Bleeping Computer: Conti ransomware targeted Intel firmware for stealthy attacks

Bleeping Computer: Conti ransomware targeted Intel firmware for stealthy attacks. “Researchers analyzing the leaked chats of the notorious Conti ransomware operation have discovered that teams inside the Russian cybercrime group were actively developing firmware hacks. According to messages exchanged between members of the cybercrime syndicate, Conti developers had created proof-of-concept (PoC) code that leveraged Intel’s Management Engine (ME) to overwrite flash and gain SMM (System Management Mode) execution.”

Ubergizmo: Fire Exit Locks Recalled After Faulty Firmware Prevents Them From Opening

Ubergizmo: Fire Exit Locks Recalled After Faulty Firmware Prevents Them From Opening. “Doors open and close, and almost never do they fail to do that unless there’s something physically preventing it from happening. However, that doesn’t seem to be the case with around 2,400 fire locks that have been recalled in the US. This is because due to faulty firmware, it prevented the doors from opening.”

Wired: Critical Code In Millions Of Macs Isn’t Getting Apple’s Updates

Wired: Critical Code In Millions Of Macs Isn’t Getting Apple’s Updates. “Now one new study has found that the most critical elements of millions of Macs’ firmware aren’t getting updates. And that’s not because lazy users have neglected to install them, but because Apple’s firmware updates frequently fail without any notice to the user, or simply because Apple silently stopped offering those computers firmware updates—in some cases even against known hacking techniques.”

Archive of Pebble Firmware

You might have heard that wearables maker Fitbit has purchased one of the “smart watch” pioneers, Pebble. And the Pebble platform is shutting down. Now apparently some intrepid soul is working on an archive of Pebble firmware. The link is to a Reddit post on /Pebble.

VirusTotal Service Now Looks at Firmware

Google’s VirusTotal service now analyzes firmware. “Google’s VirusTotal service has added a new tool that analyzes firmware, the low-level code that bridges a computer’s hardware and operating system at startup. Advanced attackers, including the U.S. National Security Agency, have targeted firmware as a place to embed malware since it’s a great place to hide.”