TrickBot, one of the most active botnets, in the world, gets a new improvement by adding a UEFI/BIOS Bootkit Feature. The infamous TrickBot gets a new improvement, authors added a new feature dubbed “TrickBoot” designed to exploit well-known vulnerabilities in the UEFI/BIOS firmware and inject malicious code, such as bootkits. The TrickBoot functionality was documented […]
The researcher Dmytro Oleksiuk published details of ThinkPwn flaw, a UEFI zero-day that could be exploited by hackers to disable security features. Once again the IT giant Lenovo is in the headlines, some products of the company and some others from other PC vendors, are affected by a UEFI vulnerability, dubbed ThinkPwn, that can be exploited […]
VirusTotal presented a new malware scanning engine that allows users to analyze their firmware images searching for malicious codes. VirusTotal has recently announced the launch of a new malware scanning service for firmware images. The intent is to allow users to identify malicious firmware images. Threat actors could exploit vulnerabilities in firmware to hack systems […]
Security Experts discovered a new attack method to defeat Secure Boot security mechanism of the UEFI (Unified Extensible Firmware Interface). The Secure Boot security mechanism of the UEFI (Unified Extensible Firmware Interface) can be circumvented on around half of PCs that use it, security researcher Corey Kallenberg from nonprofit research organization Mitre has demonstrated it at […]
Kaspersky confirms hidden threat in BIOSes PC and warns that Absolute Computrace Anti-Theft agent can be remotely hijacked.Absolute Software refuses claims. After the case raised by Kaspersky team on the Computrace agent I tried to contact Absolute software received the following official reply on the results of the investigation. Background On Wednesday, February 12th, Kaspersky Lab […]
Experts at Kaspersky confirm hidden threat in BIOSes of Popular Laptops and warns that Absolute Computrace Anti-Theft agent can be remotely hijacked Researchers at Kaspersky Lab have demonstrated that a feature in the legitimate software produced by Absolute Software firm can be abused to turn a defensive utility into a powerful utility for cyberattack. Kaspersky Labâs security […]