Daniel ThomasJan 14
Fun new bug today, my work laptop didn't reboot successfully post grub, failed with error: shim_lock protocol not found
error: you need to load the kernel first.
Press any key to continue..._
Current hypothesis is that the key used to sign grub has expired and a firmware update is required. Workaround was disabling grub (I don't have root on that laptop so can't do my own debugging). #UEFISecureBoot
The DefendOps DiariesSep 12, 2025

HybridPetya isn’t your typical ransomware—it can hijack your computer right from boot, bypassing key security features. Could your system be more vulnerable than you think? Discover how this game-changing threat works.

https://thedefendopsdiaries.com/understanding-hybridpetya-a-new-era-of-ransomware/

#hybridpetya
#ransomware
#uefisecureboot
#cybersecurity
#infosec

Marcel SIneM(S)USJul 29, 2024

«Ein unsicherer PK im UEFI-BIOS stellt also bei den meisten Computern kein besonders schwerwiegendes Risiko dar. Das kann sich aber ändern, wenn Angriffe auftauchen, die unsichere PKs gezielt ausnutzen.»

#UEFISecureBoot: Hunderte Computer haben unsichere Kryptoschlüssel | Security https://www.heise.de/news/UEFI-Secure-Boot-Hunderte-Computer-haben-unsichere-Kryptoschluessel-9814730.html #UEFI #BIOS

UEFI Secure Boot: Hunderte Computer haben unsichere Kryptoschlüssel

Sicherheitsexperten fanden mehr als 900 Rechner mit UEFI-Firmwares, die jeweils einen unsicheren Platform Key (PK) enthalten. Das unterminiert Secure Boot.

heise online
3mdebJul 10, 2024

Our Zarhus Team at 3mdeb excels in integrating UEFI Secure Boot into embedded systems using Yocto. Learn how to enable UEFI Secure Boot on MPL PIP4x platforms, ensuring automated file signing and verification for enhanced security. Discover more about our process and the benefits of using our Yocto-based Zarhus distribution.

https://blog.3mdeb.com/2024/2024-04-18-uefi-sb-implementation-mpl/

#UEFISecureBoot #Yocto #EmbeddedSystems #3mdeb #Zarhus #OpenSource #FirmwareSecurity

Thoughts dereferenced from the scratchpad noise. | Implementing UEFI Secure Boot on MPL PIP4x

3mdebJul 5, 2024

The Zarhus Team, part of 3mdeb, now offers complete integration of UEFI Secure Boot into your Yocto code base. This includes automated provisioning to enroll necessary secrets, write keys to BIOS NVRAM, enable kernel lockdown, and secure BIOS access with a password. This automation runs at the platform's first boot, leveraging meta-secure-core layer functionality, ensuring a seamless setup.

For more details, check out our shop: https://shop.3mdeb.com/shop/services/automated-device-provisioning-for-uefi-secure-boot/

#UEFISecureBoot #OpenSource #Zarhus

Automated device provisioning for UEFI Secure Boot – 3mdeb Sp. z o.o.

Tarnkappe.infoMay 7, 2023
📬 Nach MSI-Hack: Private Schlüssel erlauben Firmware-Manipulation
#Cyberangriffe #ITSicherheit #Binarly #IntelBootGuard #lenovo #MatthewGreen #MoneyMessage #MSIHack #RansomwareAngriff #Supermicro #UEFISecureBoot https://tarnkappe.info/artikel/it-sicherheit/nach-msi-hack-private-schluessel-erlauben-firmware-manipulation-274210.html
Nach MSI-Hack: Private Schlüssel erlauben Firmware-Manipulation

Neben jenen von MSI bringen die von den Hackern geleakten privaten Schlüssel auch Produkte anderer Hardware-Hersteller in Gefahr.

Tarnkappe.info
Sascha Siekmann Mar 1, 2023
It's official: BlackLotus malware can bypass secure boot • The Register https://www.theregister.com/2023/03/01/blacklotus_malware_eset/ #cybersecurity #uefisecureboot #uefi #badDay
Tarnkappe.infoJan 17, 2023
📬 UEFI Secure Boot: 290 MSI-Mainboards per Default angreifbar
#Softwareentwicklung #DawidPotocki #Firmware7C02v3C #ImageExecutionPolicy #MSIMainboard #MSIMotherboard #UEFISecureBoot #UEFIFirmware https://tarnkappe.info/artikel/softwareentwicklung/uefi-secure-boot-290-msi-mainboards-per-default-angreifbar-263262.html
UEFI Secure Boot: 290 MSI-Mainboards per Default angreifbar

Wer ein MSI-Mainboard besitzt, sollte besser seine UEFI Secure Boot-Einstellungen prüfen. Denn die Standard-Settings sind unsicher.

Tarnkappe.info
GourdDec 14, 2022

#uefi #uefisecureboot For once I tried to be a good user and left secure boot on when installing Xubuntu 22.04 on a system yesterday and uh, was promptly greeted on reboot with a UEFI firmware screen looking like it was written for an 80's PC in text mode with the options 'Enroll RPK" "Enroll RPK from Disk" and "Cancel".

the hell's an RPK
which you do you even pick for a new OS

The answer turned out to be Enroll RPK, but there's such a vendor lock-in aura from how obtuse the entire thing is.

Tarnkappe.infoNov 10, 2022
📬 Lenovo Notebooks angreifbar: UEFI-Treiber öffnet Malware die Tür
#Hacking #Softwareentwicklung #IdeaPad #LenovoYoga #NikolajSchlej #NVRAM #ThinkBook #UEFISecureBoot #UEFIFirmware https://tarnkappe.info/artikel/hacking/lenovo-notebooks-angreifbar-uefi-treiber-oeffnet-malware-die-tuer-259028.html
Lenovo Notebooks angreifbar: UEFI-Treiber öffnet Malware die Tür

Egal ob ThinkBook, IdeaPad oder Yoga - viele Lenovo-Notebooks erlauben durch fehlerhafte Treiber die Installation einer hartnäckigen Malware.

Tarnkappe.info