Meltdown and Spectre
CVE-2017-5715, CVE-2017-5753, CVE-2017-5754
A new class of security vulnerabilities, named Meltdown and Spectre, became public knowledge in early January 2018.
CVE-2017-5715, CVE-2017-5753, CVE-2017-5754
A new class of security vulnerabilities, named Meltdown and Spectre, became public knowledge in early January 2018.
VectorEDK is a UEFI rootkit created by the controversial Italian company Hacking Team as part of a suite of tools that they sold to governments and law
WikiLeaks claims that Der Starke (German for “The Strong”) is an advanced CIA implant for Mac OS X that embeds itself in EFI firmware, making detection and removal difficult.
WikiLeaks claims the CIA’s Sonic Screwdriver tool uses Thunderbolt to deploy malicious code into UEFI-based Mac OS firmware.
Wikileaks claims that DarkSeaSkies is a CIA implant embedded in Apple MacBook Air EFI firmware, utilizing DarkMatter, SeaPea, and NightSkies tools.
BIOS firmware security
Remote BIOS configuration
Remote BIOS update
Remote endpoint drive erasure
Remotely reimage an endpoint
Display endpoint system information
Monitor endpoint connectivity