Cyberveillecurated by Decio
Nuage de tags
Mur d'images
Quotidien
Flux RSS
  • Flux RSS
  • Daily Feed
  • Weekly Feed
  • Monthly Feed
Filtres

Liens par page

  • 20 links
  • 50 links
  • 100 links

Filtres

Untagged links
9 résultats taggé UEFI  ✕
Analyzing open-source bootloaders: Finding vulnerabilities faster with AI https://www.microsoft.com/en-us/security/blog/2025/03/31/analyzing-open-source-bootloaders-finding-vulnerabilities-faster-with-ai/
02/04/2025 06:44:13
QRCode
archive.org
thumbnail

By leveraging Microsoft Security Copilot to expedite the vulnerability discovery process, Microsoft Threat Intelligence uncovered several vulnerabilities in multiple open-source bootloaders, impacting all operating systems relying on Unified Extensible Firmware Interface (UEFI) Secure Boot as well as IoT devices. The vulnerabilities found in the GRUB2 bootloader (commonly used as a Linux bootloader) and U-boot and Barebox bootloaders (commonly used for embedded systems), could allow threat actors to gain and execute arbitrary code.

microsoft EN 2025 open-source bootloaders UEFI GRUB2 AI
Under the cloak of UEFI Secure Boot: Introducing CVE-2024-7344 https://www.welivesecurity.com/en/eset-research/under-cloak-uefi-secure-boot-introducing-cve-2024-7344/
19/01/2025 10:28:27
QRCode
archive.org
thumbnail

ESET researchers have discovered a vulnerability that allows bypassing UEFI Secure Boot, affecting the majority of UEFI-based systems. This vulnerability, assigned CVE-2024-7344, was found in a UEFI application signed by Microsoft’s Microsoft Corporation UEFI CA 2011 third-party UEFI certificate. Exploitation of this vulnerability leads to the execution of untrusted code during system boot, enabling potential attackers to easily deploy malicious UEFI bootkits (such as Bootkitty or BlackLotus) even on systems with UEFI Secure Boot enabled, regardless of the installed operating system.

welivesecurity EN 2025 CVE-2024-7344 UEFI Secure Boot vulnerability certificate
Bootkitty: Analyzing the first UEFI bootkit for Linux https://www.welivesecurity.com/en/eset-research/bootkitty-analyzing-first-uefi-bootkit-linux/
28/11/2024 10:25:22
QRCode
archive.org
thumbnail

ESET's discovery of the first UEFI bootkit designed for Linux sendss an important message: UEFI bootkits are no longer confined to Windows systems alone.

welivesecurity EN 2024 Bootkitty UEFI bootkit Linux
PKfail: Untrusted Platform Keys Undermine Secure Boot on UEFI Ecosystem https://www.binarly.io/blog/pkfail-untrusted-platform-keys-undermine-secure-boot-on-uefi-ecosystem
26/07/2024 09:19:29
QRCode
archive.org
thumbnail

PKfail is a zero day disclosure detected by the Binarly REsearch Team and responsibly disclosed.

binarly EN 2024 SecureBoot PKfail UEFI Untrusted DO-NOT-TRUST
UEFIcanhazbufferoverflow: Widespread Impact from Vulnerability in Popular PC and Server Firmware https://eclypsium.com/blog/ueficanhazbufferoverflow-widespread-impact-from-vulnerability-in-popular-pc-and-server-firmware/
26/06/2024 13:51:38
QRCode
archive.org
thumbnail

Summary Eclypsium Automata, our automated binary analysis system, has identified a high impact vulnerability (CVE-2024-0762 with a reported CVSS of 7.5) in the Phoenix SecureCore UEFI firmware that runs on multiple families of Intel Core desktop and mobile processors. The issue involves an unsafe variable in the Trusted Platform Module (TPM) configuration that could lead […]

eclypsium.com EN 2024 UEFIcanhazbufferoverflow Vulnerability Phoenix CVE-2024-0762 SecureCore UEFI
The Far-Reaching Consequences of LogoFAIL https://binarly.io/posts/The_Far_Reaching_Consequences_of_LogoFAIL/index.html
02/12/2023 11:44:08
QRCode
archive.org
thumbnail

The Binarly REsearch team investigates vulnerable image parsing components across the entire UEFI firmware ecosystem and finds all major device manufacturers are impacted on both x86 and ARM-based devices.

binarly EN 2023 UEFI firmware LogoFAIL
BlackLotus UEFI Bootkit Source Code Leaked on GitHub https://www.securityweek.com/blacklotus-uefi-bootkit-source-code-leaked-on-github/?utm_source=substack&utm_medium=email
15/07/2023 13:56:38
QRCode
archive.org
thumbnail

The source code for the BlackLotus UEFI bootkit has been shared publicly on GitHub, albeit with several modifications compared to the original malware.

Designed specifically for Windows, the bootkit emerged on hacker forums in October last year, being advertised with APT-level capabilities such as secure boot and user access control (UAC) bypass and the ability to disable security applications and defense mechanisms on victim systems.

securityweek EN 2023 BlackLotus UEFI Bootkit Source Code Leaked GitHub
BlackLotus UEFI bootkit: Myth confirmed https://www.welivesecurity.com/2023/03/01/blacklotus-uefi-bootkit-myth-confirmed/
02/03/2023 08:07:20
QRCode
archive.org
thumbnail

ESET researchers are the first to publish an analysis of BlackLotus, the first in-the-wild UEFI bootkit capable of bypassing UEFI Secure Boot.

welivesecurity EN 2023 bootkit UEFI IoCs
Discovery of new UEFI rootkit exposes an ugly truth: The attacks are invisible to us https://arstechnica.com/information-technology/2022/07/researchers-unpack-unkillable-uefi-rootkit-that-survives-os-reinstalls/
30/07/2022 16:08:35
QRCode
archive.org
thumbnail

Turns out they're not all that rare. We just don't know how to find them.

arstechnica EN 2022 UEFI rootkit bootkit
4490 links
Shaarli - The personal, minimalist, super-fast, database free, bookmarking service par la communauté Shaarli - Theme by kalvn - Curated by Decio