firmware
Unnamed APT eyes vulnerabilities in Rockwell Automation industrial contollers (CVE-2023-3595 CVE-2023-3596)
Rockwell Automation has fixed two vulnerabilities (CVE-2023-3595, CVE-2023-3596) in the communication modules of its ControlLogix industrial programmable logic controllers …
Vulnerability in Zyxel firewalls may soon be widely exploited (CVE-2023-28771)
A recently fixed command injection vulnerability (CVE-2023-28771) affecting a variety Zyxel firewalls may soon be exploited in the wild, Rapid7 researchers have warned, after …
MSI’s firmware, Intel Boot Guard private keys leaked
The cybercriminals who breached Taiwanese multinational MSI last month have apparently leaked the company’s private code signing keys on their dark web site. The breach …
Critical RCE vulnerability in Cisco phone adapters, no update available (CVE-2023-20126)
Cisco has revealed the existence of a critical vulnerability (CVE-2023-20126) in the web-based management interface of Cisco SPA112 2-Port Phone Adapters. The adapters are …
Financial organizations fail to act on firmware breaches
In this Help Net Security video, Michael Thelander, Director Product Marketing at Eclypsium, discusses how financial organizations are failing to act despite the majority …
The first formal verification of a prototype of Arm CCA firmware
As our personal data is increasingly used in many applications from advertising to finance to healthcare, protecting sensitive information has become an essential feature for …
Destructive firmware attacks pose a significant threat to businesses
As business workforces become increasingly distributed, IT leaders say it’s harder than ever to defend against firmware attacks, according to HP Wolf Security. The growing …
Where should companies start when it comes to device security?
The Internet of Things (IoT) market has a security problem that is boiling over into a business issue. According to a recent survey conducted by the Ponemon Institute, 59% of …
Widely used UPS devices can be hijacked and destroyed remotely
Three vulnerabilities in ubiquitous APC Smart-UPS (uninterruptible power supply) devices could allow remote attackers to use them as an attack vector, disable or completely …
How much can you trust your printer?
In this interview with Help Net Security, Scott Best, Director of anti-tamper security technology at Rambus, talks about what organizations should be aware of when it comes to …
Stealthy firmware bootkit leveraged by APT in targeted attacks
Kaspersky researchers have uncovered the third known case of a firmware bootkit in the wild. Dubbed MoonBounce, this malicious implant is hidden within Unified Extensible …
Strengthening firmware security with hardware RoT
Hackers are growing smarter and more sophisticated in their attempts to avoid detection. With IT security and visibility efforts still largely focused higher in the stack at …
Featured news
Resources
Don't miss
- Review: Practical Purple Teaming
- Malicious GitHub pages lure MacOS users into installing Atomic infostealer
- Unpatched Fortra GoAnywhere instances at risk of full takeover (CVE-2025-10035)
- How Juventus protects fans, revenue, and reputation during matchdays
- Cybersecurity AI (CAI): Open-source framework for AI security