-
PKfail Secure Boot bypass remains a significant risk two months later
Roughly nine percent of tested firmware images use non-production cryptographic keys that are publicly known or leaked in data breaches, leaving many Secure Boot devices vulnerable to UEFI bootkit malware attacks.
- September 17, 2024
- 09:32 AM
0
-
PKfail Secure Boot bypass lets attackers install UEFI malware
Hundreds of UEFI products from 10 vendors are susceptible to compromise due to a critical firmware supply-chain issue known as PKfail, which allows attackers to bypass Secure Boot and install malware.
- July 25, 2024
- 05:42 PM
5
-
Sponsored Content
Free shadow SaaS inventory + security insightsDiscover all SaaS accounts ever created by anyone in your org, in minutes, along with insights on security risks and spend. Save time, money and effort by curbing SaaS sprawl and automating tasks like offboarding and user access reviews. Free trial.
-
Phoenix UEFI vulnerability impacts hundreds of Intel PC models
A newly discovered vulnerability in Phoenix SecureCore UEFI firmware tracked as CVE-2024-0762 impacts devices running numerous Intel CPUs, with Lenovo already releasing new firmware updates to resolve the flaw.
- June 20, 2024
- 05:31 PM
- 0
-
PixieFail flaws impact PXE network boot in enterprise systems
A set of nine vulnerabilities, collectively called 'PixieFail,' impact the IPv6 network protocol stack of Tianocore's EDK II, the open-source reference implementation of the UEFI specification widely used in enterprise computers and servers.
- January 16, 2024
- 12:19 PM
- 0
-
LogoFAIL attack can install UEFI bootkits through bootup logos
Multiple security vulnerabilities collectively named LogoFAIL affect image-parsing components in the UEFI code from various vendors. Researchers warn that they could be exploited to hijack the execution flow of the booting process and to deliver bootkits.
- November 30, 2023
- 10:08 PM
- 0
-
Source code for BlackLotus Windows UEFI malware leaked on GitHub
The source code for the BlackLotus UEFI bootkit has leaked online, allowing greater insight into a malware that has caused great concern among the enterprise, governments, and the cybersecurity community.
- July 13, 2023
- 11:14 AM
- 1
-
NSA shares tips on blocking BlackLotus UEFI malware attacks
The U.S. National Security Agency (NSA) released today guidance on how to defend against BlackLotus UEFI bootkit malware attacks.
- June 22, 2023
- 04:50 PM
- 0
-
Pirated Windows 10 ISOs install clipper malware via EFI partitions
Hackers are distributing Windows 10 using torrents that hide cryptocurrency hijackers in the EFI (Extensible Firmware Interface) partition to evade detection.
- June 13, 2023
- 05:16 PM
- 9
-
Intel investigating leak of Intel Boot Guard private keys after MSI breach
Intel is investigating the leak of alleged private keys used by the Intel BootGuard security feature, potentially impacting its ability to block the installation of malicious UEFI firmware on MSI devices.
- May 08, 2023
- 01:31 PM
- 5
-
Microsoft shares guidance to detect BlackLotus UEFI bootkit attacks
Microsoft has shared guidance to help organizations check if hackers targeted or compromised machines with the BlackLotus UEFI bootkit by exploiting the CVE-2022-21894 vulnerability.
- April 12, 2023
- 12:39 PM
- 0
-
MSI breaks Secure Boot for hundreds of motherboards
Over 290 MSI motherboards are reportedly affected by an insecure default UEFI Secure Boot setting settings that allows any operating system image to run regardless of whether it has a wrong or missing signature.
- January 16, 2023
- 05:02 PM
- 8
-
Acer fixes UEFI bugs that can be used to disable Secure Boot
Acer has fixed a high-severity vulnerability affecting multiple laptop models that could enable local attackers to deactivate UEFI Secure Boot on targeted systems.
- November 28, 2022
- 06:31 PM
- 1
-
Lenovo fixes flaws that can be used to disable UEFI Secure Boot
Lenovo has fixed two high-severity vulnerabilities impacting various ThinkBook, IdeaPad, and Yoga laptop models that could allow an attacker to deactivate UEFI Secure Boot.
- November 09, 2022
- 11:03 AM
- 0
-
Intel confirms leaked Alder Lake BIOS Source Code is authentic
Intel has confirmed that a source code leak for the UEFI BIOS of Alder Lake CPUs is authentic and has been released by a third party.
- October 09, 2022
- 08:53 PM
- 1
-
New Lenovo BIOS updates fix security bugs in hundreds of models
Chinese computer manufacturer Lenovo has issued a security advisory to warn its clients about several high-severity vulnerabilities impacting a wide range of products in the Desktop, All in One, Notebook, ThinkPad, ThinkServer, and ThinkStation lines.
- September 14, 2022
- 01:43 PM
- 1
-
Firmware bugs in many HP computer models left unfixed for over a year
A set of six high-severity firmware vulnerabilities impacting a broad range of HP devices used in enterprise environments are still waiting to be patched, although some of them were publicly disclosed since July 2021.
- September 11, 2022
- 11:13 AM
- 3
-
Windows KB5012170 update causing BitLocker recovery screens, boot issues
Windows users who have installed a new KB5012170 security update for Secure Boot have encountered various issues, ranging from boots failing with BitLocker Recovery prompts to performance issues.
- August 16, 2022
- 07:05 PM
- 11
-
Microsoft blocks UEFI bootloaders enabling Windows Secure Boot bypass
Some signed third-party bootloaders for the Unified Extensible Firmware Interface (UEFI) used by Windows could allow attackers to execute unauthorized code in an early stage of the boot process, before the operating system loads.
- August 12, 2022
- 03:10 PM
- 3
-
CosmicStrand UEFI malware found in Gigabyte, ASUS motherboards
Chinese-speaking hackers have been using since at least 2016 malware that lies virtually undetected in the firmware images for some motherboards, one of the most persistent threats commonly known as a UEFI rootkit.
- July 25, 2022
- 09:37 PM
- 3
-
New UEFI firmware flaws impact over 70 Lenovo laptop models
The UEFI firmware used in several laptops made by Lenovo is vulnerable to three buffer overflow vulnerabilities that could enable attackers to hijack the startup routine of Windows installations.
- July 13, 2022
- 12:15 PM
- 0
