Uncategorized

SyScan360 Seattle

https://www.syscan360.org/

Standard
Uncategorized

AMI and Gigabyte UEFI vulnerability

I wish more user-mode security researchers would study how OEM/IBV/OSV implementations of UEFI firmware update, from the OS-present appplication, looking for problems. For example: https://firmwaresecurity.com/2016/06/05/asus-liveupdate-of-uefi-sent-authenticated/

Standard
Uncategorized

CHIPSEC gets new UEFI Whitelist command

CHIPSEC already has a Blacklist command. Now there is a UEFI whitelist command.

Standard
Uncategorized

more on CIA UEFI malware

Some comments from Yuriy of the Intel ATR team:

Standard
Uncategorized

Slides for coreboot/UEFI talk from REcon available

 

http://www.intelsecurity.com/advanced-threat-research/content/data/REConBrussels2017_BARing_the_system.pdf

http://www.intelsecurity.com/advanced-threat-research/index.html

Standard