⚡ Weekly Recap: Bootkit Malware, AI-Powered Attacks, Supply Chain Breaches, Zero-Days & More

In a world where threats are persistent, the modern CISO's real job isn't just to secure technology—it's to preserve institutional trust and ensure business continuity. This week, we saw a clear pattern: adversaries are targeting the complex relationships that hold businesses together, from suppl...

New UEFI Secure Boot Vulnerability Could Allow Attackers to Load Malicious Bootkits

Details have emerged about a now-patched security vulnerability that could allow a bypass of the Secure Boot mechanism in Unified Extensible Firmware Interface UEFI systems. The vulnerability, assigned the CVE identifier CVE-2024-7344 CVSS score: 6.7, resides in a UEFI application signed by...

PT-2025-1110

Name of the Vulnerable Software and Affected Versions Howyar UEFI Application "Reloader" 32-bit and 64-bit versions prior to January 2025 Description A vulnerability exists in the Howyar UEFI Application "Reloader" that allows for the execution of unsigned software in a hardcoded path. This flaw,...

PT-2024-27186

Name of the Vulnerable Software and Affected Versions Micro-Star International Z-series motherboards versions Z590, Z490, and Z790 Micro-Star International B-series motherboards versions B760, B560, B660, and B460 Micro-Star International motherboards with firmware 7D25v14, 7D25v17 through 7D25v1...

Critical Firmware Vulnerability in Gigabyte Systems Exposes ~7 Million Devices

Cybersecurity researchers have found "backdoor-like behavior" within Gigabyte systems, which they say enables the UEFI firmware of the devices to drop a Windows executable and retrieve updates in an unsecure format. Firmware security firm Eclypsium said it first detected the anomaly in April 2023...

Security Advisory - Buffer Overflow Vulnerability BootHole in GRUB2 Secure Boot

Eclypsium researchers have discovered a vulnerability named“BootHole”in the GRUB2 bootloader. There is a buffer overflow vulnerability that can be used to gain arbitrary code execution during the boot process, even when Secure Boot is enabled. Attackers exploiting this vulnerability can install...

Chinese Researchers Disrupt Malware Attack That Infected Thousands of PCs

Chinese security firm Qihoo 360 Netlab said it partnered with tech giant Baidu to disrupt a malware botnet infecting over hundreds of thousands of systems. The botnet was traced back to a group it calls ShuangQiang also called Double Gun, which has been behind several attacks since 2017 aimed at...

Announcing the Fifth Annual Flare-On Challenge

The FireEye Labs Advanced Reverse Engineering FLARE team’s annual reverse engineering challenge will start at 8:00 p.m. ET on Aug. 24, 2018. This is a CTF-style challenge for all active and aspiring reverse engineers, malware analysts, and security professionals. So dust off your disassembler, pu...

BIOS Boots What? Finding Evil in Boot Code at Scale!

Malware continues to take advantage of a legacy component of modern systems designed in the 1980s. Despite the cyber threat landscape continuing to evolve at an ever-increasing pace, the exploitation of the classic BIOS boot process is still very much a threat to enterprises around the world...

BIOS Boots What? Finding Evil in Boot Code at Scale! | Trellix

ARCHIVED STORY BIOS Boots What? Finding Evil in Boot Code at Scale! By Ryan Fisher, Andrew Davis · August 08, 2018 Malware continues to take advantage of a legacy component of modern systems designed in the 1980s. Despite the cyber threat landscape continuing to evolve at an ever-increasing pace,...

Gap Widens Between Attackers, BIOS Forensics, Research

Vendors have made important strides in locking down operating systems, patching memory-related vulnerabilities and other bugs that could lead to remote code execution or give hackers a stealthy presence on a machine. As the hurdles get higher for the bad guys, the better ones will certainly look...

NO BOOT FOR YOU ! Will Windows 8 Kill Live CDs and USBs?

In January 2012, Microsoft confirmed to PC manufacturers that they must enable Secure Boot by default on PCs to be "Certified for Windows 8". The purpose of Secure Boot is to put an end to computer viruses that sneak between the hardware and the operating system. These viruses, also known as...

Microsoft Defends Secure Boot in Windows 8

Microsoft officials are seeking to assuage concerns that its implementation of UEFI in Windows 8 will prevent users from loading non-Microsoft operating systems or applications on their machines. Despite concerns raised by security researchers and open-source advocates about vendor lock-in and...

Insecure Magazine : Issue 28 available for Download !

Insecure Magazine : Issue 28 available for Download ! Database protocol exploits explained Review: MXI M700 Bio Measuring web application security coverage Inside backup and storage: The expert's view Combating the changing nature of online fraud Successful data security programs encompass...