Lucene search
K

8 matches found

The Hacker News
The Hacker News
added 2022/01/21 11:40 a.m.21 views

Chinese Hackers Spotted Using New UEFI Firmware Implant in Targeted Attacks

A previously undocumented firmware implant deployed to maintain stealthy persistence as part of a targeted espionage campaign has been linked to the Chinese-speaking Winnti advanced persistent threat group APT41. Kaspersky, which codenamed the rootkit MoonBounce, characterized the malware as the...

1.2AI score
Exploits0
The Hacker News
The Hacker News
added 2021/10/05 4:58 p.m.69 views

Researchers Discover UEFI Bootkit Targeting Windows Computers Since 2012

Cybersecurity researchers on Tuesday revealed details of a previously undocumented UEFI Unified Extensible Firmware Interface bootkit that has been put to use by threat actors to backdoor Windows systems as early as 2012 by modifying a legitimate Windows Boot Manager binary to achieve persistence...

1.7AI score
Exploits0
ThreatPost
ThreatPost
added 2020/12/03 6:58 p.m.44 views

TrickBot Returns with a Vengeance, Sporting Rare Bootkit Functions

The TrickBot malware has morphed once again, this time implementing functionality designed to inspect the UEFI/BIOS firmware of targeted systems. It marks a serious resurgence following an October takedown of the malware’s infrastructure by Microsoft and others. The Windows Unified Extensible...

0.2AI score
Exploits0References12
ThreatPost
ThreatPost
added 2020/11/03 7:18 p.m.42 views

APT Groups Finding Success with Mix of Old and New Tools

Advanced persistent threat APT groups continue to use the fog of intense geopolitics to supercharge their campaigns, but beyond these themes, actors are developing individual signature tactics for success. That’s according to Kaspersky’s most recent APT trends report for Q3 2020, which found that...

7.1AI score
Exploits0References9
HackRead
HackRead
added 2020/10/06 6:23 p.m.36 views

UEFI malware named MosaicRegressor found on Diplomat computers

By Sudais Asif This UEFI based malware is the second of its kind ever known publicly. This is a post from HackRead.com Read the original post: UEFI malware named MosaicRegressor found on Diplomat computers...

2.9AI score
Exploits0
The Hacker News
The Hacker News
added 2020/10/06 8:33 a.m.5 views

New 'MosaicRegressor' UEFI Bootkit Malware Found Active in the Wild

Cybersecurity researchers have spotted a rare kind of potentially dangerous malware that targets a machine's booting process to drop persistent malware. The campaign involved the use of a compromised UEFI or Unified Extensible Firmware Interface containing a malicious implant, making it the secon...

6AI score
Exploits0
ThreatPost
ThreatPost
added 2020/10/05 5:12 p.m.89 views

Rare Bootkit Malware Targets North Korea-Linked Diplomats

A firmware bootkit has been spotted in the wild, targeting diplomats and members of non-governmental organizations NGOs from Africa, Asia and Europe. It has turned out to be part of a newly uncovered framework called MosaicRegressor. According to researchers from Kaspersky, code artifacts in some...

Exploits0References7
Securelist
Securelist
added 2020/10/05 10:0 a.m.18491 views

MosaicRegressor: Lurking in the Shadows of UEFI

Part II. Technical details PDF UEFI or Unified Extensible Firmware Interface has become a prominent technology that is embedded within designated chips on modern day computer systems. Replacing the legacy BIOS, it is typically used to facilitate the machines boot sequence and load the operating...

9.3CVSS8.1AI score0.93289EPSS
Exploits7
Rows per page
Query Builder