NSA Releases Guide to Combat BlackLotus Malware | allinfosecnews.com

June 23, 2023, 5:19 p.m. | Guru Baran

GBHackers On Security gbhackers.com

Malicious cyber actors might exploit a known flaw in Microsoft Windows’ secure startup process to bypass Secure Boot protection and run the BlackLotus malware. BlackLotus uses a known flaw dubbed “Baton Drop,” tracked as CVE-2022-21894, to bypass beyond security precautions made by the device’s Secure Boot start-up procedure. Since October 2022, BlackLotus has been making appearances on hacker forums. […]

The post NSA Releases Guide to Combat BlackLotus Malware appeared first on GBHackers - Latest Cyber Security News | Hacker …

beyond blacklotus boot bypass cve cve-2022-21894 cyber cyber-attack device exploit flaw guide malicious malware microsoft microsoft windows nsa october procedure process protection ransomware releases run secure boot security start start-up startup windows

More from gbhackers.com / GBHackers On Security

ELLIO and ntop partnership to boost high-speed network traffic monitoring with real-time data on opportunistic … 1 day, 16 hours ago | gbhackers.com

applications attacks botnets commercial +16

LilacSquid Hackers Attacking IT Industries To Harvest Confidential Data 1 day, 16 hours ago | gbhackers.com

access advanced persistent threat can cisco +29

FlyingYeti Exploits WinRAR Vulnerability For Targeted Malware Attacks 1 day, 16 hours ago | gbhackers.com

actor attacks cve cybersecurity threats +23

Hackers Weaponizing MS Office-Cracked Versions to Deliver Malware 1 day, 16 hours ago | gbhackers.com

attackers changing commands cracked +23

DDoS-as-a-Service Botnet Backed by Mirai Attacking Gaming Community 1 day, 17 hours ago | gbhackers.com

as-a-service attacks botnet botnets +19

Hackers Exploiting Stored XSS Vulnerabilities in WordPress Plugins 1 day, 18 hours ago | gbhackers.com

attackers cross-site cve cve-2023-40000 +25

VirusTotal Celebrates 20th Anniversary, What’s Next? 1 day, 21 hours ago | gbhackers.com

20th anniversary anniversary cyber security cybersecurity +16

Beware of Fake Browser Updates That Deliver Bitrat & Lumma Stealer 1 day, 22 hours ago | gbhackers.com

attackers breaches browser campaign +24

Progress Telerik Report Server Flaw Let Attackers Bypass Authentication 2 days, 17 hours ago | gbhackers.com

attackers authentication authentication bypass bypass +13

CyberSOC Technical Lead

@ Integrity360 | Sandyford, Dublin, Ireland

View on infosec-jobs.com

Cyber Security Strategy Consultant

@ Capco | New York City

View on infosec-jobs.com

Cyber Security Senior Consultant

@ Capco | Chicago, IL

View on infosec-jobs.com

Sr. Product Manager

@ MixMode | Remote, US

View on infosec-jobs.com

Corporate Intern - Information Security (Year Round)

@ Associated Bank | US WI Remote

View on infosec-jobs.com

Senior Offensive Security Engineer

@ CoStar Group | US-DC Washington, DC

View on infosec-jobs.com