all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

How To Hunt For UEFI Malware Using Velociraptor

Add to bookmarks
Feb. 29, 2024, 5:32 p.m. | Matthew Green

Rapid7 Blog blog.rapid7.com

UEFI threats have historically been limited in number and mostly implemented by nation state actors as stealthy persistence. However, the recent proliferation of Black Lotus on the dark web, Trickbot enumeration module (late 2022), and Glupteba (November 2023) indicates that this historical trend may be changing.

With this context, it

black lotus changing context dark dark web enumeration glupteba hunt malware may nation nation state november november 2023 persistence proliferation state threats trend trickbot uefi velociraptor web

Visit resource

More from blog.rapid7.com / Rapid7 Blog

The Business of Cybersecurity Ownership 7 hours ago | blog.rapid7.com
accountability business can ciso +6
Velociraptor 0.7.2 Release: Digging Deeper than Ever with EWF Support, Dynamic DNS and More 1 day, 6 hours ago | blog.rapid7.com
discuss dns download dynamic +7
Metasploit Weekly Wrap-Up 04/26/24 5 days, 1 hour ago | blog.rapid7.com
addition application clusters community +20
USF College of Engineering Presents Rapid7 With 2024 Corporate Impact Award 1 week, 1 day ago | blog.rapid7.com
april award awards beyond +11
Unauthenticated CrushFTP Zero-Day Enables Complete Server Compromise 1 week, 1 day ago | blog.rapid7.com
access account account access administrator +26
Take Command Summit: Take Breaches from Inevitable to Preventable on May 21 1 week, 2 days ago | blog.rapid7.com
attack aws breaches command +14
Metasploit Weekly Wrap-Up 04/19/24 1 week, 5 days ago | blog.rapid7.com
crushftp emergent threat response exploit framework +11
Enforce and Report on PCI DSS v4 Compliance with Rapid7 2 weeks ago | blog.rapid7.com
adoption compliance council data +21
Rapid7 Insight Platform Achieves Level 2 TX-Ramp Authorization 2 weeks, 1 day ago | blog.rapid7.com
authorization authorization management cloud cloud security +17

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Sr. Cloud Security Engineer

@ BLOCKCHAINS | USA - Remote
View on infosec-jobs.com

Network Security (SDWAN: Velocloud) Infrastructure Lead

@ Sopra Steria | Noida, Uttar Pradesh, India
View on infosec-jobs.com

Senior Python Engineer, Cloud Security

@ Darktrace | Cambridge
View on infosec-jobs.com

Senior Security Consultant

@ Nokia | United States
View on infosec-jobs.com

Manager, Threat Operations

@ Ivanti | United States, Remote
View on infosec-jobs.com

Lead Cybersecurity Architect - Threat Modeling | AWS Cloud Security

@ JPMorgan Chase & Co. | Columbus, OH, United States
View on infosec-jobs.com
View more jobs