Security News
GIGABYTE has released firmware updates to fix security vulnerabilities in over 270 motherboards that could be exploited to install malware. The firmware updates were released last Thursday in response to a report by hardware security company Eclypsium, who found flaws in a legitimate GIGABYTE feature used to install a software auto-update application in Windows.
Cybersecurity researchers have found "Backdoor-like behavior" within Gigabyte systems, which they say enables the UEFI firmware of the devices to drop a Windows executable and retrieve updates in an unsecure format. "Most Gigabyte firmware includes a Windows Native Binary executable embedded inside of the UEFI firmware," John Loucaides, senior vice president of strategy at Eclypsium, told The Hacker News.
HP is working to address a bad firmware update that has been bricking HP Office Jet printers worldwide since it was released earlier this month. While HP has yet to issue a public statement regarding these ongoing problems affecting a subset of its customer base, the company told BleepingComputer that it's addressing the blue screen errors seen by a "Limited number" of users.
A Chinese state-sponsored APT group implanted malicious firmware into TP-Link routers as part of attack campaigns aimed at European foreign affairs entities, say Check Point researchers. The malicious firmware was exclusively created for TP-Link routers.
The backdoor malware is deployed in a custom and malicious firmware designed specifically for TP-Link routers so that the hackers can launch attacks appearing to originate from residential networks. While Check Point has not determined how the attackers infect TP-Link routers with the malicious firmware image, they said it could be by exploiting a vulnerability or brute-forcing the administrator's credentials.
What has firmware got to do with pop rock, you ask? That's the question that crossed a security researcher's mind as he analyzed Kingston's firmware and stumbled upon the lyrics of a popular Coldplay song buried deep within it. The researcher, surprised by this finding, reached out to BleepingComputer disclosing the details of the firmware version-and the Coldplay song.
What has firmware got to do with pop rock, you ask? That's the question that crossed a security researcher's mind as he analyzed Kingston's firmware and stumbled upon the lyrics of a popular Coldplay song buried deep within it. The researcher, surprised by this finding, reached out to BleepingComputer disclosing the details of the firmware version-and the Coldplay song.
The cybercriminals who breached Taiwanese multinational MSI last month have apparently leaked the company's private code signing keys on their dark web site. MSI is a corporation that develops and sells computers and computer hardware.
Orqa, a maker of First Person View drone racing goggles, claims that a contractor introduced code into its devices' firmware that acted as a time bomb designed to brick them. On early Saturday, Orqa started receiving reports from customers surprised to see their FPV.One V1 goggles enter bootloader mode and become unusable.
Orqa, a maker of First Person View drone racing goggles, claims that a contractor introduced code into its devices' firmware that acted as a time bomb designed to brick them. On early Saturday, Orqa started receiving reports from customers surprised to see their FPV.One V1 goggles enter bootloader mode and become unusable.