NSA Releases Guide to Combat BlackLotus Malware

23 June 2023

Malicious cyber actors might exploit a known flaw in Microsoft Windows’ secure startup process to bypass Secure Boot protection and run the BlackLotus malware. BlackLotus uses a known flaw dubbed “Baton Drop,” tracked as CVE-2022-21894, to bypass beyond security precautions made by the device’s Secure Boot start-up procedure. Since October 2022, BlackLotus has been making appearances on hacker forums.

Source: GBHackers

Date:

23 June 2023

Categorie(s):

NEWS

Tag(s):

Combat, Cyber Attack, Cyber Security News, Guides, NSA

McAfee Dominates AV-Comparatives PC Performance Test3 May 2024
Preparation: The Less Shiny Side of Incident Response – Joe Gross – ESW #3603 May 2024
Critical GitLab account takeover flaw added to CISA’s KEV Catalog2 May 2024
Microsoft, Google do a victory lap around passkeys2 May 2024
Understanding Scattered Spider, and how they perform cloud-centric identity attacks2 May 2024