ESPecter: UEFI Bootkit that targets EFI System Partition (ESP)
October 5, 2021
ESET discovered a UEFI bootkit they call “ESPecter” which is so named because it targets the EFI System Partition (ESP).
ESET discovered a UEFI bootkit they call “ESPecter” which is so named because it targets the EFI System Partition (ESP).
FinSpy (also called FinFisher) is an infamous German surveillance tool, available since 2011, that allows operators to intercept communications, capture keystrokes, access files, and even activate cameras and microphones on compromised devices.
A buffer overflow vulnerability has been identified in the Dell BIOSConnect feature, which allows users to update their BIOS firmware from the cloud.
Alert (AA20-352A) – US-Cert – CISA
In December 2020, cybersecurity researchers at FireEye discovered and reported a supply chain attack on SolarWinds software.
Trickboot is an extension of the infamous Trickbot (first identified in 2016) malware. Trickbot developers have created a new module that probes for UEFI vulnerabilities, because
Kaspersky Labs discovered a malware framework they dubbed MosaicRegressor which was used in a series of targeted cyberattacks directed against diplomats and members of an NGO from Africa, Asia, and Europe.
Phoenix Technologies
Corporate Headquarters:
2105 S. Bascom Avenue
Suite 316
Campbell, CA 95008-3295
Toll Free: 1-800-677-7305
Tel: +1-408-570-1000
Who We Serve
Solutions
Resources
Company
Copyright © 2024. FirmGuard
