#1 Trusted Cybersecurity News Platform
Followed by 5.20+ million
The Hacker News Logo
Subscribe – Get Latest News
Cloud Security

bios malware | Breaking Cybersecurity News | The Hacker News

Category — bios malware
Critical GRUB2 Bootloader Bug Affects Billions of Linux and Windows Systems

Critical GRUB2 Bootloader Bug Affects Billions of Linux and Windows Systems

Jul 29, 2020
A team of cybersecurity researchers today disclosed details of a new high-risk vulnerability affecting billions of devices worldwide—including servers and workstations, laptops, desktops, and IoT systems running nearly any Linux distribution or Windows system. Dubbed ' BootHole ' and tracked as CVE-2020-10713 , the reported vulnerability resides in the GRUB2 bootloader, which, if exploited, could potentially let attackers bypass the Secure Boot feature and gain high-privileged persistent and stealthy access to the targeted systems. Secure Boot is a security feature of the Unified Extensible Firmware Interface (UEFI) that uses a bootloader to load critical components, peripherals, and the operating system while ensuring that only cryptographically signed code executes during the boot process. "One of the explicit design goals of Secure Boot is to prevent unauthorized code, even running with administrator privileges, from gaining additional privileges and pre-OS pers...
Dell Releases A New Cybersecurity Utility To Detect BIOS Attacks

Dell Releases A New Cybersecurity Utility To Detect BIOS Attacks

Apr 14, 2020
Computer manufacturing giant Dell has released a new security tool for its commercial customers that aims to protect their computers from stealthy and sophisticated cyberattacks involving the compromise of the BIOS. Dubbed ' SafeBIOS Events & Indicators of Attack ' (IoA), the new endpoint security software is a behavior-based threat detection system that alerts users when BIOS settings of their computers undergo some unusual changes. BIOS (Basic Input Output System) is a small but highly-privileged program that handles critical operations and starts your computer before handing it over to your operating system. Protecting the BIOS program is crucial because: Changes to the system BIOS settings could allow malicious software to run during the boot process, Once a hacker takes over the BIOS, he can stealthily control the targeted computer and gain access to the data stored on it, Malware in BIOS remains persistent and doesn't get away even when you format or...
5 Reasons Device Management Isn't Device Trust​

5 Reasons Device Management Isn't Device Trust​

Apr 21, 2025Endpoint Security / Zero Trust
The problem is simple: all breaches start with initial access, and initial access comes down to two primary attack vectors – credentials and devices. This is not news; every report you can find on the threat landscape depicts the same picture.  The solution is more complex. For this article, we'll focus on the device threat vector. The risk they pose is significant, which is why device management tools like Mobile Device Management (MDM) and Endpoint Detection and Response (EDR) are essential components of an organization's security infrastructure. However, relying solely on these tools to manage device risk actually creates a false sense of security. Instead of the blunt tools of device management, organizations are looking for solutions that deliver device trust . Device trust provides a comprehensive, risk-based approach to device security enforcement, closing the large gaps left behind by traditional device management solutions. Here are 5 of those limitations and how to ov...
Lenovo Caught Using Rootkit to Secretly Install Unremovable Software

Lenovo Caught Using Rootkit to Secretly Install Unremovable Software

Aug 13, 2015
Two years ago Chinese firm Lenovo got banned from supplying equipment for networks of the intelligence and defense services various countries due to hacking and spying concerns. Earlier this year, Lenovo was caught red-handed for selling laptops pre-installed with Superfish malware . One of the most popular Chinese computer manufacturers 'Lenovo' has been caught once again using a hidden Windows feature to preinstall unwanted and unremovable rootkit software on certain Lenovo laptop and desktop systems it sells. The feature is known as " Lenovo Service Engine " (LSE) – a piece of code presents into the firmware on the computer's motherboard.  If Windows is installed, the LSE automatically downloads and installs Lenovo's own software during boot time before the Microsoft operating system is launched, overwriting Windows operating system files. More worrisome part of the feature is that it injects software that updates drivers, firmware, and oth...
cyber security

Mastering AI Security: Your Essential Guide

websiteWizAI Security / Posture Management
Learn how to secure your AI pipelines and stay ahead of AI-specific risks at every stage with these best practices.
Hacking Team Spyware preloaded with UEFI BIOS Rootkit to Hide Itself

Hacking Team Spyware preloaded with UEFI BIOS Rootkit to Hide Itself

Jul 14, 2015
Last Week someone just hacked the infamous Hacking Team , The Italy-based cyber weapons manufacturer and leaked a huge trove of 400GB internal data , including: Emails Hacking tools Zero-day exploits Surveillance tools Source code for Spyware A spreadsheet listing every government client with date of purchase and amount paid Hacking Team is known for its advanced and sophisticated Remote Control System (RCS) spyware , also known as Galileo , which is loaded with lots of zero-day exploits and have ability to monitor the computers of its targets remotely. Today, Trend Micro security researchers found that the Hacking Team " uses a UEFI  (Unified Extensible Firmware Interface)  BIOS Rootkit to keep their Remote Control System (RCS) agent installed in their targets' systems ." That clearly means, even if the user reinstalls the Operating System, formats the hard disk, and even buys a new hard disk, the agents are implanted after Microsoft Windows is...
Apple Mac OSX Zero-Day Bug Allows Hackers to Install RootKit Malware

Apple Mac OSX Zero-Day Bug Allows Hackers to Install RootKit Malware

Jun 02, 2015
A zero-day software vulnerability discovered deep in the firmware of many Apple computers could allows an attacker to modify the system's BIOS and install a rootkit , potentially gaining complete control of the victim's Mac. The critical vulnerability, discovered by well-known OS X security researcher Pedro Vilaca, affects Mac computers shipped before mid-2014 that are allowed to go into sleep mode. While studying Mac security, Vilaca found that it's possible to tamper with Apple computer's UEFI (unified extensible firmware interface) code. UEFI is a low-level firmware designed to improve upon computer's BIOS, which links a computer's hardware and operating system at startup and is typically not accessible to users. But… Vilaca found that the machine's UEFI code can be unlocked after a computer is put to sleep and then brought back up. " And you ask, what the hell does this mean? " Vilaca wrote in a blog post published Friday. " It means th...
Expert Insights / Articles Videos
Cybersecurity Resources