Showing only posts tagged firmware. Show all posts.

Dec 12 2023 New Windows/Linux Firmware Attack

Interesting attack based on malicious pre-OS logo images : LogoFAIL is a constellation of two dozen newly discovered vulnerabilities that have lurked for years, if not decades, in Unified Extensible Firmware Interfaces responsible for booting modern devices that run Windows or Linux.... The vulnerabilities are the subject of a coordinated …

Dec 06 2023 Just about every Windows and Linux device vulnerable to new LogoFAIL firmware attack

Source

Enlarge (credit: Getty Images) Hundreds of Windows and Linux computer models from virtually all hardware makers are vulnerable to a new attack that executes malicious firmware early in the boot-up sequence, a feat that allows infections that are nearly impossible to detect or remove using current defense mechanisms. The …

Oct 04 2023 Vulnerabilities in Supermicro BMCs could allow for unkillable server rootkits

Source

Enlarge (credit: Getty Images) If your organization uses servers that are equipped with baseboard management controllers from Supermicro, it’s time, once again, to patch seven high-severity vulnerabilities that attackers could exploit to gain control of them. And sorry, but the fixes must be installed manually. Typically abbreviated as …

Sep 27 2023 Backdoored firmware lets China state hackers control routers with “magic packets”

Source

Enlarge (credit: Getty Images) Hackers backed by the Chinese government are planting malware into routers that provides long-lasting and undetectable backdoor access to the networks of multinational companies in the US and Japan, governments in both countries said Wednesday. The hacking group, tracked under names including BlackTech, Palmerworm, Temp …

Jun 01 2023 Millions of PC motherboards were sold with a firmware backdoor

Source

Enlarge (credit: BeeBright/Getty Images) Hiding malicious programs in a computer’s UEFI firmware, the deep-seated code that tells a PC how to load its operating system, has become an insidious trick in the toolkit of stealthy hackers. But when a motherboard manufacturer installs its own hidden backdoor in …

Jul 13 2022 Vulnerabilities allowing permanent infections affect 70 Lenovo laptop models

Source

Enlarge (credit: Lenovo) For owners of more than 70 Lenovo laptop models, it’s time once again to patch the UEFI firmware against critical vulnerabilities that attackers can exploit to install malware that’s nearly impossible to detect or remove. The laptop maker on Tuesday released updates for three …

Jul 13 2022 Vulnerabilities that could allow undectable infections affect 70 Lenovo laptop models

Source

Enlarge (credit: Lenovo) For owners of more than 70 Lenovo laptop models, it’s time once again to patch the UEFI firmware against critical vulnerabilities that attackers can exploit to install malware that can be nearly impossible to detect or remove. The laptop maker on Tuesday released updates for …

May 16 2022 Researchers devise iPhone malware that runs even when device is turned off

Source

Enlarge (credit: Classen et al.) When you turn off an iPhone, it doesn’t fully power down. Chips inside the device continue to run in a low-power mode that makes it possible to locate lost or stolen devices using the Find My feature or use credit cards and car …

Jun 26 2021 A well-meaning feature leaves millions of Dell PCs vulnerable

Source

Enlarge / Dell has released a patch for a set of vulnerabilities that left as many as 30 million devices exposed. (credit: Artur Widak | Getty Images) Researchers have known for years about security issues with the foundational computer code known as firmware. It's often riddled with vulnerabilities, it's difficult to …