Supermicro, Pulse Secure release fixes for ‘TrickBoot’ attacks

Supermicro and Pulse Secure have released advisories warning that some of their motherboards are vulnerable to the TrickBot malware’s UEFI firmware-infecting module, known as TrickBoot. Last year, cybersecurity firms Advanced Intelligence and Eclypsium released a joint report about a new Read More …

Compal, the second-largest laptop manufacturer in the world, hit by ransomware

Compal, a Taiwanese electronics company that builds laptops for some of the world’s largest computer brands such as Apple, Acer, Lenovo, Dell, Toshiba, HP, and Fujitsu, suffered a ransomware attack over the weekend. Responsible for the breach is believed to Read More …

Thunderbolt flaws affect millions of computers – even locking unattended devices won’t help

A Dutch researcher has detailed nine attack scenarios that work against all computers with Thunderbolt shipped since 2011 and which allow an attacker with physical access to quickly steal data from encrypted drives and memory. Researcher Björn Ruytenberg detailed the Read More …

Starbleed bug impacts FPGA chips used in data centers, IoT devices, industrial equipment

A team of academics says they’ve discovered a new security bug that impacts Xilinx FPGA (Field Programmable Gate Arrays) chipsets. Named Starbleed, the bug allows attackers — with both physical or remote access — to extract and tamper with an Read More …

Modern RAM used for computers, smartphones still vulnerable to Rowhammer attacks

According to new research published today, modern RAM cards are still vulnerable to Rowhammer attacks despite extensive mitigations that have been deployed by manufacturers over the past six years. These mitigations, collectively referred to as Target Row Refresh (TRR), are Read More …

Five years after the Equation Group HDD hacks, firmware security still sucks

In a report published today, Eclypsium, a cyber-security firm specialized in firmware security, says that the issue of unsigned firmware is still a widespread problem among device and peripheral manufactures. According to researchers, many device makers still don’t sign the Read More …