Uncategorized

Cybercrime is changing. Your business needs to be resilient

lol, this was a sponsored ad by HP, not a story by an author. Tricked me. 🙂

[…]Commercial-grade UEFI malware, which infects a device’s firmware, has been known to exist since at least 2015, and it’s only a matter of time before it’s used in a focused attack.[…]

http://www.itpro.co.uk/security/31388/cybercrime-is-changing-your-business-needs-to-be-resilient

 

 

Standard
Uncategorized

HP iLO: a bit more on CVE-2017-12542

https://milo2012.wordpress.com/2018/06/30/some-notes-on-hpe-ilo4-authentication-bypass-and-rce-cve-2017-12542/

https://support.hpe.com/hpsc/doc/public/display?docId=hpesbhf03769en_us

https://www.rapid7.com/db/modules/auxiliary/admin/hp/hp_ilo_create_admin_account

https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/admin/hp/hp_ilo_create_admin_account.rb

https://tools.cisco.com/security/center/viewAlert.x?alertId=54930

https://github.com/skelsec/CVE-2017-12542

https://github.com/bao7uo/HPE-iLO-CVE-2017-12542

https://nvd.nist.gov/vuln/detail/CVE-2017-12542

Standard
Uncategorized

HPE: iLO: Remote Unauthorized Modification of Information

Re: https://firmwaresecurity.com/2018/06/11/subverting-your-server-through-its-bmc-the-hpe-ilo4-case-presentation-toolbox/ and https://firmwaresecurity.com/2018/06/20/airbus-seclab-ilo4_toolbox-more-info-uploaded/

NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.

Release Date: 2018-06-26

https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03844en_us

Standard
Uncategorized

Subverting your server through it’s BMC: the HPE iLo4 case (presentation + toolbox)

https://github.com/airbus-seclab/airbus-seclab.github.io/blob/master/ilo/RECONBRX2018-Slides-Subverting_your_server_through_its_BMC_the_HPE_iLO4_case-perigaud-gazet-czarny.pdf

https://airbus-seclab.github.io/

https://github.com/airbus-seclab/ilo4_toolbox

Standard
Uncategorized

HPE seeks senior UEFI developer

Senior UEFI Development Engineer
Job ID 1023806

Strong knowledge in UEFI security or firmware security in general.
Strong knowledge in TPM, Secure Boot, TXT, and RSA.
Knowledge of industry standard technologies including ACPI, USB, SMBIOS, IPMI, Redfish, and PCI express.
8+ years’ experience in firmware or BIOS/UEFI development.
In-depth knowledge of UEFI architecture and development (focused on the EDK2 development environment).

https://careers.hpe.com/job/-/-/3545/7942722

Standard
Uncategorized

HP iLO ransomware?

https://www.bleepingcomputer.com/news/security/ransomware-hits-hpe-ilo-remote-management-interfaces/

Standard