Dark Reading

Trusted Apps Sneak a Bug Into the UEFI Boot Process

A vulnerability in trusted system recovery programs could allow privileged attackers to inject malware directly into the system startup process in Unified Extensible Firmware Interface (UEFI) devices.
TechRadar

New UEFI Secure Boot flaw exposes systems to bootkits

ESET finds bug in a UEFI application allowing malicious actors to bypass UEFI Secure Boot The move grants criminals the ability to deploy bootkits to affected systems Microsoft addressed the bug in ...
Ars Technica

Stealthy UEFI malware bypassing Secure Boot enabled by unpatchable Windows flaw

Researchers on Wednesday announced a major cybersecurity find—the world’s first-known instance of real-world malware that can hijack a computer’s boot process even when Secure Boot and other advanced ...