firmware
The Connection Between Alaska Airlines, Blown Out Windows, and IoT Security
As the shock starts to wear off from hearing that a window blew out on a recent Alaska Airlines flight I came across research from our partner Nozomi Networks that might help ...
New Windows/Linux Firmware Attack
Interesting attack based on malicious pre-OS logo images: LogoFAIL is a constellation of two dozen newly discovered vulnerabilities that have lurked for years, if not decades, in Unified Extensible Firmware Interfaces responsible ...
Security Podcasting, Hacking Stories, and The State of Firmware Security with Paul Asadoorian
Paul Asadoorian, OG security podcaster and host of the popular Paul’s Security Weekly podcast, joins us in this episode to talk about his career as one of the original security podcasters. Paul’s ...
The Chip War’s Impact on Cybersecurity and the Supply Chain
Semiconductors had their moment in the spotlight during the worst of the pandemic-induced supply chain disruptions. The shortage of semiconductors wreaked havoc on the industries that rely on them, opening up devices ...
Another Malware with Persistence
Here’s a piece of Chinese malware that infects SonicWall security appliances and survives firmware updates. On Thursday, security firm Mandiant published a report that said threat actors with a suspected nexus to ...
BlackLotus Malware Hijacks Windows Secure Boot Process
Researchers have discovered malware that “can hijack a computer’s boot process even when Secure Boot and other advanced protections are enabled and running on fully updated versions of Windows.” Dubbed BlackLotus, the ...
AMI Brings Secure Firmware to the Open Compute Project
The pool of available open source resilient firmware keeps growing. This week, dynamic firmware maker AMI announced the contribution of its Tektagon OpenEdition Platform Root of Trust to the Open Compute Project ...
A Basis of Trust For the IoT
In the classic grandchild scam, a con artist poses as an elderly victim’s grandchild over the phone or even in person to get “financial support.” Such scams take advantage of the fact ...
‘CosmicStrand’ Highlights Ongoing Firmware Risks
You’re not imagining things; new firmware threats are appearing more often. The most recent is CosmicStrand, which exploits the Unified Extensible Firmware Interface (UEFI) to avoid detection. The new UEFI rootkit, detailed ...
Why Zero-Trust Must Extend to Deep Infrastructure
It is a dramatic understatement to say that staying one step ahead of continually evolving cyberthreats like ransomware, malware and other severe attacks must be a top priority. Today’s global community of threat ...
