GIGAZINE

'PixieFail' UEFI firmware vulnerability allows attackers in the network to infect devices with malware, a big problem for clouds and data centers

A total of nine vulnerabilities were discovered in TianoCore EDK II, Intel's UEFI reference implementation. The series of vulnerabilities, collectively named ``PixieFail,'' are said to allow an ...
Bleeping Computer

BlackLotus bootkit bypasses UEFI Secure Boot on patched Windows 11

The developers of the BlackLotus UEFI bootkit have improved the malware with Secure Boot bypass capabilities that allow it to infect even fully patched Windows 11 systems. BlackLotus is the first ...
CSOonline

New exploits can bypass Secure Boot and modern UEFI security protections

Two research groups demonstrate PC firmware vulnerabilities that are difficult to mitigate and likely to be exploited in the wild. Two teams of researchers have revealed vulnerabilities this week in ...
Network World

Hacking Team’s malware uses UEFI rootkit to survive OS reinstalls

Surveillance software maker Hacking Team has provided its government customers with the ability to infect the low-level firmware found in laptops and other computers that they wanted to spy on. The ...