firmware

Critical RCE vulnerability in Cisco phone adapters, no update available (CVE-2023-20126)
Cisco has revealed the existence of a critical vulnerability (CVE-2023-20126) in the web-based management interface of Cisco SPA112 2-Port Phone Adapters. The adapters are …

Financial organizations fail to act on firmware breaches
In this Help Net Security video, Michael Thelander, Director Product Marketing at Eclypsium, discusses how financial organizations are failing to act despite the majority …

The first formal verification of a prototype of Arm CCA firmware
As our personal data is increasingly used in many applications from advertising to finance to healthcare, protecting sensitive information has become an essential feature for …

Destructive firmware attacks pose a significant threat to businesses
As business workforces become increasingly distributed, IT leaders say it’s harder than ever to defend against firmware attacks, according to HP Wolf Security. The growing …

Where should companies start when it comes to device security?
The Internet of Things (IoT) market has a security problem that is boiling over into a business issue. According to a recent survey conducted by the Ponemon Institute, 59% of …

Widely used UPS devices can be hijacked and destroyed remotely
Three vulnerabilities in ubiquitous APC Smart-UPS (uninterruptible power supply) devices could allow remote attackers to use them as an attack vector, disable or completely …

How much can you trust your printer?
In this interview with Help Net Security, Scott Best, Director of anti-tamper security technology at Rambus, talks about what organizations should be aware of when it comes to …

Stealthy firmware bootkit leveraged by APT in targeted attacks
Kaspersky researchers have uncovered the third known case of a firmware bootkit in the wild. Dubbed MoonBounce, this malicious implant is hidden within Unified Extensible …

Strengthening firmware security with hardware RoT
Hackers are growing smarter and more sophisticated in their attempts to avoid detection. With IT security and visibility efforts still largely focused higher in the stack at …

The importance of compute lifecycle assurance in a zero-trust world
With the proliferation of attack surfaces in IoT, the increase in firmware-based attacks on hardware, and growing threats to systems throughout their lifecycle, companies are …

Vulnerabilities in Dell computers allow RCE at the BIOS/UEFI level
An estimated 30 million Dell computers are affected by several vulnerabilities that may enable an attacker to remotely execute code in the pre-boot (BIOS/UEFI) environment, …

Ransomware attackers are leveraging old SonicWall SRA flaw (CVE-2019-7481)
Since the beginning of the year, various cyber attackers leveraged a slew of zero-day vulnerabilities to compromise different SonicWall solutions. Crowdstrike now warns that a …
Featured news
Resources
Don't miss
- Digital sovereignty becomes a matter of resilience for Europe
- Storm-2603 spotted deploying ransomware on exploited SharePoint servers
- CISO New York 2025 brings together top cybersecurity leaders
- Sonicwall fixes critical flaw in SMA appliances, urges customers to check for compromise (CVE-2025-40599)
- Autoswagger: Open-source tool to expose hidden API authorization flaws