Critical Firmware Vulnerability in Gigabyte Systems Exposes ~7 Million Devices
Cybersecurity researchers have found “backdoor-like behavior” within Gigabyte systems, which they say enables the UEFI firmware of the devices to drop a Windows executable and retrieve updates in an unsecure format.
Firmware security firm Eclypsium said it first detected the anomaly in April 2023. Gigabyte has since acknowledged and addressed the issue.
“Most Gigabyte firmware includes a Windows
Cybersecurity researchers have found “backdoor-like behavior” within Gigabyte systems, which they say enables the UEFI firmware of the devices to drop a Windows executable and retrieve updates in an unsecure format.
Firmware security firm Eclypsium said it first detected the anomaly in April 2023. Gigabyte has since acknowledged and addressed the issue.
“Most Gigabyte firmware includes a Windows
Huge Surge In Attacks Exploiting User Credentials To Hack Enterprises
[[{“value”:”
There are currently billions of compromised credentials available on the Dark Web, making it the easiest route for criminals to exploit legitimate accounts.
Info-stealing malware, which is meant to obtain personally identifiable information such as email addresses, passwords for social networking and messaging apps, bank account information, cryptocurrency wallet data, and more, is expected to increase 266% in 2023.
This indicates that attackers were investing greater resources in identity theft.
Major attacks triggered by attackers using legitimate accounts required approximately 200% more sophisticated response procedures from security teams than the average incident, with defenders having to discern between legitimate and malicious user behavior on the network.
This extensive monitoring of users’ online behavior was made clear when the FBI and European law enforcement took down a global criminal forum in April 2023, gathering the login credentials of over 80 million accounts.
Threats based on identity will probably keep increasing as long as adversaries use generative AI to make their attacks more effective.
“In 2023, we observed over 800,000 posts on AI and GPT across Dark Web forums, reaffirming these innovations have caught cybercriminals attention and interest”, the X-Force Threat Intelligence team said.
More than 300,000 analysts use ANY.RUN is a malware analysis sandbox worldwide. Join the community to conduct in-depth investigations into the top threats and collect detailed reports on their behavior..
Targeting Critical Infrastructure Organizations
Critical infrastructure firms were the target of roughly 70% of attacks. This is a concerning statistic that shows that cybercriminals are betting on these high-value targets’ requirements for uptime to achieve their goals.
Phishing emails, the use of legitimate accounts, and the exploitation of public-facing applications were the causes of over 85% of the attacks.
With DHS CISA reporting that most successful attacks against government agencies, critical infrastructure companies, and state-level government bodies in 2022 featured the use of legitimate accounts, the latter presents a higher risk to the industry.
The report also mentions that the security industry’s traditional view of “basic security” may not be as feasible, as evidenced by the fact that compromise could have been avoided in approximately 85% of attacks on important sectors through the use of patching, multi-factor authentication, or least-privilege principles.
Exploitation Of User Identities Poses Serious Threat To Organizations
“Our findings reveal that identity is increasingly being weaponized against enterprises, exploiting valid accounts and compromising credentials.
It also shows us that the biggest security concern for enterprises stems not from novel or cryptic threats, but from well-known and existing ones.” reads the report.
According to the data, a startling 50% of cyberattacks in the UK started by using legitimate accounts as the attack vector, and another 25% of cases included using public-facing applications.
According to IBM, attacks resulting from the use of legitimate accounts increased 66% in Europe between the previous year and 2023, making the region the most targeted globally.
The report highlights that nearly a percent of cyberattacks rely on legitimate accounts to gain initial access, which poses serious obstacles to organizations’ efforts to recover.
Businesses need to take a strategic strategy to counter this danger, incorporating contemporary security practices to reduce risks and fortify their defenses against the always-changing field of cyberattacks.
You can block malware, including Trojans, ransomware, spyware, rootkits, worms, and zero-day exploits, with Perimeter81 malware protection. All are extremely harmful, can wreak havoc, and damage your network.
Stay updated on Cybersecurity news, Whitepapers, and Infographics. Follow us on LinkedIn & Twitter.
Stanford: Data of 27,000 people stolen in September ransomware attack
Stanford University says the personal information of 27,000 individuals was stolen in a ransomware attack impacting its Department of Public Safety (SUDPS) network. […] Read More
New Linux Kernel Exploit Technique ‘SLUBStick’ Discovered by Researchers
Cybersecurity researchers have shed light on a novel Linux kernel exploitation technique dubbed SLUBStick that could be exploited to elevate a limited heap vulnerability to an arbitrary memory read-and-write primitive.
“Initially, it exploits a timing side-channel of the allocator to perform a cross-cache attack reliably,” a group of academics from the Graz University of Technology said [PDF]. ” Read More