CSOonline

LogoFAIL attack can inject malware in the firmware of many computers

Researchers have shown how attackers can deliver malicious code into the UEFI of many PCs though BIOS splash screen graphics. Researchers have devised an attack that exploits serious vulnerabilities ...
CSOonline

Secure Boot no more? Leaked key, faulty practices put 900 PC/server models in jeopardy

PKfail: An AMI Platform Key discovered on GitHub led researchers to uncover test keys in firmware images from major PC and server vendors, something hackers could exploit if leaked to gain kernel ...