Tag: firmware
-
Open source router firmware project OpenWrt ships its own entirely repairable hardware
by
in SecurityNews‘Forever unbrickable’ Wi-Fi 6 box from Banana Pi comes packaged or in kit form First seen on theregister.com Jump to article: www.theregister.com/2024/12/02/openwrt_one_foss_wifi_router/
-
Bosch-Thermostate anfällig für Hackerangriffe
by
in SecurityNewsEine Schwachstelle in der Firmware der Bosch-Thermostate des Modells BCC100 macht sie anfällig für Hackerangriffe und Malware. Wer nicht frieren will,… First seen on 8com.de Jump to article: www.8com.de/cyber-security-blog/bosch-thermostate-anfallig-fur-hackerangriffe
-
Zyxel Firewall Vulnerability Actively Exploited in Attacks
by
in SecurityNewsZyxel has announced awareness of active exploitation attempts by threat actors targeting their firewall products. This follows a detailed report by cybersecurity firm Sekoia highlighting vulnerabilities previously disclosed in Zyxel’s systems. The company has responded swiftly to these potential threats, aiming to safeguard its users through vital firmware updates and security enhancements. CVE-2024-11667: The Vulnerability…
-
>>Bootkitty<< A First Ever UEFI Bootkit Attack Linux Systems
by
in SecurityNewsCybersecurity researchers have uncovered the first-ever UEFI bootkit designed to target Linux systems. This discovery, named ‘Bootkitty’, marks a new chapter in UEFI threats, which have predominantly targeted Windows systems until now. The UEFI (Unified Extensible Firmware Interface) threat landscape has seen considerable evolution over the past decade. Evolution of UEFI Threats Initially, in 2012,…
-
Bootkitty is the first UEFI Bootkit designed for Linux systems
by
in SecurityNewsESET discovered the first Unified Extensible Firmware Interface (UEFI) bootkit specifically designed for Linux systems, named Bootkitty. Cybersecurity researchers from ESET discovered the first UEFI bootkit designed to target Linux systems, called by its authors Bootkitty. The bootkit allows attackers to disable the kernel’s signature verification feature and to preload two as yet unknown ELF…
-
QNAP NAS users locked out after firmware update snafu
by
in SecurityNewsAffected customers gripe about storage biz’s tech support First seen on theregister.com Jump to article: www.theregister.com/2024/11/25/qnap_faulty_update/
-
Researchers Discover “Bootkitty” First UEFI Bootkit Targeting Linux Kernels
by
in SecurityNewsCybersecurity researchers have shed light on what has been described as the first Unified Extensible Firmware Interface (UEFI) bootkit designed for Linux systems.Dubbed Bootkitty by its creators who go by the name BlackCat, the bootkit is assessed to be a proof-of-concept (PoC) and there is no evidence that it has been put to use in…
-
QNAP pulls buggy QTS firmware causing widespread NAS issues
by
in SecurityNewsQNAP has pulled a recently released firmware update after widespread customer reports that it’s breaking connectivity and, in some cases, locking users out of their devices. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/technology/qnap-pulls-buggy-qts-firmware-causing-widespread-nas-issues/
-
Unraveling Raspberry Robin’s Layers: Analyzing Obfuscation Techniques and Core Mechanisms
by
in SecurityNewsIntroductionDiscovered in 2021, Raspberry Robin (also known as Roshtyak) is a malicious downloader that has circulated in the wild for several years, primarily spreading through infected USB devices. Although USB devices are a common and unremarkable tactic for spreading malware, Raspberry Robin stands out due to its unique binary-obfuscation techniques, extensive use of anti-analysis methods,…
-
Critical TP-Link DHCP Vulnerability Let Attackers Execute Arbitrary Code Remotely
by
in SecurityNewsA critical security flaw has been uncovered in certain TP-Link routers, potentially allowing malicious actors to remotely compromise affected devices. The vulnerability, identified as CVE-2024-11237, affects TP-Link VN020 F3v(T) routers running firmware version TT_V6.2.1021, which are primarily deployed through Tunisie Telecom and Topnet ISPs. Similar variants of the router used in Algeria and Morocco are…
-
The Global Effort to Maintain Supply Chain Security – Part Two
by
in SecurityNewsVarious Cybersecurity Experts, CISO Global A well-run kitchen requires a fully stocked pantry and a clear understanding of what’s on hand. In cybersecurity, your pantry is your asset inventory”, every server, every piece of software, and even those firmware components lurking in the background. You wouldn’t want to cook without knowing exactly what ingredients are…
-
Cisco ATA 190 Telephone Adapter Vulnerabilities Let Attackers Execute Remote Code
by
in SecurityNewsCisco has disclosed multiple vulnerabilities affecting its ATA 190 Series Analog Telephone Adapter firmware, posing significant user risks. These vuln… First seen on gbhackers.com Jump to article: gbhackers.com/cisco-ata-190-telephone-adapter-vulnerabilities/
-
Western Digital releases firmware fix for SSDs blighted by Windows 11 24H2 BSODs
by
in SecurityNewsFirst seen on theregister.com Jump to article: www.theregister.com/2024/10/17/western_digital_releases_a_firmware/
-
Cisco Patches High-Severity Vulnerabilities in Analog Telephone Adapters
by
in SecurityNewsCisco has released patches for multiple vulnerabilities in ATA 190 series firmware, including two high-severity flaws. The post Cisco Patches High-Sev… First seen on securityweek.com Jump to article: www.securityweek.com/cisco-patches-high-severity-vulnerabilities-in-analog-telephone-adapters/
-
BTS #39 The Art of Firmware Scraping Edwin Shuttleworth
by
in SecurityNewsIn this episode, Edwin Shuttleworth from Finite State discusses firmware security, insights from the GRRCON Security Conference, and the challenges of… First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/10/bts-39-the-art-of-firmware-scraping-edwin-shuttleworth/
-
Google says replacing C/C++ in firmware with Rust is easy
by
in SecurityNewsFirst seen on theregister.com Jump to article: www.theregister.com/2024/09/06/google_rust_c_code_language/
-
Firmware 1.0: Flipper Zero spielt nun Walkie-Talkie und hält länger durch
by
in SecurityNews
Tags: firmwareFirst seen on golem.de Jump to article: www.golem.de/news/firmware-1-0-flipper-zero-spielt-nun-walkie-talkie-und-haelt-laenger-durch-2409-188891.html
-
Firmware-Update für D-Link-Router schließt Schwachstellen
by
in SecurityNewsBestimmte Router-Modelle von D-Link weisen diverse kritische Schwachstellen (u.a. fest Passwörter für Zugänge) auf, die durch Firmware-Updates beseiti… First seen on borncity.com Jump to article: www.borncity.com/blog/2024/09/21/firmware-update-fuer-d-link-router-schliesst-schwachstellen/
-
Hardware Supply Chain Threats Can Undermine Endpoint Infrastructure
by
in SecurityNewsTo prevent this, organizations should focus on developing secure hardware and firmware foundations, enabling them to manage, monitor, and remediate ha… First seen on darkreading.com Jump to article: www.darkreading.com/vulnerabilities-threats/hardware-supply-chain-threats-can-undermine-endpoint-infrastructure
-
PKfail Secure Boot bypass remains a significant risk two months later
by
in SecurityNewsRoughly nine percent of tested firmware images use non-production cryptographic keys that are publicly known or leaked in data breaches, leaving many … First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/pkfail-secure-boot-bypass-remains-a-significant-risk-two-months-later/
-
Hacking-Gadget: Firmware 1.0 für Flipper Zero ist da und bringt Appstore mit
by
in SecurityNewsFirst seen on heise.de Jump to article: www.heise.de/news/Hacking-Gadget-Firmware-1-0-fuer-Flipper-Zero-ist-da-und-bringt-Appstore-mit-9864746.html
-
Intel Warns of 20+ Vulnerabilities, Advises Firmware Updates
by
in SecurityNewsIntel on Tuesday published advisories covering more than 20 vulnerabilities affecting processors and other products. The post Intel Warns of 20+ Vulne… First seen on securityweek.com Jump to article: www.securityweek.com/intel-informs-customers-about-over-a-dozen-processor-vulnerabilities/
-
Intel Warns of 20+ Processor Vulnerabilities, Advises Firmware Updates
by
in SecurityNewsIntel on Tuesday published advisories covering more than 20 vulnerabilities affecting processors and other products. The post Intel Warns of 20+ Proce… First seen on securityweek.com Jump to article: www.securityweek.com/intel-informs-customers-about-over-a-dozen-processor-vulnerabilities/
-
Flipper Zero releases Firmware 1.0 after three years of development
by
in SecurityNews
Tags: firmwareAfter three years of development, the Flipper Zero team has announced the release of the first major firmware version for the portable, customizable d… First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/hardware/flipper-zero-releases-firmware-10-after-three-years-of-development/
-
Google Pushes Rust in Legacy Firmware to Tackle Memory Safety Flaws
by
in SecurityNewsGoogle’s adoption of memory safe programming languages now includes the deployment of Rust in legacy low-level firmware codebases. The post Google Pus… First seen on securityweek.com Jump to article: www.securityweek.com/google-pushes-rust-in-legacy-firmware-to-tackle-memory-safety-flaws/
-
Rust für Firmware: Sicherheit durch speichersichere Programmiersprachen
by
in SecurityNewsDas Android-Team erläutert die schrittweise Einführung von Rust in Firmware, um Sicherheitslücken zu reduzieren und die Speichersicherheit zu erhöhen…. First seen on heise.de Jump to article: www.heise.de/news/Rust-fuer-Firmware-Sicherheit-durch-speichersichere-Programmiersprachen-9860759.html
-
Unsichere Lieferkette – Sicherheitslücken in OT/IoT-Router-Firmware
by
in SecurityNewsFirst seen on security-insider.de Jump to article: www.security-insider.de/forescout-finite-states-studie-sicherheit-ot-iot-router-a-5a6dc2eb8d2799bc56be0a82f63947da/
-
Yubikey-Cloning-Angriff: Kein Firmware-Update, vielleicht Key-Austausch
by
in SecurityNewsFirst seen on heise.de Jump to article: www.heise.de/news/Yubikey-Cloning-Angriff-Kein-Firmware-Update-vielleicht-Key-Austausch-9857807.html
-
D-Link says it is not fixing four RCE flaws in DIR-846W routers
by
in SecurityNewsD-Link is warning that four remote code execution (RCE) flaws impacting all hardware and firmware versions of its DIR-846W router will not be fixed as… First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/d-link-says-it-is-not-fixing-four-rce-flaws-in-dir-846w-routers/
-
Damn Vulnerable UEFI: Simulate real-world firmware attacks
by
in SecurityNewsDamn Vulnerable UEFI (DVUEFI) is an open-source exploitation toolkit and learning platform for unveiling and fixing UEFI firmware vulnerabilities. Sim… First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/09/02/dvuefi-simulate-real-world-firmware-attacks/