A security issue that could have allowed attackers to serve malicious firmware images to users has been fixed by OpenWrt Project, the organization that helms the development of the popular Linux distribution for embedded devices. About OpenWrt OpenWrt is a customizable operating system that’s primarily used for wireless home routers by various manufacturers, instead of the OS/firmware provided by them. “Instead of trying to create a single, static firmware, OpenWrt provides a fully writable filesystem … More →

The post Update your OpenWrt router! Security issue made supply chain attack possible appeared first on Help Net Security.

The EMBA open-source security analyzer is tailored as the central firmware analysis tool for penetration testers and product security groups. It assists throughout the security evaluation procedure, extracting firmware, conducting static and dynamic analysis through emulation, and creating a web-based report. EMBA features EMBA identifies potential vulnerabilities and weak points in firmware, such as insecure binaries, outdated software components, scripts that might be susceptible to attack, or embedded hard-coded passwords. This command line tool also … More →

The post EMBA: Open-source security analyzer for embedded devices appeared first on Help Net Security.