WeLiveSecurity

Under the cloak of UEFI Secure Boot: Introducing CVE-2024-7344

ESET researchers have discovered a vulnerability that allows bypassing UEFI Secure Boot, affecting the majority of UEFI-based systems. This vulnerability, assigned CVE-2024-7344, was found in a UEFI ...
Bleeping Computer

New UEFI Secure Boot flaw exposes systems to bootkits, patch now

A new UEFI Secure Boot bypass vulnerability tracked as CVE-2024-7344 that affects a Microsoft-signed application could be exploited to deploy bootkits even if Secure Boot protection is active. The ...
Bleeping Computer

BlackLotus bootkit bypasses UEFI Secure Boot on patched Windows 11

The developers of the BlackLotus UEFI bootkit have improved the malware with Secure Boot bypass capabilities that allow it to infect even fully patched Windows 11 systems. BlackLotus is the first ...
WeLiveSecurity

Introducing HybridPetya: Petya/NotPetya copycat with UEFI Secure Boot bypass

ESET Research has discovered HybridPetya, on the VirusTotal sample sharing platform. It is a copycat of the infamous Petya/NotPetya malware, adding the capability of compromising UEFI-based systems ...
Hosted on MSN

UEFI Secure Boot for Linux Arm64 – where do we stand?

Arm devices are everywhere today and many of them run Linux. The operating system also powers cloud computing and IT environments all over the world. However, x86 is still the dominant architecture of ...
CSOonline

New exploits can bypass Secure Boot and modern UEFI security protections

Two research groups demonstrate PC firmware vulnerabilities that are difficult to mitigate and likely to be exploited in the wild. Two teams of researchers have revealed vulnerabilities this week in ...
TechSpot

BlackLotus UEFI bootkit can defeat Secure Boot protection

Why it matters: Discovered in October 2022, BlackLotus is a powerful UEFI-compatible bootkit sold on underground marketplaces at $5,000 per license. The malware provides impressive capabilities, and a ...