July 28, 2024 at 10:06PM
Protecting computers’ BIOS and boot process is crucial for modern security, yet recent research by Binarily found that PCs and components from major manufacturers used outdated test platform keys, leaving them vulnerable to exploitation. Security specialists urge scanning for vulnerability using a free tool and emphasize the importance of implementing multifactor authentication to reduce ransomware risks. TracFone has settled an FCC investigation by agreeing to pay $16 million after experiencing three data breaches.
Key takeaways from the meeting notes:
1. Vulnerabilities in BIOS and boot process:
– Researchers identified a 12-year-old test platform key (PK) used by several PC manufacturers and component sellers, allowing attackers to bypass UEFI Secure Boot.
– Exploiting the PK can compromise the entire security chain, from firmware to the operating system.
– A scanning tool (“PKFail”) has been released by Binarily to check systems for vulnerability, and device manufacturers need to address this issue.
2. Critical vulnerabilities:
– A use-after-free vulnerability in Internet Explorer versions 6 through 8, first detected in 2012, is still being exploited today.
– Multiple vulnerabilities in Berkeley Internet Name Domain 9 DNS system (CVE-2024-4076, CVE-2024-1975, CVE-2024-1737, CVE-2024-0760) have been identified, posing a denial of service risk.
3. Stalkerware vendor breach:
– Data from over 10,000 devices monitored by SpyTech software was breached, highlighting the inadequate protection of private user data by some software vendors.
4. Ransomware attacks and multifactor authentication (MFA):
– Around 80% of ransomware incidents occurred in organizations without MFA, indicating the importance of enabling MFA for all users.
5. TracFone data breaches:
– TracFone is fined $16 million for failing to secure customer database APIs, resulting in theft of customer account and device information, as well as unauthorized port-outs. They are required to implement mandatory cybersecurity programs and novel provisions to reduce API vulnerabilities.
These points summarize the key security vulnerabilities and incidents discussed in the meeting notes.