Bleeping Computer

BootKitty UEFI malware exploits LogoFAIL to infect Linux systems

Update added below about this bootkit being created by students in Korea's Best of the Best (BoB) cybersecurity training program. The recently uncovered 'Bootkitty' Linux UEFI bootkit exploits the ...
Dark Reading

Critical 'LogoFAIL' Bugs Offer Secure Boot Bypass for Millions of PCs

Researchers have uncovered "LogoFAIL," a set of critical vulnerabilities present in the Unified Extensible Firmware Interface (UEFI) ecosystem for PCs. Exploitation of the vulnerabilities nullify ...
Ars Technica

Just about every Windows and Linux device vulnerable to new LogoFAIL firmware attack

Hundreds of Windows and Linux computer models from virtually all hardware makers are vulnerable to a new attack that executes malicious firmware early in the boot-up sequence, a feat that allows ...
Ars Technica

Secure Boot-neutering PKfail debacle is more prevalent than anyone knew

A supply chain failure that compromises Secure Boot protections on computing devices from across the device-making industry extends to a much larger number of models than previously known, including ...
CSOonline

New exploits can bypass Secure Boot and modern UEFI security protections

Two research groups demonstrate PC firmware vulnerabilities that are difficult to mitigate and likely to be exploited in the wild. Two teams of researchers have revealed vulnerabilities this week in ...