As our reliance on technology grows, so does the need for robust security measures that protect systems from unauthorized access and malicious attacks. One critical area of focus is the system's boot ...

ESET researchers have uncovered a vulnerability that, if exploited, would allow bad actors to circumvent UEFI Secure Boot and deploy malicious UEFI bootkits such as Bootkitty or BlackLotus on ...

Why it matters: Discovered in October 2022, BlackLotus is a powerful UEFI-compatible bootkit sold on underground marketplaces at $5,000 per license. The malware provides impressive capabilities, and a ...

For a more detailed analysis and technical breakdown of the UEFI vulnerability, check out the latest ESET Research blogpost “Under the cloak of UEFI Secure Boot: Introducing CVE-2024-7344” on ...

Acer has fixed a high-severity vulnerability affecting multiple laptop models that could enable local attackers to deactivate UEFI Secure Boot on targeted systems. The Secure Boot security feature ...

ESET finds bug in a UEFI application allowing malicious actors to bypass UEFI Secure Boot The move grants criminals the ability to deploy bootkits to affected systems Microsoft addressed the bug in ...

A recently patched security vulnerability in Unified Extensible Firmware Interface (UEFI) systems could allow attackers to bypass Secure Boot protections and compromise system safety during the boot ...

Lenovo has fixed two high-severity vulnerabilities impacting various ThinkBook, IdeaPad, and Yoga laptop models that could allow an attacker to deactivate UEFI Secure Boot. UEFI Secure Boot is a ...