CSOonline

Lack of firmware validation for computer peripherals enables highly persistent attacks

Security researchers have warned for many years that failure to digitally sign and validate the low-level firmware found in computers can lead to damaging compromises that are very hard to detect and ...
Bleeping Computer

OpenWrt Sysupgrade flaw let hackers push malicious firmware images

A flaw in OpenWrt's Attended Sysupgrade feature used to build custom, on-demand firmware images could have allowed for the distribution of malicious firmware packages. OpenWrt is a highly customizable ...