Linux Shim Bootloader Flaw Expose Most Linux Distros to Code Execution Attacks | allinfosecnews.com

Feb. 7, 2024, 3 p.m. | Eswar

Cyber Security News cybersecuritynews.com

Shim is a small application used by open-source projects and other third parties for verifying and running the bootloader (typically GRUB2). The application was developed specifically to circumvent legal issues arising from license compatibility. Shim has become a critical piece of software for many Linux distributions to support secure boot. However, it has been discovered […]

The post Linux Shim Bootloader Flaw Expose Most Linux Distros to Code Execution Attacks appeared first on Cyber Security News.

application attacks bootloader code code execution compatibility critical cyber security distributions expose flaw grub2 legal legal issues license linux linux distributions linux distros piece projects running shim software support third third parties vulnerability

More from cybersecuritynews.com / Cyber Security News

Android Bug Leaks DNS Traffic to Hackers While Switching VPN Servers 3 hours ago | cybersecuritynews.com

android android 14 bug critical +21

ShadowSyndicate Hackers Exploit Aiohttp Vulnerability To Steal Sensitive Data 20 hours ago | cybersecuritynews.com

access aiohttp vulnerability asynchronous attackers +25

Florida Man Arrested For Selling Fake Cisco Device To U.S. Military 20 hours ago | cybersecuritynews.com

arrested cisco computer counterfeit +25

How U.S K-12 Schools Can Solve Their Top 10 Cybersecurity Challenges – Free E-Book 20 hours ago | cybersecuritynews.com

access book can challenges +27

AI-Based Webshell Detection Model – Detailed Overview 20 hours ago | cybersecuritynews.com

access ai-based security attackers code +23

Critical OpenVPN Zero-Day Flaws Affecting Millions of Endpoints Across the Globe 22 hours ago | cybersecuritynews.com

android bsd critical cyber security +23

Operation PANDORA Shutdown 12 Fake Call Centers that Steal Over €10M 1 day, 2 hours ago | cybersecuritynews.com

10 million a network call call centers +19

CISA & FBI Release Urges Developers to Eliminate Directory Traversal Vulnerabilities 1 day, 2 hours ago | cybersecuritynews.com

agency alert bureau calling +24

LayerX Security Raises $24M for its Browser Security Platform, Enabling Employees to Work Securely from … 1 day, 18 hours ago | cybersecuritynews.com

browser browser security capital dell +24

Principal Security Engineer

@ Elsevier | Home based-Georgia

View on infosec-jobs.com

Infrastructure Compliance Engineer

@ NVIDIA | US, CA, Santa Clara

View on infosec-jobs.com

Information Systems Security Engineer (ISSE) / Cybersecurity SME

@ Green Cell Consulting | Twentynine Palms, CA, United States

View on infosec-jobs.com

Sales Security Analyst

@ Everbridge | Bengaluru

View on infosec-jobs.com

Alternance – Analyste Threat Intelligence – Cybersécurité - Île-de-France

@ Sopra Steria | Courbevoie, France

View on infosec-jobs.com

Third Party Cyber Risk Analyst

@ Chubb | Philippines

View on infosec-jobs.com