The DHS CISA is requesting providers strengthen the security of operating systems, software, and firmware to “ensure robust vulnerability management and patching practices are in place given our current geo-political environment. These vulnerabilities carry significant risk to federal agencies as well as public and private sectors entities.
Industry News Articles
US Spy Agency Probes Sabotage of Satellite Internet During Russian Invasion
Western intelligence agencies are investigating a cyberattack by unidentified hackers that disrupted broadband satellite internet access in Ukraine coinciding with Russia’s invasion, according to three people with direct knowledge of the incident.
Report: Senate Approves New Cyber Incident Reporting Rules
Amid Russia’s invasion of Ukraine and escalating concerns about potential cyberattacks, the Senate last week unanimously approved a package of cybersecurity legislation that includes provisions that would require certain critical infrastructure owners and operators to promptly report cyber intrusions to DHS.
16 High Impact Vulnerabilities Discovered in HP Devices
Everything needs to be replaced! Binarly’s security research lab has discovered 16 highly-severe vulnerabilities in its UEFI firmware affecting multiple enterprise products from HP including laptops, desktops, POS systems and edge computing nodes.
Patched Vulnerability in Widely Used UPS Devices Allows Attackers to Control Power Backup System
ANOTHER example of a kinetic firmware attack! Here a modified firmware “update” is loaded on to a widely used UPS device and to brick the device. You can even see the device smoke up!! If you’re not continuously monitoring your devices below the operating system you are never going to detect an unauthorized change at the firmware layer.
US Gov Warns: Firmware Security is a “Single Point of Failure”
At the highest levels, US government officials are calling attention to the growing problem of firmware scurity weaknessess, saying securing the firmware layer is an “often overlooked” single point of failure in devices that is “one of the stealthiest methods in which an attacker can compromise devices at scale.”
Security Vulnerability Announced for Netgear Routers
Another week, another firmware vulnerability and POC attack, this time for Netgear routers. This stack-based overflow vulnerability was discovered by NCC Group and can be exploited on the LAN side of the router and does not need authentication. It allows an attacker to get remote code execution as the admin user (highest privileges) on the router if a printer is directly connected to the router via a USB port.
New Sandworm Malware Cyclops Blink Replaces VPNFilter
CISA Reports the sandworm actor (previously noted as coming from the Russian GRU), has replaced the exposed VPNFilter malware with a new more advanced one.
Lloyd’s of London Cuts Cyber Insurance Payouts on Nation-State Attacks
Cyber attacks attributable to nation-states will no longer be covered, per this bulletin, almost guaranteeing cyber incidents impacting critical infrastructure will no longer be covered,