Security News > 2023 > December > LogoFAIL: UEFI Vulnerabilities Expose Devices to Stealth Malware Attacks
2023-12-04 06:53
The Unified Extensible Firmware Interface (UEFI) code from various independent firmware/BIOS vendors (IBVs) has been found vulnerable to potential attacks through high-impact flaws in image parsing libraries embedded into the firmware. The shortcomings, collectively labeled LogoFAIL by Binarly, "can be used by threat actors to deliver a malicious payload and bypass Secure Boot, Intel
News URL
https://thehackernews.com/2023/12/logofail-uefi-vulnerabilities-expose.html
Related news
- IPany VPN breached in supply-chain attack to push custom malware (source)
- MintsLoader Delivers StealC Malware and BOINC in Targeted Cyber Attacks (source)
- Silver Fox APT Uses Winos 4.0 Malware in Cyber Attacks Against Taiwanese Organizations (source)
- Over 400 IPs Exploiting Multiple SSRF Vulnerabilities in Coordinated Cyber Attack (source)