A vulnerability in trusted system recovery programs could allow privileged attackers to inject malware directly into the system startup process in Unified Extensible Firmware Interface (UEFI) devices.

I'm going to start this post by saying something that a lot of people will find surprising. There are a lot of things that I like about UEFI firmware and the UEFI boot process. I think it is an ...

The developers of the BlackLotus UEFI bootkit have improved the malware with Secure Boot bypass capabilities that allow it to infect even fully patched Windows 11 systems. BlackLotus is the first ...

As our reliance on technology grows, so does the need for robust security measures that protect systems from unauthorized access and malicious attacks. One critical area of focus is the system's boot ...

ESET researchers have analyzed a previously undocumented, real-world UEFI bootkit that persists on the EFI System Partition (ESP). The bootkit, which we’ve named ESPecter, can bypass Windows Driver ...

A vulnerability in the user of hard-coded Platform Keys (PK) within the UEFI framework, known as PKfail, has been discovered. This flaw allows attackers to bypass critical UEFI security mechanisms ...

Event ID 1799 is the event logged when a boot manager signed by the Windows UEFI CA 2023 certificate (the latest and most secure) runs on startup. This means all the security measures are in place, ...

The first UEFI bootkit specifically targeting Linux systems has been discovered, marking a shift in stealthy and hard-to-remove bootkit threats that previously focused on Windows. Named 'Bootkitty,' ...

Researchers have unpacked a major cybersecurity find—a malicious UEFI-based rootkit used in the wild since 2016 to ensure computers remained infected even if an operating system is reinstalled or a ...

For some time now I have gotten a slow but steady volume of requests that I write about UEFI firmware and EFI boot relative to installing and maintaining Linux. As a result of a casual comment I made ...