Computers and Electronics and Firmware - Cyber Security Informer

Maze ransomware operators claim to have breached LG Electronics

Security Affairs

JUNE 25, 2020

Maze ransomware operators claims to have breached the South Korean multinational electronics company LG Electronics. Researchers at Cyble discovered a data leak of LG Electronics published by Maze ransomware operators. SecurityAffairs – LG Electronics, Maze ransomware). ” reads the post published by Cyble. .

Computers and Electronics

Computers and Electronics Ransomware Mobile Telecommunications

Safer with Google: Advancing Memory Safety

Google Security

OCTOBER 15, 2024

In Android, which runs on billions of devices and is one of our most critical platforms, we've already made strides in adopting MSLs, including Rust, in sections of our network, firmware and graphics stacks. We have allocated a portion of our computing resources specifically to bounds-checking the C++ standard library across our workloads.

Computers and Electronics

Computers and Electronics Software Risk Architecture

P2P Weakness Exposes Millions of IoT Devices

Krebs on Security

APRIL 26, 2019

A peer-to-peer (P2P) communications technology built into millions of security cameras and other consumer electronics includes several critical security flaws that expose the devices to eavesdropping, credential theft and remote compromise, new research has found.

IoT

IoT Firewall Manufacturing Computers and Electronics

Dodgy disks. My 32TB SSD Adventure

Pen Test Partners

JUNE 20, 2024

TL;DR “Hard drive” had reflashed firmware to make it look larger Buyer beware: Cheap storage may not be the value you think it is Background Earlier this year I found myself in need of various cheap electronic components. It is likely this board has been flashed with firmware that fakes the drive capacity to Windows.

Computers and Electronics

Computers and Electronics Firmware

MITRE, CISA Reveal Dangerous Hardware & Software Vulnerabilities

eSecurity Planet

NOVEMBER 4, 2021

Hackers can exploit these weaknesses to compromise computer systems, exfiltrate data, and even perform DDoS attacks. CWE-1277 : Firmware Not Updateable – firmware exploitation exposes the victim to a permanent risk without any possibility to patch weaknesses. The most popular firmware is BIOS and UEFI.

Software

Software Firmware Computers and Electronics Risk

Naming & Shaming Web Polluters: Xiongmai

Krebs on Security

OCTOBER 9, 2018

If ever there were a technology giant that deserved to be named and shamed for polluting the Web, it is Xiongmai — a Chinese maker of electronic parts that power a huge percentage of cheap digital video recorders (DVRs) and Internet-connected security cameras. A rendering of Xiongmai’s center in Hangzhou, China.

Computers and Electronics

Computers and Electronics IoT Passwords Internet

MY TAKE: ‘Digital trust’ has a huge role to play mitigating cybersecurity threats, going forward

The Last Watchdog

MAY 23, 2022

Related: Leveraging PKI to advance electronic signatures. It used to be that trusting the connection between a workstation and a mainframe computer was the main concern. Modern digital systems simply could not exist without trusted operations, processes and connections.

Cybersecurity

Cybersecurity Digital transformation Computers and Electronics Encryption

Researchers show how to steal a Tesla Model X in a few minutes

Security Affairs

NOVEMBER 23, 2020

A team of researchers from the Computer Security and Industrial Cryptography (COSIC) group at the KU Leuven University in Belgium has demonstrated how to steal a Tesla Model X in minutes by exploiting vulnerabilities in the car’s keyless entry system. Then, they exploited the insecure update mechanism to deliver a tainted firmware to the fob.

Computers and Electronics

Computers and Electronics Firmware Hacking Advertising

Swiss expert Till Kottmann indicted for conspiracy, wire fraud, and aggravated identity theft

Security Affairs

MARCH 21, 2021

According to BleepingComputer , Kottmann has performed reverse engineering of the firmware used by Verkada and discovered hardcoded credentials for a super admin account. The DoJ announced this week that Till Kottmann was indicted for computer intrusion and identity and data theft activities spanning 2019 to the present. .

Identity Theft

Identity Theft Computers and Electronics Surveillance Hacking

Ransomware Detection at Chip Level? Yes, Says Intel

SecureWorld News

JANUARY 13, 2021

“Even when ransomware infiltrates a system, Intel vPro platform PCs with Intel Hardware Shield can help restrict lateral movement with hardware-enforced isolation of virtualized containers, memory protections, secure boot and below the OS firmware security.”. Intel's Hardware Shield and Threat Detection Technology.

Ransomware

Ransomware Computers and Electronics Firmware Threat Detection

Use cases of secure IoT deployment

Thales Cloud Protection & Licensing

MAY 31, 2021

In our previous blog post , we discussed the challenges for securing IoT deployments, and how businesses and consumers benefit from authenticating and validating IoT software and firmware updates. Requirements also included that the firmware was to be signed by the manufacturer and verified by the pacemaker.

IoT

IoT Computers and Electronics Manufacturing Firmware

GUEST ESSAY: The story behind how DataTribe is helping to seed ‘Cybersecurity Valley’ in Maryland

The Last Watchdog

JUNE 4, 2019

Later in that decade, Frederick Terman returned to Stanford from Harvard as dean of the engineering school and encouraged the development of electronics in local businesses. Kleiner was the founder of Fairchild Semiconductor and Perkins was an early Hewlett-Packard computer division manager.) According to the U.S.

Cybersecurity

Cybersecurity Computers and Electronics Technology Marketing

Security Affairs newsletter Round 489 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

SEPTEMBER 14, 2024

CISA adds SonicWall SonicOS, ImageMagick and Linux Kernel bugs to its Known Exploited Vulnerabilities catalog Electronic payment gateway Slim CD disclosed a data breach impacting 1.7M

Data breaches

Data breaches Computers and Electronics Spyware Cybercrime

IT threat evolution Q1 2024

SecureList

JUNE 3, 2024

The attackers were able to bypass this hardware-based security protection using another hardware feature of Apple-designed SoCs (System on a Chip): they did this by writing the data, destination address and data hash to unknown hardware registers of the chip that are not used by the firmware.

Banking

Banking Malware Computers and Electronics Mobile

What does WiFi stand for?

Malwarebytes

MAY 13, 2021

The Alliance tasked marketing company Interbrand with creating a palatable term that they could trademark because “Institute of Electrical and Electronics Engineers (IEEE) wireless communication standard 802.11 Your computer can communicate with your router through a WiFi signal (or a cable) even if your router isn’t online.

Wireless

Wireless VPN Internet Internet

Guest Blog: TalkingTrust. What’s driving the security of IoT?

Thales Cloud Protection & Licensing

MARCH 10, 2021

There is also less hardware and compute power to work in your typical IoT device when compared to traditional devices, so embedding security becomes a matter of choice, rather than necessity. Over-the-air (OTA) software and firmware updates must be delivered securely and effectively. They have design constraints. Edge Devices.

IoT

IoT Firmware Manufacturing Encryption

EU to Force IoT, Wireless Device Makers to Improve Security

eSecurity Planet

NOVEMBER 1, 2021

The result has been devices with trivial vulnerabilities or flaws that have been solved for a decade or longer in traditional computing. New vulnerabilities are created every day by cybercriminals, leading to many IoT devices being installed with out-of-date firmware and other exploitable vulnerabilities.”.

Wireless

Wireless IoT Manufacturing Mobile

Experts published a PoC code for Intel Management Engine JTAG flaw

Security Affairs

AUGUST 29, 2018

In May 2107, security experts discovered a critical remote code execution (RCE) vulnerability, tracked as CVE-2017-5689, in the remote management features implemented on computers shipped with Intel Chipset in past 9 years. The Electronic Frontier Foundation asked Intel to provide a way to disable the IME.

Engineering

Engineering Computers and Electronics Small Business Technology

Understanding IoT Security Challenges – An Interview with an Industry Expert

Thales Cloud Protection & Licensing

SEPTEMBER 12, 2018

IoT devices typically have a small memory and a rudimentary operating system with no real user interface, and that presents a challenge as they have limited power, communication, and computing capabilities. Its solutions focus on securing society by enabling trusted identities.

IoT

IoT Computers and Electronics Authentication Marketing

Enhance your security posture by detecting risks on authenticator devices

Thales Cloud Protection & Licensing

MARCH 17, 2022

Jailbreaking is the process of exploiting the flaws of a locked-down electronic device to install software other than what the manufacturer has made available for that device. Debugging allows a device to communicate with a computer that may be running a program in order to use advanced operations. Frequently Asked Questions.

Authentication

Authentication Risk Mobile Computers and Electronics

Future Proofing Tech Investments in Turbulent Times: Real Stories

Jane Frankland

JULY 17, 2023

This includes everything from productivity and cybersecurity to superior computing experiences for employees, who are increasingly collaborating remotely, multitasking, and placing strain on applications competing for computing resources.

Technology

Technology Computers and Electronics Cybersecurity Risk

IT threat evolution Q3 2022

SecureList

NOVEMBER 18, 2022

In July, we reported a rootkit that we found in modified Unified Extensible Firmware Interface (UEFI) firmware, the code that loads and initiates the boot process when the computer is turned on. The attackers also use another tool, called 3Proxy, to maintain remote access to the compromised computer.

Malware

Malware Computers and Electronics Adware Cryptocurrency

Enhance your security posture by detecting risks on authenticator devices

Thales Cloud Protection & Licensing

MARCH 17, 2022

Jailbreaking is the process of exploiting the flaws of a locked-down electronic device to install software other than what the manufacturer has made available for that device. Debugging allows a device to communicate with a computer that may be running a program in order to use advanced operations. Frequently Asked Questions.

Authentication

Authentication Risk Mobile Computers and Electronics

The Internet of Things: Security Risks Concerns

Spinone

MARCH 17, 2018

The Internet of Things (IoT) is a term used to describe the network of interconnected electronic devices with “smart” technology. As computer software becomes increasingly software and resistant to malicious attacks, hackers are turning to the new generation of smart devices as an easier option, often with great success.

Internet

Internet Internet Risk Computers and Electronics

The Hacker Mind Podcast: Hacking With Light And Sound

ForAllSecure

SEPTEMBER 29, 2020

I’m Robert Vamosi and in this episode I’m discussing the weird science of how the physics of light and sound --not keyboards or code -- can be used to compromise electronic devices and the consequences of that in the real world. How one even start to think about these kinds of attacks? Vamosi: Okay. There's going to be a problem.

Hacking

Hacking Computers and Electronics Manufacturing Engineering

The Hacker Mind Podcast: Hacking With Light And Sound

ForAllSecure

SEPTEMBER 29, 2020

I’m Robert Vamosi and in this episode I’m discussing the weird science of how the physics of light and sound --not keyboards or code -- can be used to compromise electronic devices and the consequences of that in the real world. How one even start to think about these kinds of attacks? Vamosi: Okay. There's going to be a problem.

Hacking

Hacking Computers and Electronics Manufacturing Engineering

The Hacker Mind Podcast: Hacking With Light And Sound

ForAllSecure

SEPTEMBER 28, 2020

I’m Robert Vamosi and in this episode I’m discussing the weird science of how the physics of light and sound --not keyboards or code -- can be used to compromise electronic devices and the consequences of that in the real world. How one even start to think about these kinds of attacks? Vamosi: Okay. There's going to be a problem.

Hacking

Hacking Computers and Electronics Manufacturing Engineering

CryptoAgility to take advantage of Quantum Computing

Thales Cloud Protection & Licensing

MAY 4, 2021

CryptoAgility to take advantage of Quantum Computing. The same goes with the advent of Quantum Computing , which is supposed to bring exponential computing power that shall not only bring endless benefits but also raises question marks on the current state of cryptography that is the bedrock of all information security as we know today.

Computers and Electronics

Computers and Electronics Banking IoT Risk

IoT Secure Development Guide

Pen Test Partners

OCTOBER 9, 2023

There is no concrete method to follow as it will rely on contents of the decomposed design from Step 2, but typical examples might include the following: Intellectual property in the device firmware. Deploy malicious firmware. link] [link] Have a software/firmware update mechanism. Cryptographic keys on the device or pod.

IoT

IoT Firmware Mobile Manufacturing

McAfee Enterprise ATR Uncovers Vulnerabilities in Globally Used B. Braun Infusion Pump

McAfee

AUGUST 24, 2021

From the 1960’s to 2000 infusion pumps were mostly electromechanical devices with some embedded electronics, but the turn of the century delivered “smarter” devices with better safety mechanisms and the possibility to program them, which slowly opened the door to information security challenges. Figure 6: Disposable Data.

Computers and Electronics

Computers and Electronics Authentication Software Risk

What is Malware? Definition, Purpose & Common Protections

eSecurity Planet

OCTOBER 21, 2022

Anyone who has used a computer for any significant length of time has probably at least heard of malware. Whenever a user uses the infected file, it gives the attacker access to their computer. Bootkits: This type of rootkit targets a computer’s bootloader, the software responsible for loading the computer’s OS into RAM upon startup.

Malware

Malware Adware Spyware Antivirus

Ransomware rolled through business defenses in Q2 2022

Malwarebytes

JULY 13, 2022

A ransomware attack in New Jersey’s Somerset County disrupted services and forced employees to shut down computers and create temporary Gmail accounts to ensure the public could still email key departments. Install updates/patches to operating systems, software and firmware as soon as they are released. New ransomware trends.

Ransomware

Ransomware Manufacturing Government Computers and Electronics

The Hacker Mind Podcast: Reverse Engineering Smart Meters

ForAllSecure

MAY 13, 2022

And now it was like how can I contribute back to Tibet and put material out and help other people maybe join in the same way I did by not traditional means like, it wasn't really college or anything that got me into electronics. And then you have the smart meters and so the software on the smart meters that's just 100% on its firmware.

Engineering

Engineering Energy and Utilities Computers and Electronics Firmware

Reassessing cyberwarfare. Lessons learned in 2022

SecureList

DECEMBER 14, 2022

It directly affected satellite modems firmwares , but was still to be understood as of mid-March. When it does not, physical destruction of computers appears to be easier, cheaper, and more reliable. But the disruptions also triggered major consequences elsewhere, such as interrupting the operation of wind turbines in Germany.

DDOS

DDOS Ransomware Government Energy and Utilities

MY TAKE: Technology breakthroughs, emerging standards are coalescing to assure IoT integrity

The Last Watchdog

NOVEMBER 10, 2024

We met at Infineon’s OktoberTech™ Silicon Valley 2024 conference , which I had the privilege of attending recently at the Computer History Museum. These compact, integrated computer chips are designed to control specific tasks in electronic devices. For a drill down on our conversation, please view the accompanying videocast.

IoT

IoT Technology Computers and Electronics Energy and Utilities

The Hacker Mind Podcast: DEF CON Villages

ForAllSecure

AUGUST 2, 2022

And people are talking about hacking control system tackling PLCs and what we quickly realize is they don't they've never touched to be able to say they have no idea what these control systems are how they work their security researchers, you know that that maybe the firmware or maybe they found a program or something somewhere.

Hacking

Hacking Computers and Electronics InfoSec Software

Supply Chain Security is the Whole Enchilada, But Who’s Willing to Pay for It?

Krebs on Security

OCTOBER 5, 2018

-based tech firm to secretly embed tiny computer chips into electronic devices purchased and used by almost 30 different companies. It also dominates the $1 billion market for boards used in special-purpose computers, from MRI machines to weapons systems. In a nutshell, the Bloomberg story claims that San Jose, Calif.

Computers and Electronics

Computers and Electronics IoT Technology Manufacturing

Cyber Security Informer

Maze ransomware operators claim to have breached LG Electronics

Safer with Google: Advancing Memory Safety

Trending Sources

P2P Weakness Exposes Millions of IoT Devices

Dodgy disks. My 32TB SSD Adventure

MITRE, CISA Reveal Dangerous Hardware & Software Vulnerabilities

Naming & Shaming Web Polluters: Xiongmai

MY TAKE: ‘Digital trust’ has a huge role to play mitigating cybersecurity threats, going forward

Researchers show how to steal a Tesla Model X in a few minutes

Swiss expert Till Kottmann indicted for conspiracy, wire fraud, and aggravated identity theft

Ransomware Detection at Chip Level? Yes, Says Intel

Use cases of secure IoT deployment

GUEST ESSAY: The story behind how DataTribe is helping to seed ‘Cybersecurity Valley’ in Maryland

Security Affairs newsletter Round 489 by Pierluigi Paganini – INTERNATIONAL EDITION

IT threat evolution Q1 2024

What does WiFi stand for?

Guest Blog: TalkingTrust. What’s driving the security of IoT?

EU to Force IoT, Wireless Device Makers to Improve Security

Experts published a PoC code for Intel Management Engine JTAG flaw

Understanding IoT Security Challenges – An Interview with an Industry Expert

Enhance your security posture by detecting risks on authenticator devices

Future Proofing Tech Investments in Turbulent Times: Real Stories

IT threat evolution Q3 2022

Enhance your security posture by detecting risks on authenticator devices

The Internet of Things: Security Risks Concerns

The Hacker Mind Podcast: Hacking With Light And Sound

The Hacker Mind Podcast: Hacking With Light And Sound

The Hacker Mind Podcast: Hacking With Light And Sound

CryptoAgility to take advantage of Quantum Computing

IoT Secure Development Guide

McAfee Enterprise ATR Uncovers Vulnerabilities in Globally Used B. Braun Infusion Pump

What is Malware? Definition, Purpose & Common Protections

Ransomware rolled through business defenses in Q2 2022

The Hacker Mind Podcast: Reverse Engineering Smart Meters

Reassessing cyberwarfare. Lessons learned in 2022

MY TAKE: Technology breakthroughs, emerging standards are coalescing to assure IoT integrity

The Hacker Mind Podcast: DEF CON Villages

Supply Chain Security is the Whole Enchilada, But Who’s Willing to Pay for It?

Stay Connected