Stay updated on BIOS security trends, threats, and protection strategies. Essential reading for IT professionals and cybersecurity enthusiasts.
Search across headline titles and summaries.
Background for this topic.
BIOS is an acronym for Basic Input/Output System, which is firmware embedded on a small memory chip on the computer's motherboard. The BIOS is responsible for bootstrapping the computer by initializing hardware components and launching the operating system. In the context of information security, the BIOS plays a critical role as it is the first code to run when a computer is powered on, making it a target for attackers seeking to install persistent malware. Protecting the BIOS from unauthorized access and updates is crucial to prevent such low-level attacks. Security measures include using BIOS passwords, enabling secure boot mechanisms, and applying BIOS firmware updates that address known vulnerabilities.
Weekly headline count for the current query.
Microsoft is working to resolve a bug that causes Defender for Endpoint to incorrectly tag some devices' BIOS (Basic Input/Output System) firmware as outdated, prompting users to update it. [...]
What if malware didn't require an operating system to function? How would anyone possibly notice, let alone disable it?
Lenovo is warning about high-severity BIOS flaws that could allow attackers to potentially bypass Secure Boot in all-in-one desktop PC models that use customized Insyde UEFI (Unified Extensible Firmware Interface). [...]
More ASUS customers can now install Windows 11 24H2 after applying a BIOS update that resolves blue screen of death (BSOD) issues acknowledged in October. [...]
Answers on a postcard to what 'Microcode Signature Verification Vulnerability' might mean AMD has confirmed at least some of its microprocessors suffer a microcode-related security vulnerability, the existence of which accidentally emerged this month after a fix for the flaw appeared in a beta BIOS update from PC maker Asus.…
Devices on six-year-old firmware vulnerable to takeover and destruction Argentine cybersecurity shop Eclypsium claims security issues affecting leading DNA sequencing devices could lead to disruptions in crucial clinical research.…
BIOS/UEFI vulnerabilities in the iSeq 100 DNA sequencer from U.S. biotechnology company Illumina could let attackers disable devices used for detecting illnesses and developing vaccines. [...]
Eclypsium Report Describes BIOS/UEFI Issues in Illumina iSeq 100 FirmwareCertain vulnerabilities in device maker Illumina's iSeq 100 DNA gene sequencer could allow hackers to overwrite the system's firmware to render the device unusable or to install a firmware implant for ongoing attacker persistence, said researchers at Eclypsium who identified the flaws.
Cybersecurity researchers have uncovered firmware security vulnerabilities in the Illumina iSeq 100 DNA sequencing instrument that, if successfully exploited, could permit attackers to brick or plant persistent malware on susceptible devices
Plus: More stalkerware exposure; a $16M TracFone fine; Ransomware victims don't use MFA, and more Infosec in brief Protecting computers' BIOS and the boot process is essential for modern security – but knowing it's important isn't the same as actually taking steps to do it.…
The Unified Extensible Firmware Interface (UEFI) code from various independent firmware/BIOS vendors (IBVs) has been found vulnerable to potential attacks through high-impact flaws in image parsing libraries embedded into the firmware
Exploits bypass most secure boot solutions from the biggest chip vendors Hundreds of consumer and enterprise devices are potentially vulnerable to bootkit exploits through unsecured BIOS image parsers.…
MSI has released BIOS updates to fix a known issue that triggers blue screens of death on Windows computers after installing August 2023 preview updates. [...]
Threat actors are creating fake websites hosting trojanized software installers to trick unsuspecting users into downloading a downloader malware called Fruity with the goal of installing remote trojans tools like Remcos RAT
FortiGuard explained that ThirdEye can harvest BIOS and hardware data
A firmware update for hundreds of Gigabyte PC models gets rid of a backdoor capability that could be hijacked by cybercriminals, the company says.
1.5TB of databases, source code, BIOS tools said to be stolen Owners of MSI-brand motherboards, GPUs, notebooks, PCs, and other equipment should exercise caution when updating their device's firmware or BIOS after the manufacturer revealed it has recently suffered a cyberattack.…
Qualcomm on Tuesday released patches to address multiple security flaws in its chipsets, some of which could be exploited to cause information disclosure and memory corruption
Gurus say source includes secret hardware info, private signing key for Boot Guard protection Source code for the BIOS used with Intel's 12th-gen Core processors has been leaked online, possibly including details of undocumented model-specific registers (MSRs) and even the private signing key for Intel's Boot Guard security technology.…
Chipmaker Intel has confirmed that proprietary source code related to its Alder Lake CPUs has been leaked, following its release by an unknown third-party on 4chan and GitHub last week