Five years after the Equation Group HDD hacks, firmware security still sucks

In a report published today, Eclypsium, a cyber-security firm specialized in firmware security, says that the issue of unsigned firmware is still a widespread problem among device and peripheral manufactures.

According to researchers, many device makers still don’t sign the firmware they ship for their components. Furthermore, even if they sign a device’s firmware, they don’t enforce checks for the firmware signature every time the driver/firmware is loaded, but only during installation.

Read more…
Source: ZDNet