The DefendOps Diaries<p>Secure Boot just got a wake-up call—hackers are now exploiting a new flaw to slip bootkit malware past our digital bouncer. Ever wonder how secure your system really is?</p><p><a href="https://thedefendopsdiaries.com/navigating-the-challenges-of-secure-boot-vulnerabilities/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">thedefendopsdiaries.com/naviga</span><span class="invisible">ting-the-challenges-of-secure-boot-vulnerabilities/</span></a></p><p><a href="https://infosec.exchange/tags/secureboot" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>secureboot</span></a><br><a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a><br><a href="https://infosec.exchange/tags/vulnerabilities" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>vulnerabilities</span></a><br><a href="https://infosec.exchange/tags/bootkit" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>bootkit</span></a><br><a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>infosec</span></a></p>
shakedown.social is one of the many independent Mastodon servers you can use to participate in the fediverse.
A community for live music fans with roots in the jam scene. Shakedown Social is run by a team of volunteers (led by @clifff and @sethadam1) and funded by donations.
Administered by:
Server stats:
253active users
shakedown.social: About · Status · Profiles directory · Privacy policy
Mastodon: About · Get the app · Keyboard shortcuts · View source code · v4.4.3
#bootkit
0 posts · 0 participants · 0 posts today
Scripter :verified_flashing:<p>Researchers Discover "Bootkitty" – First UEFI Bootkit Targeting Linux Kernels<br><a href="https://thehackernews.com/2024/11/researchers-discover-bootkitty-first.html" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">thehackernews.com/2024/11/rese</span><span class="invisible">archers-discover-bootkitty-first.html</span></a> <a href="https://social.tchncs.de/tags/Cybercrime" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Cybercrime</span></a> <a href="https://social.tchncs.de/tags/Linux" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Linux</span></a> <a href="https://social.tchncs.de/tags/UefiBootkit" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>UefiBootkit</span></a> <a href="https://social.tchncs.de/tags/Bootkit" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Bootkit</span></a> <a href="https://social.tchncs.de/tags/Bootkitty" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Bootkitty</span></a></p>
Scripter :verified_flashing:<p>Bootkitty: Forscher entdecken erstes Uefi-Bootkit für Linux - Golem.de<br><a href="https://www.golem.de/news/bootkitty-forscher-entdecken-erstes-uefi-bootkit-fuer-linux-2411-191230.html" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">golem.de/news/bootkitty-forsch</span><span class="invisible">er-entdecken-erstes-uefi-bootkit-fuer-linux-2411-191230.html</span></a> <a href="https://social.tchncs.de/tags/Cybercrime" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Cybercrime</span></a> <a href="https://social.tchncs.de/tags/Linux" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Linux</span></a> <a href="https://social.tchncs.de/tags/UefiBootkit" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>UefiBootkit</span></a> <a href="https://social.tchncs.de/tags/Bootkit" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Bootkit</span></a> <a href="https://social.tchncs.de/tags/Bootkitty" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Bootkitty</span></a></p>
IT News<p>Found in the wild: The world’s first unkillable UEFI bootkit for Linux - Over the past decade, a new class of infections has threatened Wind... - <a href="https://arstechnica.com/security/2024/11/found-in-the-wild-the-worlds-first-unkillable-uefi-bootkit-for-linux/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">arstechnica.com/security/2024/</span><span class="invisible">11/found-in-the-wild-the-worlds-first-unkillable-uefi-bootkit-for-linux/</span></a> <a href="https://schleuss.online/tags/security" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>security</span></a> <a href="https://schleuss.online/tags/bootkit" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>bootkit</span></a> <a href="https://schleuss.online/tags/malware" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>malware</span></a> <a href="https://schleuss.online/tags/biz" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>biz</span></a> <a href="https://schleuss.online/tags/uefi" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>uefi</span></a></p>
loneicewolf<p>Hello! I am back with a project again!<br><a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>infosec</span></a> <a href="https://infosec.exchange/tags/reverseeng" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>reverseeng</span></a> <a href="https://infosec.exchange/tags/backdoor" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>backdoor</span></a> <a href="https://infosec.exchange/tags/backdoors" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>backdoors</span></a> <a href="https://infosec.exchange/tags/backdooring" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>backdooring</span></a> <a href="https://infosec.exchange/tags/hddfwbootkit" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>hddfwbootkit</span></a> <a href="https://infosec.exchange/tags/bootkit" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>bootkit</span></a> <a href="https://infosec.exchange/tags/rootkit" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>rootkit</span></a></p><p><a href="https://infosec.exchange/tags/birthday" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>birthday</span></a> <br>It's my birthday today, I turn 24 xD.. Not that that is interesting but, I thought of making a progress post about the HDD Bootkit I was planning to make.</p><p>To recap!</p><p>Awhile ago I wrote about a hdd bootkit I was gonna make. and I Will copy and paste it BUT!<br>FIRST I will actually post real progress, I have now got to Project "1", which is to unscrew hard disks cover, identify the cpu n stuff, get schematics, wire stuff, debug, and load hello world on it. simply put that's "project 1".</p><p>Project 2, is to "take project 1's hello world" and turn it into a 'hdd firmwre bootkit'.</p><p>I will copy the links here.</p><p>Link 1: <a href="https://www.linkedin.com/posts/william-martens-16872717b_hard-disk-hacking-intro-activity-7184950421034070016-3SLA?utm_source=share&utm_medium=member_desktop" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">linkedin.com/posts/william-mar</span><span class="invisible">tens-16872717b_hard-disk-hacking-intro-activity-7184950421034070016-3SLA?utm_source=share&utm_medium=member_desktop</span></a></p><p>I will copy paste the text I wrote below.<br>==============================</p><p>Hello!<br>I wrote a post some weeks ago, about this project - me making a bootkit for a firmware of a HDD, and/or a SSD's controller cards. </p><p>Many of you most likely wonder what's taking so long to even make a update on it? </p><p>And the truth is, I just had to get a special set of 'screwdrivers' (I think, many will laugh now but this is actually the first step, to open up any disk's 'case' to be able to see what CPU and all that is) you have to, (I had to at least) use a "TorxScrewDriver" or something along those paths.</p><p>So, Now I got it and I will begin the first step, namely the<br>"Pre-Research part". What's that? I call it that cuz, now I have to open them up, see what CPU and stuff they are using, note all of this down.</p><p>Then it's part 2, namely the "Research" Part. What is done here? For me, it's googling about resources, writing a report on what it's uses, and what schematic(s) (if any) is available. </p><p>Then, part 3 is the "Debugging" part. Here, as the name suggests, is to try to debug it using the report from Part 2.</p><p>Part 4 is the final step in the POC(Proof Of Concept) project. This is to take step 3 and make a software, and load it and run it. This will simply be a hello world project to begin with. To just, using the hardware of the Disk itself, write out, in debug print outs, "Hello World".</p><p>And this is the "project number one", Project 2.. Will the post I wrote about </p><p>Part 2 (probably already posted but)<br>===================<br><a href="https://www.linkedin.com/posts/william-martens-16872717b_hard-disk-hacking-intro-activity-7177941239516782592-zXrG?utm_source=share&utm_medium=member_desktop" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">linkedin.com/posts/william-mar</span><span class="invisible">tens-16872717b_hard-disk-hacking-intro-activity-7177941239516782592-zXrG?utm_source=share&utm_medium=member_desktop</span></a></p><p>I will begin reversing some HDD/SSD's, to see if I can replicate spritesmods hdd hack ( <a href="https://spritesmods.com/?art=hddhack" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="">spritesmods.com/?art=hddhack</span><span class="invisible"></span></a> )<br>(and, part 2, 3 , etc)</p><p>And, reading up on it this is another great article</p><p>( <a href="https://malwaretech.com/2015/04/hard-disk-firmware-hacking-part-1.html" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">malwaretech.com/2015/04/hard-d</span><span class="invisible">isk-firmware-hacking-part-1.html</span></a> )<br>(and, part 2, 3 , etc)</p><p>When I say "I will post the progress" or something along those lines, I will post it on my GitHub.</p><p>I will, of course, NOT post the reversed firmware or stuff like that, cuz.. that would'nt be any good for obvious reasons. Instead I will just show what I can achieve, like at least one but probably more than the below:<br>- backdoor the firmware (persistence)<br>- make hidden sectors (possibly using encryption and or obfuscation with some steganography)<br>- kleptography(detect CRYPTO operations to gather the priv keys and store it either a) in the chip(like the firmware), b)in the hidden sector or c) in another way, possibly transmitting it to elsewhere)<br>- Run Linux on it. Yes. The Linux Kernel if possible.</p><p>I will try some stuff I believe will be the first things one tries before, breaking the HDD/SSD open and try for JTAG, cuz, what about if there's no jtag? Or, "better" (worse) if there may be jtag but it's obfuscated? I mean there's no real good thing for companies to label "here we got jtag! so you can hook it up to a machine if you want to debug it!" no no, quietness is what it is. Heh. (By the way that's the same with datasheets, it's not something just 'given out') <- At least.. Not with my experience.</p><p>- JTAG (of course)<br>- Serial (even if some of these might not achieve anything we want, we should just begin small)<br>- See some pinouts<br>- other known "ports"<br>- datasheets<br>- schematics</p><p> <br>This will not only be "a project" on its own, it's a major part (the first part, actually) for something much bigger.</p><p>Alright! have a great day people! Wishes from Sweden!</p>
Graham Cluley<p>BlackLotus bootkit patch may bring "false sense of security", warns NSA </p><p>Read more in my article on the Tripwire blog:</p><p><a href="https://www.tripwire.com/state-of-security/blacklotus-bootkit-patch-may-bring-false-sense-security-warns-nsa" rel="nofollow noopener" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">tripwire.com/state-of-security</span><span class="invisible">/blacklotus-bootkit-patch-may-bring-false-sense-security-warns-nsa</span></a></p><p><a href="https://mastodon.green/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a> <a href="https://mastodon.green/tags/vulnerability" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>vulnerability</span></a> <a href="https://mastodon.green/tags/bootkit" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>bootkit</span></a> <a href="https://mastodon.green/tags/malware" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>malware</span></a> <a href="https://mastodon.green/tags/blacklotus" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>blacklotus</span></a> <a href="https://mastodon.green/tags/microsoft" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>microsoft</span></a></p>
IT News<p>Microsoft will take nearly a year to finish patching new 0-day Secure Boot bug - Enlarge (credit: Aurich Lawson / Ars Technica) </p><p>Earlier this we... - <a href="https://arstechnica.com/?p=1938719" rel="nofollow noopener" target="_blank"><span class="invisible">https://</span><span class="">arstechnica.com/?p=1938719</span><span class="invisible"></span></a> <a href="https://schleuss.online/tags/uefisecureboot" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>uefisecureboot</span></a> <a href="https://schleuss.online/tags/secureboot" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>secureboot</span></a> <a href="https://schleuss.online/tags/windows10" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>windows10</span></a> <a href="https://schleuss.online/tags/windows11" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>windows11</span></a> <a href="https://schleuss.online/tags/bootkit" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>bootkit</span></a> <a href="https://schleuss.online/tags/biz" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>biz</span></a> <a href="https://schleuss.online/tags/tech" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>tech</span></a> <a href="https://schleuss.online/tags/uefi" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>uefi</span></a></p>
TrendingLive feeds
Mastodon is the best way to keep up with what's happening.
Follow anyone across the fediverse and see it all in chronological order. No algorithms, ads, or clickbait in sight.
Create accountLoginDrag & drop to upload