Eclypsium researchers have demonstrated a BadCam attack against Lenovo cameras, but others may be impacted as well.
The post BadCam: New BadUSB Attack Turns Linux Webcams Into Persistent Threats appeared first on SecurityWeek.
Flaws Expose 100 Dell Laptop Models to Implants, Windows Login Bypass
ReVault vulnerabilities in the ControlVault3 firmware in Dell laptops could lead to firmware modifications or Windows login bypass.
The post Flaws Expose 100 Dell Laptop Models to Implants, Windows Login Bypass appeared first on SecurityWeek.
Lenovo Firmware Vulnerabilities Allow Persistent Implant Deployment
Vulnerabilities discovered by Binarly in Lenovo devices allow privilege escalation, code execution, and security bypass.
The post Lenovo Firmware Vulnerabilities Allow Persistent Implant Deployment appeared first on SecurityWeek.
Flaws in Gigabyte Firmware Allow Security Bypass, Backdoor Deployment
Vulnerabilities in Gigabyte firmware implementations could allow attackers to disable Secure Boot and execute code during the early boot phase.
The post Flaws in Gigabyte Firmware Allow Security Bypass, Backdoor Deployment appeared first on SecurityWeek.
Eclypsium Eyes Global Expansion with $45 Million Series C Investment
The investment includes equity and debt from new investors Qualcomm Ventures, Pavilion Capital, Singtel Innov8, and Sixty Degree Capital.
The post Eclypsium Eyes Global Expansion with $45 Million Series C Investment appeared first on SecurityWeek.
Google Pushes Rust in Legacy Firmware to Tackle Memory Safety Flaws
Google’s adoption of memory safe programming languages now includes the deployment of Rust in legacy low-level firmware codebases.
The post Google Pushes Rust in Legacy Firmware to Tackle Memory Safety Flaws appeared first on SecurityWeek.
Binarly Attracts $10.5M to Tackle Software Supply Chain Security
Los Angeles firmware and software supply chain firm banks $10.5 million in seed-stage funding led by Two Bear Capital.
The post Binarly Attracts $10.5M to Tackle Software Supply Chain Security appeared first on SecurityWeek.
Chinese Gov Hackers Caught Hiding in Cisco Router Firmware
The NSA and FBI warn that a Chinese state-sponsored APT called BlackTech is hacking into network edge devices and using firmware implants to silently hop around the corporate networks of U.S. and Japanese companies.
The post Chinese Gov Hackers Caught Hiding in Cisco Router Firmware appeared first on SecurityWeek.
NSA Issues Guidance on Mitigating BlackLotus Bootkit Infections
The National Security Agency (NSA) has released mitigation guidance to help organizations stave off BlackLotus UEFI bootkit infections.
The post NSA Issues Guidance on Mitigating BlackLotus Bootkit Infections appeared first on SecurityWeek.
Asus Patches Highly Critical WiFi Router Flaws
Asus patches nine WiFi router security defects, including a highly critical 2018 vulnerability that exposes users to code execution attacks.
The post Asus Patches Highly Critical WiFi Router Flaws appeared first on SecurityWeek.