22 July 2022

UEFI

MoonBounce Malware Hides In Your BIOS Chip, Persists After Drive Formats MoonBounce Malware
4 min read

MoonBounce Malware Hides In Your BIOS Chip, Persists After Drive Formats

RiSec.n0tst3 3 March 2022
A new type of malware takes a decidedly more stealthy and hard-to-remove path into your OS — it hides in your BIOS chip and thus remains even after you reinstall your OS or format your hard drive. Kaspersky has observed the growth of Unified Extensible Firmware Interface (UEFI) firmware malware threats since 2019, with most storing malware on the EFI System Partition of the PC’s storage device. However, a sinister development had earlier been spotted with a new UEFI malware, detected by Kasperksy’s firmware scanner logs, that implants malicious code into...
Continue Reading
U.S. Gov Issues Stark Warning, Calling Firmware Security a ‘Single Point of Failure’ U.S. Gov Issues Stark Warning
4 min read

U.S. Gov Issues Stark Warning, Calling Firmware Security a ‘Single Point of Failure’

RiSec.n0tst3 3 March 2022
U.S. government warns that firmware presents “a large and ever-expanding attack surface.” The U.S. government, at the very highest levels, is calling attention to major weaknesses in the firmware supply chain, warning that the layer below the operating system is fertile ground for devastating hacker attacks. A new joint draft report issued by leadership of the U.S. Department of Homeland Security (DHS) and Department of Commerce said firmware presented “a large and ever-expanding attack surface” for malicious hackers to subvert the core of modern computing. “Securing the firmware layer is often...
Continue Reading

You may have missed

OctoBot WebInterface – Remote Code Execution (RCE) – 0.4.3 Vulnerability
5 min read

OctoBot WebInterface – Remote Code Execution (RCE) – 0.4.3

21 July 2022
Dangerous ‘Lightning Framework’ Linux malware installs rootkits, backdoors Dangerous ‘Lightning Framework’ Linux malware installs rootkits, backdoors
3 min read

Dangerous ‘Lightning Framework’ Linux malware installs rootkits, backdoors

21 July 2022
Atlassian Patches critical Confluence hardcoded credentials flaw Atlassian
3 min read

Atlassian Patches critical Confluence hardcoded credentials flaw

21 July 2022
Microsoft Teams outage also affected Microsoft 365 services Microsoft
2 min read

Microsoft Teams outage also affected Microsoft 365 services

21 July 2022
en English
af Afrikaanssq Albanianam Amharicar Arabichy Armenianaz Azerbaijanieu Basquebe Belarusianbn Bengalibs Bosnianbg Bulgarianca Catalanceb Cebuanony Chichewazh-CN Chinese (Simplified)zh-TW Chinese (Traditional)co Corsicanhr Croatiancs Czechda Danishnl Dutchen Englisheo Esperantoet Estoniantl Filipinofi Finnishfr Frenchfy Frisiangl Galicianka Georgiande Germanel Greekgu Gujaratiht Haitian Creoleha Hausahaw Hawaiianiw Hebrewhi Hindihmn Hmonghu Hungarianis Icelandicig Igboid Indonesianga Irishit Italianja Japanesejw Javanesekn Kannadakk Kazakhkm Khmerko Koreanku Kurdish (Kurmanji)ky Kyrgyzlo Laola Latinlv Latvianlt Lithuanianlb Luxembourgishmk Macedonianmg Malagasyms Malayml Malayalammt Maltesemi Maorimr Marathimn Mongolianmy Myanmar (Burmese)ne Nepalino Norwegianps Pashtofa Persianpl Polishpt Portuguesepa Punjabiro Romanianru Russiansm Samoangd Scottish Gaelicsr Serbianst Sesothosn Shonasd Sindhisi Sinhalask Slovaksl Slovenianso Somalies Spanishsu Sudanesesw Swahilisv Swedishtg Tajikta Tamilte Teluguth Thaitr Turkishuk Ukrainianur Urduuz Uzbekvi Vietnamesecy Welshxh Xhosayi Yiddishyo Yorubazu Zulu