Bleeping Computer

PKfail Secure Boot bypass lets attackers install UEFI malware

Hundreds of UEFI products from 10 vendors are susceptible to compromise due to a critical firmware supply-chain issue known as PKfail, which allows attackers to bypass Secure Boot and install malware.
Dark Reading

Exclusive: CISA Sounds the Alarm on UEFI Security

Against the backdrop of the debacle that mitigating the BlackLotus bootkit has become, the Cybersecurity and Infrastructure Security Agency (CISA) is calling for revamped security for Unified ...
WeLiveSecurity

Introducing HybridPetya: Petya/NotPetya copycat with UEFI Secure Boot bypass

ESET Research has discovered HybridPetya, on the VirusTotal sample sharing platform. It is a copycat of the infamous Petya/NotPetya malware, adding the capability of compromising UEFI-based systems ...
WeLiveSecurity

Under the cloak of UEFI Secure Boot: Introducing CVE-2024-7344

ESET researchers have discovered a vulnerability that allows bypassing UEFI Secure Boot, affecting the majority of UEFI-based systems. This vulnerability, assigned CVE-2024-7344, was found in a UEFI ...
Ars Technica

Stealthy UEFI malware bypassing Secure Boot enabled by unpatchable Windows flaw

Researchers on Wednesday announced a major cybersecurity find—the world’s first-known instance of real-world malware that can hijack a computer’s boot process even when Secure Boot and other advanced ...
ExtremeTech

Security Researchers Find UEFI Secure Boot Bypass Vulnerability

A recently patched security vulnerability in Unified Extensible Firmware Interface (UEFI) systems could allow attackers to bypass Secure Boot protections and compromise system safety during the boot ...

New UEFI Secure Boot flaw exposes systems to bootkits

ESET finds bug in a UEFI application allowing malicious actors to bypass UEFI Secure Boot The move grants criminals the ...
Dark Reading

'HybridPetya' Ransomware Bypasses Secure Boot

Researchers have discovered a new malware strain that combines the destructive capabilities of NotPetya, the recoverable encryption functionality of Petya ransomware, and the ability to bypass Secure ...
Threat Post

ESPecter Bootkit Malware Haunts Victims with Persistent Espionage

The rare UEFI bootkit drops a fully featured backdoor on PCs and gains the ultimate persistence by modifying the Windows Boot Manager. A rare Windows UEFI bootkit malware has been discovered, offering ...
TechSpot

BlackLotus UEFI bootkit can defeat Secure Boot protection

Why it matters: Discovered in October 2022, BlackLotus is a powerful UEFI-compatible bootkit sold on underground marketplaces at $5,000 per license. The malware provides impressive capabilities, and a ...
TWCN Tech News

Event ID 1798: The Secure Boot DBX update failed to revoke Microsoft Windows Production PCA 2011

Event ID 1798 occurs when an attempt is made to add the Microsoft Windows Production PCA 2011 certificate; this is an old and less secure certificate compared to UEFI CA 2023. In this post, we will ...