uefi – Page 4 – WindowsTechs.com

How can kon-boot run code in UEFI?

Posted on November 16, 2022 by BlackFlag

I’ve now googled a lot, but the only information I can find is ‘kon-boot hides its code in BIOS memory and changes kernel-code on the fly’…
As far as I understand, UEFI initializes devices and tries to load bootloaders into memory from M… Continue reading How can kon-boot run code in UEFI?→

Use old computer to run outward facing VPN server

Posted on November 6, 2022 by DevShark

I need to install a computer in a remote location, so that a specific unique user can remotely connect to it via Wireguard VPN. Performance requirements are very low, but security requirements are very high (needs to be very secure against… Continue reading Use old computer to run outward facing VPN server→

APT trends report Q2 2022

Posted on July 28, 2022 by GReAT

This is our latest summary of advanced persistent threat (APT) activity, focusing on events that we observed during Q2 2022. Continue reading APT trends report Q2 2022→

CosmicStrand: the discovery of a sophisticated UEFI firmware rootkit

Posted on July 25, 2022 by GReAT

In this report, we present a UEFI firmware rootkit that we called CosmicStrand and attribute to an unknown Chinese-speaking threat actor. Continue reading CosmicStrand: the discovery of a sophisticated UEFI firmware rootkit→

Trusted Platform Module

Posted on July 23, 2022 by TexasAggie1988

So firstly I do own my computer, completely, it is connected with my outlook for bitlocker keys, and I do have full access to my administrator accounts and workstation accounts.
After resetting my Surfacebook 2 and rebooting different flav… Continue reading Trusted Platform Module→

How hard is it to modify UEFI nvram if the device is off and the UEFI is locked?

Posted on July 22, 2022 by A-random-nerd

This assumes that:

Machine is powered off
No UEFI backdoors
No Reflashing the firmware
No clearing the NVRAM (The point is to modify/read a small amount of NVRAM, instead of resetting it)
Device requires password to POST (Enforced by BIOS… Continue reading How hard is it to modify UEFI nvram if the device is off and the UEFI is locked?→

Is it possible to allow only a certain secure USB boot media to boot an UEFI system?

Posted on July 1, 2022 by JohnnyFromBF

I want to restrict all USB boot media from my system, except for a certain USB boot drive that I declare secure via a certain key.
Is this possible using UEFI/Secure Boot/TPM? Maybe via TPM? TPM gets a private key and checks if public key … Continue reading Is it possible to allow only a certain secure USB boot media to boot an UEFI system?→

Recovering from entire UEFI being filled with authenticated variables

Posted on June 19, 2022 by Joseph Sible-Reinstate Monica

If all of the important variables in UEFI’s NVRAM are deleted, and it’s then filled up with variables with the EFI_VARIABLE_ENHANCED_AUTHENTICATED_ACCESS or EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS attributes, how can an administ… Continue reading Recovering from entire UEFI being filled with authenticated variables→

DOOM? In Your BIOS? More Likely Than You Think!

Posted on June 12, 2022 by Arsenijs Picugins

Screenshot of the EFI shell, showing doom.wad and doom.efi in 'ls' command output, and then doom.efi being loaded

We’ve seen hackers run DOOM on a variety of appliances, from desk phones to pregnancy tests. Now, the final frontier has been conquered – we got DOOM to run on …read more Continue reading DOOM? In Your BIOS? More Likely Than You Think!→

IT threat evolution Q1 2022

Posted on May 27, 2022 by David Emm

Kaspersky IT threat review in Q1 2022: activity of APTs such as MoonBounce, BlueNororff, Lazarus and Roaming Mantis, attacks against Ukraine, phishing kits, Okta hack and more. Continue reading IT threat evolution Q1 2022→