home.social

#firmware-security — Public Fediverse posts

Live and recent posts from across the Fediverse tagged #firmware-security, aggregated by home.social.

fetched live
  1. Ghidra is free, extensible, and helpful for reverse engineering firmware, but its learning curve is steep...

    In this blog post, Adam Bromiley shares tips and tricks that make firmware reversing less painful, from finding the load address and interrupt vector table, through to defining a proper memory map and making better use of strings, scripts, LLMs, and more.

    It's a guide built from real research projects and a lot of hours spent in front of Ghidra’s UI.

    📌Read here: pentestpartners.com/security-b

    #ReverseEngineering #FirmwareSecurity #Ghidra #HardwareHacking #CyberSecurity

  2. Ghidra is free, extensible, and helpful for reverse engineering firmware, but its learning curve is steep...

    In this blog post, Adam Bromiley shares tips and tricks that make firmware reversing less painful, from finding the load address and interrupt vector table, through to defining a proper memory map and making better use of strings, scripts, LLMs, and more.

    It's a guide built from real research projects and a lot of hours spent in front of Ghidra’s UI.

    📌Read here: pentestpartners.com/security-b

    #ReverseEngineering #FirmwareSecurity #Ghidra #HardwareHacking #CyberSecurity

  3. 🚨 CRITICAL: CVE-2026-2584 in Ciser CSIP firmware 3.0 – 5.1 enables unauthenticated SQL injection via login interface. Config data at risk — patch not yet released. Restrict access & monitor now. radar.offseq.com/threat/cve-20 #OffSeq #CVE20262584 #SQLi #FirmwareSecurity

  4. Texas is taking legal action against TP-Link, alleging firmware vulnerabilities enabled exploitation by China-linked actor Camaro Dragon.

    Beyond geopolitics, this case highlights:
    • Firmware attack surface risks
    • Supply chain governance challenges
    • Security disclosure vs. marketing claims
    • State-level cyber enforcement expansion

    If regulatory scrutiny shifts toward vendor security representations, the industry may face stricter compliance obligations.

    Source: therecord.media/texas-sues-tp-

    Are hardware vendors prepared for this enforcement era?

    Comment with your technical assessment.
    Follow Technadu for in-depth threat intelligence reporting.

    #Infosec #FirmwareSecurity #ThreatActors #SupplyChainRisk #CyberEnforcement #SecurityResearch #RouterSecurity #CyberPolicy #BlueTeam #CyberDefense

  5. Qualcomm has detailed six high-priority vulnerabilities — including a critical secure boot flaw (CVE-2025-47372). Additional issues affect TZ Firmware, HLOS components, DSP, audio, and camera modules.

    OEMs are receiving patches and users may need to check manufacturer timelines for deployment.
    Follow us for more non-sensationalized security reporting.

    Source: gbhackers.com/qualcomm-alerts-

    #Infosec #Qualcomm #SecureBoot #FirmwareSecurity #ThreatIntel #TechNadu #CVEs #DeviceSecurity

  6. NVIDIA has released a critical DGX Spark firmware update addressing 14 vulnerabilities - including CVE-2025-33187 (CVSS 9.3), which enables malicious code execution and access to protected SoC regions.

    Firmware flaws in AI workstations can impact model integrity, training data, and system stability.

    Organizations using DGX Spark should patch immediately.

    Source: cybersecuritynews.com/nvidia-d

    What’s your view on firmware security in AI-focused hardware?
    Follow us for more analysis.

    #infosec #NVIDIA #DGXSpark #CVE #AIsecurity #firmwaresecurity #patchnow #securityupdate

  7. The Commerce Department’s proposed ban on TP-Link routers underscores growing scrutiny of supply-chain trust and firmware control.

    Agencies found persistent links between the U.S. entity and its Chinese counterpart, citing firmware and infrastructure exposure risks.
    While TP-Link denies foreign influence, the case spotlights the intersection of technical risk and geopolitical oversight.

    How do you assess supplier integrity in environments dependent on third-party networking hardware?

    💬 Add your perspective & follow @technadu for continued threat intelligence coverage.

    #Infosec #TPLink #SupplyChainSecurity #FirmwareSecurity #CyberRisk #NationalSecurity #CyberDefense #TechNews #SecurityCommunity #CyberIntel

  8. The Commerce Department’s proposed ban on TP-Link routers underscores growing scrutiny of supply-chain trust and firmware control.

    Agencies found persistent links between the U.S. entity and its Chinese counterpart, citing firmware and infrastructure exposure risks.
    While TP-Link denies foreign influence, the case spotlights the intersection of technical risk and geopolitical oversight.

    How do you assess supplier integrity in environments dependent on third-party networking hardware?

    💬 Add your perspective & follow @technadu for continued threat intelligence coverage.

    #Infosec #TPLink #SupplyChainSecurity #FirmwareSecurity #CyberRisk #NationalSecurity #CyberDefense #TechNews #SecurityCommunity #CyberIntel

  9. “Exploitability isn’t one thing; it’s multiple layers that work together.” — Michael Scott, CTO @NetRise_io
    Scott breaks down how firmware analysis, SBOM dashboards, and AI triage expose real exploitability—not just theoretical risk.

    Full interview:
    technadu.com/how-firmware-risk

    #FirmwareSecurity #AI #SBOM #SupplyChainRisk

  10. 🚨 Cisco’s Talos found firmware flaws in Dell’s ControlVault3 module that let attackers bypass Windows login, implant persistent code, and spoof biometric access. 😳 Physical access is required—but the implications are serious for corporate and government users running Latitude or Precision devices. The kicker? These implants can survive a full OS reinstall. Patches started rolling out in March, but given Dell’s track record with slow firmware patch uptake, many systems are likely still vulnerable. 🤦🏻‍♂️

    TL;DR
    ⚠️ ReVault flaw affects Dell business laptops
    🧠 Exploits fingerprint, smartcard, OS login
    🔐 Implant survives OS reinstalls
    🛠️ Firmware patch available since March

    cybersecuritynews.com/dell-lap
    #ReVault #FirmwareSecurity #DellLatitude #CyberRisk #security #privacy #cloud #infosec #cybersecurity

  11. 🚨 Cisco’s Talos found firmware flaws in Dell’s ControlVault3 module that let attackers bypass Windows login, implant persistent code, and spoof biometric access. 😳 Physical access is required—but the implications are serious for corporate and government users running Latitude or Precision devices. The kicker? These implants can survive a full OS reinstall. Patches started rolling out in March, but given Dell’s track record with slow firmware patch uptake, many systems are likely still vulnerable. 🤦🏻‍♂️

    TL;DR
    ⚠️ ReVault flaw affects Dell business laptops
    🧠 Exploits fingerprint, smartcard, OS login
    🔐 Implant survives OS reinstalls
    🛠️ Firmware patch available since March

    cybersecuritynews.com/dell-lap
    #ReVault #FirmwareSecurity #DellLatitude #CyberRisk #security #privacy #cloud #infosec #cybersecurity

  12. Released by Intel in 1998, IPMI is a hardware management interface operating independently of the OS. Our latest blog post by Kieran looks at INTEL IPMI vulnerabilities and how to mitigate them.

    Vulnerabilities include authentication bypasses, credential leaks, and buffer overflows, particularly in Supermicro systems.

    ➡️pentestpartners.com/security-b

    #IPMI #CyberSecurity #BMCsecurity #Supermicro #VulnerabilityManagement #FirmwareSecurity

  13. Released by Intel in 1998, IPMI is a hardware management interface operating independently of the OS. Our latest blog post by Kieran looks at INTEL IPMI vulnerabilities and how to mitigate them.

    Vulnerabilities include authentication bypasses, credential leaks, and buffer overflows, particularly in Supermicro systems.

    ➡️pentestpartners.com/security-b

    #IPMI #CyberSecurity #BMCsecurity #Supermicro #VulnerabilityManagement #FirmwareSecurity

  14. Discover methods to check and secure the firmware integrity of your NovaCustom laptop through detailed instructions provided in our latest guide. 💻🕵️‍♂️🛡️

    novacustom.com/how-to-verify-t

    #FirmwareSecurity #coreboot #OpenSourceSecurity #FirmwareIntegrity #TechSecurity

  15. Discover methods to check and secure the firmware integrity of your NovaCustom laptop through detailed instructions provided in our latest guide. 💻🕵️‍♂️🛡️

    novacustom.com/how-to-verify-t

    #FirmwareSecurity #coreboot #OpenSourceSecurity #FirmwareIntegrity #TechSecurity

  16. 🚨 Breaking News: "PixieFail" UEFI Vulnerabilities Exposed! 🚨

    A critical discovery named "PixieFail" has put millions at risk! Quarkslab's team has identified nine severe vulnerabilities in the UEFI's TianoCore EFI Development Kit II. These flaws can lead to Denial of Service (DoS), DNS cache poisoning, and potential data breaches. Major firms like AMI, Intel, Insyde, and Phoenix Technologies are impacted. Immediate patching is advised! 🛡️💻

    The vulnerabilities, ranging from CVE-2023-45229 to CVE-2023-45237, have CVSS scores peaking at 8.3. The risks include DNS/DHCP attacks, information exposure, and more. Urging users to remain alert!

    Details of the vulnerabilities:

    • CVE-2023-45229 (CVSS: 6.5) - Integer underflow in DHCPv6 Advertise messages processing (IA_NA/IA_TA options).
    • CVE-2023-45230 (CVSS: 8.3) - Buffer overflow in DHCPv6 client via extended Server ID option.
    • CVE-2023-45231 (CVSS: 6.5) - Out-of-bounds read in truncated options of ND Redirect messages.
    • CVE-2023-45232 (CVSS: 7.5) - Infinite loop caused by unknown options in Destination Options header.
    • CVE-2023-45233 (CVSS: 7.5) - Infinite loop from PadN option parsing in Destination Options header.
    • CVE-2023-45234 (CVSS: 8.3) - Buffer overflow from DNS Servers option processing in DHCPv6 Advertise messages.
    • CVE-2023-45235 (CVSS: 8.3) - Buffer overflow in Server ID option handling from DHCPv6 proxy Advertise messages.
    • CVE-2023-45236 (CVSS: 5.8) - Predictable TCP Initial Sequence Numbers.
    • CVE-2023-45237 (CVSS: 5.3) - Weak pseudorandom number generator usage.

    For more, visit The Hacker News.

    Tags: #CyberSecurity #UEFI #Vulnerabilities #RemoteCodeExecution #DoS #DataTheft #FirmwareSecurity 🌐🔐🛠️🔍

  17. 🚨 Breaking News: "PixieFail" UEFI Vulnerabilities Exposed! 🚨

    A critical discovery named "PixieFail" has put millions at risk! Quarkslab's team has identified nine severe vulnerabilities in the UEFI's TianoCore EFI Development Kit II. These flaws can lead to Denial of Service (DoS), DNS cache poisoning, and potential data breaches. Major firms like AMI, Intel, Insyde, and Phoenix Technologies are impacted. Immediate patching is advised! 🛡️💻

    The vulnerabilities, ranging from CVE-2023-45229 to CVE-2023-45237, have CVSS scores peaking at 8.3. The risks include DNS/DHCP attacks, information exposure, and more. Urging users to remain alert!

    Details of the vulnerabilities:

    • CVE-2023-45229 (CVSS: 6.5) - Integer underflow in DHCPv6 Advertise messages processing (IA_NA/IA_TA options).
    • CVE-2023-45230 (CVSS: 8.3) - Buffer overflow in DHCPv6 client via extended Server ID option.
    • CVE-2023-45231 (CVSS: 6.5) - Out-of-bounds read in truncated options of ND Redirect messages.
    • CVE-2023-45232 (CVSS: 7.5) - Infinite loop caused by unknown options in Destination Options header.
    • CVE-2023-45233 (CVSS: 7.5) - Infinite loop from PadN option parsing in Destination Options header.
    • CVE-2023-45234 (CVSS: 8.3) - Buffer overflow from DNS Servers option processing in DHCPv6 Advertise messages.
    • CVE-2023-45235 (CVSS: 8.3) - Buffer overflow in Server ID option handling from DHCPv6 proxy Advertise messages.
    • CVE-2023-45236 (CVSS: 5.8) - Predictable TCP Initial Sequence Numbers.
    • CVE-2023-45237 (CVSS: 5.3) - Weak pseudorandom number generator usage.

    For more, visit The Hacker News.

    Tags: #CyberSecurity #UEFI #Vulnerabilities #RemoteCodeExecution #DoS #DataTheft #FirmwareSecurity 🌐🔐🛠️🔍

  18. "🚨 UEFI Under Threat: The LogoFAIL Vulnerability 🚨"

    A recent security report has brought attention to LogoFAIL, a collection of vulnerabilities that pose a substantial risk to devices utilizing UEFI firmware. These vulnerabilities enable attackers to install UEFI bootkits by leveraging weaknesses in the image-parsing components utilized by various vendors in their firmware. LogoFAIL's impact is widespread, affecting a broad range of devices across x86 and ARM architectures, including products from prominent manufacturers such as Intel, Acer, and Lenovo.

    Researchers at Binarly have uncovered that malicious payloads can be executed by injecting image files into the EFI System Partition (ESP), effectively evading security features like Secure Boot. This method of attack ensures the persistence of malware on the system, rendering it virtually undetected. LogoFAIL's full scope of impact is still being assessed, but it is already evident that it poses a significant threat to both consumer and enterprise-grade devices, as it bypasses security mechanisms designed to protect UEFI systems.

    Source: BlackHat talk and Bill Toulas, BleepingComputer

    MITRE ATT&CK Reference for UEFI Vulnerabilities: T1588.006

    Tags: #CyberSecurity #UEFI #Vulnerability #LogoFAIL #Bootkit #SecureBoot #FirmwareSecurity #Binarly #DeviceSecurity 🚨💻🔒

  19. "🚨 UEFI Under Threat: The LogoFAIL Vulnerability 🚨"

    A recent security report has brought attention to LogoFAIL, a collection of vulnerabilities that pose a substantial risk to devices utilizing UEFI firmware. These vulnerabilities enable attackers to install UEFI bootkits by leveraging weaknesses in the image-parsing components utilized by various vendors in their firmware. LogoFAIL's impact is widespread, affecting a broad range of devices across x86 and ARM architectures, including products from prominent manufacturers such as Intel, Acer, and Lenovo.

    Researchers at Binarly have uncovered that malicious payloads can be executed by injecting image files into the EFI System Partition (ESP), effectively evading security features like Secure Boot. This method of attack ensures the persistence of malware on the system, rendering it virtually undetected. LogoFAIL's full scope of impact is still being assessed, but it is already evident that it poses a significant threat to both consumer and enterprise-grade devices, as it bypasses security mechanisms designed to protect UEFI systems.

    Source: BlackHat talk and Bill Toulas, BleepingComputer

    MITRE ATT&CK Reference for UEFI Vulnerabilities: T1588.006

    Tags: #CyberSecurity #UEFI #Vulnerability #LogoFAIL #Bootkit #SecureBoot #FirmwareSecurity #Binarly #DeviceSecurity 🚨💻🔒

  20. Tomorrow, I start as Director of Product Marketing at Eclypsium, Inc. I am excited to work alongside an extremely smart and thoughtful team.

    Increasingly, attackers are targeting firmware to evade OS-level protections and maintain persistence. It's an "out of sight, out of mind" attack vector, but extremely critical. Watch this space because it could get real messy, real fast. Think of what an APT can do with with root access to enterprise network appliances, or what malware syndicates could do with an easy-to-use boot kit.

    What controls do you currently have in place to assess and mitigate the risk of firmware attacks, especially those delivered through your supply chain? Eclypsium makes this easy for IT and security teams. Delivered as SaaS, the platform helps you to establish trust in your software, firmware, and hardware supply chain. Eclypsium has the largest library of firmware profiles and can verify the observed firmware matches the firmware profile that should be on the device, as well as report on firmware configurations.

    This blog post from @paulasadoorian chronicles recent real-world firmware attacks and explains why attackers focus on firmware: eclypsium.com/blog/endpoint-fi

    #supplychainsecurity #firmwaresecurity #blacklotus #malware

  21. Tomorrow, I start as Director of Product Marketing at Eclypsium, Inc. I am excited to work alongside an extremely smart and thoughtful team.

    Increasingly, attackers are targeting firmware to evade OS-level protections and maintain persistence. It's an "out of sight, out of mind" attack vector, but extremely critical. Watch this space because it could get real messy, real fast. Think of what an APT can do with with root access to enterprise network appliances, or what malware syndicates could do with an easy-to-use boot kit.

    What controls do you currently have in place to assess and mitigate the risk of firmware attacks, especially those delivered through your supply chain? Eclypsium makes this easy for IT and security teams. Delivered as SaaS, the platform helps you to establish trust in your software, firmware, and hardware supply chain. Eclypsium has the largest library of firmware profiles and can verify the observed firmware matches the firmware profile that should be on the device, as well as report on firmware configurations.

    This blog post from @paulasadoorian chronicles recent real-world firmware attacks and explains why attackers focus on firmware: eclypsium.com/blog/endpoint-fi

    #supplychainsecurity #firmwaresecurity #blacklotus #malware

  22. Supply chains, chicken, and beer. For a great discussion on the digital supply chain and more colorful euphemisms check out Eclypsium's Below The Surface Podcast ep #8 with Brian Richardson: scmagazine.com/podcast-segment #supplychain #supplychainsecurity #firmware #firmwaresecurity

  23. Supply chains, chicken, and beer. For a great discussion on the digital supply chain and more colorful euphemisms check out Eclypsium's Below The Surface Podcast ep #8 with Brian Richardson: scmagazine.com/podcast-segment #supplychain #supplychainsecurity #firmware #firmwaresecurity