Security news aggregator

Latest coverage for Firmware

Stay updated on firmware security: Explore the latest threats, updates, and protection strategies for safeguarding critical system software.

3 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Firmware is software stored in a device’s nonvolatile memory that initializes and controls hardware, often before an operating system or application runs. It may reside in computers, network equipment, phones, industrial controllers, storage devices, and embedded components. Firmware can be updated, so it is not necessarily permanent or read-only.

Firmware matters to security because vulnerabilities or unauthorized changes can affect a device beneath the operating system and may persist across software reinstallation. Important controls include authenticated, cryptographically signed updates; secure boot, which verifies code before execution; protection against unauthorized flashing and downgrade attacks; and a reliable recovery mechanism. Practitioners also need firmware inventories, vulnerability tracking, and a supported update process, since obscure components can remain unpatched or use insecure update mechanisms. During an investigation, verifying firmware integrity and the device’s boot chain can help distinguish an operating-system compromise from a deeper modification.

Showing 3 most recent headlines Filtered view
Bank Info Security 1 year, 1 month ago

Thousands of ASUS Routers Hit by Persistent Backdoor

Persistent Attack Grants Remote SSH Access via ExploitSomeone - possibly nation-state hackers - appears to be constructing a botnet from thousands of Asus routers in hacking that survives a firmware patch and reboots. Nearly 9,000 routers have been compromised and the number is growing, say researchers.

Researchers Uncover Critical Flaws Enable Remote Device TakeoverA ubiquitous industrial power monitoring device contains three critical vulnerabilities in its firmware that could allow attackers to disrupt operations by remotely crashing them or executing unwanted code. The device is the Rockwell Automation PowerMonitor 1000 Remote.