Security News > 2023 > December > LogoFAIL: UEFI Vulnerabilities Expose Devices to Stealth Malware Attacks
2023-12-04 06:53
The Unified Extensible Firmware Interface (UEFI) code from various independent firmware/BIOS vendors (IBVs) has been found vulnerable to potential attacks through high-impact flaws in image parsing libraries embedded into the firmware. The shortcomings, collectively labeled LogoFAIL by Binarly, "can be used by threat actors to deliver a malicious payload and bypass Secure Boot, Intel
News URL
https://thehackernews.com/2023/12/logofail-uefi-vulnerabilities-expose.html
Related news
- CUPS vulnerabilities could be abused for DDoS attacks (source)
- Astaroth Banking Malware Resurfaces in Brazil via Spear-Phishing Attack (source)
- VEILDrive Attack Exploits Microsoft Services to Evade Detection and Distribute Malware (source)
- Iranian Hackers Use "Dream Job" Lures to Deploy SnailResin Malware in Aerospace Attacks (source)
- OvrC Platform Vulnerabilities Expose IoT Devices to Remote Attacks and Code Execution (source)
- Iranian Hackers Deploy WezRat Malware in Attacks Targeting Israeli Organizations (source)