Security Affairs

DECEMBER 30, 2021

iLOBleed, is a previously undetected rootkit that was spotted targeting the HP Enterprise’s Integrated Lights-Out ( iLO ) server management technology to tamper with the firmware modules and wipe data off the infected systems. This malware has been used by hackers for some time and we have been monitoring its performance.

Firmware 143

Firmware Malware System Administration Technology 143

Security Affairs

SEPTEMBER 27, 2023

US and Japanese authorities warn that a China-linked APT BlackTech planted backdoor in Cisco router firmware to hack the businesses in both countries. The group targeted organizations in multiple sectors, including defense, government, electronics, telecommunication, technology, media, telecommunication industries.

Firmware 135

Firmware Telecommunications System Administration Malware 135

SecureList

JANUARY 20, 2022

At the end of 2021, we were made aware of a UEFI firmware-level compromise through logs from our Firmware Scanner , which has been integrated into Kaspersky products since the beginning of 2019. This one is made up of implants found in the UEFI firmware within the SPI flash, a non-volatile storage external to the hard drive.

Firmware 145

Firmware Malware Encryption Passwords 145

Security Affairs

JULY 13, 2022

IT giant Lenovo released security fixes to address three vulnerabilities that impact the UEFI firmware shipped with over 70 product models. The three buffer overflow vulnerabilities in UEFI firmware, tracked as CVE-2022-1890, CVE-2022-1891, and CVE-2022-1892, were discovered by researchers from ESET. Pierluigi Paganini.

Firmware 140

Firmware Hacking Technology Information Security 140

Schneier on Security

SEPTEMBER 12, 2024

Previously known as CRYSTALS-Kyber, ML-KEM is one of three post-quantum standards formalized last month by the National Institute of Standards and Technology (NIST). ” These algorithms are useful in very specific contexts such as firmware signing, but are not suitable for more general uses.

Firmware 339

Firmware Technology 339

SecureList

JULY 25, 2022

One of the main draws towards malware nested in such low levels of the operating system is that it is extremely difficult to detect and, in the case of firmware rootkits, will ensure a computer remains in an infected state even if the operating system is reinstalled or the user replaces the machine’s hard drive entirely. Conclusions.

Firmware 145

Firmware DNS Malware Technology 145

SecureWorld News

NOVEMBER 7, 2024

In the utility sector, we've embraced technology to make things more efficient, smarter, and more resilient. Firmware integrity checks: Regularly check that each device's firmware is up to date and verified—especially when outdated firmware is one of the most common entry points for attackers.

IoT 111

IoT Firmware Encryption Authentication 111

Bleeping Computer

MAY 20, 2023

HP is working to address a bad firmware update that has been bricking HP Office Jet printers worldwide since it was released earlier this month. [.]

Firmware 129

Firmware Technology 129

Schneier on Security

FEBRUARY 22, 2023

As mentioned earlier, the Flipper Zero has a built-in sub-GHz radio that lets the device receive data (or transmit it, with the right firmware in approved regions) on the same wireless frequencies as keyfobs and other devices.

Wireless 65

Wireless Firmware Mobile Technology 65

Security Affairs

DECEMBER 13, 2023

Sophos backports the patch for CVE-2022-3236 for end-of-life (EOL) firewall firmware versions due to ongoing attacks exploiting the issue. No action is required if organizations have upgraded their firewalls to a supported firmware version after September 2022. All the vulnerable devices are running end-of-life (EOL) firmware.

Firmware 129

Firmware Firewall Internet Internet 129

Security Affairs

JANUARY 19, 2025

Critical flaws in WGS-804HPT switches could be chained to gain remote code execution on Planet Technology’s industrial devices. ” The firmware analysis performed by the experts revealed vulnerabilities in the dispatcher.cgi interface of WGS-804HPT switches’ web service. ” reads the advisory published by Claroty.

Firmware 68

Firmware IoT Wireless Surveillance 68

Security Affairs

MARCH 9, 2022

Researchers disclosed 16 high-severity flaws in different implementations of Unified Extensible Firmware Interface (UEFI) firmware impacting multiple HP enterprise devices. This knowledge base is crucial for developing effective mitigations and defense technologies for device security.”, Pierluigi Paganini.

Firmware 98

Firmware Hacking Technology Cybersecurity 98

SecureWorld News

DECEMBER 8, 2024

National Institute of Standards and Technology (NIST) is leading efforts to create new standards to withstand quantum threats. Ensure quantum-ready hardware: Require that new infrastructure device purchases, such as routers and firewalls, have quantum-resistant or upgradable firmware.

Encryption 119

Encryption Firewall Education Firmware 119

Krebs on Security

JANUARY 11, 2021

NYSE: UI ] said it recently became aware of “unauthorized access to certain of our information technology systems hosted by a third party cloud provider,” although it declined to name that provider. In an email sent to customers today, Ubiquiti Inc.

Passwords 361

Passwords Authentication Firmware Accountability 361

The Last Watchdog

AUGUST 26, 2024

As our world becomes increasingly interconnected, the security of Operational Technology (OT) and Internet of Things (IoT) devices is more critical than ever. Equally alarming was the widespread presence of known vulnerabilities, or “n-day” vulnerabilities, in the firmware images.

Firmware 100

Firmware IoT Manufacturing Cyber Risk 100

CyberSecurity Insiders

JUNE 2, 2023

By Jayakumar (Jay) Kurup, Global Sales Engineering Director at Morphisec Securing operational technology (OT) creates unique challenges. Sometimes this is due to cultural reasons (management’s fear of even the slightest chance of disruption); other times, it is technological.

Cyber threats 136

Cyber threats Technology Firewall Ransomware 136

The Hacker News

NOVEMBER 28, 2022

Over a dozen security flaws have been discovered in baseboard management controller (BMC) firmware from Lanner that could expose operational technology (OT) and internet of things (IoT) networks to remote attacks.

Firmware 98

Firmware IoT Internet Internet 98

Bleeping Computer

MAY 19, 2022

Netgear is pushing out fixes for a bad Orbi firmware update released earlier this month that prevents users from accessing the device's admin console. [.].

Firmware 93

Firmware Technology 93

Security Affairs

MARCH 7, 2020

A new vulnerability, tracked as CVE-2019-0090 , affects all Intel chips that could allow attackers to bypass every hardware-enabled security technology. Security experts from Positive Technologies warn of a new vulnerability, tracked as CVE-2019-0090, that affects all Intel processors that were released in the past 5 years.

Firmware 145

Firmware Technology Advertising Authentication 145

Krebs on Security

APRIL 26, 2019

A peer-to-peer (P2P) communications technology built into millions of security cameras and other consumer electronics includes several critical security flaws that expose the devices to eavesdropping, credential theft and remote compromise, new research has found.

IoT 278

IoT Firewall Manufacturing Computers and Electronics 278

The Last Watchdog

MAY 16, 2022

The same technologies that make supply chains faster and more effective also threaten their cybersecurity,” writes David Lukic , a privacy, security, and compliance consultant. The inherent complexity of the supply chain for modern technology is a reason why so many cybercrime attempts have been successful.

Cyber Attacks 273

Cyber Attacks Firmware Artificial Intelligence Manufacturing 273

The Hacker News

DECEMBER 30, 2021

A previously unknown rootkit has been found setting its sights on Hewlett-Packard Enterprise's Integrated Lights-Out (iLO) server management technology to carry out in-the-wild attacks that tamper with the firmware modules and completely wipe data off the infected systems.

Firmware 140

Firmware Technology Malware Cybersecurity 140

Adam Levin

MARCH 19, 2020

Update the Firmware: Router manufacturers are constantly issuing updates and patches for newly discovered firmware vulnerabilities. If an employee hasn’t updated their router firmware since the day they bought it, chances are there are some security holes that need to be addressed.

Wireless 199

Wireless Firmware Firewall Manufacturing 199

Bleeping Computer

MAY 10, 2023

What has firmware got to do with pop rock, you ask? That's the question that crossed a security researcher's mind as he analyzed Kingston's firmware and stumbled upon the lyrics of a popular Coldplay song buried deep within it. [.]

Firmware 83

Firmware Technology 83

Security Boulevard

AUGUST 26, 2024

As our world becomes increasingly interconnected, the security of Operational Technology (OT) and Internet of Things (IoT) devices is more critical than ever. The post Guest Essay: The urgent need to improve firmware security — especially in OT and IoT routers appeared first on Security Boulevard.

Firmware 75

Firmware IoT Internet Internet 75

Bleeping Computer

MAY 3, 2023

Orqa, a maker of First Person View (FPV) drone racing goggles, claims that a contractor introduced code into its devices' firmware that acted as a time bomb designed to brick them. [.]

Firmware 85

Firmware Technology 85

SecureWorld News

DECEMBER 23, 2024

Manufacturing systems, especially the ones that work with SCADA technology (Supervisory Control and Data Acquisition), IoT devices, and other critical technologies, depend heavily on efficient IT support to ensure that the downtime is minimal, and the performance is optimal.

Manufacturing 109

Manufacturing IoT Data collection Technology 109

Adam Levin

MARCH 23, 2020

Update your camera’s firmware and software: Whether it’s an external camera or one built into your laptop or tablet, check for manufacturer updates and always keep your camera’s software and firmware fully up to date because patches are often released specifically to patch security vulnerabilities.

Firmware 219

Firmware Manufacturing Passwords Software 219

Malwarebytes

SEPTEMBER 22, 2021

In a detailed post on Github , security researcher Watchful_IP describes how he found that the majority of the recent camera product ranges of Hikvision cameras are susceptible to a critical, unauthenticated, remote code execution (RCE) vulnerability, even with the latest firmware. Hangzhou Hikvision Digital Technology Co.,

Firmware 144

Firmware Surveillance Marketing VPN 144

CyberSecurity Insiders

OCTOBER 27, 2021

With devices needing SIMs to authenticate them for mobile networks, advances in SIM technology will be critical f or the expansion of the connected world in years to come. . Energy consumption is also reduced thanks to the advanced technology node employed to build the SoC. . Same security certification . ThalesDigiSec ! .

Technology 100

Technology Manufacturing IoT Mobile 100

The Hacker News

OCTOBER 5, 2021

Cybersecurity researchers on Tuesday revealed details of a previously undocumented UEFI (Unified Extensible Firmware Interface) bootkit that has been put to use by threat actors to backdoor Windows systems as early as 2012 by modifying a legitimate Windows Boot Manager binary to achieve persistence, once again demonstrating how technology meant to (..)

Firmware 134

Firmware Technology Cybersecurity 134

Security Affairs

NOVEMBER 1, 2021

Positive Technologies researchers Vladimir Kononovich and Alexey Stennikov have discovered security flaws Wincor Cineo ATMs that could be exploited to bypass Black-Box attack protections and withdraw cash. ” explained Vladimir Kononovich, Senior Specialist of ICS Security at Positive Technologies. Both issues received a CVSSv3.0

Hacking 135

Hacking Firmware Encryption Manufacturing 135

Security Affairs

JULY 21, 2020

Researchers devised a technique dubbed BadPower to alter the firmware of fast chargers to cause damage to connected systems or cause the device to catch fire. BadPower consists of corrupting the firmware of fast chargers. “Most BadPower problems can be fixed by updating the device firmware.”

Firmware 130

Firmware Manufacturing Advertising Hacking 130

The Last Watchdog

JUNE 26, 2023

Singapore, June 26, 2023 – Hardware cybersecurity solutions pioneer Flexxon today announced the appointment of Erik Nilsen, PhD, as its Chief Technology Strategist. Flexxon’s flagship cybersecurity solution, the X-PHY® Cybersecure SSD, is the world’s first AI-embedded firmware-based cybersecurity solution.

Technology 100

Technology Marketing Media Firmware 100

eSecurity Planet

MARCH 17, 2025

Since its emergence in 2021, Medusa has targeted over 300 victims across various critical infrastructure sectors, including medical, education, legal, insurance, technology, and manufacturing. What is Medusa ransomware? Organizations must proactively implement robust cybersecurity measures to defend against such attacks.

Ransomware 74

Ransomware Backups Firmware Insurance 74

Security Boulevard

JANUARY 20, 2025

Specifically, stories and news items where public and/or private organizations have leveraged their capabilities to encroach on user privacy; for example, data brokers using underhanded means to harvest user location data without user knowledge or public organizations using technology without regard for user privacy.

Surveillance 97

Surveillance Malware Data breaches Scams 97

Security Affairs

JUNE 22, 2020

AMD is going to release patches for a flaw affecting the System Management Mode (SMM) of the Unified Extensible Firmware Interface (UEFI). The vulnerability was discovered by the security researcher Danny Odler, it resides in the AMD’s Mini PC could allow attackers to manipulate secure firmware and execute arbitrary code.

Firmware 132

Firmware Architecture Advertising Manufacturing 132