Technology

UEFI: Security, BIOS and the Internet of Things

One of the notable trends in recent years has been the drive, among malicious actors, to compromise devices in new- and hard-to-detect ways. An area of interest and exploration is malicious software that can attack a computer’s BIOS – the small bit of code that runs when a computing device is first powered on. BIOS malware is so powerful because it offers adversaries the possibility of getting a foothold on systems prior to an operating system and the security features- and applications that run there. Successful BIOS attacks give attackers almost total control over the system they are installed on. BIOS malware isn’t a new idea. In fact, it has been around since the late 1990s, when the Chernobyl Virus was identified. That virus could wipe a machine’s BIOS, a well as the contents of its hard drive. But BIOS threats have been getting more attention lately. Proof of concept malware appeared as recently […]

Continue Reading

IPMI’s Inconvenient Truth: A Conversation With Dan Farmer

The work of brilliant computer security researchers often borders on a kind of madness. After all, it takes dedication and a certain amount of monomania to dig through the mush of disassembled source code or the output of application fuzzers and find the one software vulnerabilities – or chain of vulnerabilities – that might lead to a successful attack. Often, this work puts you at odds with what most of us consider “the real world.” Notably: the well-respected researcher Dragos Ruiu had many in the security community wondering about his sanity after he sounded the alarm about a super stealthy piece of BIOS malware he dubbed “BadBIOS” that seemed to be everywhere and nowhere, all at once. Dan Farmer finds himself in a similar position as he continues to sound alarms about the security threat posed by insecure implementations of the Intelligent Platform Management Interface (IPMI)– a ubiquitous protocol used to do remote […]

Continue Reading

For Smart TVs, Malware May Hide In Broadcast Content

Researchers at Columbia University have published research showing how new technology that combines broadband and broadcast content could enable a wide range of traditional and novel cyber attacks on smart televisions and other devices: forcing them to interact with malicious web pages, harvesting credentials or carrying out denial of service attacks. The paper, published in May, explores potential attacks on combined broadcast-broadband devices that use an industry specification called Hybrid Broadcast-Broadband Television (HbbTV). According to the researchers, Yossef Oren and Angelos D. Keromytis, the HbbTV specification combines broadband technologies like HTML and broadcast features in an insecure manner. The vulnerabilities affect a wide range of smart entertainment devices, including smart televisions, in Europe and the United States. “This enables a large-scale exploitation technique with a localized geographical footprint based on radio frequency (RF) injection, which requires a minimal budget and infrastructure and is remarkably difficult to detect,” the researchers write. “The technical complexity and […]

Continue Reading

DDoS Attacks Hit Cloud Apps Evernote, Feedly

Large-scale attacks knocked two prominent, web-based services offline late Tuesday, as cyber criminals attempted extort money from the owners of news aggregation site Feedly and the hosted productivity tool Evernote. Feedly – a web site that pulls together news feeds from across the web – remained unreachable early Wednesday, while Evernote was back online. Both companies issued statements confirming that they were the victims of a massive distributed denial of service (DDoS) attack. “We’re actively working to neutralize a denial of service attack. You may experience problems accessing your Evernote while we resolve this,” read a message sent from Evernote’s Twitter account Tuesday evening at around 8:00 PM Eastern Time. And, around 5:00 AM Eastern on Wednesday, Feedly posted a blog entry that reads: “Criminals are attacking feedly (sp) with a distributed denial of service attack (DDoS). The attacker is trying to extort us money to make it stop. We refused to give […]

Continue Reading

IPMI Insecurity Affects 200k Systems

It has been almost a year since security researcher Dan Farmer first warned of the danger posed by Intelligent Platform Management Interface (IPMI) – a ubiquitous protocol used to do remote management of servers. According to a new report, however, that warning went unheeded. Writing last week (PDF), Farmer said that a world-wide scan for systems using the Intelligent Platform Management Interface (IPMI) protocol identified over 230,000 Baseboard Management Controllers (BMCs) exposed to the Internet. As many as 90% of the exposed systems could be compromised by exploiting what Farmer characterized as “basic configuration and protocol weaknesses.” Even more worrying, the 230,000 systems that are Internet accessible are probably just a fraction of all the vulnerable systems that might be attacked, with many deployed on (hackable) corporate and private networks. Farmer is reiterating calls for public and private sector organizations to wake up to the dangers posed by IPMI. Hackers who are able to compromise Baseboard Management […]

Continue Reading
1 36 37 38 39 40 64