Security News
TouchPad and TrackPoint firmware in Lenovo Laptops, HP Wide Vision FHD camera firmware in HP laptops and the Wi-Fi adapter on Dell XPS laptops were all found to lack secure firmware update mechanisms with proper code-signing. Eclypsium researchers analyzed a Lenovo ThinkPad X1 Carbon 6th Gen laptop, which contains two vulnerable firmware mechanisms: Touchpad firmware and TrackPoint firmware.
CCTV equipment maker Xiongmai effectively built a poorly hidden, insecure backdoor into potentially millions of surveillance devices, it is claimed. A hardware probester going by the name of Vladislav Yarmak alleged this week that China-based Xiongmai - best known for its wide-open security cameras - left a remote debugging and management tool in its firmware, which is used in network-connected surveillance video recorders.
Netgear left in its router firmware key ingredients needed to intercept and tamper with secure connections to its equipment's web-based admin interfaces. Specifically, valid, signed TLS certificates with private keys were embedded in the software, which was available to download for free by anyone, and also shipped with Netgear devices.
Even full disk encryption can't keep you secure if your PC firmware is compromised, so Secured-core PCs will use the CPU to check if UEFI is telling the truth about secure boot.
Researchers have discovered and revealed 146 vulnerabilities in various incarnations of Android smartphone firmware. The vulnerabilities were found by scanning the phones of 29 different Android...
Microsoft is working with PC manufacturing and silicon partners to design devices with a more secure firmware layer. The initiative aims to combat threats that are specifically targeting the...
Microsoft partnered with mainstream chip and computer makers to deliver hardware protection of firmware right out of the box: the so-called Secured-core PCs are aimed at foiling attackers who rely...
Windows code armors its arse Pointing to a five-fold increase in firmware vulnerabilities over the last three years and not saying much about the growing number of Windows vulnerabilities,...
Don't let your Logitech dongles remain vulnerable. Upgrade the firmware and be safe.
Some of the updates released by Intel as part of the August 2019 Patch Tuesday fix high-severity vulnerabilities in NUC firmware, the Processor Identification Utility, and the Computing...