#1 Trusted Cybersecurity News Platform Followed by 4.50+ million
The Hacker News Logo
Get the Free Newsletter
SaaS Security

motherboard hacking | Breaking Cybersecurity News | The Hacker News

BMC Vulnerabilities Expose Supermicro Servers to Remote USB-Attacks

BMC Vulnerabilities Expose Supermicro Servers to Remote USB-Attacks

Sep 03, 2019
Enterprise servers powered by Supermicro motherboards can remotely be compromised by virtually plugging in malicious USB devices, cybersecurity researchers at firmware security company Eclypsium told The Hacker News. Yes, that's correct. You can launch all types of USB attacks against vulnerable Supermicro servers without actually physically accessing them or waiting for your victim to pick up an unknown, untrusted USB drive and plug it into their computer. Collectively dubbed " USBAnywhere ," the attack leverages several newly discovered vulnerabilities in the firmware of BMC controllers that could let an unauthorized, remote attacker connect to a Supermicro server and virtually mount malicious USB device. Comes embedded with a majority of server chipsets, a baseboard management controller (BMC) is a hardware chip at the core of Intelligent Platform Management Interface (IPMI) utilities that allows sysadmins to remotely control and monitor a server without havin
USB Killer v2.0 — Latest USB Device that Can Easily Burn Your Computer

USB Killer v2.0 — Latest USB Device that Can Easily Burn Your Computer

Oct 13, 2015
Remember Killer USB ?? In March, a Russian security researcher devised a weird USB stick that is capable of destroying sensitive components of a computer when plugged-in. Now, the same researcher, nicknamed Dark Purple , has launched a new version of his computer-frying USB Killer pendrive – USB Killer version 2.0 . USB Killer 2.0 is much more powerful than the previous version and is able to "kill" more than just a PC it is plugged in. USB Killer 2.0 is More Powerful to Damage any Computer The first version of USB Killer was consist of a DC/DC converter, a few caps and an FET. When plugged into a system, the converter in the USB Killer would charge the caps up to -110V , apply that voltage to signal lines of the USB interface, and repeat the entire process until everything possible in the computer is broken down. However, the second version of USB Killer dump -220V directly onto the signal lines of the USB interface, which is powerful enough to
Making Sense of Operational Technology Attacks: The Past, Present, and Future

Making Sense of Operational Technology Attacks: The Past, Present, and Future

Mar 21, 2024Operational Technology / SCADA Security
When you read reports about cyber-attacks affecting operational technology (OT), it's easy to get caught up in the hype and assume every single one is sophisticated. But are OT environments all over the world really besieged by a constant barrage of complex cyber-attacks? Answering that would require breaking down the different types of OT cyber-attacks and then looking back on all the historical attacks to see how those types compare.  The Types of OT Cyber-Attacks Over the past few decades, there has been a growing awareness of the need for improved cybersecurity practices in IT's lesser-known counterpart, OT. In fact, the lines of what constitutes a cyber-attack on OT have never been well defined, and if anything, they have further blurred over time. Therefore, we'd like to begin this post with a discussion around the ways in which cyber-attacks can either target or just simply impact OT, and why it might be important for us to make the distinction going forward. Figure 1 The Pu
Cybersecurity Resources