Oct 14 2022

This flash drive will self-destruct (if you want it to)

Category: Hardware SecurityDISC @ 9:07 am
Apricorn Aegis Secure Key 3

Want to feel like James Bond? Check out this easy-to-use encrypted flash drive.

Losing hardware is a pain, but everything is replaceable.  

Allowing data to fall into someone else’s hands is the ultimate headache. Once your data is out there in the wild, it’s game over.

The “solution” is to encrypt your data. But the problem with that solution is that unless the encryption is easy and foolproof, users are going to sacrifice data security for convenience.

If you want easy-to-use high security encryption, then you need hardware that’s aimed at professionals, and that hardware doesn’t get much better than the Apricorn Aegis Secure Key 3.0.

Apricorn Aegis Secure Key 3.0 tech specs:

  • No software – so there’s nothing to keylog or to hack.
  • OS agnostic – the device is completely cross platform compatible.
  • Onboard keypad – all authentication takes place within the device itself.
  • All data, passwords and encryption keys are 256-bit encrypted at rest.
  • No host computer is involved in setup, authentication or encryption.
  • Forced enrollment – no default PINs ensures that data is not put at risk by employees who fail to change a factory set PIN before deployment.
  • IP68 rated against water and dust damage.
  • Separate administrator and user access.
  • Read-only options that can be enforced by the administrator or set by the user if allowed by policy.
  • Highly configurable with policy such as time out values, data recovery PINs, and programmable PIN lengths.
  • Brute force PIN attack protection.
  • Extruded aluminum enclosure with protective sleeve.
  • FIPS 140-2 Level 3 validated.
  • Can be automatically configured remotely using Apricorn’s Aegis Configurator tool.
  • Up to 195MB/s read speed/162MB/s write speed.
  • Super Speed USB 3.2 (backwards compatible with USB 3.0, 2.0 and 1.1)
  • Capacities ranging from 30GB to 2TB.

“For an added level of security, there’s also the ability to set a self-destruct PIN to quickly wipe the drive of its contents yet make it seem like it is fully working.”



Tags: Secure flash drive

Aug 03 2022

Busting the Myths of Hardware Based Security

Category: Hardware SecurityDISC @ 8:41 am

Many experts often overlook hardware based security and its vital importance in establishing a secure workspace.

When it comes to cybersecurity, everyone likes to talk about software and the dangers that it poses. However, people often overlook hardware-based security and its vital importance in establishing a secure workspace. This is attributed to a general lack of knowledge when it comes to hardware security and how it works. So, it’s time to bust some myths that you might think are true when it comes to hardware security.  

Myth #1: We never hear about hardware-based attacks, they don’t exist!  

Just because you don’t hear about the problem frequently, it doesn’t mean that it doesn’t exist. Usually, cyberattacks that make the headlines are those involving large corporations that have fallen victim to a software-based attack carried out by infamous cybercrime syndicates. These stories are juicy and scandalous and entice audiences to read the article, generating more clicks onto the media outlet’s website. Additionally, many businesses choose to withhold information pertaining to hardware-based attacks as it indicates insufficient physical security, which reflects negatively upon the business. Another reason why you don’t often hear about hardware-based attacks is that enterprises who fall victim to them are oblivious to it. When an enterprise gets breached, the natural assumption is that it was due to a software vulnerability or phishing scam. Such misunderstanding, coupled with a lack of resources to detect a hardware attack tool, results in the attack method getting misconstrued.

However, that is not to say that hardware-based attacks don’t receive any media attention. A great example that receives public resonance concerns ATMs. These cash dispensing machines are becoming a go-to target for cybercriminals because of the instant payout. Instead of using brute force attacks on ATMs, cybercriminals can now just attach a hardware attack tool, known as a Black Box, to the internal computer to trick it into releasing cash through a MiTM attack. Since 2021, Black Box attacks have been on the rise and have amounted to losses of 1.5 million Euros in Europe alone.  

Myth #2: We have security measures in place, and all our employees use VPNs – we are protected!

Yes, your security measures like NAC, IDS/IDP, firewalls and VPNs definitely provide some level of protection. However, malicious actors are continually evolving and finding new attack methods, which means exploiting blind spots, one of which is the hardware domain. Existing security solutions lack visibility into the Physical Layer (Layer 1), leaving them unfit to defend against, let alone identify, hardware-based attack tools. These malicious devices are designed to evade detection by operating on the Physical Layer and mimic human-like commands and executions, making them extremely dangerous as they can carry out a variety of harmful attacks without any obstacles in their way. If you are unable to determine all your assets’ hardware information within 10 seconds, you are, in fact, not protected.

Myth #3: “We don’t use USBs, so why should it concern us”   

That’s a line we’ve heard many times before, but here’s the thing: you do, and it should!  

Sure, your organization might not use flash drives and there might be some authorization capabilities in EPS/EDR solutions that block phones, keyboards and mice with certain VID/PIDs. That’s great, but what about the keyboards employees use to type? And the mice they use to navigate? Correct, those are USBs. They might be authorized, but that doesn’t mean they can’t get impersonated by a covert spoofing device. So long as there are HIDs in the work environment, there is the risk that one (or more) may be illegitimate. And without Physical Layer visibility, there’s no mechanism in place to determine what’s legitimate or not.

Myth #4: Why would anyone want to hack us; we aren’t an interesting target?

That’s where you’re wrong. In today’s day and age, almost anything that has data is of value and there is someone out there who wants to access it, no matter how mundane it could be. Not all hackers target large nuclear facilities or governmental institutions; the risk is usually too high for most cybercriminals. Your company, however, is a prime target – there’s data and it’s accessible. Whether the perpetrator wants to steal information for monetary gain, access it to gain a competitive advantage, or encrypt it in a ransomware attack, your company provides that opportunity and a hardware attack tool can do the job.

In short, every enterprise is a target for malicious actors; it can happen to anyone for any number of reasons. The important thing to remember is that you can prepare and build your company’s resistance to these attacks by gaining visibility on the Physical Layer through hardware-based security.

About the author: Julien Katzenmaier, Content Writer at Sepio

badusb hardware based security

The Hardware Hacking Handbook: Breaking Embedded Security with Hardware Attacks

Tags: Hardware Security

Jul 20 2022

Million of vehicles can be attacked via MiCODUS MV720 GPS Trackers

Category: Cyber Attack,Hardware Security,Threat detectionDISC @ 8:28 am

Multiple flaws in MiCODUS MV720 Global Positioning System (GPS) trackers shipped with over 1.5 million vehicles can allow hackers to remotely hack them.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) published an advisory to warn of multiple security vulnerabilities in MiCODUS MV720 Global Positioning System (GPS) trackers which are used by over 1.5 million vehicles.

MiCODUS flaws

An attacker can exploit the flaws to remote disruption of critical functions of the impacted vehicles.

“CISA has released an Industrial Controls Systems Advisory (ICSA) detailing six vulnerabilities that were discovered in MiCODUS MV720 Global Positioning System Tracker. Successful exploitation of these vulnerabilities may allow a remote actor to exploit access and gain control the global positioning system tracker.” reads the advisory published by CISA. “These vulnerabilities could impact access to a vehicle fuel supply, vehicle control, or allow locational surveillance of vehicles in which the device is installed.”

The MiCODUS MV720 GPS Tracker is a popular vehicle GPS tracker manufactured in China, which is used by consumers for theft protection and location management, and by organizations for vehicle fleet management.

The flaws were discovered by BitSight researchers, they have been tracked as CVE-2022-2107; CVE-2022-2141; CVE-2022-2199; CVE-2022-34150; and CVE-2022-33944.

Researchers from BitSight who discovered the issues reported that threat actors could hack into the tracker to potentially cut off fuel, physically stop vehicles, or track the movement of vehicles using the device.

MiCODUS is used today by 420,000 customers in multiple industries, including government, military, law enforcement agencies, and Fortune 1000 companies.

The list of the vulnerabilities discovered by the researchers in September 2021 is reported below:

  • CVE-2022-2107 (CVSS score: 9.8) – The use of hard-coded credentials may allow an attacker to log into the web server, impersonate the user, and send SMS commands to the GPS tracker as if they were coming from the GPS owner’s mobile number.
  • CVE-2022-2141 (CVSS score: 9.8) – Improper authentication allows a user to send some SMS commands to the GPS tracker without a password.
  • CVE-2022-2199 (CVSS score: 7.5) – A cross-site scripting vulnerability could allow an attacker to gain control by deceiving a user into making a request.
  • CVE-2022-34150 (CVSS score: 7.1) – The main web server has an authenticated Insecure Direct Object References (IDOR) vulnerability on parameter “Device ID,” which accepts arbitrary Device IDs without further verification.
  • CVE-2022-33944 (CVSS score: 6.5) – The main web server has an authenticated IDOR vulnerability on POST parameter “Device ID,” which accepts arbitrary Device IDs.
  • Experts found a sixth issued that has yet to receive a CVE (CVSS score: 8.1) – all devices ship preconfigured with the default password 123456, as does the mobile interface. There is no mandatory rule to change the password nor is there any claiming process. The setup itself does not require a password change to use the device. We observed that many users have never changed their passwords.

The analysis of the sector usage on a global scale revealed significant differences by continent in the typical user profile. Most North American organizations using flawed MiCODUS devices are in the manufacturing sector, while those in South America are government entities. MiCODUS users in Europe belong to diverse sectors, ranging from finance to energy.

BitSight recommends users immediately cease using or disable any MiCODUS MV720 GPS trackers due to the severity of the flaw, at least until the vendor will address the issues.

“If China can remotely control vehicles in the United States, we have a problem,” said Richard Clarke, internationally renowned national security expert and former presidential advisor on cybersecurity. “With the fast growth in adoption of mobile devices and the desire for our society to be more connected, it is easy to overlook the fact that GPS tracking devices such as these can greatly increase cyber risk if they are not built with security in mind. BitSight’s research findings highlight how having secure IoT infrastructure is even more critical when these vulnerabilities can easily be exploited to impact our personal safety and national security, and lead to extreme outcomes such as large-scale fleet management interruption and even loss of life.”

Researchers highlighted the risks that a nation-state actor could potentially exploit the above vulnerabilities to gather intelligence on entities operating in the military or one of its supplies. Data such as supply routes, troop movements, and recurring patrols could be revealed by exploiting these flaws-

“Although GPS trackers have existed for many years, streamlined manufacturing of these devices has made them accessible to anyone. Having a centralized dashboard to monitor GPS trackers with the ability to enable or disable a vehicle, monitor speed, routes and leverage other features is useful to many individuals and organizations. However, such functionality can introduce serious security risks. Unfortunately, the MiCODUS MV720 lacks basic security protections needed to protect users from serious security issues. With limited testing, BitSight uncovered a multitude of flaws affecting all components of the GPS tracker ecosystem.” concludes the report. “BitSight recommends that individuals and organizations currently using MiCODUS MV720 GPS tracking devices disable these devices until a fix is made available. Organizations using any MiCODUS GPS tracker, regardless of the model, should be alerted to insecurity regarding its system architecture, which may place any device at risk.”

Unpatched flaws in popular GPS devices could let hackers disrupt and track vehicles

Unpatched flaws in popular GPS devices could let hackers disrupt and track vehicles

These days security of car is very essential. Thieves are finding more ways of stealing cars and other four wheeler vehicles. In this book we have given details about the anti-theft system which will help to car owners to secure their cars. This system is efficient and affordable. This system gives more advantages than other anti-theft system. Main feature of this system is that owner will gate information if the car is being stolen and the location of car (longitude and altitude).

Anti-theft Locking and Tracking system using GSM and GPS Technology

Tags: Car Security, GPS Trackers

Mar 09 2022

HP addressed 16 UEFI firmware flaws impacting laptops, desktops, PoS systems

Category: Hardware SecurityDISC @ 9:46 am

Researchers disclosed 16 high-severity flaws in different implementations of Unified Extensible Firmware Interface (UEFI) firmware impacting multiple HP enterprise devices.

Researchers from cybersecurity firm Binarly discovered 16 high-severity vulnerabilities in various implementations of Unified Extensible Firmware Interface (UEFI) firmware impacting multiple HP enterprise devices.

An attacker can exploit these vulnerabilities to implant a firmware that survives operating system updates and bypasses UEFI Secure Boot, Intel Boot Guard, and virtualization-based security.

Impacted devices include multiple HP enterprise devices, including laptops, desktops, point-of-sale systems, and edge computing nodes.

“By exploiting the vulnerabilities disclosed, attackers can leverage them to perform privileged code execution in firmware, below the operating system, and potentially deliver persistent malicious code that survives operating system re-installations and allows the bypass of endpoint security solutions (EDR/AV), Secure Boot and Virtualization-Based Security isolation.” reads the analysis published by Binarly.

Below is the list of vulnerabilities discovered by the researchers:

CVE-2021-39297BRLY-2021-003DXE stack buffer overflow (arbitrary code execution)7.7 High
CVE-2021-39298BRLY-2021-004SMM callout (privilege escalation)8.8 High
CVE-2021-39299BRLY-2021-005DXE stack buffer overflow (arbitrary code execution)8.2 High
CVE-2021-39300BRLY-2021-006DXE stack overflow vulnerability (arbitrary code execution)8.2 High
CVE-2021-39301BRLY-2021-007DXE stack overflow (arbitrary code execution)7.7 High
CVE-2022-23924BRLY-2021-032SMM heap buffer overflow (arbitrary code execution)8.2 High
CVE-2022-23925BRLY-2021-033SMM memory corruption (arbitrary code execution)8.2 High
CVE-2022-23926BRLY-2021-034SMM memory corruption (arbitrary code execution)8.2 High
CVE-2022-23927BRLY-2021-035SMM memory corruption (arbitrary code execution)8.2 High
CVE-2022-23928BRLY-2021-036SMM memory corruption (arbitrary code execution)8.2 High
CVE-2022-23929BRLY-2021-037SMM memory corruption (arbitrary code execution)8.2 High
CVE-2022-23930BRLY-2021-038SMM memory corruption (arbitrary code execution)8.2 High
CVE-2022-23931BRLY-2021-039SMM memory corruption (arbitrary code execution)8.2 High
CVE-2022-23932BRLY-2021-040SMM callout (privilege escalation)8.2 High
CVE-2022-23933BRLY-2021-041SMM callout (privilege escalation)8.2 High
CVE-2022-23934BRLY-2021-042SMM memory corruption (arbitrary code execution)8.2 High

“Binarly believes that the lack of a knowledge base of common firmware exploitation techniques and primitives related to UEFI firmware makes these failures repeatable for the entire industry. We are working hard to fill this gap by providing comprehensive technical details in our advisories. This knowledge base is crucial for developing effective mitigations and defense technologies for device security.”,
said Alex Matrosov, Founder and CEO at Binarly.

HP UEFI firmware

The most severe of the vulnerabilities discovered by the researchers are memory corruption issues affecting the System Management Mode (SMM) of the firmware. An attacker could trigger them to gain arbitrary code execution with the highest privileges.

HP addressed the flaws with the release of HP UEFI Firmware February 2022 security updates issued in February.

Practical Hardware Pentesting: A guide to attacking embedded systems and protecting them against the most common hardware attacks

Tags: Hardware Pentesting, UEFI firmware flaw

Nov 18 2021

How Virtualization Helps Secure Connected Cars

Connected cars create opportunities to deliver enhanced customer experiences. At the same time, they also have the potential to provide high cost and revenue benefits. This is true for connected car companies, OEMs, suppliers and insurers (and much, much more).

However, car companies haven’t really explored the opportunities to monetize customer data adequately. We can probably attribute this to cybersecurity threats and a mad rush to market. But as the industry evolves and accelerates adoption, we must address these concerns now.

According to Allied Market Research, experts forecast the worldwide connected car market to be worth $225.16 billion by 2027. As we strive to achieve continuous connectivity, what’s the best approach to secure it? How do we keep drivers and their data safe from threat actors?

Before we dive into the solution, let’s look at some of the connected car challenges.

What Are the Threats to Connected Car Security?

#CarSecurity #Car Hacking

Tags: #CarSecurity #Car Hacking, Secure Connected Cars

May 13 2021

Researcher hacked #Apple #AirTag two weeks after its launch

Category: Hardware SecurityDISC @ 12:28 pm

The Apple AirTag has been available for just a couple of weeks and hacking community is already working on it to demonstrate that how to compromise it.

“The German security researcher Stack Smashing tweeted today (via The 8-bit) that he was able to “break into the microcontroller of the AirTag” and modified elements of the item tracker software.” reported the 9to5Mac website.

A microcontroller is an integrated circuit (IC) used for controlling devices usually via a microprocessing unit, memory, and other peripherals. According to AllAboutCircuits, “these devices are optimized for embedded applications that require both processing functionality and agile, responsive interaction with digital, analog, or electromechanical components.”

Now, the German security researcher Stack Smashing claims that he was able to hack the Apple device breaking into its microcontroller and modifying its NFC URL for Lost Mode.

The researcher explained that has found a way to modify the tracker software running on the tag, he was able to modify its NFC URL.

Smashing published a video PoC of the hack, it shows two Apple AirTag devices and one of them was hacked by the researcher.

The regular item tracker used in the test opens the Find My website, while the modified one opens an arbitrary URL that was chosen by the expert.

Tags: Apple AirTag

May 05 2021

Dell fixes exploitable holes in its own firmware update driver – patch now!

Category: Hardware Security,Security vulnerabilitiesDISC @ 8:36 am

Researchers at SentinelLabs say that they found various exploitable bugs in one of Dell’s Windows kernel drivers, which they reported back in December 2020.

There were five related bugs, now collectively dubbed CVE-2021-21551.

Dell has now issued a patch for these vulnerabilities (the official update is dated 2021-05-04), noting that:

Dell dbutil_2_3.sys driver contains an insufficient access control vulnerability which may lead to escalation of privileges, denial of service, or information disclosure. Local authenticated user access is required.

Expunging the bugs

Tags: firmware update driver

Nov 17 2020

Microsoft’s Pluton chip upgrades the hardware security of Windows PCs

Category: Hardware Security,Information SecurityDISC @ 1:05 pm

Pluton chip

The next Windows PC you buy could come with an advanced security co-processor that will protect your data from being stolen by hackers.

The next Windows PC you buy could come with an advanced security co-processor that will protect your data from being stolen by hackers. Building on work it started with the Xbox One, on Tuesday Microsoft announced the existence of Pluton. It’s a new project the company is working on with both AMD and Intel, as well as Qualcomm, to create x86 and ARM CPUs that integrate a dedicated security component.

At its simplest, Pluton is an evolution of the existing Trusted Platform Module (TPM) you find in many modern computers. TPMs store security-related information about your operating system and enable features like Windows Hello. However, for all the additional security they add to PCs, they still have vulnerabilities. As security researchers have shown, it’s possible for hackers to attack the bus interface that allows the TPM and CPU to communicate with one another.

That’s where Pluton comes into the picture. By integrating the TPM into the CPU, Microsoft says it’s able to close off that avenue of attack. When the first slate of Pluton-equipped CPUs and computers start making their way out to consumers, Microsoft says they’ll emulate TPM chips so that they can take advantage of existing APIs and provide Windows users with immediate usefulness. The end goal is for Pluton-equipped CPUs to protect your credentials, encryption keys and personal data. In that way, it will be similar to the T2 and Titan M security chips Apple and Google offer, but with the added advantage of being there for the entire Windows ecosystem to use.

Source: Microsoft’s Pluton chip upgrades the hardware security of Windows PCs

Microsoft Pluton is a new security chip for Windows PCs