Today’s issue includes events affecting Australia, China, India, Iran, Romania, Russia, Saudi Arabia, Syria, United Kingdom, United States
Bring your own context.
How important is unsigned firmware, anyway? Suppose you were able to replace a device’s firmware?
“One way to think of it is, if I’m a malicious actor and I can replace the firmware in this device, the simplest case is to emulate the existing device. So, for example, if I’m compromising the firmware in a trackpad, because it’s a trackpad, I can easily emulate the behavior of a trackpad. I can essentially have the firmware move the mouse cursor all on its own without your finger actually touching the trackpad. And you might say, well, what good does that do? – you can, you know, move it around to make an annoyance…
“Well, you can also get a little bit more complicated – and by complicated, I mean sophisticated, I guess, in this case, they kind of go hand-in-hand here. But if I can move the mouse cursor around, I can use that same mechanism to interact with the host system, to emulate other aspects of that device. And I can do so in a very rapid fashion. So, I could do things like move the mouse cursor to the bottom left corner of the screen where I know the start button always is. And because I know where that is, now I can, you know, click and work through the start menu in a very fast fashion.
“I can also look at how the device is connected to the host system. In the case of a lot of trackpads or mice or other pointing or human interface-type devices, they use what’s called a “HID” interface, or a human interface device. And that is used for both keyboard and mice. Well, if the trackpad already acts as a HID device, I can perhaps emulate not only a mouse or trackpad, but also emulate a keyboard at the same time. So now I have the capability of moving the mouse pointer and typing, which then opens the case of, well, if I could arbitrarily type in things and move the mouse pointer around, then what can I do with that? I can start up and run various commands.”
—Rick Altherr, principal engineer at Eclypsium, on the CyberWire’s Research Saturday, 3.28.20.
Listen to the whole thing for context, especially if you’d like a quick explanation of what firmware actually is.
CyberWire Pro delivers timely briefings about developing news.
Take a look at CyberWire Pro, our new subscription program designed for security professionals and all others who want to stay abreast of cybersecurity news. CyberWire Pro is a premium service that will save you time and keep you informed.
#rhoa #maatiedtomedicine #couplescourttv @couplescourttv #gregoryevans #dating #datingscams #onlinedating #romance #romancescams #sexoffenfer #fakeprofile #fakeprofiles #boyfriends #cheaters #cheatingwife #swingers #swingercouple #pof #fakeprofile #cheatinghusband #scams #love #lovescams #worsedates #sex #ncs #metoomovement #metoo #muterkelly #activist #metoo #donaltrump #sextrafficking