December 13, 2024 at 12:57PM A critical vulnerability (CVE-2024-54143) in OpenWrt’s Attended Sysupgrade could allow attackers to inject malicious firmware by exploiting command injection and hash collision issues. Patched in version 920c8a1, the flaw poses a severe supply chain risk as no authentication is required for exploitation. Users are urged to update immediately. ### Meeting … Read more
December 9, 2024 at 01:29PM The OpenWrt Project has released a critical patch addressing a vulnerability (CVE-2024-54143) that could allow attackers to inject malicious firmware through its sysupgrade server. Issues include command injection in the image builder and truncated SHA-256 hash collisions, compromising firmware integrity. Users are urged to upgrade to mitigate risks. ### Meeting … Read more
December 2, 2024 at 11:52AM A prototype UEFI bootkit, linked to a South Korean university’s BoB program, targets specific Ubuntu setups. Named Bootkitty, it uses the LogoFAIL exploit to bypass Secure Boot protections. Discovered by ESET, this research project showcases potential security risks, with indications it is still under development, not an active threat. ### … Read more
September 17, 2024 at 09:32AM Roughly 9% of tested firmware images use non-production cryptographic keys, making Secure Boot devices vulnerable to UEFI bootkit malware attacks. Known as ‘PKfail’, this supply chain attack affects various computer manufacturers and has been addressed by Binarly, who released a “PKfail scanner” to identify vulnerable firmware submissions. Vendors are taking … Read more
September 9, 2024 at 03:57PM Google is promoting the deployment of Rust in existing low-level firmware codebases to combat memory-related security vulnerabilities. The company aims to demonstrate the viability of using Rust for firmware, highlighting its efficiency in guaranteeing memory safety and reducing vulnerabilities in existing code. This migration has led to a decrease in … Read more
September 6, 2024 at 05:48PM Google is advocating for the use of the Rust programming language to replace legacy C and C++ code in firmware, aiming to enhance security and reduce vulnerabilities. Despite resistance from some developers, Google and the US government are promoting the adoption of Rust for secure and reliable software development, leveraging … Read more
August 13, 2024 at 06:42AM IOActive disclosed Sinkclose, a new AMD processor vulnerability that has been around for 20 years, targeting SMM. Exploiting the flaw needs deep understanding of the architecture, but not physical access. AMD has published mitigations and firmware updates, prioritizing security despite it affecting seriously breached systems. The malware planted is stealthy … Read more
July 28, 2024 at 10:06PM Protecting computers’ BIOS and boot process is crucial for modern security, yet recent research by Binarily found that PCs and components from major manufacturers used outdated test platform keys, leaving them vulnerable to exploitation. Security specialists urge scanning for vulnerability using a free tool and emphasize the importance of implementing … Read more
July 26, 2024 at 05:24PM Millions of Intel and ARM-based computing systems are vulnerable to attackers due to a leaked cryptographic key used in the Secure Boot process. The issue, dubbed “PKFail,” allows bypassing of Secure Boot and affects devices from vendors like Lenovo, HP, and Asus. Firmware updates are needed to address this widespread … Read more
July 10, 2024 at 08:09AM The “2024 Attack Intelligence Report” from Rapid7 reveals that zero-day vulnerabilities were widely exploited in 2023 and 2024, leading to mass compromise events. As IoT firmware is predominantly comprised of vulnerable open-source components, patching alone is insufficient. Isolated partitioning at the task level is proposed as a more effective solution … Read more