Thousands of DrayTek Routers at Risk From 14 Vulnerabilities

October 3, 2024 at 06:02PM Thousands of DrayTek routers are at risk due to 14 newly discovered firmware vulnerabilities, enabling remote code execution, denial-of-service attacks, and injection of malicious code. Forescout’s Vedere Labs found over 704,000 exposed routers, urging proactive security measures in addition to patching. Threat actors, including nation-state actors, are actively targeting vulnerable … Read more

China’s ‘Salt Typhoon’ Cooks Up Cyberattacks on US ISPs

September 25, 2024 at 04:49PM A recently discovered advanced persistent threat (APT) named “Salt Typhoon” has targeted US Internet service provider networks, potentially for stealing information and launching disruptive attacks. This indicates China’s focus on geopolitical interests, with concerns raised about surveilling high-value targets and a military component in the campaign. The ongoing targeting of … Read more

D-Link Warns of Code Execution Flaws in Discontinued Router Model

September 4, 2024 at 06:54AM D-Link warns of multiple critical and high-severity remote code execution (RCE) vulnerabilities affecting the discontinued DIR-846 router model. Four RCE flaws, including OS command injection issues, remain unpatched. The company advises retiring and replacing EOL/EOS devices, as it has ceased firmware development for discontinued products and is unable to resolve … Read more

New Flaws in Sonos Smart Speakers Allow Hackers to Eavesdrop on Users

August 9, 2024 at 10:21AM Cybersecurity researchers discovered vulnerabilities in Sonos smart speakers that could be exploited by attackers to eavesdrop on users, impacting all versions prior to Sonos S2 release 15.9 and Sonos S1 release 11.12. These findings were presented at Black Hat USA 2024 and reveal two security defects, CVE-2023-50809 and CVE-2023-50810, compromising … Read more

GrapheneOS: Frequent Android auto-reboots block firmware exploits

January 14, 2024 at 02:36PM The GrapheneOS team suggests introducing an auto-reboot feature for Android to reduce exploitation of firmware flaws, affecting data theft and spying on Google Pixel and Samsung Galaxy phones. They recommend a shorter reboot interval and emphasize the importance of device encryption and security. Google is reviewing the reported vulnerabilities while … Read more

Critical ‘LogoFAIL’ Bugs Offer Secure Boot Bypass for Millions of PCs

December 1, 2023 at 04:01PM “LogoFAIL” exposes critical vulnerabilities in the PC’s UEFI ecosystem, impacting most devices worldwide, including those from top manufacturers. The flaw affects image-parsing during boot-up, enabling attackers to bypass security like Secure Boot. Binarly Research found that compromised images in the boot process could allow persistent malicious control. Vendor patches are … Read more

LogoFAIL attack can install UEFI bootkits through bootup logos

December 1, 2023 at 12:19PM Security researchers uncovered LogoFAIL vulnerabilities in UEFI firmware’s image parsers that can be exploited to deliver bootkits and bypass security during boot, affecting a wide range of devices across x86 and ARM architectures. Many consumer and enterprise devices from major manufacturers and UEFI vendors could be vulnerable, threatening boot process … Read more

LogoFAIL bugs in UEFI code allow planting bootkits via images

December 1, 2023 at 11:26AM LogoFAIL vulnerabilities, found within UEFI code’s image-parsing components, could let attackers hijack the boot process and deliver bootkits on various devices using ESP image file injection. Hundreds of devices across major vendors and architectures are at risk, with the full impact yet to be determined. Meeting Takeaways: 1. LogoFAIL refers … Read more