Network World

New attack methods can ‘brick’ systems, defeat Secure Boot, researchers say

The Secure Boot security mechanism of the Unified Extensible Firmware Interface (UEFI) can be bypassed on around half of computers that have the feature enabled in order to install bootkits, according ...
Dark Reading

Exclusive: CISA Sounds the Alarm on UEFI Security

Against the backdrop of the debacle that mitigating the BlackLotus bootkit has become, the Cybersecurity and Infrastructure Security Agency (CISA) is calling for revamped security for Unified ...
WeLiveSecurity

Under the cloak of UEFI Secure Boot: Introducing CVE-2024-7344

ESET researchers have discovered a vulnerability that allows bypassing UEFI Secure Boot, affecting the majority of UEFI-based systems. This vulnerability, assigned CVE-2024-7344, was found in a UEFI ...
TechSpot

Researchers disclose Windows "downgrade" attack as Microsoft provides a mitigation method

In a nutshell: Researchers have developed a cyberattack that reverses Windows security updates to exploit previously patched vulnerabilities. Although they cannot deploy the malware remotely, users ...
Bleeping Computer

LogoFAIL attack can install UEFI bootkits through bootup logos

Multiple security vulnerabilities collectively named LogoFAIL affect image-parsing components in the UEFI code from various vendors. Researchers warn that they could be exploited to hijack the ...
CSOonline

New exploits can bypass Secure Boot and modern UEFI security protections

Two research groups demonstrate PC firmware vulnerabilities that are difficult to mitigate and likely to be exploited in the wild. Two teams of researchers have revealed vulnerabilities this week in ...