Google makes it harder to exploit Pixel 10 modem firmware 2026-04-13 at 15:44 By Sinisa Markovic Google is working to improve the security of Pixel phones by focusing on the cellular baseband modem, a part of the device that handles communication with mobile networks and processes external data. In the Pixel 9, the company introduced […]
Google makes it harder to exploit Pixel 10 modem firmware Read More »
CERT UEFI Parser: Open-source tool exposes UEFI architecture to uncover vulnerabilities 2026-01-28 at 09:10 By Sinisa Markovic CERT UEFI Parser, a new open-source security analysis tool from the CERT Coordination Center has been released to help researchers and defenders examine the structure of Unified Extensible Firmware Interface (UEFI) software and identify classes of vulnerabilities that
CERT UEFI Parser: Open-source tool exposes UEFI architecture to uncover vulnerabilities Read More »
Firmware scanning time, cost, and where teams run EMBA 2026-01-14 at 13:25 By Mirko Zorz Security teams that deal with connected devices often end up running long firmware scans overnight, checking progress in the morning, and trying to explain to colleagues why a single image consumed a workday of compute time. That routine sets the
Firmware scanning time, cost, and where teams run EMBA Read More »
Henkel CISO on the messy truth of monitoring factories built across decades 2025-12-10 at 09:08 By Mirko Zorz In this Help Net Security interview, Stefan Braun, CISO at Henkel, discusses how smart manufacturing environments introduce new cybersecurity risks. He explains where single points of failure hide, how attackers exploit legacy systems, and why monitoring must
Henkel CISO on the messy truth of monitoring factories built across decades Read More »
Smart grids are trying to modernize and attackers are treating it like an invitation 2025-12-04 at 09:05 By Mirko Zorz In this Help Net Security interview, Sonia Kumar, Senior Director Cyber Security at Analog Devices, discusses how securing decentralized smart grids demands a shift in defensive strategy. Millions of distributed devices are reshaping the attack
Smart grids are trying to modernize and attackers are treating it like an invitation Read More »
SonicWall adds rootkit removal capabilities to the SMA 100 series 2025-09-23 at 16:24 By Zeljka Zorz SonicWall has released new firmware for its Secure Mobile Access (SMA) 100 series appliances, adding file-checking capabilities that help users remove known rootkit malware. The malware in question is the OVERSTEP user-mode rootkit, deployed by threat group UNC6148. The
SonicWall adds rootkit removal capabilities to the SMA 100 series Read More »
Many networking devices are still vulnerable to pixie dust attack 2025-09-17 at 18:22 By Zeljka Zorz Despite having been discovered and reported in 2014, the vulnerability that allows pixie dust attacks still impacts consumer and SOHO networking equipment around the world, Netrise researchers have confirmed. WPS and the pixie dust attack Wi-Fi Protected Setup (WPS)
Many networking devices are still vulnerable to pixie dust attack Read More »
BadCam: New BadUSB Attack Turns Linux Webcams Into Persistent Threats 2025-08-11 at 11:05 By Eduard Kovacs Eclypsium researchers have demonstrated a BadCam attack against Lenovo cameras, but others may be impacted as well. The post BadCam: New BadUSB Attack Turns Linux Webcams Into Persistent Threats appeared first on SecurityWeek. This article is an excerpt from
BadCam: New BadUSB Attack Turns Linux Webcams Into Persistent Threats Read More »
Flaws Expose 100 Dell Laptop Models to Implants, Windows Login Bypass 2025-08-06 at 14:57 By Ionut Arghire ReVault vulnerabilities in the ControlVault3 firmware in Dell laptops could lead to firmware modifications or Windows login bypass. The post Flaws Expose 100 Dell Laptop Models to Implants, Windows Login Bypass appeared first on SecurityWeek. This article is
Flaws Expose 100 Dell Laptop Models to Implants, Windows Login Bypass Read More »
Millions of Dell laptops could be persistently backdoored in ReVault attacks 2025-08-05 at 21:19 By Zeljka Zorz A set of firmware vulnerabilities affecting 100+ Dell laptop models widely used in government settings and by the cybersecurity industry could allow attackers to achieve persistent access even across Windows reinstalls, Cisco Talos researchers have discovered. About the
Millions of Dell laptops could be persistently backdoored in ReVault attacks Read More »
Lenovo Firmware Vulnerabilities Allow Persistent Implant Deployment 2025-07-29 at 20:02 By Eduard Kovacs Vulnerabilities discovered by Binarly in Lenovo devices allow privilege escalation, code execution, and security bypass. The post Lenovo Firmware Vulnerabilities Allow Persistent Implant Deployment appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source
Lenovo Firmware Vulnerabilities Allow Persistent Implant Deployment Read More »
Enterprise printer security fails at every stage 2025-07-22 at 10:13 By Help Net Security Printer platform security is often overlooked in enterprise security strategies, creating security gaps, according to HP Wolf Security. By addressing security at every stage, organizations can strengthen their defenses and ensure their print infrastructure remains a trusted part of their IT
Enterprise printer security fails at every stage Read More »
Vulnerable firmware for Gigabyte motherboards could allow bootkit installation 2025-07-15 at 16:19 By Zeljka Zorz UEFI firmware running on 100+ Gigabyte motherboard models is affected by memory corruption vulnerabilities that may allow attackers to install persistent and difficult-to-detect bootkits (i.e., malware designed to infect the computer’s boot process). “While AMI (the original firmware supplier) has
Vulnerable firmware for Gigabyte motherboards could allow bootkit installation Read More »
Flaws in Gigabyte Firmware Allow Security Bypass, Backdoor Deployment 2025-07-14 at 14:54 By Ionut Arghire Vulnerabilities in Gigabyte firmware implementations could allow attackers to disable Secure Boot and execute code during the early boot phase. The post Flaws in Gigabyte Firmware Allow Security Bypass, Backdoor Deployment appeared first on SecurityWeek. This article is an excerpt
Flaws in Gigabyte Firmware Allow Security Bypass, Backdoor Deployment Read More »
Eclypsium Eyes Global Expansion with $45 Million Series C Investment 2025-01-28 at 18:03 By SecurityWeek News The investment includes equity and debt from new investors Qualcomm Ventures, Pavilion Capital, Singtel Innov8, and Sixty Degree Capital. The post Eclypsium Eyes Global Expansion with $45 Million Series C Investment appeared first on SecurityWeek. This article is an
Eclypsium Eyes Global Expansion with $45 Million Series C Investment Read More »
Overlooking platform security weakens long-term cybersecurity posture 2024-12-16 at 06:04 By Help Net Security Platform security – securing the hardware and firmware of PCs, laptops and printers – is often overlooked, weakening cybersecurity posture for years to come, according to HP. The report, based on a global study of 800+ IT and security decision-makers (ITSDMs)
Overlooking platform security weakens long-term cybersecurity posture Read More »
ESET researchers analyze first UEFI bootkit for Linux systems 2024-11-27 at 18:18 By Help Net Security ESET Research has discovered the first UEFI bootkit designed for Linux systems, named Bootkitty by its creators. Researchers believe this bootkit is likely an initial proof of concept, and based on ESET telemetry, it has not been deployed in
ESET researchers analyze first UEFI bootkit for Linux systems Read More »
Zyxel fixes critical command injection flaw in EOL NAS devices (CVE-2024-6342) 2024-09-10 at 12:02 By Zeljka Zorz Users of Zyxel network-attached storage (NAS) devices are urged to implement hotfixes addressing a critical and easily exploited command injection vulnerability (CVE-2024-6342). About CVE-2024-6342 Zyxel NAS devices are generally used by small to medium-sized businesses (SMBs) for data
Zyxel fixes critical command injection flaw in EOL NAS devices (CVE-2024-6342) Read More »
Google Pushes Rust in Legacy Firmware to Tackle Memory Safety Flaws 2024-09-09 at 23:01 By Ryan Naraine Google’s adoption of memory safe programming languages now includes the deployment of Rust in legacy low-level firmware codebases. The post Google Pushes Rust in Legacy Firmware to Tackle Memory Safety Flaws appeared first on SecurityWeek. This article is
Google Pushes Rust in Legacy Firmware to Tackle Memory Safety Flaws Read More »
Damn Vulnerable UEFI: Simulate real-world firmware attacks 2024-09-02 at 07:31 By Help Net Security Damn Vulnerable UEFI (DVUEFI) is an open-source exploitation toolkit and learning platform for unveiling and fixing UEFI firmware vulnerabilities. Simulate real-world firmware attacks DVUEFI was created to assist ethical hackers, security researchers, and firmware enthusiasts in beginning their journey into UEFI
Damn Vulnerable UEFI: Simulate real-world firmware attacks Read More »