all InfoSec news
Good reason to keep BMC LAN connections on an isolated LAN
Aug. 20, 2023, 1:01 a.m. | Ars Technica
The RISKS Digest catless.ncl.ac.uk
A 2021 ransomware breach at Gigabyte reportedly compromised more than 112
gigabytes of data including code and other information related to
widely-used baseboard management controllers (BMC) processors on system
boards.
The exposed defects reportedly include zero-day and code execution
vulnerabilities. An update is being prepared to address known issues.
I have long advocated connecting to BMC and similar control interfaces
using a physically separate LAN. Remote access is necessary, but access to
the isolated "walled garden" should be through a …
2021 ransomware address bmc boards breach code code execution compromised connections controllers data exposed gigabyte good information lan management processors ransomware system update vulnerabilities zero-day
More from catless.ncl.ac.uk / The RISKS Digest
EFI IPv6/PXE Security Flaw
3 months, 1 week ago |
catless.ncl.ac.uk
Imaging privacy threats from an ambient light sensor
3 months, 1 week ago |
catless.ncl.ac.uk
Re: CLEAR wants to scan your face at airports. Privacy experts are worried.
3 months, 1 week ago |
catless.ncl.ac.uk
Jobs in InfoSec / Cybersecurity
Social Engineer For Reverse Engineering Exploit Study
@ Independent study | Remote
Offensive Security Engineer
@ Ivanti | United States, Remote
Senior Security Engineer I
@ Samsara | Remote - US
Senior Principal Information System Security Engineer
@ Chameleon Consulting Group | Herndon, VA
Junior Detections Engineer
@ Kandji | San Francisco
Data Security Engineer/ Architect - Remote United States
@ Stanley Black & Decker | Towson MD USA - 701 E Joppa Rd Bg 700