Chinese Hackers Spotted Using New UEFI Firmware Implant in Targeted Attacks

A previously undocumented firmware implant deployed to maintain stealthy persistence as part of a targeted espionage campaign has been linked to the Chinese-speaking Winnti advanced persistent threat group APT41. Kaspersky, which codenamed the rootkit MoonBounce, characterized the malware as the...

Researchers Discover UEFI Bootkit Targeting Windows Computers Since 2012

Cybersecurity researchers on Tuesday revealed details of a previously undocumented UEFI Unified Extensible Firmware Interface bootkit that has been put to use by threat actors to backdoor Windows systems as early as 2012 by modifying a legitimate Windows Boot Manager binary to achieve persistence...

TrickBot Returns with a Vengeance, Sporting Rare Bootkit Functions

The TrickBot malware has morphed once again, this time implementing functionality designed to inspect the UEFI/BIOS firmware of targeted systems. It marks a serious resurgence following an October takedown of the malware’s infrastructure by Microsoft and others. The Windows Unified Extensible...

The vulnerability of UEFI (BIOS) software in desktop computers, personal computers, and payment devices manufactured by Hewlett-Packard Development Company L.P. is related to code errors that allow attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of UEFI BIOS software in desktop computers, personal computers, and payment devices manufactured by Hewlett-Packard Development Company L.P. is related to code errors. Exploiting this vulnerability can allow attackers to compromise the confidentiality, integrity, and accessibili...

First-Ever UEFI Rootkit Tied to Sednit APT

LEIPZIG, GERMANY – Researchers hunting cyber-espionage group Sednit an APT also known as Sofacy, Fancy Bear and APT28 say they have discovered the first-ever instance of a rootkit targeting the Windows Unified Extensible Firmware Interface UEFI in successful attacks. The discussion of Sednit was...

HPSBHF03595 rev. 6 - LoJax UEFI Rootkit

Potential Security Impact Elevation of Privilege, Information Disclosure, Loss of Confidentiality, Loss of Integrity. Source: HP, HP Product Security Response Team PSRT Reported by: ESET Research VULNERABILITY SUMMARY HP has identified a potential security vulnerability with a UEFI rootkit LoJax...

Cybersecurity Researchers Spotted First-Ever UEFI Rootkit in the Wild

Cybersecurity researchers at ESET have unveiled what they claim to be the first-ever UEFI rootkit being used in the wild, allowing hackers to implant persistent malware on the targeted computers that could survive a complete hard-drive wipe. Dubbed LoJax , the UEFI rootkit is part of a malware...

Cybersecurity Researchers Spotted First-Ever UEFI Rootkit in the Wild

Cybersecurity researchers at ESET have unveiled what they claim to be the first-ever UEFI rootkit being used in the wild, allowing hackers to implant persistent malware on the targeted computers that could survive a complete hard-drive wipe. Dubbed LoJax, the UEFI rootkit is part of a malware...