ESET Research Podcast: UEFI in crosshairs of ESPecter bootkit
Listen to Aryeh Goretsky, Martin Smolár, and Jean-Ian Boutin discuss what UEFI threats are capable of and what the ESPecter bootkit tells us about their evolution
Search results for: "UEFI"
When “secure” isn’t secure at all: High‑impact UEFI vulnerabilities discovered in Lenovo consumer laptops
ESET researchers discover multiple vulnerabilities in various Lenovo laptop models that allow an attacker with admin privileges to expose the user to firmware-level malware
UEFI threats moving to the ESP: Introducing ESPecter bootkit
ESET research discovers a previously undocumented UEFI bootkit with roots going back all the way to at least 2012
Needles in a haystack: Picking unwanted UEFI components out of millions of samples
ESET experts describe how they trained a machine-learning model to recognize a handful of unwanted UEFI components within a flood of millions of harmless samples
White Papers
A machine‑learning method to explore the UEFI landscape
Building on their earlier work on UEFI threats, ESET experts describe how they trained a machine-learning model to recognize a handful of unwanted UEFI components within a flood of millions of harmless samples. Besides showing strong capabilities in identifying suspicious UEFI executables, this system offers real-time monitoring of the UEFI landscape and was found to
White Papers
LOJAX: First UEFI rootkit found in the wild, courtesy of the Sednit group
ESET researchers have discovered the first in-the-wild UEFI rootkit. Dubbed LoJax, the research team has shown that the Sednit operators used different components of the LoJax malware to target a few government organizations in the Balkans as well as in Central and Eastern Europe. The Sednit group is a resourceful APT group targeting people and
LoJax: First UEFI rootkit found in the wild, courtesy of the Sednit group
ESET researchers have shown that the Sednit operators used different components of the LoJax malware to target a few government organizations in the Balkans as well as in Central and Eastern Europe
Fighting persistent malware with a UEFI scanner, or ‘What’s it all about UEFI?”
The biggest news in malware so far this year has been WannaCryptor a.k.a. WannaCry, and one reason that particular ransomware spread so fast was because it used a “top secret” exploit developed by the NSA, an agency known to have dabbled in UEFI compromise.
UEFI malware: How to exploit a false sense of security
When thinking about security we generally take risk into account. It is well known that risk is a composition of likelihood and potential impact.
ESET Threat Report T2 2022
A view of the T2 2022 threat landscape as seen by ESET telemetry and from the perspective of ESET threat detection and research experts
ESET Threat Report T 1 2022
A view of the T 1 2022 threat landscape as seen by ESET telemetry and from the perspective of ESET threat detection and research experts
Is your Lenovo laptop vulnerable to cyberattack?
Here’s what to know about vulnerabilities in more than 100 Lenovo consumer laptop models and what you can do right away to stay safe – all in under three minutes
Europe’s quest for energy independence – and how cyber‑risks come into play
Soaring energy prices and increased geopolitical tensions amid the Russian invasion of Ukraine bring a sharp focus on European energy security
ESET Threat Report T3 2021
A view of the T3 2021 threat landscape as seen by ESET telemetry and from the perspective of ESET threat detection and research experts
Signed kernel drivers – Unguarded gateway to Windows’ core
ESET researchers look at malware that abuses vulnerabilities in kernel drivers and outline mitigation techniques against this type of exploitation
Virus Bulletin: Old malware never dies – it just gets more targeted
Putting a precision payload on top of more generic malware makes perfect sense for malware operators
Week in security with Tony Anscombe
ESET research discovers ESPecter bootkit – FontOnLake targeting Linux – Fake SafeMoon app update
Black Hat 2021 – non‑virtual edition
How is Black Hat USA 2021 different from the past editions of the conference and what are the themes may steal the show this year?
Thunderspy attacks: What they are, who’s at greatest risk and how to stay safe
All you need to know about preventing adversaries from exploiting the recently disclosed vulnerabilities in the Thunderbolt interface
Week in security with Tony Anscombe
This week, ESET researchers published an analysis of a previously unknown cyber-espionage platform and described a system enabling them to explore the UEFI landscape in an efficient way