UEFI
PKfail: 800+ Major PC Models have Insecure ‘Secure Boot’
Big BIOS bother: Hundreds of PC models from vendors such as HP, Lenovo, Dell, Intel, Acer and Gigabyte shipped with useless boot protection—using private keys that aren’t private ...
Linux Vendors Squawk: PATCH NOW — CVSS 9.8 Bootkit Bug in shim.efi
Snow joke: A Microsoft researcher found it—and it’s somehow Microsoft’s fault ...
Microsoft FAIL: ‘BlackLotus’ Bootkit Breaks Secure Boot
The BlackLotus malware targets UEFI Secure Boot. For a mere $5000, you too can own it ...
LEAKED: Intel’s BIOS Source Code — All 6GB of It
Source code for the Intel Alder Lake processor EUFI BIOS has gone walkies. 4chan is said to be involved ...
MosaicRegressor: ‘Chinese’ UEFI Bootkit Snoops on North Korean Foes
Researchers say they’ve found on the second known example of UEFI malware. They’re calling it MosaicRegressor ...
Screwed Drivers: Windows Third-Party Device Code is Huge Mess
Many Windows drivers permit malware to access anything, subverting controls that separate user space from the kernel ...
Emergency Patch for Zero-Day Vulnerability in Internet Explorer
Microsoft has released an unscheduled patch for a remote code execution vulnerability in Internet Explorer that is actively exploited by attackers. Microsoft releases security updates on the second Tuesday of every month—known ...
Intel Investigating Reboots Caused by CPU Firmware Patches
The CPU crisis continues. After Windows and Ubuntu patches for the Meltdown and Spectre flaws caused problems for some users, Intel is now investigating reports that its CPU firmware updates are triggering ...
Sowbug Cyberespionage Group Hits South America, South Asia
Security researchers have identified a cyberespionage group that has been stealing data from policy and diplomatic organizations in South America and South Asia since at least 2015. “While cyberespionage attacks are often ...