
Martin Smolar
@smolar_m
Malware researcher at @ESETResearch
ID: 823965462216245249
24-01-2017 18:47:29
75 Tweet
336 Takipçi
336 Takip Edilen

#ESETresearch reveals the first Linux UEFI bootkit, Bootkitty. It disables kernel signature verification and preloads two ELFs unknown during our analysis. Also discovered, a possibly related unsigned LKM – both were uploaded to VT early this month. welivesecurity.com/en/eset-resear… 1/5





Some exciting research to share from Binarly REsearchers Takahiro Haruyama and Fabio Pagani -- a novel approach to UEFI bootkit detection. 🔥Read the technical paper: "UEFI Bootkit Hunting: In-Depth Search for Unique Code Behavior" 👉 binarly.io/blog/uefi-boot…


Thread Execution Hijacking is one of the well-known methods that can be used to run implanted code. In this blog we introduce a new injection method, that is based on this classic technique, but much stealthier - Waiting Thread Hijacking. Read More : research.checkpoint.com/2025/waiting-t…












