Rene RobichaudOct 14, 2025

Plus de 200 000 ordinateurs Framework vulnérables : une porte d’entrée pour les bootkits
https://www.it-connect.fr/plus-de-200-000-ordinateurs-framework-vulnerables-une-porte-dentree-pour-les-bootkits/

#Infosec #Security #Cybersecurity #CeptBiro #OrdinateursFramework #Vulnerables #Bootkits

Les machines Framework sous Linux vulnérables : attention aux bootkits

Plus de 200 000 machines Framework sous Linux ont été livrées avec un UEFI vulnérable qui met en péril le Secure Boot : les bootkits peuvent en profiter.

IT-Connect
Rene RobichaudJan 17, 2025

Sécurité UEFI : une vulnérabilité permet de contourner le Secure Boot et de déployer des bootkits
https://www.it-connect.fr/faille-uefi-vulnerabilite-contourner-secure-boot-deployer-bootkits-cve-2024-7344/

#Infosec #Security #Cybersecurity #CeptBiro #SecuriteUEFI #Vulnerabilite #SecureBoot #Bootkits

Les bootkits peuvent contourner le Secure Boot avec cette faille !

Une vulnérabilité permettant de contourner la protection UEFI Secure Boot des machines a été découverte : CVE-2024-7344. Voici ce que vous devez savoir.

IT-Connect
WinbuzzerNov 29, 2024

Researchers have identified “Bootkitty,” the first known UEFI bootkit developed to target Linux systems. #cybersecurity #linux #bootkitty #ESET #malware #bootkits

https://buff.ly/4eTjEHi

PrivacyDigestFeb 9, 2024
Critical #vulnerability affecting most #Linux distros allows for #bootkits https://arstechnica.com/?p=2001542
Critical vulnerability affecting most Linux distros allows for bootkits

Buffer overflow in bootloader shim allows attackers to run code each time devices boot up.

Ars Technica
PrivacyDigestFeb 9, 2024

Critical #Vulnerability Affecting Most #Linux Distros Allows For #Bootkits - Slashdot
#security

https://linux.slashdot.org/story/24/02/07/1749248/critical-vulnerability-affecting-most-linux-distros-allows-for-bootkits?utm_source=rss1.0mainlinkanon&utm_medium=feed

Critical Vulnerability Affecting Most Linux Distros Allows For Bootkits - Slashdot

Linux developers are in the process of patching a high-severity vulnerability that, in certain cases, allows the installation of malware that runs at the firmware level, giving infections access to the deepest parts of a device where they're hard to detect or remove. ArsTechnica: The vulnerability r...

Porquerias | 1312 🏴🌵Dec 6, 2023

The #LogoFail #UEFI #exploit is a perfect example of how capitalism fucks everything up. So many people worked so hard on securing UEFI against #bootkits but having a goddamn image load was necessary for capitalist "intellectual property" to be enforced, thus opening this vulnerability for literally every Windows and Linux system with a hardware manufacturer logo loading in boot, which is most of them. https://arstechnica.com/security/2023/12/just-about-every-windows-and-linux-device-vulnerable-to-new-logofail-firmware-attack/

This isn't a security fail, it's a #capitalism fail, because the social/legal regime of #intellectualproperty is actually unnecessary and oppressive, and in this case prevented people from designing secure systems.

Just about every Windows and Linux device vulnerable to new LogoFAIL firmware attack

UEFIs booting Windows and Linux devices can be hacked by malicious logo images.

Ars Technica
Dennis "D.C." DietrichDec 3, 2023
"Multiple security #vulnerabilities collectively named #LogoFAIL affect image-parsing components in the #UEFI code from various vendors. Researchers warn that they could be exploited to hijack the execution flow of the booting process and to deliver #bootkits." #CyberSecurity #firmware
https://www.bleepingcomputer.com/news/security/logofail-attack-can-install-uefi-bootkits-through-bootup-logos/
LogoFAIL attack can install UEFI bootkits through bootup logos

Multiple security vulnerabilities collectively named LogoFAIL affect image-parsing components in the UEFI code from various vendors. Researchers warn that they could be exploited to hijack the execution flow of the booting process and to deliver bootkits.

BleepingComputer
LSDMJun 1, 2023

Des millions de PC équipés d’une carte mère Gigabyte sont vulnérables à cause d’une backdoor

#gigabyte #PC #backdoors #firmware #backdoor #rootkits #bootkits #BIOS #UEFI

https://lsdm.live/modules/news/article.php?storyid=4069

PrivacyDigestMar 7, 2023

Stealthy #UEFI #malware bypassing #SecureBoot enabled by unpatchable #Windows flaw | Ars Technica

#BlackLotus represents a major milestone in the continuing evolution of UEFI #bootkits.

https://arstechnica.com/information-technology/2023/03/unkillable-uefi-malware-bypassing-secure-boot-enabled-by-unpatchable-windows-flaw/

Stealthy UEFI malware bypassing Secure Boot enabled by unpatchable Windows flaw

BlackLotus represents a major milestone in the continuing evolution of UEFI bootkits.

Ars Technica
Teddy / Domingo (🇨🇵/🇬🇧)Oct 13, 2021
New #UEFI #Bootkit Performs #Espionage. Lately, various #UEFI #firmware #vulnerabilities have enabled attackers to disable #SecureBoot. Because of these #vulnerabilities, most of the legacy systems are at greater risk from #bootkits such as #ESPecter.
https://cyware.com/news/new-uefi-bootkit-performs-espionage-f2c3d154/?&web_view=true
#security
New UEFI Bootkit Performs Espionage | Cyware Hacker News

A new ESPecter bootkit was uncovered that performs cyberespionage and compromises system partitions. It may have Chinese links, suggest experts. Read more!