December 5, 2024 at 07:31AM Cisco has released patches for a significant vulnerability in NX-OS bootloader software (CVE-2024-20397) that could let attackers bypass image signature verification. Affecting over 100 models, the flaw requires physical access for exploitation. Cisco advises immediate updates, although no known exploits are reported. Discontinued devices will not receive patches. **Meeting Takeaways: … Read more
December 4, 2024 at 07:48PM Microsoft confirmed that Windows 10 users require TPM 2.0 support to upgrade to Windows 11, describing it as a mandatory security feature. Though many bypass methods exist, TPM 2.0 is critical for enhancing cybersecurity. Additionally, Windows 10 support ends on October 14, 2025, but users can purchase Extended Security Updates … Read more
December 2, 2024 at 05:34PM Researchers have discovered “Bootkitty,” a proof-of-concept UEFI bootkit for Linux, developed by Korean students for cybersecurity training. Although still unfinished, it exploits vulnerabilities allowing it to bypass Secure Boot. This notable malware indicates a shift in bootkit attacks targeting Linux systems, previously dominated by Windows-focused malware. ### Meeting Takeaways: 1. … Read more
December 2, 2024 at 11:52AM A prototype UEFI bootkit, linked to a South Korean university’s BoB program, targets specific Ubuntu setups. Named Bootkitty, it uses the LogoFAIL exploit to bypass Secure Boot protections. Discovered by ESET, this research project showcases potential security risks, with indications it is still under development, not an active threat. ### … Read more
November 27, 2024 at 10:36AM Security researchers have discovered “Bootkitty,” the first UEFI bootkit targeting Linux, specifically some Ubuntu releases. Although currently a proof of concept, its existence indicates a shift in UEFI threat dynamics, dispelling the notion that such threats are exclusive to Windows, and highlights the need for future preparedness. ### Meeting Takeaways … Read more
November 27, 2024 at 08:08AM Microsoft has previewed a reworked version of Windows Recall for Windows Insiders using Qualcomm Snapdragon X Elite PCs. Recall captures PC snapshots for easy retrieval of app actions and documents, ensuring data privacy. Users must enable security features and can provide feedback through the Feedback Hub. General release date is … Read more
November 27, 2024 at 08:03AM Researchers have identified Bootkitty, the first UEFI bootkit designed for Linux systems, produced by BlackCat. As a proof-of-concept, it aims to disable kernel signature verification and preload unknown binaries. While not yet used in attacks, it signifies a shift in UEFI threats beyond Windows, highlighting future cybersecurity risks. ### Meeting … Read more
August 23, 2024 at 02:08PM Microsoft provided a workaround for Linux boot issues caused by August security updates on dual-boot systems with Secure Boot enabled. It sounds like Microsoft provided a workaround for the Linux boot issues caused by the August security updates on dual-boot systems with Secure Boot enabled. Full Article
August 22, 2024 at 12:35PM Microsoft has acknowledged that the August 2024 Windows security updates are causing issues for dual-boot systems with Secure Boot enabled, particularly affecting Linux booting. The problem stems from a Secure Boot Advanced Targeting update, blocking unpatched Linux boot loaders against a specific vulnerability. Microsoft is working on a fix and … Read more
August 21, 2024 at 11:05AM August 2024 Windows security updates are causing issues for dual-boot on some Linux systems with Secure Boot enabled. Microsoft applied a Secure Boot Advanced Targeting (SBAT) update to block Linux boot loaders unpatched against the CVE-2022-2601 GRUB2 vulnerability, impacting various Linux distributions. The affected users are experiencing “Verifying shim SBAT … Read more