While malicious software is getting all the attention, its firmware and hardware that are the real problem, according to the University of Florida. Trends are showing that semi-conductor chip overseas manufacturing is contributing to this situation.
30 million computers were effected by four vulnerabilities in Dell’s SupportAssist remote firmware update utility. This error could let malicious people run arbitrary code in no fewer than 129 different PC and laptops models – while impersonating Dell to remotely upload a tampered BIOS.
NIST, along with CISA, the NSA and other critical groups gathered to define and set guidelines to help organizations deter, protect against, detect, and respond to malicious cyber actions and actors. This article outlines the type of software and products that need protection, of which firmware is included.
Cybersecurity researchers on Thursday disclosed a chain of vulnerabilities affecting the BIOSConnect feature within Dell Client BIOS that could be abused by a privileged network adversary to gain arbitrary code execution at the BIOS/UEFI level of the affected device.
Dell releases names of 129 security vulnerabilities affecting BIOSConnect and HTTPS Boot features along with remediations. Dell recommends all customers update to the latest Dell Client BIOS version at the earliest opportunity. For those that cannot apply BIOS updates immediately, Dell has also provided an interim mitigation to disable the BIOSConnect and HTTPS Boot features.
The industry-wide growing problem of a lack of usable scanning tools to see firmware vulnerabilities is what drove Microsoft to purchase ReFirm Labs earlier in June. Now the company is announcing how the plan to use ReFirm’s Binwalk tool to deliver Azure IoT Defender users ways to automate discovery and analysis of firmware vulnerabilities their organization has been exposed to.
Crowdstrike has found that a group of ramsomware attackers are using a flaw found in old SonicWall SRA devices to leverage zero-day vulnerabilities and gain persistent system access. SonicWall ended support on its Secure Remote Access (SRA) 4600 devices running firmware versions 8.x and 9.x in 2019 and is urging users to step up their security and check their logs for indicators of compromise.
Researchers have identified multiple vulnerabilities in the Stem Audio Table conference room speakerphone that could be used by attackers to not only eavesdrop on room conversations, but to download malicious firmware and get into the network and gain persistence.
Industry experts are terming firmware attacks as “Jackware” and saying this type of ransomware is 10 times more dangerous than traditional malware because it hijacks the actual physical device or machine. This article spells out just how dangerous a firmware attack can be to critical infrastructure, heavy machinery, and medical equipment.