Ameet Dhillon

Kaspersky Labs discovered a malware framework they dubbed MosaicRegressor which was used in a series of targeted cyberattacks directed against diplomats and members of an NGO from Africa, Asia, and Europe.

On September 27, 2018, security researchers from ESET publicly disclosed the discovery of a UEFI rootkit named “LoJax” that was “found in the wild.”

CVE-2018-8930, CVE-2018-8931, CVE-2018-8932, CVE-2018-8933, CVE-2018-8934, CVE-2018-8935, CVE-2018-8936

On March 13, 2018, security researchers from CTS Labs publicly disclosed vulnerabilities discovered in certain AMD silicon, named MASTERKEY, RYZENFALL, FALLOUT, and CHIMERA. Phoenix’s UEFI firmware is not vulnerable to these attacks.

CVE-2017-5715, CVE-2017-5753, CVE-2017-5754

A new class of security vulnerabilities, named Meltdown and Spectre, became public knowledge in early January 2018.

VectorEDK is a UEFI rootkit created by the controversial Italian company Hacking Team as part of a suite of tools that they sold to governments and law

WikiLeaks claims that Der Starke (German for “The Strong”) is an advanced CIA implant for Mac OS X that embeds itself in EFI firmware, making detection and removal difficult.

WikiLeaks claims the CIA’s Sonic Screwdriver tool uses Thunderbolt to deploy malicious code into UEFI-based Mac OS firmware.

Wikileaks claims that DarkSeaSkies is a CIA implant embedded in Apple MacBook Air EFI firmware, utilizing DarkMatter, SeaPea, and NightSkies tools.