NSA Releases Guide to Combat Powerful BlackLotus Bootkit Targeting Windows Systems

MuzzMelbourne

MuzzMelbourne

Level 15
Thread author
Verified
Top Poster
Well-known
Mar 13, 2022
599
Content source
https://thehackernews.com/2023/06/nsa-releases-guide-to-combat-powerful.html
The U.S. National Security Agency (NSA) on Thursday released guidance to help organizations detect and prevent infections of a Unified Extensible Firmware Interface (UEFI) bootkit called BlackLotus.

To that end, the agency is recommending that "infrastructure owners take action by hardening user executable policies and monitoring the integrity of the boot partition."

BlackLotus is an advanced crimeware solution that was first spotlighted in October 2022 by Kaspersky. A UEFI bootkit capable of bypassing Windows Secure Boot protections, samples of the malware have since emerged in the wild.
Click to expand...

NSA Releases Guide to Combat Powerful BlackLotus Bootkit Targeting Windows Systems

NSA shares crucial guidance to detect and tackle BlackLotus: a powerful UEFI bootkit bypassing Windows Secure Boot, granting attackers full control.
thehackernews.com
 
  • Like
  • Applause
Reactions: Zero Knowledge, plat, [correlate] and 3 others
You must log in or register to reply here.

Similar threads

enaph
    • Like
    • +Reputation
Security News “Bootkitty”: The First UEFI Bootkit Targeting Linux Systems
Replies
2
Views
599
Security News
bazang
bazang
silversurfer
    • Like
    • +Reputation
    • Sad
  • Locked
BlackLotus Becomes First UEFI Bootkit Malware to Bypass Secure Boot on Windows 11
Replies
20
Views
3,450
News Archive
simmerskool
simmerskool
upnorth
    • Like
    • +Reputation
    • Hundred Points
Hot Take Bolster UEFI Cybersecurity Now
Replies
1
Views
914
General Security Discussions
Sandbox Breaker - DFIR
Sandbox Breaker - DFIR

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top