SecureList

JANUARY 20, 2022

At the end of 2021, we were made aware of a UEFI firmware-level compromise through logs from our Firmware Scanner , which has been integrated into Kaspersky products since the beginning of 2019. This one is made up of implants found in the UEFI firmware within the SPI flash, a non-volatile storage external to the hard drive.

Firmware 145

Firmware Malware Encryption Passwords 145

Troy Hunt

JULY 13, 2021

Pre-pairing everything before they go into the roof: pic.twitter.com/wfHeXrZdqd — Troy Hunt (@troyhunt) May 24, 2021 And this is where the problems begin. pic.twitter.com/lyq1wbTICX — Troy Hunt (@troyhunt) June 7, 2021 "See log for details." " Ok then: FFS. If you have issues, pls feel free to let us know.

Internet 362

Internet Internet IoT Firmware 362

Security Affairs

NOVEMBER 16, 2021

Intel disclosed two high-severity vulnerabilities, tracked as CVE-2021-0157 and CVE-2021-0158, that affect the BIOS firmware in several processor families. Intel disclosed two high-severity vulnerabilities that affect the BIOS firmware in several processor families, both vulnerabilities have received a CVSS v3 score of 8.2.

Firmware 123

Firmware Hacking Risk 123

Security Affairs

AUGUST 7, 2021

Threat actors are actively exploiting a critical authentication bypass issue (CVE-2021-20090 ) affecting home routers with Arcadyan firmware. Threat actors actively exploit a critical authentication bypass vulnerability, tracked as CVE-2021-20090 , impacting home routers with Arcadyan firmware to deploy a Mirai bot.

IoT 145

IoT Firmware Authentication Wireless 145

Malwarebytes

JULY 28, 2021

Researchers at RandoriSec have found serious vulnerabilities in the firmware provided by UDP Technology to Geutebrück and many other IP camera vendors. According to the researchers the firmware supplier UDP Technology fails to respond to their reports despite numerous mails and LinkedIn messages. History lessons.

Firmware 124

Firmware Technology Authentication IoT 124

Security Affairs

SEPTEMBER 12, 2022

Six high-severity firmware bugs affecting several HP Enterprise devices are yet to be patched, some of them since July 2021. When a code is sent to the SMM, the operating system is suspended and a portion of the UEFI/BIOS firmware executes various commands with elevated privileges and with access to all the data and hardware.

Firmware 107

Firmware Hacking Information Security 107

Security Affairs

MARCH 9, 2022

Researchers disclosed 16 high-severity flaws in different implementations of Unified Extensible Firmware Interface (UEFI) firmware impacting multiple HP enterprise devices. High CVE-2021-39298 BRLY-2021-004 SMM callout (privilege escalation) 8.8 High CVE-2022-23932 BRLY-2021-040 SMM callout (privilege escalation) 8.2

Firmware 98

Firmware Hacking Technology Cybersecurity 98

SecureWorld News

NOVEMBER 7, 2024

In 2021, for example, hackers attempted to manipulate the chemical levels in a Florida water treatment plant by breaching remote access systems. Firmware integrity checks: Regularly check that each device's firmware is up to date and verified—especially when outdated firmware is one of the most common entry points for attackers.

IoT 104

IoT Firmware Encryption Authentication 104

Security Affairs

DECEMBER 8, 2021

The Mirai -based Moobot botnet is rapidly spreading by exploiting a critical command injection flaw, tracked as CVE-2021-36260 , in the webserver of several Hikvision products. The Moobot was first documented by Palo Alto Unit 42 researchers in February 2021, the recent attacks demonstrated that its authors are enhancing their malware.

Firmware 144

Firmware DDOS Malware IoT 144

SecureWorld News

FEBRUARY 20, 2025

Patching and vulnerability management Apply timely security updates to operating systems, software, and firmware. Prioritize fixing vulnerabilities exploited by Ghost, such as ProxyShell (CVE-2021-34473, CVE-2021-34523, CVE-2021-31207). Use Privileged Access Management (PAM) solutions.

Ransomware 110

Ransomware IoT Encryption Social Engineering 110

SecureList

JUNE 8, 2022

During 2020 and 2021, more than 500 router vulnerabilities were found. The nvd.nist.gov website presents different figures, but they too show a significant increase in the number of router vulnerabilities found in 2020 and 2021. Distribution of router vulnerabilities by priority, 2021 ( download ). Router-targeting malware.

DDOS 133

DDOS Passwords IoT Firmware 133

Security Affairs

FEBRUARY 20, 2021

Security provider SonicWall released a new firmware update for an SMA-100 zero-day vulnerability that was exploited in attacks. SonicWall has released a second firmware update for the SMA-100 zero-day vulnerability that was exploited in attacks in the wild. Early February, SonicWall released the first firmware updates (version 10.2.0.5-29sv)

Firmware 101

Firmware Mobile Hacking Information Security 101

Security Affairs

SEPTEMBER 22, 2021

CVE-2021-40847 flaw in Netgear SOHO routers could be exploited by a remote attacker to execute arbitrary code as root. The flaw, tracked as CVE-2021-40847, resides in the source of a third-party component included in the firmware of many Netgear devices. R6700v3 – 1.0.4.106 R6900 – 1.0.2.16 R7900 – 1.0.4.38

DNS 141

DNS Firmware VPN Risk 141

Security Affairs

SEPTEMBER 24, 2021

SonicWall fixed a critical security flaw, tracked as CVE-2021-20034, that impacts some Secure Mobile Access (SMA) 100 series products that can allow device takeover. SonicWall has addressed a critical security vulnerability, tracked as CVE-2021-20034 , that impacting several Secure Mobile Access (SMA) 100 series products.

Firmware 126

Firmware Mobile Hacking Information Security 126

SC Magazine

FEBRUARY 3, 2021

x firmware. x firmware, which malicious actors exploited in a cyberattack against the infosec firm last month. . SonicWall’s firmware update to version 10.2.0.5-29sv The post SonicWall issues firmware patch after attackers exploited critical bugs appeared first on SC Media. SonicWall). 31 and Feb.

Firmware 95

Firmware Mobile InfoSec Passwords 95

SecureList

NOVEMBER 30, 2021

Possibly the biggest story of 2021, an investigation by the Guardian and 16 other media organizations, published in July, suggested that over 30,000 human rights activists, journalists and lawyers across the world may have been targeted using Pegasus. In parallel, Volexity also reported the same Exchange zero-days being in use in early 2021.

Malware 140

Malware Mobile Spyware Surveillance 140

Security Affairs

OCTOBER 30, 2021

MITRE and CISA announced the release of the “2021 Common Weakness Enumeration (CWE) Most Important Hardware Weaknesses” list. MITRE and the DHS’s Cybersecurity and Infrastructure Security Agency (CISA) have announced the release of the “2021 Common Weakness Enumeration (CWE) Most Important Hardware Weaknesses” list. Pierluigi Paganini.

Firmware 145

Firmware Manufacturing Education Engineering 145

Malwarebytes

MARCH 10, 2023

The malware was likely deployed in 2021, and was able to persist on the appliances tenaciously, even surviving firmware upgrades. The malware checked for the presence of a firmware upgrade every ten seconds. The malware was able to steal user credentials and provide shell access.

Firmware 98

Firmware Malware Encryption Authentication 98

Security Affairs

OCTOBER 26, 2021

“Unknown cyber criminals using Ranzy Locker ransomware had compromised more than 30 US businesses as of July 2021. Install updates/patch operating systems, software, and firmware as soon as updates/patches are released. The post Ranzy Locker ransomware hit tens of US companies in 2021 appeared first on Security Affairs.

Ransomware 143

Ransomware Firmware Antivirus Accountability 143

Bleeping Computer

SEPTEMBER 11, 2022

A set of six high-severity firmware vulnerabilities impacting a broad range of HP Enterprise devices are still waiting to be patched, although some of them were publicly disclosed since July 2021. [.].

Firmware 90

Firmware 90

Security Affairs

OCTOBER 4, 2022

North Korea-linked Lazarus APT has been spotted deploying a Windows rootkit by taking advantage of an exploit in a Dell firmware driver. The North Korea-backed Lazarus Group has been observed deploying a Windows rootkit by relying on exploit in a Dell firmware driver dbutil_2_3.sys, sys, ESET researchers warn. Pierluigi Paganini.

Firmware 98

Firmware Malware Phishing Hacking 98

Security Boulevard

FEBRUARY 28, 2021

A roundup of UK focused Cyber and Information Security News, Blog Posts, Reports and general Threat Intelligence from the previous calendar month, February 2021. The sudo vulnerability aka CVE-2001-3156 , seemed to go under the radar after it was announced and patches were released on 26th January 2021. Serious Linux Vulnerability.

Energy and Utilities 145

Energy and Utilities Ransomware DDOS Accountability 145

Security Affairs

SEPTEMBER 14, 2021

A high severity vulnerability, tracked as CVE-2021-3437 , in HP OMEN laptop and desktop gaming computers exposes millions of systems to DoS and privilege escalation attacks. It can potentially be used to attack device firmware or perform legacy PCI access by accessing ports 0xCF8 / 0xCFC. ” continues the analysis.

Software 142

Software Firmware Hacking Information Security 142

Security Affairs

DECEMBER 31, 2021

Researchers discovered multiple high-risk vulnerabilities affecting the latest firmware version for the Netgear Nighthawk R6700v3 router. Researchers from Tenable have discovered multiple vulnerabilities in the latest firmware version (version 1.0.4.120) of the popular Netgear Nighthawk R6700v3 WiFi router. Vendor supplies information.

Firmware 143

Firmware Encryption Passwords Authentication 143

Security Affairs

MARCH 14, 2021

Netgear has released security and firmware updates for its JGS516PE Ethernet switch to address 15 vulnerabilities, including a critica remote code execution issue. “The switch internal management web application in firmware versions prior to 2.6.0.43 02 Dec 2020 – Netgear released the new firmware v2.6.0.48

Firmware 142

Firmware Authentication Hacking Software 142

eSecurity Planet

APRIL 28, 2022

cybersecurity agencies joined their counterparts around the globe to urge organizations to address the top 15 vulnerabilities exploited in 2021. The advisory entails the top 15 Common Vulnerabilities and Exposures (CVEs) that were routinely exploited by malicious cyber actors in 2021, plus another 21 frequently exploited CVEs.

Cybersecurity 116

Cybersecurity Software Firmware Internet 116

Security Affairs

JULY 17, 2021

Network equipment vendor D-Link has released a firmware hotfix to fix multiple vulnerabilities in the DIR-3040 AC3000-based wireless internet router. Network equipment vendor D-Link has released a firmware hotfix to address multiple vulnerabilities affecting the DIR-3040 AC3000-based wireless internet router. score of 7,5.

Firmware 128

Firmware Wireless Passwords Internet 128

Penetration Testing

JULY 25, 2024

A critical security vulnerability, CVE-2021-38578, has been discovered in a wide range of HPE ProLiant, Alletra, Synergy, Apollo, and Edgeline servers. could allow remote attackers... The post HPE Servers Exposed: Critical Vulnerability Demands Urgent Firmware Update appeared first on Cybersecurity News.

Firmware 69

Firmware Cybersecurity 69

Security Affairs

JANUARY 1, 2021

Zyxel addressed a critical flaw in its firmware, tracked as CVE-2020-29583 , related to the presence of a hardcoded undocumented secret account. The Taiwanese vendor Zyxel has addressed a critical vulnerability in its firmware related to the presence of a hardcoded undocumented secret account. “Firmware version 4.60

Firewall 144

Firewall VPN Firmware Passwords 144

Security Affairs

SEPTEMBER 6, 2021

Netgear has released firmware updates to address high-severity vulnerabilities in more than a dozen of its smart switches used on businesses. Netgear has addressed three vulnerabilities tracked by the vendor as PSV-2021-0140, PSV-2021-0144, PSV-2021-0145 that received a CVSS score between 7.4 ” explained Coldwind.

Firmware 127

Firmware Authentication Passwords Hacking 127

Security Affairs

AUGUST 20, 2021

During the first half of 2021, 637 vulnerabilities affecting industrial control system (ICS) products were published, affecting products from 76 vendors. The company reported that during the first half of 2021, 637 vulnerabilities affecting industrial control system (ICS) products were published, affecting products from 76 vendors.

Firmware 110

Firmware Ransomware Manufacturing Software 110

Adam Shostack

JANUARY 2, 2025

Some lessons learned over the last few days: Apple has disabled single user mode as of Mojave, and many recovery options are not available if you use a firmware password. As the expression goes, no one cares about backups, they care about restores. Do yours work? Do not forget that availability is a security property.

Backups 130

Backups Firmware Passwords Internet 130

SecureList

NOVEMBER 26, 2021

IT threat evolution Q3 2021. IT threat evolution in Q3 2021. IT threat evolution in Q3 2021. While tracking this threat actor in spring 2021, we discovered a newer version. Targeted attacks exploiting CVE-2021-40444. PC statistics. Mobile statistics. Targeted attacks. WildPressure targets macOS.

Malware 133

Malware Banking Energy and Utilities Accountability 133

Malwarebytes

SEPTEMBER 22, 2021

In a detailed post on Github , security researcher Watchful_IP describes how he found that the majority of the recent camera product ranges of Hikvision cameras are susceptible to a critical, unauthenticated, remote code execution (RCE) vulnerability, even with the latest firmware. Hangzhou Hikvision Digital Technology Co.,

Firmware 144

Firmware Surveillance Marketing VPN 144

Malwarebytes

AUGUST 9, 2021

On August 3, 2021 a vulnerability that was discovered by Tenable was made public. The vulnerability is listed as CVE-2021-20090. Router firmware. Under the description of CVE-2021-20090 you will find: “a path traversal vulnerability in the web interfaces of Buffalo WSR-2533DHPL2 firmware version <= 1.02

Firmware 138

Firmware DDOS Internet Internet 138

Security Affairs

SEPTEMBER 18, 2021

The flaws, tracked by the networking device vendor PSV-2021-0140, PSV-2021-0144, and PSV-2021-0145, impact the following models: GC108P GC108PP GS108Tv3 GS110TPP GS110TPv3 GS110TUP GS308T GS310TP GS710TUP GS716TP GS716TPP GS724TPP GS724TPv2 GS728TPPv2 GS728TPv2 GS750E GS752TPP GS752TPv2 MS510TXM MS510TXUP. Pierluigi Paganini.

Firmware 115

Firmware Engineering Passwords Hacking 115

eSecurity Planet

MAY 28, 2021

We look at three RSAC 2021 sessions and some of the most daunting vulnerabilities presented by the SANS Institute, Cybersecurity and Infrastructure Security Agency (CISA), and Varonis Systems. Also Read: And the Winner of the 2021 RSA Innovation Contest is… SANS: Five dangerous new attack techniques and vulnerabilities.

Software 121

Software DNS Firmware VPN 121