all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Guidance for investigating attacks using CVE-2022-21894: The BlackLotus campaign

Add to bookmarks
April 11, 2023, 5 p.m. | Microsoft Security Threat Intelligence - Editor

Microsoft Security Blog www.microsoft.com

This guide provides steps that organizations can take to assess whether users have been targeted or compromised by threat actors exploiting CVE-2022-21894 via a Unified Extensible Firmware Interface (UEFI) bootkit called BlackLotus.


The post Guidance for investigating attacks using CVE-2022-21894: The BlackLotus campaign appeared first on Microsoft Security Blog.

attacks blacklotus blog bootkit called campaign compromised cve cve-2022-21894 cybersecurity exploiting firmware guidance guide interface microsoft microsoft security organizations security security blog threat threat actors uefi

Visit resource

More from www.microsoft.com / Microsoft Security Blog

Threat actors misusing Quick Assist in social engineering attacks leading to ransomware 4 days, 13 hours ago | www.microsoft.com
attacks basta black basta black basta ransomware +19
Microsoft is again named a Leader in the 2024 Gartner® Magic Quadrant™ for Security Information … 6 days, 13 hours ago | www.microsoft.com
event event management gartner gartner magic quadrant +6
New capabilities to help you secure your AI transformation 1 week, 6 days ago | www.microsoft.com
age applications capabilities defender +14
Security above all else—expanding Microsoft’s Secure Future Initiative 2 weeks, 2 days ago | www.microsoft.com
blog cyberthreat driving future +8
Microsoft introduces passkeys for consumer accounts 2 weeks, 3 days ago | www.microsoft.com
accounts blog consumer microsoft +7
Microsoft named overall leader in KuppingerCole Leadership Compass for ITDR 2 weeks, 4 days ago | www.microsoft.com
and response capabilities compass detection +22
Analyzing Forest Blizzard’s custom post-compromise tool for exploiting CVE-2022-38028 to obtain credentials 3 weeks, 6 days ago | www.microsoft.com
blizzard compromise credentials cve +20
Attackers exploiting new critical OpenMetadata vulnerabilities on Kubernetes clusters 1 month ago | www.microsoft.com
access attack attackers blog +17
How Microsoft discovers and mitigates evolving attacks against AI guardrails 1 month, 1 week ago | www.microsoft.com
address attacks blog guardrails +8

Jobs in InfoSec / Cybersecurity

Post a Job Search Talent

Information Security Engineers

@ D. E. Shaw Research | New York City
View on infosec-jobs.com

Technology Security Analyst

@ Halton Region | Oakville, Ontario, Canada
View on infosec-jobs.com

Senior Cyber Security Analyst

@ Valley Water | San Jose, CA
View on infosec-jobs.com

Computer and Forensics Investigator

@ ManTech | 221BQ - Cstmr Site,Springfield,VA
View on infosec-jobs.com

Senior Security Analyst

@ Oracle | United States
View on infosec-jobs.com

Associate Vulnerability Management Specialist

@ Diebold Nixdorf | Hyderabad, Telangana, India
View on infosec-jobs.com