[HackerNews] Researchers Discover UEFI Bootkit Targeting Windows Computers Since 2012

Cybersecurity researchers on Tuesday revealed details of a previously undocumented UEFI (Unified Extensible Firmware Interface) bootkit that has been put to use by threat actors to backdoor Windows systems as early as 2012 by modifying a legitimate Windows Boot Manager binary to achieve persistence, once again demonstrating how technology meant to secure the environment prior to loading the

Source: Read More (The Hacker News)

You might be interested in …

[ZDNet] Transdev denies data stolen by ransomware group, connects leak to September attack on client

All posts, ZDNet

The company said the cybercriminals are hawking data stolen from a client of theirs. Source: Read More (Latest topics for ZDNet in Security)

Read More

Daily NCSC-FI news followup 2020-12-22

Kyberturvallisuuskeskuksen uusi julkaisu: Opas tietomurtojen havaitsemiseen www.kyberturvallisuuskeskus.fi/fi/julkaisut/opas-tietomurtojen-havaitsemiseen Tässä ohjeessa keskitytään erityisesti tietomurron havaitsemiseen lokitietojen avulla. Esimerkkeinä käytetään Windows Event Log – -­tapahtumalokeja tai muita Windows-­käyttöjärjestelmän lokitapahtumia. Valittuja esimerkkitapahtumia on havaittu tutkituissa tietomurroista tunkeutujien jäljiltä. PDF: www.kyberturvallisuuskeskus.fi/sites/default/files/media/file/Opas-tietomurtojen-havaitsemiseen.pdf SolarWinds hackers breached US Treasury officials’ email accounts www.bleepingcomputer.com/news/security/solarwinds-hackers-breached-us-treasury-officials-email-accounts/ US Senator Ron Wyden said that dozens of US Treasury […]

Read More

[HackerNews] Bug in Popular WinRAR Software Could Let Attackers Hack Your Computer

All posts, HackerNews

A new security weakness has been disclosed in the WinRAR trialware file archiver utility for Windows that could be abused by a remote attacker to execute arbitrary code on targeted systems, underscoring how vulnerabilities in such software could beсome a gateway for a roster of attacks. Tracked as CVE-2021-35052, the bug impacts the trial version […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.