Industry News Articles

Dell SupportAssist Flaw Allows Hackers to Reflash BIOS

Dell SupportAssist Flaw Allows Hackers to Reflash BIOS

30 million computers were effected by four vulnerabilities in Dell’s SupportAssist remote firmware update utility. This error could let malicious people run arbitrary code in no fewer than 129 different PC and laptops models – while impersonating Dell to remotely upload a tampered BIOS.

read more
Dell Releases Platform Security Update for BIOS Vulnerabilities

Dell Releases Platform Security Update for BIOS Vulnerabilities

Dell releases names of 129 security vulnerabilities affecting BIOSConnect and HTTPS Boot features along with remediations. Dell recommends all customers update to the latest Dell Client BIOS version at the earliest opportunity. For those that cannot apply BIOS updates immediately, Dell has also provided an interim mitigation to disable the BIOSConnect and HTTPS Boot features.

read more
Microsoft + ReFirm Labs Brings Firmware Discovery to Azure Defender

Microsoft + ReFirm Labs Brings Firmware Discovery to Azure Defender

The industry-wide growing problem of a lack of usable scanning tools to see firmware vulnerabilities is what drove Microsoft to purchase ReFirm Labs earlier in June. Now the company is announcing how the plan to use ReFirm’s Binwalk tool to deliver Azure IoT Defender users ways to automate discovery and analysis of firmware vulnerabilities their organization has been exposed to.

read more
Attackers using old SonicWall SRA Devices to Penetrate Networks

Attackers using old SonicWall SRA Devices to Penetrate Networks

Crowdstrike has found that a group of ramsomware attackers are using a flaw found in old SonicWall SRA devices to leverage zero-day vulnerabilities and gain persistent system access. SonicWall ended support on its Secure Remote Access (SRA) 4600 devices running firmware versions 8.x and 9.x in 2019 and is urging users to step up their security and check their logs for indicators of compromise.

read more
Firmware Security Goes Mainstream as Microsoft Acquires ReFirm Labs

Firmware Security Goes Mainstream as Microsoft Acquires ReFirm Labs

Firmware attacks and industry attention to this growing problem has taken a front stage today as industry giant Microsoft, Inc announced their acquisition of ReFirm Labs to enhance IoT security. Microsoft acknowledges the growth in recent attacks and in their own research has found that over 80% of organizations reported being attacked at the firmware level in the last two years. Read how their acquisition changes the firmware security landscape today.

read more