bootkit – Computer Security Articles

May’s Patch Tuesday haul touches a six-pack of product families

May 11, 2023 admin av1, blacklotus, bootkit, cve-2023-24881, cve-2023-24932, cve-2023-24941, cve-2023-29325, cve-2023-29340, Microsoft Office, microsoft windows, Patch Tuesday, secure boot, Sharepoint, teams, threat research, uefi

Credit to Author: Angela Gunn| Date: Tue, 09 May 2023 19:27:52 +0000

A relatively light month by the numbers, but several patches require extra effort to deploy

MalwareBytes Security

Update now! May 2023 Patch Tuesday tackles three zero-days

May 11, 2023 admin Android, apple, bootkit, Cisco, cve-2023-24932, cve-2023-24941, cve-2023-29325, cve-2023-29336, Exploits and vulnerabilities, google, microsoft, Mozilla, news, Outlook, preview, SAP, VMware

Categories: Exploits and vulnerabilities

Categories: News

Tags: Microsoft

Tags: CVE-2023-29336

Tags: CVE-2023-24932

Tags: bootkit

Tags: CVE-2023-29325

Tags: Outlook

Tags: preview

Tags: CVE-2023-24941

Tags: Apple

Tags: Cisco

Tags: Google

Tags: Android

Tags: VMWare

Tags: SAP

Tags: Mozilla

Microsoft’s Patch Tuesday round up for May 2023 includes patches for three zero-day vulnerabilities and one critical remote code execution vulnerability

Microsoft Security

Guidance for investigating attacks using CVE-2022-21894: The BlackLotus campaign

April 11, 2023 admin blacklotus, bootkit, cve-2022-21894, cybersecurity, microsoft detection and response team (dart), uefi

Credit to Author: Microsoft Security Threat Intelligence – Editor| Date: Tue, 11 Apr 2023 17:00:00 +0000

This guide provides steps that organizations can take to assess whether users have been targeted or compromised by threat actors exploiting CVE-2022-21894 via a Unified Extensible Firmware Interface (UEFI) bootkit called BlackLotus.

The post Guidance for investigating attacks using CVE-2022-21894: The BlackLotus campaign appeared first on Microsoft Security Blog.

MalwareBytes Security

LoJack for computers used to attack European government bodies

October 4, 2018 admin bootkit, hacking, Lojack, Lojax, UFEI, XAgent

Credit to Author: Malwarebytes Labs| Date: Thu, 04 Oct 2018 15:00:00 +0000

Security researchers have detected the first known instance of a UEFI bootkit being used against government bodies in Central and Eastern Europe. The attack relies on a persistence mechanism stolen from a legitimate software called Computrace—essentially LoJack for computers—that comes by default on many machines.

Categories: