Showing only posts tagged firmware. Show all posts.

Hacking Wireless Bicycle Shifters

Source

This is yet another insecure Internet-of-things story, this one about wireless gear shifters for bicycles. These gear shifters are used in big-money professional bicycle races like the Tour de France, which provides an incentive to actually implement this attack. Research paper. Another news story. Slashdot thread. [...]

New Windows/Linux Firmware Attack

Source

Interesting attack based on malicious pre-OS logo images : LogoFAIL is a constellation of two dozen newly discovered vulnerabilities that have lurked for years, if not decades, in Unified Extensible Firmware Interfaces responsible for booting modern devices that run Windows or Linux.... The vulnerabilities are the subject of a coordinated …

Just about every Windows and Linux device vulnerable to new LogoFAIL firmware attack

Source

Enlarge (credit: Getty Images) Hundreds of Windows and Linux computer models from virtually all hardware makers are vulnerable to a new attack that executes malicious firmware early in the boot-up sequence, a feat that allows infections that are nearly impossible to detect or remove using current defense mechanisms. The …

Vulnerabilities in Supermicro BMCs could allow for unkillable server rootkits

Source

Enlarge (credit: Getty Images) If your organization uses servers that are equipped with baseboard management controllers from Supermicro, it’s time, once again, to patch seven high-severity vulnerabilities that attackers could exploit to gain control of them. And sorry, but the fixes must be installed manually. Typically abbreviated as …

Backdoored firmware lets China state hackers control routers with “magic packets”

Source

Enlarge (credit: Getty Images) Hackers backed by the Chinese government are planting malware into routers that provides long-lasting and undetectable backdoor access to the networks of multinational companies in the US and Japan, governments in both countries said Wednesday. The hacking group, tracked under names including BlackTech, Palmerworm, Temp …

Millions of PC motherboards were sold with a firmware backdoor

Source

Enlarge (credit: BeeBright/Getty Images) Hiding malicious programs in a computer’s UEFI firmware, the deep-seated code that tells a PC how to load its operating system, has become an insidious trick in the toolkit of stealthy hackers. But when a motherboard manufacturer installs its own hidden backdoor in …

Vulnerabilities allowing permanent infections affect 70 Lenovo laptop models

Source

Enlarge (credit: Lenovo) For owners of more than 70 Lenovo laptop models, it’s time once again to patch the UEFI firmware against critical vulnerabilities that attackers can exploit to install malware that’s nearly impossible to detect or remove. The laptop maker on Tuesday released updates for three …

Vulnerabilities that could allow undectable infections affect 70 Lenovo laptop models

Source

Enlarge (credit: Lenovo) For owners of more than 70 Lenovo laptop models, it’s time once again to patch the UEFI firmware against critical vulnerabilities that attackers can exploit to install malware that can be nearly impossible to detect or remove. The laptop maker on Tuesday released updates for …

A well-meaning feature leaves millions of Dell PCs vulnerable

Source

Enlarge / Dell has released a patch for a set of vulnerabilities that left as many as 30 million devices exposed. (credit: Artur Widak | Getty Images) Researchers have known for years about security issues with the foundational computer code known as firmware. It's often riddled with vulnerabilities, it's difficult to …