Ameet Dhillon

FirmGuard^® SecureCheck^™ | Antivirus For UEFI BIOS Firmware

March 18, 2024

Organizations that ignore UEFI BIOS firmware vulnerability do so at their own peril and are setting themselves up for a potentially devasting attack. But what is UEFI? How do we protect endpoints from UEFI BIOS vulnerabilities? And what types of vulnerabilities are there?

Broom wiping zero and ones | FirmGuard SecureWipe

FirmGuard^®SecureWipe securely erases endpoint HDD, SSD, and other mass storage devices

March 18, 2024

SecureWipe is a FirmGuard feature that securely erases endpoint HDD, SSD, and other mass storage devices. It is triggered remotely from the FirmGuard Portal and forensically erases all data and partitions independent of the operating system (OS).

PixieFail UEFI Flaws Expose Millions of Computers

January 18, 2024

Reference Article
Multiple security vulnerabilities have been disclosed in the TCP/IP network protocol stack of an open-source reference implementation of the Unified Extensible Firmware Interface (UEFI) specification used widely in modern computers.

LogoFAIL Can Lead to Denial-of-Service Attack or Worse

December 7, 2023

CVE-2023-5058
Phoenix Technologies has been informed of a serious flaw in Phoenix SecureCore™ Technology™ 4, which is a BIOS firmware that provides advanced security features for various devices.

High Severity Vulnerability in HP PC BIOS

June 20, 2023

HP Bulletin | CVE-2023-26299

HP discovered a potential vulnerability in the BIOS of certain HP PC products that use AMI UEFI Firmware.

Read More »

High Severity Vulnerability in Acer Notebook Devices

June 15, 2023

Acer Article | CVE-2022-4020

A vulnerability has been discovered in the HQSwSmiDxe DXE driver on some consumer Acer Notebook devices, which may allow an attacker with elevated privileges to modify UEFI Secure Boot settings by modifying an NVRAM variable.

Read More »

The BlackLotus Campaign

April 11, 2023

Microsoft Incident Report | CVE-2022-21894

In April 2023, cybersecurity researchers at Microsoft identified a dangerous UEFI bootkit (CVE-2022-21894), dubbed “BlackLotus”. It operates at computer startup, compromising systems and disabling OS security mechanisms.

Read More »

High Severity Vulnerability in Acer Aspire E5-475G BIOS

February 16, 2023

CVE-2022-40080

A stack overflow vulnerability has been found in the BIOS firmware of Aspire E5-475G laptops, which can allow local attackers to execute arbitrary code and gain escalated privileges during the boot process.

Read More »

CosmicStrand: The Discovery of a Sophisticated UEFI Firmware Rootkit

July 25, 2022

Reference Article
CosmicStrand appears to be the work of an unknown Chinese-speaking threat actor.

Read More »

MoonBounce: Chinese Group Deploys MoonBounce Implant in UEFI Firmware

January 21, 2022

Reference Article

The highly targeted attack reveals a new level of sophistication in attacks against UEFI firmware.

Read More »

Suite of Features