Collaborate Disseminate
W^X is a critical security feature, allowing us a chance to perform security analysis on data that some entity on a computer wants to execute.
Windows implements this by requiring a process to call VirtualProtect. Because UEFI rootkits are… Continue reading Is W^X enforced against UEFI DXE drivers (firmware)? Could it be if we tried?
Let’s take a very simple defense goal. I’m a UEFI DXE Driver and my only goal is to prevent a 100GB file located at C:\sacred
from being deleted or overwritten by the system under any circumnstances. My opponent (also a UEFI DXE Driver, so… Continue reading If two UEFI rootkits battle to perform / prevent an action, what determines which side can succeed? [closed]
I was reading a few articles online about how some firmware can be altered into malware and essentially infect a hardware equipment for its entire life time.
Like almost all SSDs in the industry specially the ones intended for desktop use … Continue reading What are the dangers of a firmware malware in 2021 and is it possible?
This is in extension to this question. My (Asus) computer is being compromised repeatedly for close to 2 years (that I know of) now. I have taken several precautions (all listed in the question i have linked to above, to no avail. I am thi… Continue reading How Do I protect my system from a BIOS (UEFI) hack?
A new “TrickBoot” module scans for vulnerable firmware and has the ability to read, write and erase it on devices. Continue reading TrickBot Returns with a Vengeance, Sporting Rare Bootkit Functions
We track the ongoing activities of more than 900 advanced threat actors. Here we try to focus on what we consider to be the most interesting trends and developments of the last 12 months. Continue reading APT annual review: What the world’s threat actors got up to in 2020
What are some possible common vulnerabilities related to a Windows 10 workstation running BitLocker on which is possible to enter the UEFI (bios) interface without having to provide a password?
Continue reading Workstation security analysis scenario [closed]
The following question belongs more to the HP forums but unfortunately I am not gaining any traction there. Please move the question to another SE if its off topic for this community.
Recently I’ve started receiving the following BIOS inte… Continue reading Investigating HP sure start triggering security warnings
By Sudais Asif
This UEFI based malware is the second of its kind ever known publicly.
This is a post from HackRead.com Read the original post: UEFI malware named MosaicRegressor found on Diplomat computers
Continue reading UEFI malware named MosaicRegressor found on Diplomat computers
Researchers say they’ve found on the second known example of UEFI malware. They’re calling it MosaicRegressor.
The post MosaicRegressor: ‘Chinese’ UEFI Bootkit Snoops on North Korean Foes appeared first on Security Boulevard.
Continue reading MosaicRegressor: ‘Chinese’ UEFI Bootkit Snoops on North Korean Foes