www.securityweek.com Open in urlscan Pro
2606:4700:20::6818:a003  Public Scan

Form analysis
3 forms found in the DOM

GET https://www.securityweek.com/

<form method="get" id="zox-search-form" action="https://www.securityweek.com/" data-hs-cf-bound="true">
  <input type="text" name="s" id="zox-search-input" value="Search" onfocus="if (!window.__cfRLUnblockHandlers) return false; if (this.value == &quot;Search&quot;) { this.value = &quot;&quot;; }"
    onblur="if (!window.__cfRLUnblockHandlers) return false; if (this.value == &quot;Search&quot;) { this.value = &quot;&quot;; }">
  <input type="submit" id="zox-search-submit" value="Search">
</form>

Name: ccoptin — POST https://visitor.constantcontact.com/d.jsp

<form class="sw-newsletter-cc" style="" method="post" target="_blank" action="https://visitor.constantcontact.com/d.jsp" name="ccoptin" data-hs-cf-bound="true">
  <input type="hidden" value="1102592012458" name="m">
  <input type="hidden" value="oi" name="p">
  <div class="form-item">
    <input type="text" class="form-text required" value="" placeholder="Business Email Address..." size="60" name="ea" maxlength="128">
    <input type="submit" class="submit" value="Subscribe" name="go">
  </div>
</form>

Name: ccoptin — POST https://visitor.constantcontact.com/d.jsp

<form class="sw-newsletter-cc" style="" method="post" target="_blank" action="https://visitor.constantcontact.com/d.jsp" name="ccoptin" data-hs-cf-bound="true">
  <input type="hidden" value="1102592012458" name="m">
  <input type="hidden" value="oi" name="p">
  <div class="form-item">
    <input type="text" class="form-text required" value="" placeholder="Business Email Address..." size="60" name="ea" maxlength="128">
    <input type="submit" class="submit" value="Subscribe" name="go">
  </div>
</form>

Text Content

This website stores cookies on your computer. These cookies are used to improve
your website experience and provide more personalized services to you, both on
this website and through other media. To find out more about the cookies we use,
see our Privacy Policy.

We won't track your information when you visit our site. But in order to comply
with your preferences, we'll have to use just one tiny cookie so that you're not
asked to make this choice again.

Accept Decline


SECURITYWEEK NETWORK:

 * Cybersecurity News
 * Webcasts
 * Virtual Events


ICS:

 * ICS Cybersecurity Conference

 * Malware & Threats
   * Cyberwarfare
   * Cybercrime
   * Data Breaches
   * Fraud & Identity Theft
   * Nation-State
   * Ransomware
   * Vulnerabilities
 * Security Operations
   * Threat Intelligence
   * Incident Response
   * Tracking & Law Enforcement
 * Security Architecture
   * Application Security
   * Cloud Security
   * Endpoint Security
   * Identity & Access
   * IoT Security
   * Mobile & Wireless
   * Network Security
 * Risk Management
   * Cyber Insurance
   * Data Protection
   * Privacy & Compliance
   * Supply Chain Security
 * CISO Strategy
   * Cyber Insurance
   * CISO Conversations
   * CISO Forum
 * ICS/OT
   * Industrial Cybersecurity
   * ICS Cybersecurity Conference
 * Funding/M&A
   * Cybersecurity Funding
   * M&A Tracker

 * Cybersecurity News
 * Webcasts
 * Virtual Events

 * ICS Cybersecurity Conference

Connect with us
 * 
 * 
 * 

Hi, what are you looking for?





SECURITYWEEK

 * Malware & Threats
   * Cyberwarfare
   * Cybercrime
   * Data Breaches
   * Fraud & Identity Theft
   * Nation-State
   * Ransomware
   * Vulnerabilities
 * Security Operations
   * Threat Intelligence
   * Incident Response
   * Tracking & Law Enforcement
 * Security Architecture
   * Application Security
   * Cloud Security
   * Endpoint Security
   * Identity & Access
   * IoT Security
   * Mobile & Wireless
   * Network Security
 * Risk Management
   * Cyber Insurance
   * Data Protection
   * Privacy & Compliance
   * Supply Chain Security
 * CISO Strategy
   * Cyber Insurance
   * CISO Conversations
   * CISO Forum
 * ICS/OT
   * Industrial Cybersecurity
   * ICS Cybersecurity Conference
 * Funding/M&A
   * Cybersecurity Funding
   * M&A Tracker




ENDPOINT SECURITY


GIGABYTE ROLLS OUT BIOS UPDATES TO REMOVE BACKDOOR FROM MOTHERBOARDS

Gigabyte has announced BIOS updates that remove a recently identified backdoor
feature in hundreds of its motherboards.

By

Ionut Arghire

June 5, 2023
   
   
 * 
   

 * Flipboard
   
   Reddit
   
   Pinterest
   
   Whatsapp
   
   Whatsapp
   
   Email

Taiwanese computer components maker Gigabyte has announced BIOS updates meant to
remove a backdoor feature that was recently found in hundreds of its
motherboards.

The issue, disclosed last week by firmware and hardware security company
Eclypsium, is that the firmware of more than 270 Gigabyte motherboards drops a
Windows binary that is executed at boot-up to fetch and execute a payload from
Gigabyte’s servers.

A feature related to the Gigabyte App Center, the backdoor does not appear to
have been exploited for malicious purposes, but threat actors are known to have
abused such tools in previous attacks.

When it made its findings public, Eclypsium said it was unclear whether the
backdoor was the result of a malicious insider, a compromise of Gigabyte’s
servers, or a supply chain attack.

Shortly after Eclypsium published its report, Gigabyte announced the release of
BIOS updates that address the vulnerability.

“Gigabyte engineers have already mitigated potential risks and uploaded the
Intel 700/600 and AMD 500/400 series Beta BIOS to the official website after
conducting thorough testing and validation of the new BIOS on Gigabyte
motherboards,” the company announced late last week.

BIOS updates for Intel 500/400 and AMD 600 series chipset motherboards and for
previously released motherboards were set to be released late last week as well.

Advertisement. Scroll to continue reading.


The update resolves “the download assistant vulnerabilities reported by
Eclypsium”, read the release notes for the latest BIOS available for the A520
Aorus Elite rev 1.0 motherboards.

The update implements stricter security checks during system boot, including
improved validation for files downloaded from remote servers and standard
verification of remote server certificates.

The new security enhancements, the company says, should prevent attackers from
inserting malicious code during boot and should guarantee that any files
downloaded during this process come from servers with valid and trusted
certificates.

Organizations and end users alike should review Eclypsium’s list of more than
270 affected motherboard models and, if impacted, should head to Gigabyte’s
support website to check for and download any BIOS update released after June 1,
2023.

Related: MSI Confirms Cyberattack, Issues Firmware Download Guidance

Related: BMC Firmware Vulnerabilities Expose OT, IoT Devices to Remote Attacks

Related: Intel Patches High-Severity Vulnerabilities in BIOS, Boot Guard





Written By Ionut Arghire

Ionut Arghire is an international correspondent for SecurityWeek.




MORE FROM IONUT ARGHIRE

 * Dozens of Malicious Extensions Found in Chrome Web Store
 * Microsoft Makes SMB Signing Default Requirement in Windows 11 to Boost
   Security
 * Zyxel Urges Customers to Patch Firewalls Against Exploited Vulnerabilities
 * Gigabyte Rolls Out BIOS Updates to Remove Backdoor From Motherboards
 * Information of 2.5M People Stolen in Ransomware Attack at Massachusetts
   Health Insurer
 * US, South Korea Detail North Korea’s Social Engineering Techniques
 * High-Severity Vulnerabilities Patched in Splunk Enterprise
 * Enzo Biochem Ransomware Attack Exposes Information of 2.5M Individuals


LATEST NEWS

 * Dozens of Malicious Extensions Found in Chrome Web Store
 * What if the Current AI Hype Is a Dead End?
 * Microsoft Makes SMB Signing Default Requirement in Windows 11 to Boost
   Security
 * Zyxel Urges Customers to Patch Firewalls Against Exploited Vulnerabilities
 * Gigabyte Rolls Out BIOS Updates to Remove Backdoor From Motherboards
 * SBOMs – Software Supply Chain Security’s Future or Fantasy?
 * Ransomware Group Used MOVEit Exploit to Steal Data From Dozens of
   Organizations
 * Cybersecurity M&A Roundup: 36 Deals Announced in May 2023


Click to comment



TRENDING


RANSOMWARE GROUP USED MOVEIT EXPLOIT TO STEAL DATA FROM DOZENS OF ORGANIZATIONS


ZERO-DAY IN MOVEIT FILE TRANSFER SOFTWARE EXPLOITED TO STEAL DATA FROM
ORGANIZATIONS


CHROME 113 SECURITY UPDATE PATCHES CRITICAL VULNERABILITY


HIGH-SEVERITY VULNERABILITIES PATCHED IN SPLUNK ENTERPRISE


GIGABYTE ROLLS OUT BIOS UPDATES TO REMOVE BACKDOOR FROM MOTHERBOARDS


SBOMS – SOFTWARE SUPPLY CHAIN SECURITY’S FUTURE OR FANTASY?


DOZENS OF MALICIOUS EXTENSIONS FOUND IN CHROME WEB STORE


RUSSIA BLAMES US INTELLIGENCE FOR IOS ZERO-CLICK ATTACKS




DAILY BRIEFING NEWSLETTER

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest
threats, trends, and technology, along with insightful columns from industry
experts.




VIRTUAL EVENT: THREAT DETECTION AND INCIDENT RESPONSE SUMMIT

Wednesday, May 24, 2023

SecurityWeek’s Threat Detection and Incident Response Summit brings together
security practitioners from around the world to share war stories on breaches,
APT attacks and threat intelligence.

Register


VIRTUAL EVENT: CISO FORUM VIRTUAL SUMMIT

June 13-14, 2023

Securityweek’s CISO Forum will address issues and challenges that are top of
mind for today’s security leaders and what the future looks like as chief
defenders of the enterprise.

Register

EXPERT INSIGHTS


WHAT IF THE CURRENT AI HYPE IS A DEAD END?

If we should face a Dead-End AI future, the cybersecurity industry will continue
to rely heavily on traditional approaches, especially human-driven ones. It
won’t quite be business as usual though. (Oliver Rochford)


BREAKING ENTERPRISE SILOS AND IMPROVING PROTECTION

When teams have a way to break down enterprise silos and see and understand what
is happening, they can improve protection across their increasingly dispersed
and diverse environment. (Matt Wilson)


SECURITY PROS: BEFORE YOU DO ANYTHING, UNDERSTAND YOUR THREAT LANDSCAPE

Regardless of the use case your security organization is focused on, you’ll
likely waste time and resources and make poor decisions if you don’t start with
understanding your threat landscape. (Marc Solomon)


TODAY’S CYBER DEFENSE CHALLENGES: COMPLEXITY AND A FALSE SENSE OF SECURITY

Industry standard frameworks and guidelines often lead organizations to believe
that deploying more security solutions will result in greater protection against
threats. (Torsten George)


CUTTING THROUGH THE NOISE: WHAT IS ZERO TRUST SECURITY?

With proactive steps to move toward Zero Trust, technology leaders can leverage
an old, yet new, idea that must become the security norm. (Marie Hattar)


   
   
 * 
   

 * Flipboard
   
   Reddit
   
   Pinterest
   
   Whatsapp
   
   Whatsapp
   
   Email

RELATED CONTENT


VULNERABILITIES


FULL DISCLOSURE LIST GETS A FRESH START – REBORN UNDER NEW OPERATOR

Less than a week after announcing that it would suspended service indefinitely
due to a conflict with an (at the time) unnamed security researcher...

SecurityWeek NewsMarch 26, 2014


DATA BREACHES


CHATGPT DATA BREACH CONFIRMED AS SECURITY FIRM WARNS OF VULNERABLE COMPONENT
EXPLOITATION

OpenAI has confirmed a ChatGPT data breach on the same day a security firm
reported seeing the use of a component affected by an...

Eduard KovacsMarch 28, 2023


RISK MANAGEMENT


CYBER INSIGHTS 2023 | SUPPLY CHAIN SECURITY

The supply chain threat is directly linked to attack surface management, but the
supply chain must be known and understood before it can be...

Kevin TownsendFebruary 2, 2023


VULNERABILITIES


CHROME 111 UPDATE PATCHES HIGH-SEVERITY VULNERABILITIES

The latest Chrome update brings patches for eight vulnerabilities, including
seven reported by external researchers.

Ionut ArghireMarch 22, 2023


VULNERABILITIES


MICROSOFT WARNS OF OUTLOOK ZERO-DAY EXPLOITATION, PATCHES 80 SECURITY VULNS

Patch Tuesday: Microsoft warns vulnerability (CVE-2023-23397) could lead to
exploitation before an email is viewed in the Preview Pane.

Ryan NaraineMarch 14, 2023


VULNERABILITIES


APPLE PATCHES ACTIVELY EXPLOITED WEBKIT ZERO-DAY VULNERABILITY 

Apple has released updates for macOS, iOS and Safari and they all include a
WebKit patch for a zero-day vulnerability tracked as CVE-2023-23529.

Eduard KovacsFebruary 14, 2023


IOT SECURITY


16 CAR MAKERS AND THEIR VEHICLES HACKED VIA TELEMATICS, APIS, INFRASTRUCTURE

A group of seven security researchers have discovered numerous vulnerabilities
in vehicles from 16 car makers, including bugs that allowed them to control
car...

Ionut ArghireJanuary 5, 2023


IOT SECURITY


VULNERABILITY ALLOWS HACKERS TO REMOTELY TAMPER WITH DAHUA SECURITY CAMERAS

A vulnerability affecting Dahua cameras and video recorders can be exploited by
threat actors to modify a device’s system time.

Eduard KovacsFebruary 9, 2023
 * 
 * 
 * 


POPULAR TOPICS

 * Cybersecurity News
 * Industrial Cybersecurity


SECURITY COMMUNITY

 * Virtual Cybersecurity Events
 * Webcast Library
 * CISO Forum
 * ICS Cybersecurity Conference
 * Cybersecurity Newsletters


STAY INTOUCH

 * Cyber Weapon Discussion Group
 * RSS Feed
 * Security Intelligence Group


ABOUT SECURITYWEEK

 * Advertising
 * Event Sponsorships
 * Writing Opportunities
 * Feedback/Contact Us


NEWS TIPS

Got a confidential news tip? We want to hear from you.

Submit Tip


ADVERTISING

Reach a large audience of enterprise cybersecurity professionals

Contact Us


DAILY BRIEFING NEWSLETTER

Subscribe to the SecurityWeek Daily Briefing and get the latest content
delivered to your inbox.


 * Privacy Policy

Copyright © 2023 SecurityWeek ®, a Wired Business Media Publication. All Rights
Reserved.