Blog
Share This Post
[ad_1]
SecurityWeek reports that the novel Bootkitty UEFI bootkit prototype aimed at Ubuntu Linux machines — whose samples were initially discovered by ESET researchers in VirusTotal — was found to have been developed by researchers part of the South Korea Information Technology Research Institute’s Best of the Best academic program.
Moreover, Bootkitty has been integrated with a manipulated BMP file exploiting LogoFAIL-related vulnerability, tracked as CVE-2023-40238, to circumvent defenses provided by Secure Boot, compromise UEFI image parsing routines, and execute malicious bootloaders, according to a separate report from Binarly. “By leveraging flaws in image parsing during system boot, attackers have developed a sophisticated mechanism to bypass Secure Boot protection,” said the report. Such a development comes months after the leak of the source code for the BlackLotus UEFI bootkit for Windows, which was reported to have included user access control and secure boot evading and security app and defense deactivating capabilities.
[ad_2]
Source link
Subscribe To Our Newsletter
Get updates and learn from the best
More To Explore
US Charges Five People Over North Korean IT Worker Scheme
[ad_1] The US has announced charges against five individuals involved in a fake IT workers scheme to funnel funds to
In Other News: VPN Supply Chain Attack, PayPal $2M Settlement, RAT Builder Hacks Script Kiddies
[ad_1] Noteworthy stories that might have slipped under the radar: Korean VPN supply chain attack, PayPal settles with New York
