2016, Architecture and Firmware - Cyber Security Informer

Android devices shipped with backdoored firmware as part of the BADBOX network

Security Affairs

OCTOBER 8, 2023

Researchers warn that more than 70,000 Android smartphones, CTV boxes, and tablets were shipped with backdoored firmware as part of BADBOX network. Cybersecurity researchers at Human Security discovered a global network of consumer products, dubbed BADBOX, with firmware backdoors installed and sold through a compromised hardware supply chain.

Firmware

Firmware Mobile Malware Retail

New Triada Trojan comes preinstalled on Android devices

Security Affairs

APRIL 2, 2025

The researchers speculate that threat actors behind this variant have compromised the supply chain, so stores may not even suspect that they are selling smartphones infected with Triada “The new version of the malware is distributed in the firmware of infected Android devices. It is located in the system framework.

Malware

Malware Cryptocurrency Mobile Firmware

AMD is going to patch UEFI SMM callout privilege escalation flaw

Security Affairs

JUNE 22, 2020

AMD is going to release patches for a flaw affecting the System Management Mode (SMM) of the Unified Extensible Firmware Interface (UEFI). The vulnerability was discovered by the security researcher Danny Odler, it resides in the AMD’s Mini PC could allow attackers to manipulate secure firmware and execute arbitrary code.

Firmware

Firmware Architecture Advertising Manufacturing

3 Percent ($30B) of U.S. Military Funding Dedicated to Cybersecurity

SecureWorld News

JANUARY 9, 2025

Also of concern is the firmware and ROM found on many components that go into the manufacture of systems, nearly of all which are manufactured today in mainland China. Limiting cyberwar funding Development of the Joint Cyber Warfighting Architecture (JCWA) will be restricted until U.S. Cyber Command.

Cybersecurity

Cybersecurity Manufacturing Surveillance Ransomware

A new Zerobot variant spreads by exploiting Apache flaws

Security Affairs

DECEMBER 22, 2022

Microsoft researchers have also identified that previous reports have used the vulnerability ID “ZERO-32906” for CVE-2018-20057, “GPON” for CVE-2018-10561, and “DLINK” for CVE-2016-20017; and that CVE-2020-7209 was mislabeled as CVE-2017-17106 and CVE-2022-42013 was mislabeled as CVE-2021-42013.”

IoT

IoT DDOS Malware Firmware

AT&T Alien Labs finds new Golang malware (BotenaGo) targeting millions of routers and IoT devices with more than 30 exploits

CyberSecurity Insiders

NOVEMBER 11, 2021

However, there is a difference between the Mirai malware and the new malware variants using Go, including differences in the language in which it is written and the malware architectures. Ax with firmware 1.04b12 and earlier. CVE-2016-1555. NETGEAR DGN2200 devices with firmware through 10.0.0.50. CVE-2016-6277.

Malware

Malware IoT Firmware Authentication

Attacks Escalating Against Linux-Based IoT Devices

eSecurity Planet

JANUARY 20, 2022

CrowdStrike in 2021 also saw a 123 percent year-over-year increase in samples of XorDDoS, a Trojan aimed at multiple Linux architectures, including those powered by x86 chips from Intel and AMD as well as Arm processors. IoT devices have made botnets great again,” Bambenek said.

IoT

IoT DDOS Malware Internet

StripedFly: Perennially flying under the radar

SecureList

OCTOBER 25, 2023

This archive is discreetly hosted on legitimate websites, cleverly disguised as firmware binaries for enigmatic devices labeled “m100” The Bitbucket repository was created on June 21, 2018, under the account of Julie Heilman, and it remains the sole repository associated with this profile. onion ghtyqipha6mcwxiz[.]onion

Malware

Malware DNS Encryption Cryptocurrency

Lemon Group gang pre-infected 9 million Android devices for fraudulent activities

Security Affairs

MAY 19, 2023

The Triada Trojan was spotted for the first time in 2016 by researchers at Kaspersky Lab that considered it the most advanced mobile threat seen to the date of the discovery. The most interesting characteristic of the Triada Trojan apart is its modular architecture, which gives it theoretically a wide range of abilities.

Mobile

Mobile Advertising Malware Cybercrime

macOS 11’s hidden security improvements

Malwarebytes

AUGUST 18, 2021

The Apple video Explore the new system architecture of Apple silicon Macs from session 10686 of the WWDC 2020 has a good overview of most of the new security features, and more.). Below the task level, the flag becomes architecture-specific, x86-64-only, morphing into a mitigation codenamed SEGCHK. The task flag is TF_TECS.

Firmware

Firmware Architecture Risk Engineering

Best Disaster Recovery Solutions for 2022

eSecurity Planet

JULY 8, 2022

“With a cyberattack, it’s more than just data that needs protecting—at risk is really the entire physical infrastructure from applications and operating systems down to low-level firmware and BIOS. Druva’s metadata-centric architecture supports management and security of data in the cloud with long-term retention, and regulatory compliance.

Backups

Backups Ransomware Technology Marketing

BotenaGo strikes again – malware source code uploaded to GitHub

CyberSecurity Insiders

JANUARY 26, 2022

In September 2016, source code of one of the most popular botnets named Mirai was leaked and uploaded to one of the hacking community forums, and later uploaded to GitHub with detailed information on the botnet, its infrastructure, configuration and how to build it. Install security and firmware upgrades from vendors, as soon as possible.

Malware

Malware IoT Authentication Antivirus

Cybersecurity Snapshot: Critical Infrastructure Orgs Found Vulnerable to Basic Hacks, While New MITRE Tool Uses ML to Predict Attack Chains

Security Boulevard

SEPTEMBER 20, 2024

Keep software and firmware patched and updated. CIS Microsoft Windows Server 2016 STIG Benchmark v3.0.0 In addition, CIS released brand new Benchmarks for Apache’s Cassandra 4.1 Segment networks and use the least-privilege principle to limit the risk from compromised IoT devices. Replace default passwords with strong passwords.

Cybersecurity

Cybersecurity IoT Hacking Risk

Overview of IoT threats in 2023

SecureList

SEPTEMBER 21, 2023

See translation Will buy 0day/1day RCE in IoT Escrow See translation Hi, I want to buy IoT exploits with devices located in Korea Any architecture There are also offers to purchase and sell IoT malware on dark web forums, often packaged with infrastructure and supporting utilities.

IoT

IoT DDOS Passwords Malware

EP 31: Stopping the Mirai IoT Botnet, One CnC Server At A Time

ForAllSecure

OCTOBER 5, 2021

In 2016, the Mirai IoT botnet shut down part of the internet, yet variations still plague us today. Quemu enables me to emulate some of the not common CPU architectures like MIPS powerPC or MIPS cell. Maybe our current approach to IoT botnets isn’t working? It's designed to be robust to withstand a nuclear war.

IoT

IoT DDOS Malware Internet

The Hacker Mind: Hacking IoT

ForAllSecure

APRIL 22, 2021

One of the open source protocols that crashed most often was BusyBox what could happen with a vulnerability in BusyBox in 2016. Those have much less security much many fewer capabilities and architectural stability built into them, but again it's, it's the lowest common denominator it's like web 1.0

IoT

IoT Hacking Internet Internet

The Hacker Mind: Hacking IoT

ForAllSecure

APRIL 22, 2021

One of the open source protocols that crashed most often was BusyBox what could happen with a vulnerability in BusyBox in 2016. Those have much less security much many fewer capabilities and architectural stability built into them, but again it's, it's the lowest common denominator it's like web 1.0

IoT

IoT Hacking Internet Internet

The Hacker Mind Podcast: The Hacker Revolution Will Be Televised

ForAllSecure

FEBRUARY 22, 2023

There's the you know, these little ESP chips that have like, all in one Wi Fi and a little Linux or a little you know that OS that's just trivial and you download the firmware, you tweak a few things and you've got blinky lights, the magic can talk to other things and like do all sorts of cool stuff. Everybody's building their own badges.

Engineering

Engineering Hacking Marketing Wireless

Cyber Security Informer

Android devices shipped with backdoored firmware as part of the BADBOX network

New Triada Trojan comes preinstalled on Android devices

Trending Sources

AMD is going to patch UEFI SMM callout privilege escalation flaw

3 Percent ($30B) of U.S. Military Funding Dedicated to Cybersecurity

A new Zerobot variant spreads by exploiting Apache flaws

AT&T Alien Labs finds new Golang malware (BotenaGo) targeting millions of routers and IoT devices with more than 30 exploits

Attacks Escalating Against Linux-Based IoT Devices

StripedFly: Perennially flying under the radar

Lemon Group gang pre-infected 9 million Android devices for fraudulent activities

macOS 11’s hidden security improvements

Best Disaster Recovery Solutions for 2022

BotenaGo strikes again – malware source code uploaded to GitHub

Cybersecurity Snapshot: Critical Infrastructure Orgs Found Vulnerable to Basic Hacks, While New MITRE Tool Uses ML to Predict Attack Chains

Overview of IoT threats in 2023

EP 31: Stopping the Mirai IoT Botnet, One CnC Server At A Time

The Hacker Mind: Hacking IoT

The Hacker Mind: Hacking IoT

The Hacker Mind Podcast: The Hacker Revolution Will Be Televised

Stay Connected