The U.S. National Security Agency (NSA) has issued guidelines today outlining defensive measures against BlackLotus UEFI bootkit malware attacks. BlackLotus, circulating in hacking circles since October 2022, is promoted as a type of malware capable of avoiding detection, resisting removal attempts, and turning off various Windows security features such as Defender, HVCI, and BitLocker.
In May, Microsoft addressed a zero-day vulnerability in Secure Boot (CVE-2023-24932) through security updates, which had been exploited to bypass patches introduced for CVE-2022-21894, the Secure Boot flaw initially exploited during previous instances of BlackLotus attacks.
Read More: NSA shares tips on blocking BlackLotus UEFI malware attacks
For more such updates follow us on Google News ITsecuritywire News. Please subscribe to our Newsletter for more updates.
