all InfoSec news
The Gigabyte firmware backdoor: Lessons learned about supply chain security
Malware Analysis, News and Indicators - Latest topics malware.news
A recent firmware snafu discovered in more than 400 computer motherboard models produced by Gigabyte offers some powerful lessons to guardians of software supply chains.
The bit of insecure coding was discovered by researchers at firmware-focused cybersecurity company Eclypsium, which noticed suspicious backdoor-like activity in the wild by systems with the Gigabyte motherboards.
Upon further analysis, the researchers found that the firmware in the motherboards was dropping and executing a Windows-native executable during the system startup process that downloaded and …
backdoor coding computer cybersecurity cybersecurity company eclypsium firmware gigabyte guardians insecure lessons learned motherboard researchers security software software supply chains supply supply chain supply chains supply chain security systems