NSA warns of ‘false sense of security’ against BlackLotus malware

The National Security Agency said Thursday that organizations should think twice about whether they’re protected against the BlackLotus “bootkit” malware that cybersecurity experts first warned about in March. BlackLotus is designed to dodge UEFI Secure Boot, which watches for malicious software as a Microsoft Windows machine starts up the firmware that controls basic hardware functions.

agency blacklotus boot bootkit briefs cybercrime cybersecurity cybersecurity experts experts firmware government machine malicious malicious software malware march microsoft microsoft windows national national security national security agency nsa organizations secure boot security software uefi watches windows