UEFI

Pierluigi Paganini September 16, 2020
NSA publishes guidance on UEFI Secure Boot customization

The US National Security Agency (NSA) published guidance on the Unified Extensible Firmware Interface (UEFI) Secure Boot customization. The United States National Security Agency (NSA) has published guidance on how the Unified Extensible Firmware Interface (UEFI) Secure Boot feature that can be customized organizations. The Unified Extensible Firmware Interface (UEFI) is a specification that defines […]

Pierluigi Paganini June 22, 2020
AMD is going to patch UEFI SMM callout privilege escalation flaw

AMD is going to release patches for a flaw affecting the System Management Mode (SMM) of the Unified Extensible Firmware Interface (UEFI). AMD recently announced that it was preparing patches for an SMM Callout Privilege Escalation vulnerability, tracked as CVE-2020-12890, that affects the System Management Mode (SMM) of the Unified Extensible Firmware Interface (UEFI). The vulnerability […]

Pierluigi Paganini September 27, 2018
Russian Sednit APT used the first UEFI rootkit of ever in attacks in the wild

Security experts from ESET have spotted the first UEFI rootkit of ever, the code tracked as LoJax was used in attacks in the wild. Security researchers from ESET have discovered a new piece of a sophisticated malware used by the Russia-linked Sednit group (aka Fancy Bear, APT28, Pawn Storm, Sofacy Group, and STRONTIUM) in targeted attacks aimed at government entities in the Balkans as […]

Pierluigi Paganini April 04, 2017
UEFI Vulnerabilities allow to fully compromise Gigabyte Mini PCs

Experts at Cylance disclosed two UEFI flaws that can be exploited by attackers to install a backdoor on some Gigabyte BRIX mini PCs. Experts at security firm Cylance have disclosed two UEFI vulnerabilities that can be exploited by attackers to install a backdoor on some Gigabyte BRIX mini PCs. The experts tested the latest firmware […]

Pierluigi Paganini March 13, 2017
CHIPSEC, Intel Security releases detection tool also for CIA EFI rootkits

After CIA leak, Intel Security releases CHIPSEC, a detection tool for EFI rootkits that detect rogue binaries inside the computer firmware. A few days ago, WikiLeaks announced it is working with software makers to fix the zero-day flaws in Vault7 dump that impacted their products and services. The organization is sharing information on the hacking tools […]

Pierluigi Paganini August 11, 2016
Backdoor keys allow attackers to the bypass UEFI Secure Boot

Once again Microsoft failed in fixing a severe Secure Boot vulnerability that can be exploited to install rootkits on Windows devices. Microsoft has accidentally leaked the Secret keys to Bypass UEFI Secure Boot. The Secure Boot is a UEFI (Unified Extensible Firmware Interface) feature that should prevent the execution of unauthorized code during the boot process. The […]

Pierluigi Paganini July 04, 2016
ThinkPwn UEFI Zero-Day flaw allows hackers to disable security features

The researcher Dmytro Oleksiuk published details of ThinkPwn flaw, a UEFI zero-day that could be exploited by hackers to disable security features. Once again the IT giant Lenovo is in the headlines, some products of the company and some others from other PC vendors, are affected by a UEFI vulnerability, dubbed ThinkPwn, that can be exploited […]

Pierluigi Paganini January 31, 2016
Now VirusTotal can scan your firmware image for bad executables

VirusTotal presented a new malware scanning engine that allows users to analyze their firmware images searching for malicious codes. VirusTotal has recently announced the launch of a new malware scanning service for firmware images. The intent is to allow users to identify malicious firmware images. Threat actors could exploit vulnerabilities in firmware to hack systems […]

Pierluigi Paganini January 07, 2015
CERT CC warns about critical flaws in UEFI implementations

The Carnegie Mellon University CERT/CC warned about the presence of serious vulnerabilities in the Unified Extensible Firmware Interface (UEFI). The CERT/CC has issued three different advisories for security flaws identified in the Unified Extensible Firmware Interface (UEFI). The Unified Extensible Firmware Interface (UEFI) (pronounced as an initialism U-E-F-I or like “unify” without the n) is a specification that defines a software interface between an operating […]

Pierluigi Paganini June 02, 2014
A new way to bypass Secure Boot security mechanism of UEFI

Security Experts discovered a new attack method to defeat Secure Boot security mechanism of the UEFI (Unified Extensible Firmware Interface). The Secure Boot security mechanism of the UEFI (Unified Extensible Firmware Interface) can be circumvented on around half of PCs that use it, security researcher Corey Kallenberg from nonprofit research organization Mitre has demonstrated it at […]