attacks Firewall 145

The Hacker News

MAY 13, 2022

SonicWall has published an advisory warning of a trio of security flaws in its Secure Mobile Access (SMA) 1000 appliances, including a high-severity authentication bypass vulnerability. The weaknesses in question impact SMA 6200, 6210, 7200, 7210, 8000v running firmware versions 12.4.0 and 12.4.1.

Firmware 82

Firmware Mobile Authentication 82

The Hacker News

JULY 15, 2021

Networking equipment maker SonicWall is alerting customers of an "imminent" ransomware campaign targeting its Secure Mobile Access (SMA) 100 series and Secure Remote Access (SRA) products running unpatched and end-of-life 8.x x firmware.

VPN 102

VPN Ransomware Firmware Mobile 102

CSO Magazine

MARCH 10, 2023

A persistent malware targeting unpatched SonicWall Secure Mobile Access (SMA) appliances has been linked to a Chinese campaign dating back to 2021, according to a Mandiant research done in partnership with SonicWall’s in-house research team. This is not a new vulnerability, so a patch was not published,” a Mandiant spokesperson said.

Firmware 79

Firmware Mobile Malware 79

Security Affairs

MAY 16, 2022

Researchers devised an attack technique to tamper the firmware and execute a malware onto a Bluetooth chip when an iPhone is “off.” Unlike NFC and UWB chips, the Bluetooth firmware is neither signed nor encrypted opening the doors to modification.

Malware 96

Malware Wireless Firmware Mobile 96

SecureWorld News

JULY 14, 2021

Here is the company's description of the current vulnerability: "Through the course of collaboration with trusted third parties, SonicWall has been made aware of threat actors actively targeting Secure Mobile Access (SMA) 100 series and Secure Remote Access (SRA) products running unpatched and end-of-life (EOL) 8.x

Risk 91

Risk Ransomware Firmware Mobile 91

Security Affairs

JULY 17, 2021

Network equipment vendor D-Link has released a firmware hotfix to fix multiple vulnerabilities in the DIR-3040 AC3000-based wireless internet router. Network equipment vendor D-Link has released a firmware hotfix to address multiple vulnerabilities affecting the DIR-3040 AC3000-based wireless internet router. ” states the vendor.

Firmware 117

Firmware Wireless Passwords Internet 117

Security Affairs

MAY 13, 2022

SonicWall warns customers to address several high-risk security flaws impacting its Secure Mobile Access (SMA) 1000 Series line of products. SonicWall urges customers to address several high-risk security vulnerabilities affecting its Secure Mobile Access (SMA) 1000 Series line of products. 02965 and earlier versions.

Firmware 79

Firmware Mobile Risk Hacking 79

Krebs on Security

JANUARY 11, 2021

The warning from Ubiquiti carries particular significance because the company has made it fairly difficult for customers using the latest Ubiquiti firmware to interact with their devices without first authenticating through the company’s cloud-based systems. Click on ‘Security’ from the left-hand menu. Change your password.

Passwords 337

Passwords Authentication Firmware Accountability 337

Security Affairs

NOVEMBER 1, 2021

In this attack, a black-box device, such as a mobile device or a Raspberry, is physically connected to the ATM and is used by the attackers to send commands to the machine. The two vulnerabilities, tracked as CVE-2018-9099 and CVE-2018-9100 , resides in the firmware of the CMD-V5 dispenser and RM3/CRS dispenser respectively.

Hacking 114

Hacking Firmware Encryption Manufacturing 114

Heimadal Security

JULY 19, 2021

CISA, the Cybersecurity & Infrastructure Security Agency, disclosed that threat actors are apparently targeting “a known, previously patched, vulnerability” that was found in SonicWall Secure Mobile Access (SMA) 100 series and Secure Remote Access (SRA) products with end-of-life firmware.

Ransomware 78

Ransomware Firmware Mobile Cybersecurity 78

Security Affairs

DECEMBER 15, 2020

The CVE-2020-25183 is an improper authentication issue that could be exploited by an attacker to bypass the authentication between the MCL Smart Patient Reader and the Medtronic MyCareLink Smart mobile app. The flaw could be exploited by an attacker to remotely execute code taking over the device. ” states the advisory.

Firmware 100

Firmware Authentication Mobile IoT 100

Security Affairs

APRIL 7, 2020

The malware is distributed as a popular cleaner and speed optimization app for mobile devices, most of the infections reported by Kaspersky are in Russia (80.56%), India (3.43%), and Algeria (2.43%). In this case, reflashing is pointless, so it would be worth considering alternative firmwares for your device.

Malware 121

Malware Firmware Manufacturing Mobile 121

Security Affairs

SEPTEMBER 24, 2021

SonicWall fixed a critical security flaw, tracked as CVE-2021-20034, that impacts some Secure Mobile Access (SMA) 100 series products that can allow device takeover. SonicWall has addressed a critical security vulnerability, tracked as CVE-2021-20034 , that impacting several Secure Mobile Access (SMA) 100 series products.

Firmware 85

Firmware Mobile Hacking Information Security 85

Troy Hunt

NOVEMBER 25, 2020

I also looked at custom firmware and soldering and why, to my mind, that was a path I didn't need to go down at this time. Let's got through the options: Firmware Patching I'll start with the devices themselves and pose a question to you: can you remember the last time you patched the firmware in your light globes? Or vibrator.

IoT 358

IoT Firmware Risk Manufacturing 358