SecureList

MARCH 1, 2021

In 2020, Kaspersky mobile products and technologies detected: 5,683,694 malicious installation packages, 156,710 new mobile banking Trojans, 20,708 new mobile ransomware Trojans. Pandemic theme in mobile threats. The mobile malware Trojan-Ransom.AndroidOS.Agent.aq The year in figures. Trends of the year.

Mobile 145

Mobile Malware Adware Banking 145

Security Boulevard

AUGUST 24, 2021

The post Firmware: Beyond Securing the Software Stack appeared first on Security Boulevard. However, if a savvy thief managed to infiltrate the residence through its crawl space, the very foundation of the house might be putting the overall security of the home at risk.

Firmware 119

Firmware Software Risk Security Awareness 119

Security Affairs

FEBRUARY 20, 2021

Security provider SonicWall released a new firmware update for an SMA-100 zero-day vulnerability that was exploited in attacks. SonicWall has released a second firmware update for the SMA-100 zero-day vulnerability that was exploited in attacks in the wild. Early February, SonicWall released the first firmware updates (version 10.2.0.5-29sv)

Firmware 103

Firmware Mobile Hacking Information Security 103

Security Affairs

SEPTEMBER 6, 2021

Security researcher ValdikSS found malware preinstalled in four low-budget push-button mobile phones available for sale on Russian e-stores. A Russian security researcher that goes online with the name of ValdikSS has found malware preinstalled in four low-budget push-button mobile phones available for sale on Russian e-stores.

Mobile 142

Mobile Malware Firmware Manufacturing 142

Security Boulevard

AUGUST 3, 2022

You’re not imagining things; new firmware threats are appearing more often. The most recent is CosmicStrand, which exploits the Unified Extensible Firmware Interface (UEFI) to avoid detection. The post ‘CosmicStrand’ Highlights Ongoing Firmware Risks appeared first on Security Boulevard. The researchers were unable to.

Firmware 98

Firmware Risk Mobile Malware 98

SC Magazine

FEBRUARY 3, 2021

SonicWall made available a critical patch for two vulnerabilities in its Secure Mobile Access 100 series products featuring 10.x x firmware. SonicWall today made available a critical patch for two vulnerabilities in its Secure Mobile Access 100 series products featuring 10.x SonicWall’s firmware update to version 10.2.0.5-29sv

Firmware 95

Firmware Mobile InfoSec Passwords 95

Krebs on Security

JANUARY 11, 2021

The warning from Ubiquiti carries particular significance because the company has made it fairly difficult for customers using the latest Ubiquiti firmware to interact with their devices without first authenticating through the company’s cloud-based systems. Click on ‘Security’ from the left-hand menu. Change your password.

Passwords 361

Passwords Authentication Firmware Accountability 361

CyberSecurity Insiders

NOVEMBER 25, 2021

From backdoors- As the Korean giant creates, validates and manufactures its computing devices all on its own, its every piece of hardware, wiring and firmware is securely drafted at its high secure R&D plants & factories in the world. So, the question of unauthorized backdoors being present on any of its devices gets eliminated.

Mobile 132

Mobile Firmware Manufacturing Passwords 132

Heimadal Security

JULY 15, 2021

This targets the Secure Mobile Access (SMA) 100 series and Secure Remote Access (SRA) devices. x firmware. x Firmware: SonicWall Security Notification Released appeared first on Heimdal Security Blog. These products are unpatched and run the EOL (end-of-life) 8.x What’s the goal? […].

Firmware 98

Firmware Ransomware Mobile Risk 98

Bleeping Computer

JANUARY 14, 2024

GrapheneOS, a privacy and security-focused Android-based operating system, has posted a series of tweets on X suggesting that Android should introduce frequent auto-reboots to make it harder for forensic software vendors to exploit firmware flaws and spy on the users. [.]

Firmware 108

Firmware Software Mobile 108

Security Affairs

AUGUST 27, 2018

The research revealed that millions of mobile devices from eleven smartphone vendors are vulnerable to attacks carried out using AT commands. The team published a website containing the list of phone models and firmware versions that expose the AT interface. camera control). In many cases, the commands are not documented by vendors.

Mobile 107

Mobile Firmware Advertising Telecommunications 107

Troy Hunt

NOVEMBER 25, 2020

I also looked at custom firmware and soldering and why, to my mind, that was a path I didn't need to go down at this time. Let's got through the options: Firmware Patching I'll start with the devices themselves and pose a question to you: can you remember the last time you patched the firmware in your light globes? Or vibrator.

IoT 363

IoT Firmware Risk Encryption 363

Security Affairs

MARCH 9, 2025

.” reads the report published by the researchers “Exploitation of this hidden functionality would allow hostile actors to conduct impersonation attacks andpermanently infect sensitive devices such as mobile phones, computers, smart locks or medical equipment bybypassing code audit controls.”

Manufacturing 128

Manufacturing IoT Firmware Mobile 128

The Hacker News

JUNE 20, 2024

Cybersecurity researchers have disclosed details of a now-patched security flaw in Phoenix SecureCore UEFI firmware that affects multiple families of Intel Core desktop and mobile processors.

Firmware 142

Firmware Mobile Cybersecurity 142

Troy Hunt

JANUARY 24, 2020

I was left with a zero-byte file on my unit which we tried to recover to no avail.

Firmware 264

Firmware Mobile 264

Security Affairs

APRIL 13, 2022

Researchers discovered five vulnerabilities that can be exploited to remotely hack hospital Aethon’s TUG autonomous mobile robots. A TUG is an autonomous mobile robot designed for hospitals by Aethon. Cynerio ethically disclosed the issues to Aethon and the vendor addressed it with the release of firmware updates.

Mobile 111

Mobile Hacking Firmware Surveillance 111

Bleeping Computer

JULY 17, 2021

CISA is warning of threat actors targeting "a known, previously patched, vulnerability" found in SonicWall Secure Mobile Access (SMA) 100 series and Secure Remote Access (SRA) products with end-of-life firmware. [.].

Firmware 139

Firmware Ransomware Mobile 139

Dark Reading

JANUARY 9, 2023

The issue concerns the boot layer of ARM chips, which are driving a low-power mobile ecosystem that includes 5G smartphones and base stations.

Firmware 107

Firmware Mobile 107

Security Affairs

JULY 18, 2021

Threat actors could target unpatched devices belonging to Secure Mobile Access (SMA) 100 series and Secure Remote Access (SRA) families. x firmware in an imminent ransomware campaign using stolen credentials.” The exploitation targets a known vulnerability that has been patched in newer versions of firmware.”.

Ransomware 139

Ransomware Firmware Mobile InfoSec 139

The Hacker News

DECEMBER 8, 2023

A collection of security flaws in the firmware implementation of 5G mobile network modems from major chipset vendors such as MediaTek and Qualcomm impact USB and IoT modems as well as hundreds of smartphone models running Android and iOS.

Firmware 145

Firmware IoT Mobile 145

Malwarebytes

JUNE 13, 2024

Google has notified Pixel users about an actively exploited vulnerability in their phones’ firmware. Firmware is the code or program which is embedded into hardware devices. The CVE for this vulnerability is: CVE-2024-32896 : an elevation of privilege (EoP) issue in Pixel firmware.

Firmware 142

Firmware Spyware Mobile Software 142

Security Affairs

JANUARY 24, 2025

SonicWall is waring customers of a critical security vulnerability, tracked as CVE-2025-23006 (CVSS score of 9,8) impacting its Secure Mobile Access (SMA) 1000 Series appliances. The malware was well tailored to the system to provide stability and maintain persistence, even in the case of installation of firmware upgrades.

Firmware 74

Firmware Malware Authentication Mobile 74

Bleeping Computer

MARCH 9, 2023

A suspected Chinese hacking campaign has been targeting unpatched SonicWall Secure Mobile Access (SMA) appliances to install custom malware that establish long-term persistence for cyber espionage campaigns. [.]

Firmware 103

Firmware Malware Mobile Hacking 103

Security Affairs

JANUARY 25, 2022

Threat actors are actively exploiting a critical flaw (CVE-2021-20038) in SonicWall’s Secure Mobile Access (SMA) gateways addressed in December. Threat actors are actively exploiting a critical flaw, tracked as CVE-2021-20038 , in SonicWall’s Secure Mobile Access (SMA) gateways addressed by the vendor in December.

Mobile 98

Mobile Passwords Firmware Firewall 98

Krebs on Security

JUNE 25, 2021

The My Book Live and My Book Live Duo devices received its final firmware update in 2015. But these products also make it simple for users to access their files remotely over the Internet using a mobile app. . “In some cases, this compromise has led to a factory reset that appears to erase all data on the device.

Internet 331

Internet Internet Backups Small Business 331

Security Affairs

AUGUST 23, 2022

It allows a remote or local client to connect and operate in the “mysh” console application, which must first be installed on the device or initially present in its firmware. To avoid the risk of becoming a victim of such malware attacks, experts recommend to purchase mobile devices only from official stores and legitimate distributors.

Mobile 98

Mobile Firmware Malware Wireless 98

Security Affairs

JULY 15, 2021

Threat actors could target unpatched devices belonging to Secure Mobile Access (SMA) 100 series and Secure Remote Access (SRA) families. x firmware in an imminent ransomware campaign using stolen credentials.” “The exploitation targets a known vulnerability that has been patched in newer versions of firmware.”

Firmware 119

Firmware Ransomware Passwords Mobile 119

CyberSecurity Insiders

JULY 16, 2021

Therefore, customers using Secure Mobile Access (SMA) 100 series and Secure Remote Access (SRA) products are being urged to disconnect those devices from internet as they are on the verge of getting cyber attacked and injected with file encrypting malware as its 8.x x firmware is going to reach its EOL aka End of Life.

Ransomware 145

Ransomware Firmware Cyber Attacks Firewall 145

Security Boulevard

JUNE 20, 2024

in the Phoenix SecureCore UEFI firmware that runs on multiple families of Intel Core desktop and mobile processors. The post UEFIcanhazbufferoverflow: Widespread Impact from Vulnerability in Popular PC and Server Firmware appeared first on Security Boulevard.

Firmware 59

Firmware Mobile 59

Security Affairs

DECEMBER 15, 2020

The CVE-2020-25183 is an improper authentication issue that could be exploited by an attacker to bypass the authentication between the MCL Smart Patient Reader and the Medtronic MyCareLink Smart mobile app. The flaw could be exploited by an attacker to remotely execute code taking over the device. ” states the advisory.

Firmware 140

Firmware Authentication Mobile IoT 140

Security Boulevard

JULY 3, 2024

Cybersecurity researchers have recently uncovered a UEFI vulnerability in the Phoenix SecureCore UEFI firmware, which affects a variety of Intel Core desktop and mobile processors. This now-patched vulnerability, identified as CVE-2024-0762 with a CVSS score of 7.5, has been termed “UEFIcanhazbufferoverflow.”

Firmware 105

Firmware Mobile Cybersecurity 105

Security Affairs

APRIL 7, 2020

The malware is distributed as a popular cleaner and speed optimization app for mobile devices, most of the infections reported by Kaspersky are in Russia (80.56%), India (3.43%), and Algeria (2.43%). In this case, reflashing is pointless, so it would be worth considering alternative firmwares for your device.

Malware 145

Malware Firmware Manufacturing Advertising 145

Security Affairs

OCTOBER 6, 2024

In the past, researchers documented multiple attacks relying on false base stations to target mobile devices. Baseband firmware can be affected by vulnerabilities, making it a significant attack vector. Threat actors can remotely carry out these kinds of attacks through protocols like IMS. ” reads Google’s announcement.

Firmware 133

Firmware Mobile Spyware Software 133

Bleeping Computer

FEBRUARY 21, 2023

Google has presented a plan to strengthen the firmware security on secondary Android SoCs (systems on a chip) by introducing mechanisms like control flow integrity, memory safety systems, and compiler-based sanitizers. [.]

Firmware 73

Firmware Mobile 73

Security Affairs

AUGUST 16, 2024

Researchers form mobile security firm iVerify reported that the issue stems from a pre-installed Android app called “Showcase.apk,” which runs with excessive system privileges, allowing it to remotely execute code and install remote package. ” reads the report. Google is also notifying other Android OEMs.

Hacking 144

Hacking Firmware Mobile Penetration Testing 144

Security Affairs

DECEMBER 9, 2023

A set of flaws, collectively called 5Ghoul, in the firmware implementation of 5G mobile network modems from major vendors impacts Android and iOS devices. Such a family of vulnerabilities are present in the firmware implementation of 5G mobile network modems from major chipset vendors i.e., Qualcomm and MediaTek.”

Firmware 133

Firmware Mobile Software Hacking 133

Tech Republic Security

AUGUST 18, 2017

The hack exposes firmware code, and could be a major blow to iOS security, a key component of Apple's hardware strategy.

Firmware 97

Firmware Mobile Hacking 97