-
DrayTek fixed critical flaws in over 700,000 exposed routers
DrayTek has released security updates for multiple router models to address 14 vulnerabilities of varying severity, including a remote code execution flaw that received the maximum CVSS score of 10.
- October 02, 2024
- 09:00 AM
1
-
Flipper Zero releases Firmware 1.0 after three years of development
After three years of development, the Flipper Zero team has announced the release of the first major firmware version for the portable, customizable digital hacking device.
- September 10, 2024
- 08:00 AM
0
-
Sponsored Content
Free shadow SaaS inventory + security insightsDiscover all SaaS accounts ever created by anyone in your org, in minutes, along with insights on security risks and spend. Save time, money and effort by curbing SaaS sprawl and automating tasks like offboarding and user access reviews. Free trial.
-
Phoenix UEFI vulnerability impacts hundreds of Intel PC models
A newly discovered vulnerability in Phoenix SecureCore UEFI firmware tracked as CVE-2024-0762 impacts devices running numerous Intel CPUs, with Lenovo already releasing new firmware updates to resolve the flaw.
- June 20, 2024
- 05:31 PM
- 0
-
US and Japan warn of Chinese hackers backdooring Cisco routers
A joint cybersecurity advisory by the FBI, NSA, CISA, and the Japanese NISC (cybersecurity) and NPA (police) sheds light on the techniques the Chinese threat actors known as BlackTech use to attack Japanese and U.S. organizations.
- September 27, 2023
- 11:51 AM
- 0
-
Microsoft previews Defender for IoT firmware analysis service
Microsoft announced the public preview of a new Defender for IoT feature that helps analyze the firmware of embedded Linux devices like routers for security vulnerabilities and common weaknesses.
- July 26, 2023
- 05:48 PM
- 0
-
Critical AMI MegaRAC bugs can let hackers brick vulnerable servers
Two new critical severity vulnerabilities have been discovered in the MegaRAC Baseboard Management Controller (BMC) software made by hardware and software company American Megatrends International.
- July 20, 2023
- 12:30 PM
- 0
-
Zyxel warns of critical command injection flaw in NAS devices
Zyxel is warning its NAS (Network Attached Storage) devices users to update their firmware to fix a critical severity command injection vulnerability.
- June 20, 2023
- 10:26 AM
- 0
-
Western Digital boots outdated NAS devices off of My Cloud
Western Digital is warning owners of My Cloud series devices that can no longer connect to cloud services starting on June 15, 2023, if the devices are not upgraded to the latest firmware, version 5.26.202.
- June 16, 2023
- 12:03 PM
- 0
-
GIGABYTE releases new firmware to fix recently disclosed security flaws
GIGABYTE has released firmware updates to fix security vulnerabilities in over 270 motherboards that could be exploited to install malware.
- June 05, 2023
- 11:09 AM
- 5
-
Cybercrime gang pre-infects millions of Android devices with malware
A cybercriminal tracked as the "Lemon Group" has been infecting millions of Android-based smartphones, watches, TVs, and TV boxes, with a malware strain named 'Guerilla.'
- May 18, 2023
- 05:40 PM
- 4
-
Kingston's SSD firmware has Coldplay lyrics hidden within it
What has firmware got to do with pop rock, you ask? That's the question that crossed a security researcher's mind as he analyzed Kingston's firmware and stumbled upon the lyrics of a popular Coldplay song buried deep within it.
- May 10, 2023
- 10:13 AM
- 2
-
New TPM 2.0 flaws could let hackers steal cryptographic keys
The Trusted Platform Module (TPM) 2.0 specification is affected by two buffer overflow vulnerabilities that could allow attackers to access or overwrite sensitive data, such as cryptographic keys.
- March 04, 2023
- 10:11 AM
- 2
-
Google will boost Android security through firmware hardening
Google has presented a plan to strengthen the firmware security on secondary Android SoCs (systems on a chip) by introducing mechanisms like control flow integrity, memory safety systems, and compiler-based sanitizers.
- February 21, 2023
- 12:30 PM
- 1
-
QNAP fixes critical bug letting hackers inject malicious code
QNAP is warning customers to install QTS and QuTS firmware updates that fix a critical security vulnerability allowing remote attackers to inject malicious code on QNAP NAS devices.
- January 30, 2023
- 12:25 PM
- 0
-
MSI breaks Secure Boot for hundreds of motherboards
Over 290 MSI motherboards are reportedly affected by an insecure default UEFI Secure Boot setting settings that allows any operating system image to run regardless of whether it has a wrong or missing signature.
- January 16, 2023
- 05:02 PM
- 8
-
Corsair keyboard bug makes it type on its own, no malware involved
Corsair has confirmed that a bug in the firmware of K100 keyboards, and not malware, is behind previously entered text being auto-typed into applications days later.
- December 21, 2022
- 04:47 PM
- 6
-
Severe AMI MegaRAC flaws impact servers from AMD, ARM, HPE, Dell, others
Three vulnerabilities in the American Megatrends MegaRAC Baseboard Management Controller (BMC) software impact server equipment used in many cloud service and data center providers.
- December 05, 2022
- 10:07 AM
- 0
-
Acer fixes UEFI bugs that can be used to disable Secure Boot
Acer has fixed a high-severity vulnerability affecting multiple laptop models that could enable local attackers to deactivate UEFI Secure Boot on targeted systems.
- November 28, 2022
- 06:31 PM
- 1
-
Lenovo fixes flaws that can be used to disable UEFI Secure Boot
Lenovo has fixed two high-severity vulnerabilities impacting various ThinkBook, IdeaPad, and Yoga laptop models that could allow an attacker to deactivate UEFI Secure Boot.
- November 09, 2022
- 11:03 AM
- 0
-
Intel confirms leaked Alder Lake BIOS Source Code is authentic
Intel has confirmed that a source code leak for the UEFI BIOS of Alder Lake CPUs is authentic and has been released by a third party.
- October 09, 2022
- 08:53 PM
- 1
