Thunderstrike hack

Pierluigi Paganini September 30, 2017
Millions of Macs open to EFI Firmware Hacks even if they are up-to-date

A group of researchers with Duo Security demonstrated that millions of Up-to-Date Apple Macs are vulnerable to EFI Firmware attacks. In 2015, the security researcher Trammell Hudson demonstrated at the Chaos Computer Congress in Hamburg, how it is possible to infect Apple Mac PCs exploiting the Thunderbolt port. Since the disclosure of the attack against the Apple […]

Pierluigi Paganini June 01, 2015
Mac zero-day makes rootkit infection very easy

A security researcher discovered a zero-day vulnerability in many Mac firmware that could allow an easy installation of an EFI rootkits. The cyber security expert Pedro Vilaça has discovered a low-level zero-day vulnerability in Apple Mac systems that could be exploited by privileged users to more install an EFI rootkits. Vilaça explained that the attack is […]

Pierluigi Paganini January 07, 2015
CERT CC warns about critical flaws in UEFI implementations

The Carnegie Mellon University CERT/CC warned about the presence of serious vulnerabilities in the Unified Extensible Firmware Interface (UEFI). The CERT/CC has issued three different advisories for security flaws identified in the Unified Extensible Firmware Interface (UEFI). The Unified Extensible Firmware Interface (UEFI) (pronounced as an initialism U-E-F-I or like “unify” without the n) is a specification that defines a software interface between an operating […]

Pierluigi Paganini January 05, 2015
Thunderstrike hack – Infecting Apple Mac with EFI Bootkit

A security researcher has presented a technique dubbed Thunderstrike hack to infect Apple’s Mac PCs with with EFI Bootkit through the Thunderbolt port. Infect Apple Mac PCs exploiting the Thunderbolt port is possible, the security researcher Trammell Hudson has demonstrated how it is possible during  the last edition of the annual Chaos Computer Congress in Hamburg, Germany. The […]