2025-01-31 12:16:21 Pacfic
UEFI Secure Boot Bypass Vulnerability Discovered. - 14d
A newly discovered vulnerability, CVE-2024-7344, in the UEFI Secure Boot mechanism allows attackers to bypass Secure Boot protections and execute unsigned code during the boot process. This flaw, located in a signed UEFI application, enables the deployment of malicious UEFI bootkits, potentially impacting a wide range of UEFI-based systems. This highlights the need to fix and patch UEFI bootloaders urgently.
Bootkitty: First UEFI Bootkit Targeting Linux Systems - 2d
ESET researchers discovered Bootkitty, the first UEFI bootkit designed for Linux systems. While appearing to be a proof-of-concept, its existence signals a concerning shift in the UEFI threat landscape, expanding threats beyond traditionally targeted Windows systems. Further research is needed to determine its potential for active exploitation and the extent of its capabilities.