Getty Images reader comments 152 Hundreds of Windows and Linux computer models from virtually all hardware makers are vulnerable to a new attack that executes malicious firmware early in the boot-up sequence, a feat that allows infections that are nearly impossible to detect or remove using current defense mechanisms. The attack—dubbed LogoFAIL by the researchers… Read More »
Getty Images reader comments 32 with If your organization uses servers that are equipped with baseboard management controllers from Supermicro, it may be time, once again, to patch seven high-severity vulnerabilities that attackers could exploit to gain control of them. And sorry, but the fixes must be installed manually. Typically abbreviated as BMCs, baseboard management… Read More »
Getty Images reader comments 36 with Hackers backed by the Chinese government are planting malware into routers that provides long-lasting and undetectable backdoor access to the networks of multinational companies in the US and Japan, governments in both countries said Wednesday. The hacking group, tracked under names including BlackTech, Palmerworm, Temp.Overboard, Circuit Panda, and Radio… Read More »
BeeBright/Getty Images reader comments 94 with Hiding malicious programs in a computer’s UEFI firmware, the deep-seated code that tells a PC how to load its operating system, has become an insidious trick in the toolkit of stealthy hackers. But when a motherboard manufacturer installs its own hidden backdoor in the firmware of millions of computers—and… Read More »
Enlarge (credit: Lenovo) For owners of more than 70 Lenovo laptop models, it’s time once again to patch the UEFI firmware against critical vulnerabilities that attackers can exploit to install malware that’s nearly impossible to detect or remove. The laptop maker on Tuesday released updates for three vulnerabilities that researchers found in the UEFI firmware… Read More »
Classen et al. reader comments 57 with 41 posters participating, including story author Share this story When you turn off an iPhone, it doesn’t fully power down. Chips inside the device continue to run in a low-power mode that makes it possible to locate lost or stolen devices using the Find My feature or use… Read More »
Enlarge / This is the 14-inch variant of the Yoga Slim 9i, with leather finish. reader comments 72 with 52 posters participating Share this story Lenovo has released security updates for more than 100 laptop models to fix critical vulnerabilities that make it possible for advanced hackers to surreptitiously install malicious firmware that can be… Read More »
Enlarge / Dell has released a patch for a set of vulnerabilities that left as many as 30 million devices exposed. Artur Widak | Getty Images reader comments 15 with 13 posters participating Share this story Researchers have known for years about security issues with the foundational computer code known as firmware. It’s often riddled… Read More »
reader comments 73 with 51 posters participating Share this story A popular smartwatch designed exclusively for children contains an undocumented backdoor that makes it possible for someone to remotely capture camera snapshots, wiretap voice calls, and track locations in real time, a researcher said. The X4 smartwatch is marketed by Xplora, a Norway-based seller of… Read More »
reader comments 357 with 209 posters participating, including story author Share this story With the name Smarter, you might expect a network-connected kitchen appliance maker to be, well, smarter than companies selling conventional appliances. But in the case of the Smarter’s Internet-of-things coffee maker, you’d be wrong. Security problems with Smarter products first came to… Read More »