#logofail — Public Fediverse posts on home.social

Torsten :verified: :verified: @[email protected] · 2024-12-17 · 15:23 UTC

Einige Erläuterungen zu #Bootkitty von Binarly. Ganz interessant. Ich hatte mir damals #LogoFAIL nicht angesehen. Ist schon bisschen peinlich, wenn in einem Bilddekoder die Längenprüfung fehlt.

#BIOS #UEFI #Linux #Infosec
https://www.binarly.io/blog/logofail-exploited-to-deploy-bootkitty-the-first-uefi-bootkit-for-linux

#bootkitty #logofail #bios #uefi #linux #infosec

PrivacyDigest @[email protected] · 2024-11-30 · 00:32 UTC

Code found online #exploits #LogoFAIL to install #Bootkitty #Linux #backdoor
#security

https://arstechnica.com/security/2024/11/code-found-online-exploits-logofail-to-install-bootkitty-linux-backdoor/

#security #backdoor #linux #bootkitty #logofail #exploits

IT News @[email protected] · 2024-11-29 · 22:55 UTC

Code found online exploits LogoFAIL to install Bootkitty Linux backdoor - Researchers have discovered malicious code circulating in the wild that hi... - https://arstechnica.com/security/2024/11/code-found-online-exploits-logofail-to-install-bootkitty-linux-backdoor/ #unifiedextensiblefirmwareinterface #bootkitty #security #logofail #biz⁢ #linux #uefi

#uefi #linux #biz #logofail #security #bootkitty

지지 ᚠᚱᛖᛃᚨ Daniel 黄法官 CyReVolt @[email protected] · 2023-12-28 · 13:51 UTC

If you come to the #OSFF #assembly at #37C3, you can get a #LogoFAIL #badge. 🥳

#osff #assembly #37c3 #logofail #badge

Mike Williamson @[email protected] · 2023-12-12 · 12:48 UTC

"During the boot process, vulnerable firmware will load the malicious logo from the ESP and parse it with a vulnerable image parser, thus the attacker can hijack the execution flow by exploiting a vulnerability in the parser itself. By exploiting this threat, the attacker can achieve arbitrary code execution during the DXE phase, which means complete game-over for platform security."

#LangSec #LogoFail

https://arstechnica.com/security/2023/12/just-about-every-windows-and-linux-device-vulnerable-to-new-logofail-firmware-attack/

#langsec #logofail

🛡 [email protected]/:~# :blinking_cursor: @[email protected] · 2023-12-04 · 08:17 UTC

"🚨 UEFI Under Threat: The LogoFAIL Vulnerability 🚨"

A recent security report has brought attention to LogoFAIL, a collection of vulnerabilities that pose a substantial risk to devices utilizing UEFI firmware. These vulnerabilities enable attackers to install UEFI bootkits by leveraging weaknesses in the image-parsing components utilized by various vendors in their firmware. LogoFAIL's impact is widespread, affecting a broad range of devices across x86 and ARM architectures, including products from prominent manufacturers such as Intel, Acer, and Lenovo.

Researchers at Binarly have uncovered that malicious payloads can be executed by injecting image files into the EFI System Partition (ESP), effectively evading security features like Secure Boot. This method of attack ensures the persistence of malware on the system, rendering it virtually undetected. LogoFAIL's full scope of impact is still being assessed, but it is already evident that it poses a significant threat to both consumer and enterprise-grade devices, as it bypasses security mechanisms designed to protect UEFI systems.

Source: BlackHat talk and Bill Toulas, BleepingComputer

MITRE ATT&CK Reference for UEFI Vulnerabilities: T1588.006

Tags: #CyberSecurity #UEFI #Vulnerability #LogoFAIL #Bootkit #SecureBoot #FirmwareSecurity #Binarly #DeviceSecurity 🚨💻🔒