More focus on firmware as last week Cisco Talos discovered multiple vulnerabilities in the D-LINK DIR 3040 wireless router
HPE is addressing the firmware integrity challenge with its new Project Aurora, designed to deliver a cloud-native, zero-trust security to HPE’s edge-to-cloud architecture. Project Aurora will embed within the HPE GreenLake cloud platform building blocks to automatically and continuously verify the integrity of the hardware, firmware, operating systems, platforms, and workloads, including security workloads.
While malicious software is getting all the attention, its firmware and hardware that are the real problem, according to the University of Florida. Trends are showing that semi-conductor chip overseas manufacturing is contributing to this situation.
30 million computers were effected by four vulnerabilities in Dell’s SupportAssist remote firmware update utility. This error could let malicious people run arbitrary code in no fewer than 129 different PC and laptops models – while impersonating Dell to remotely upload a tampered BIOS.
NIST, along with CISA, the NSA and other critical groups gathered to define and set guidelines to help organizations deter, protect against, detect, and respond to malicious cyber actions and actors. This article outlines the type of software and products that need protection, of which firmware is included.
Dell releases names of 129 security vulnerabilities affecting BIOSConnect and HTTPS Boot features along with remediations. Dell recommends all customers update to the latest Dell Client BIOS version at the earliest opportunity. For those that cannot apply BIOS updates immediately, Dell has also provided an interim mitigation to disable the BIOSConnect and HTTPS Boot features.
The industry-wide growing problem of a lack of usable scanning tools to see firmware vulnerabilities is what drove Microsoft to purchase ReFirm Labs earlier in June. Now the company is announcing how the plan to use ReFirm’s Binwalk tool to deliver Azure IoT Defender users ways to automate discovery and analysis of firmware vulnerabilities their organization has been exposed to.
Crowdstrike has found that a group of ramsomware attackers are using a flaw found in old SonicWall SRA devices to leverage zero-day vulnerabilities and gain persistent system access. SonicWall ended support on its Secure Remote Access (SRA) 4600 devices running firmware versions 8.x and 9.x in 2019 and is urging users to step up their security and check their logs for indicators of compromise.
Researchers have identified multiple vulnerabilities in the Stem Audio Table conference room speakerphone that could be used by attackers to not only eavesdrop on room conversations, but to download malicious firmware and get into the network and gain persistence.