Tag: firmware
-
What’s New in CJIS 5.9.5 as it Relates to Firmware Security?
by
in SecurityNewsThe Criminal Justice Information Services (CJIS) is a division of the US Federal Bureau of Investigation (FBI) that is the centralized source of crimi… First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/08/whats-new-in-cjis-5-9-5-as-it-relates-to-firmware-security/
-
Guest Essay: The urgent need to improve firmware security, especially in OT and IoT routers
by
in SecurityNewsAs our world becomes increasingly interconnected, the security of Operational Technology (OT) and Internet of Things (IoT) devices is more critical th… First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/08/guest-essay-the-urgent-need-to-improve-firmware-security-especially-in-ot-and-iot-routers/
-
CPU-Sicherheitsleck Sinkclose: Firmware-Update auch für AMDs Ryzen 3000
by
in SecurityNewsFirst seen on heise.de Jump to article: www.heise.de/news/CPU-Sicherheitsleck-Sinkclose-Firmware-Update-auch-fuer-AMDs-Ryzen-3000-9842780.html
-
Microsoft disables BitLocker security fix, advises manual mitigation
by
in SecurityNewsMicrosoft has disabled a fix for a BitLocker security feature bypass vulnerability due to firmware incompatibility issues that were causing patched Wi… First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-disables-bitlocker-security-fix-advises-manual-mitigation/
-
Firmware Guide for Pen Testers
by
in SecurityNewsContributions from Mathew Mullins, Supply Chain Security Consultant here at Eclypsium. Introduction Penetration tests come in many different varieties… First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/08/firmware-guide-for-pen-testers/
-
OpenWrt dominates, but vulnerabilities persist in OT/IoT router firmware
by
in SecurityNewsForescout has published a new report examining the current state of the software supply chain in OT/IoT routers. The study uncovered that OT and IoT c… First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/08/07/ot-iot-router-firmware-vulnerabilities/
-
Mit Test-Key für Secure Boot: PC-Hersteller liefern unsichere UEFI-Firmware aus
by
in SecurityNews
Tags: firmwareBetroffen sind angeblich fast 900 verschiedene Systeme namhafter Hersteller wie Lenovo, Dell und HP. Anfällige Firmwares reichen zurück bis ins Jahr 2… First seen on golem.de Jump to article: www.golem.de/news/mit-test-key-fuer-secure-boot-pc-hersteller-liefern-unsichere-uefi-firmware-aus-2407-187453.html
-
UEFI Secure Boot: Hunderte Computer haben unsichere Kryptoschlüssel
by
in SecurityNewsSicherheitsexperten fanden mehr als 900 Rechner mit UEFI-Firmwares, die jeweils einen unsicheren Platform Key (PK) enthalten. Das unterminiert Secure … First seen on heise.de Jump to article: www.heise.de/news/UEFI-Secure-Boot-Hunderte-Computer-haben-unsichere-Kryptoschluessel-9814730.html
-
PKfail Is a Newly Discovered Pathway for Firmware Malware
by
in SecurityNewsUEFI Developer Leaked a Secure Boot Asymmetric Key. Hundreds of laptop and server models from mainstream manufacturers are at risk of hacking that byp… First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/pkfail-newly-discovered-pathway-for-firmware-malware-a-25867
-
PKFail bug puts firmware security at risk
by
in SecurityNewsFirst seen on scmagazine.com Jump to article: www.scmagazine.com/news/pkfail-bug-puts-firmware-security-at-risk
-
PKfail Secure Boot bypass lets attackers install UEFI malware
by
in SecurityNewsHundreds of UEFI products from 10 vendors are susceptible to compromise due to a critical firmware supply-chain issue known as PKfail, which allows at… First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/pkfail-secure-boot-bypass-lets-attackers-install-uefi-malware/
-
Phoenix SecureCore UEFI firmware bug affects Intel processors
by
in SecurityNewsMultiple Intel processors and hundreds of PC models are potentially vulnerable to a recently disclosed vulnerability in Phoenix SecureCore UEFI firmwa… First seen on techtarget.com Jump to article: www.techtarget.com/searchsecurity/news/366589399/Phoenix-SecureCore-UEFI-firmware-bug-affects-Intel-processors
-
Eclypsium for Data Centers
by
in SecurityNewsSecurity frameworks and standards are increasingly emphasizing supply chain and firmware security, and for good reason. Attackers are actively targeti… First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/07/eclypsium-for-data-centers/
-
Firmware, Supply Chain, and Frameworks NIST SP 800-53
by
in SecurityNewsNIST Special Publication 800-53 rev 5, Security and Privacy Controls for Information Systems and Organizations, is one of the most important and influ… First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/07/firmware-supply-chain-and-frameworks-nist-sp-800-53/
-
Firmware update hides Bluetooth fingerprints
by
in SecurityNewsA smartphone’s unique Bluetooth fingerprint could be used to track the device’s useruntil now. A team of researchers has developed a simple firmware u… First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/07/16/firmware-hide-bluetooth-fingerprint/
-
USENIX Security ’23 Greenhouse: Single-Service Rehosting of Linux-Based Firmware Binaries in User-Space Emulation
by
in SecurityNewsAuthors/Presenters:Hui Jun Tay, Kyle Zeng, Jayakrishna Menon Vadayath, Arvind S. Raj, Audrey Dutcher, Tejesh Reddy, Wil Gibbs, Zion Leonahenahe Basque… First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/07/usenix-security-23-greenhouse-single-service-rehosting-of-linux-based-firmware-binaries-in-user-space-emulation/
-
Netgear warns users to patch auth bypass, XSS router flaws
by
in SecurityNewsNetgear warned customers to update their devices to the latest available firmware, which patches stored cross-site scripting (XSS) and authentication … First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/netgear-warns-users-to-patch-authentication-bypass-xss-router-flaws/
-
Eclypsium and Everfox Partner to Deliver Enhanced Security for the Technology Supply Chain of the U.S. Government
by
in SecurityNewsPortland, OR July 11, 2024 Eclypsium, the leader in digital supply chain security for enterprise hardware, firmware and software infrastructure, today… First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/07/eclypsium-and-everfox-partner-to-deliver-enhanced-security-for-the-technology-supply-chain-of-the-u-s-government/
-
PCs mit Intel-Prozessoren: UEFI-Sicherheitslücke lässt Schadcode passieren
by
in SecurityNewsAufgrund eines Fehlers in der UEFI-Firmware von Phoenix können Angreifer Computer attackieren. Davon sind unter anderem Lenovo-Geräte mit Intel-CPU be… First seen on heise.de Jump to article: www.heise.de/news/PCs-mit-Intel-Prozessoren-UEFI-Sicherheitsluecke-laesst-Schadcode-passieren-9773023.html
-
Researchers Uncover UEFI Vulnerability Affecting Intel CPUs
by
in SecurityNewsCybersecurity researchers have recently uncovered a UEFI vulnerability in the Phoenix SecureCore UEFI firmware, which affects a variety of Intel Core … First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/07/researchers-uncover-uefi-vulnerability-affecting-intel-cpus/
-
Sicherheitslücke: Die UEFI-Firmware unzähliger Intel-Systeme ist angreifbar
by
in SecurityNewsAngreifer können die Sicherheitslücke beispielsweise ausnutzen, um ein Bootkit einzuschleusen und sich damit auf Zielsystemen eine Backdoor zu schaffe… First seen on golem.de Jump to article: www.golem.de/news/sicherheitsluecke-die-uefi-firmware-unzaehliger-intel-systeme-ist-angreifbar-2406-186321.html
-
Researchers Uncover UEFI Vulnerability Affecting Multiple Intel CPUs
by
in SecurityNewsCybersecurity researchers have disclosed details of a now-patched security flaw in Phoenix SecureCore UEFI firmware that affects multiple families of … First seen on thehackernews.com Jump to article: thehackernews.com/2024/06/researchers-uncover-uefi-vulnerability.html
-
D-Link: Versteckte Backdoor in 16 Routermodellen entdeckt
by
in SecurityNewsAngreifer können aus der Ferne den Telnet-Dienst betroffener D-Link-Router aktivieren. Auch die Admin-Zugangsdaten sind offenbar in der Firmware hinte… First seen on golem.de Jump to article: www.golem.de/news/d-link-versteckte-backdoor-in-16-routermodellen-entdeckt-2406-186277.html
-
Patch or Perish: Secure Your Data Center with Firmware Management
by
in SecurityNewsIn the dynamic world of data centers, where uptime and security are paramount, firmware management often goes under the radar. However, as data center… First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/06/patch-or-perish-secure-your-data-center-with-firmware-management/
-
Intel-powered computers affected by serious firmware flaw (CVE-2024-0762)
by
in SecurityNewsA vulnerability (CVE-2024-0762) in the Phoenix SecureCore UEFI, which runs on various Intel processors, could be exploited locally to escalate privile… First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/06/21/cve-2024-0762/
-
Google Pixel Firmware Zero-Day Flaw Exploited And Patched
Google has recently issued a warning regarding a critical security flaw affecting Google Pixel Firmware, which has been actively exploited as a zero-d… First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/06/google-pixel-firmware-zero-day-flaw-exploited-and-patched/
-
UEFICANHAZBUFFEROVERFLOW flaw in Phoenix SecureCore UEFI firmware potentially impacts hundreds of PC and server models
by
in SecurityNewsA serious vulnerability (CVE-2024-0762) in the Phoenix SecureCore UEFI firmware potentially impacts hundreds of PC and server models. Firmware securit… First seen on securityaffairs.com Jump to article: securityaffairs.com/164771/hacking/phoenix-securecore-uefi-firmware-cve-2024-0762.html
-
Phoenix UEFI vulnerability impacts hundreds of Intel PC models
by
in SecurityNewsA newly discovered vulnerability in Phoenix SecureCore UEFI firmware tracked as CVE-2024-0762 impacts devices running numerous Intel CPUs, with Lenovo… First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/phoenix-uefi-vulnerability-impacts-hundreds-of-intel-pc-models/