all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

New Windows/Linux Firmware Attack

Add to bookmarks
Dec. 12, 2023, 12:01 p.m. | Bruce Schneier

Security Boulevard securityboulevard.com

Interesting attack based on malicious pre-OS logo images:



LogoFAIL is a constellation of two dozen newly discovered vulnerabilities that have lurked for years, if not decades, in Unified Extensible Firmware Interfaces responsible for booting modern devices that run Windows or Linux….


The vulnerabilities are the subject of a coordinated mass disclosure released Wednesday. The participating companies comprise nearly the entirety of the x64 and ARM CPU ecosystem, starting with UEFI suppliers AMI, Insyde, and Phoenix (sometimes still called IBVs …

attack bios companies constellation coordinated devices disclosure exploits firmware images linux logo logofail malicious responsible run vulnerabilities windows

Visit resource

More from securityboulevard.com / Security Boulevard

Lawsuits After Ransomware on the Rise, Comparitech Says 3 hours ago | securityboulevard.com
attacks companies cost of data breach cyberlaw +24
Product Release: PreVeil 5.0 4 hours ago | securityboulevard.com
list page product product release +5
What’s hot at RSAC 2024: 8 SSCS talks you don’t want to miss 6 hours ago | securityboulevard.com
appsec & supply chain security cisos development don +16
It’s 3am… Do You Know Where Your Data Is? 6 hours ago | securityboulevard.com
3am blog data security +2
Zero-Day Nightmare: Palo Alto, Cisco, and MITRE Under Attack 8 hours ago | securityboulevard.com
adaptive security alto asa attack +29
Venafi Launches 90-Day TLS Certificate Renewal Initiative 8 hours ago | securityboulevard.com
application security appsec certificate certificate management +26
Hyperproof and ServiceNow: Elevating Enterprise Control Orchestration with Better Task Management 8 hours ago | securityboulevard.com
blog posts business compliance compliance operations +17
Data Breaches in April 2024 – Infographic 12 hours ago | securityboulevard.com
april big breaches cyber attacks +10
Intel 471 Acquires Cyborg Security to Expand Its Cyber Threat Intelligence Portfolio with Innovative Threat … 13 hours ago | securityboulevard.com
actor advanced april blog +26

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Azure DevSecOps Cloud Engineer II

@ Prudent Technology | McLean, VA, USA
View on infosec-jobs.com

Security Engineer III - Python, AWS

@ JPMorgan Chase & Co. | Bengaluru, Karnataka, India
View on infosec-jobs.com

SOC Analyst (Threat Hunter)

@ NCS | Singapore, Singapore
View on infosec-jobs.com

Managed Services Information Security Manager

@ NTT DATA | Sydney, Australia
View on infosec-jobs.com

Senior Security Engineer (Remote)

@ Mattermost | United Kingdom
View on infosec-jobs.com

Penetration Tester (Part Time & Remote)

@ TestPros | United States - Remote
View on infosec-jobs.com
View more jobs