Having the ability to remotely manage and monitor servers even when their main operating system becomes unresponsive is vital to enterprise IT administrators. All server manufacturers provide this functionality in firmware through a set of chips that run independent of the rest of the server and OS. These are known as baseboard management controllers (BMCs) and if they’re not secured properly, they can open the door to highly persistent and hard-to-detect rootkits.
Over the years, security researchers have found and demonstrated vulnerabilities in the BMC implementations of different server manufacturers and attackers have taken advantage of some of them. One recent example is iLOBleed, a malicious BMC implant found in the wild by an Iranian cybersecurity company that targets Hewlett Packard Enterprise (HPE) Gen8 and Gen9 servers, but this is not the only such attack found over the years.
More Stories
Data Breaches in US Schools Exposed 37.6M Records
Comparitech said 2023 was a record year for breaches with 954 reported, up from 139 in 2022 and 783 in...
Upcoming Speaking Engagements
This is a current list of where and when I am scheduled to speak: I’m giving a webinar via Zoom...
Ebury Botnet Operators Diversify with Financial and Crypto Theft
The 15-year-old Ebury botnet is more active than ever, as ESET found 400,000 Linux servers compromised for cryptocurrency theft and...
CISA and Partners Unveil Cybersecurity Guide For Civil Society Groups
The guide is designed to provide high-risk communities with actionable steps to bolster their cybersecurity defenses Read More
How Scammers Hijack Your Instagram
Authored by Vignesh Dhatchanamoorthy, Rachana S Instagram, with its vast user base and dynamic platform, has become a hotbed for...
NIST Confusion Continues as Cyber Pros Complain CVE Uploads Stalled
Several software security experts have told Infosecurity that no new vulnerabilities have been added to the US National Vulnerability Database...