bootkit – WindowsTechs.com

BlackLotus UEFI Bootkit Source Code Leaked on GitHub

Posted on July 13, 2023 by Ionut Arghire

The source code for the BlackLotus UEFI bootkit has been leaked on GitHub and an expert has issued a warning over the risks.
The post BlackLotus UEFI Bootkit Source Code Leaked on GitHub appeared first on SecurityWeek.
Continue reading BlackLotus UEFI Bootkit Source Code Leaked on GitHub→

NSA Issues Guidance on Mitigating BlackLotus Bootkit Infections

Posted on June 23, 2023 by Ionut Arghire

The National Security Agency (NSA) has released mitigation guidance to help organizations stave off BlackLotus UEFI bootkit infections.
The post NSA Issues Guidance on Mitigating BlackLotus Bootkit Infections appeared first on SecurityWeek.
Continue reading NSA Issues Guidance on Mitigating BlackLotus Bootkit Infections→

BlackLotus bootkit patch may bring “false sense of security”, warns NSA

Posted on June 23, 2023 by Graham Cluley

The NSA has publsihed a guide about how to mitigate against attacks involving the BlackLotus bootkit malware, amid fears that system administrators may not be adequately protecting against the threat.

Read more in my article on the Tripwire State of… Continue reading BlackLotus bootkit patch may bring “false sense of security”, warns NSA→

Microsoft Shares Resources for BlackLotus UEFI Bootkit Hunting

Posted on April 13, 2023 by Ionut Arghire

Microsoft has shared details on how threat hunters can check their systems for BlackLotus UEFI bootkit infections.
The post Microsoft Shares Resources for BlackLotus UEFI Bootkit Hunting appeared first on SecurityWeek.
Continue reading Microsoft Shares Resources for BlackLotus UEFI Bootkit Hunting→

Patch Tuesday: Microsoft fixes a zero-day, and two curious bugs that take the Secure out of Secure Boot

Posted on April 12, 2023 by Paul Ducklin

Is Secure Boot without the Secure just “Boot”? Continue reading Patch Tuesday: Microsoft fixes a zero-day, and two curious bugs that take the Secure out of Secure Boot→

BlackLotus Bootkit Can Target Fully Patched Windows 11 Systems

Posted on March 2, 2023 by Ionut Arghire

ESET says the BlackLotus UEFI bootkit can bypass secure boot on fully updated Windows 11 systems.
The post BlackLotus Bootkit Can Target Fully Patched Windows 11 Systems appeared first on SecurityWeek.
Continue reading BlackLotus Bootkit Can Target Fully Patched Windows 11 Systems→

Advanced threat predictions for 2023

Posted on November 14, 2022 by GReAT

We polled our experts from the GReAT team and have gathered a small number of key insights about what APT actors are likely to focus on in 2023. Continue reading Advanced threat predictions for 2023→

Is it possible to enumerate thru all the hardware IDs?

Posted on March 6, 2022 by Sir Muffington

I am thinking of developing of a rather primitive CLI program for the sole purpose of detecting rootkits/bootkits/firmware modifying advanced malware.

Can you iterate thru all all hardware IDs (CPUID, GPUID etc) like dmidecode does just f… Continue reading Is it possible to enumerate thru all the hardware IDs?→

Advanced threat predictions for 2022

Posted on November 17, 2021 by GReAT

Over the past 12 months, the style and severity of APT threats has continued to evolve. Despite their constantly changing nature, there is a lot we can learn from recent APT trends to predict what might lie ahead in the coming year. Continue reading Advanced threat predictions for 2022→

TrickBot Returns with a Vengeance, Sporting Rare Bootkit Functions

Posted on December 3, 2020 by Tara Seals

A new “TrickBoot” module scans for vulnerable firmware and has the ability to read, write and erase it on devices. Continue reading TrickBot Returns with a Vengeance, Sporting Rare Bootkit Functions→