BombShell: The Signed Backdoor Hiding in Plain Sight on Framework Devices

eclypsium.com

cross-posted to:
linux@programming.dev

BombShell: The Signed Backdoor Hiding in Plain Sight on Framework Devices

eclypsium.com

digicatM to

blueteamsecEnglish · 6 months ago

cross-posted to:
linux@programming.dev

BombShell: The Signed Backdoor Hiding in Plain Sight on Framework Devices - Eclypsium | Supply Chain Security for the Modern Enterprise

eclypsium.com

Eclypsium researchers have discovered UEFI shells, authorized via Secure Boot, on Framework laptops. The UEFI shells contain capabilities that allow attackers to bypass Secure Boot on roughly 200,000 affected Framework laptops and desktops.

You must log in or # to comment.

Chat

blueteamsec

Create a post

You are not logged in. However you can subscribe from another Fediverse account, for example Lemmy or Mastodon. To do this, paste the following into the search field of your instance: !blueteamsec@infosec.pub

For [Blue|Purple] Teams in Cyber Defence - covering discovery, detection, response, threat intelligence, malware, offensive tradecraft and tooling, deception, reverse engineering etc.

Visibility: Public

This community can be federated to other instances and be posted/commented in by their users.

25 users / day
118 users / week
300 users / month
1K users / 6 months
231 local subscribers
682 subscribers
3.03K Posts
227 Comments
Modlog

mods:
digicat