In the ever-evolving landscape of cybersecurity, a new threat has emerged, casting a long shadow over the integrity of computer systems worldwide. Dubbed ‘LogoFAIL,’ this set of vulnerabilities has been unearthed within the Unified Extensible Firmware Interface (UEFI), the backbone of modern computing’s boot process. Discovered by the vigilant eyes of the Binarly Research team, […]
A notorious threat actor with presumed ties to the Chinese government, known as “BlackTech”, has reportedly been exploiting Cisco routers to infiltrate major corporations in the United States and Japan, according to cybersecurity experts. Using various aliases like Palmerworm, Temp.Overboard, Circuit Panda, and Radio Panda, BlackTech has stealthily replaced original device firmware with malicious counterparts. […]
Cybersecurity researchers have found “backdoor-like behavior” within Gigabyte systems, which they say enables the UEFI firmware of the devices to drop a Windows executable and retrieve updates in an unsecure format. Firmware security firm Eclypsium said it first detected the anomaly in April 2023. Gigabyte has since acknowledged and addressed the issue. “Most Gigabyte firmware […]
The security researchers at ESET found a new high-risk vulnerability in the UEFI firmware of Acer computers. Because to a security flaw that affects numerous types of Acer laptops, an adversary may be able to deactivate the Secure Boot function, allowing them to circumvent security measures and install malicious software. When the Secure Boot feature […]
PC maker Lenovo has addressed yet another set of three shortcomings in the Unified Extensible Firmware Interface (UEFI) firmware affecting several Yoga, IdeaPad, and ThinkBook devices. “The vulnerabilities allow disabling UEFI Secure Boot or restoring factory default Secure Boot databases (incl. dbx): all simply from an OS,” Slovak cybersecurity firm ESET explained in a series […]
Critical flaws that affect many ThinkBook, IdeaPad, and Yoga laptop models have been resolved by Lenovo and may have allowed an attacker to disable UEFI Secure Boot. Researchers from ESET found these flaws in drivers in several Lenovo systems and informed the computer maker of their discovery. ESET published a link to a Twitter thread by […]
Networking equipment maker Zyxel has released patches for a critical security flaw impacting its network-attached storage (NAS) devices. Tracked as CVE-2022-34747 (CVSS score: 9.8), the issue relates to a “format string vulnerability” affecting NAS326, NAS540, and NAS542 models. Zyxel credited researcher Shaposhnikov Ilya for reporting the flaw. “A format string vulnerability was found in a […]
A threat actor has leaked 4TB of confidential data from Cellebrite an Israeli digital intelligence company. Cellebrite is an Israeli company specialized in providing forensic tools to security forces and companies, such as extracting data from an encrypted iPhone or Android mobile. It offers services to collect, review, analyze, and manage digital data. Its tools […]
An unknown Chinese-speaking threat actor has been attributed to a new kind of sophisticated Unified Extensible Firmware Interface (UEFI) firmware rootkit called CosmicStrand. “The rootkit is located in the firmware images of Gigabyte or ASUS motherboards, and we noticed that all these images are related to designs using the H81 chipset,” Kaspersky researchers said in […]
Consumer electronics maker Lenovo on Tuesday rolled out fixes to contain three security flaws in its UEFI firmware affecting over 70 product models. “The vulnerabilities can be exploited to achieve arbitrary code execution in the early phases of the platform boot, possibly allowing the attackers to hijack the OS execution flow and disable some important […]
At least two generations of PlayStation consoles could be affected by a newly revealed exploit that exists due to a bug in the way these systems handle Blu-Ray discs. The successful exploitation of the flaw would allow the use of custom code in these consoles, leaving open the possibility of using homebrew software. Sony has […]
An analysis of leaked chats from the notorious Conti ransomware group earlier this year has revealed that the syndicate has been working on a set of firmware attack techniques that could offer a path to accessing privileged code on compromised devices. “Control over firmware gives attackers virtually unmatched powers both to directly cause damage and […]
QNAP, Taiwanese maker of network-attached storage (NAS) devices, on Friday released security updates to patch nine security weaknesses, including a critical issue that could be exploited to take over an affected system. “A vulnerability has been reported to affect QNAP VS Series NVR running QVR,” QNAP said in an advisory. “If exploited, this vulnerability allows […]
Three high-impact Unified Extensible Firmware Interface (UEFI) security vulnerabilities have been discovered impacting various Lenovo consumer laptop models, enabling malicious actors to deploy and execute firmware implants on the affected devices. Tracked as CVE-2021-3970, CVE-2021-3971, and CVE-2021-3972, the latter two “affect firmware drivers originally meant to be used only during the manufacturing process of Lenovo […]
Kaspersky Lab experts have recently discovered a security vulnerability in UEFI firmware, and this vulnerability was detected while studying the Firmware Scanner logs at the end of 2021. During the further analysis, they found that the threat actors had modified one of the components in the firmware image that enabled the attackers to change the […]
A previously undocumented firmware implant deployed to maintain stealthy persistence as part of a targeted espionage campaign has been linked to the Chinese-speaking Winnti advanced persistent threat group (APT41). Kaspersky, which codenamed the rootkit MoonBounce, characterized the malware as the “most advanced UEFI firmware implant discovered in the wild to date,” adding “the purpose of […]
Cybersecurity specialists report the detection of multiple vulnerabilities in ZTE MF971R hotspot routers. According to the report, the successful exploitation of the reported failures would allow the deployment of all kinds of risk scenarios. Below are brief descriptions of the detected flaws, in addition to their respective identification keys and scores assigned according to the […]
The cybersecurity organization GRIMM has recently announced vulnerability research towards a series of Netgear SOHO devices. The vulnerability that has been discovered generally enables remote code execution (RCE) as root and lets attackers take control of an affected system. This vulnerability isn’t a typical router vulnerability, in this kind of vulnerability the actual source is […]
HP security teams announced the fix of a critical vulnerability in a print driver that remained unnoticed for more than 15 years. The flaw was tracked as CVE-2021-3438 and received a score of 8.8/10 on the Common Vulnerability Scoring System (CVSS) scale. The vulnerability was described as a potential buffer overflow in software drivers for […]
A recent cybersecurity report reports the detection of multiple critical vulnerabilities in the firmware of IP cameras with UDP Technology. UDP firmware is included in the cameras of a wide variety of manufacturers, including Geutebrück, VCA and Sprinx Technologies, among others. Experts at Randorisec, the security firm in charge of the report, mention that some […]
HPE’s enterprise-class solid-state drives have time bombs. HPE issued an emergency safety notice saying that some of its models of solid-state drives will stop working after 32,768 hours or 3 years, 270 days and 8 hours due to defective firmware. The SSD will stop working at almost the same time. HPE wrote on the security […]