BlackLotus UEFI Bootkit Malware Successfully Bypasses Windows 11 Secure Boot

The Hacker News Daily Updates [Newsletter]( [cover]( [The Hacker News Webinar: A MythBusting Special -- 9 Myths about File-based Threats]( Say goodbye to the myths and hello to the facts - Register for our webinar on file-based threats now! [Download Now]( Sponsored LATEST NEWS Mar 1, 2023 [BlackLotus Becomes First UEFI Bootkit Malware to Bypass Secure Boot on Windows 11]( A stealthy Unified Extensible Firmware Interface (UEFI) bootkit called BlackLotus has become the first publicly known malware capable of bypassing Secure Boot defenses, making it a potent threat in the cyber landscape. "This bootkit can run even on fully up-to-date Windows 11 systems with UEFI Secure Boot enabled," Slovak cybersecurity company ESET said in a report shared with The Hacker ... [Read More]( [Twitter]( [Facebook]( [LinkedIn]( [CISOs Are Stressed Out and It's Putting Companies at Risk]( Employee well-being has become a primary focus for many businesses. Even before the pandemic, the C-suite was acutely aware of how employee mental health impacts business outcomes. But for cybersecurity professionals, stress has always been a part of the job. A new survey revealed that one of the most concerning aspects of employee mental health is how it impacts cybersecurity programs ... [Read More]( [Twitter]( [Facebook]( [LinkedIn]( [Gmail and Google Calendar Now Support Client-Side Encryption (CSE) to Boost Data Privacy]( Google has announced the general availability of client-side encryption (CSE) for Gmail and Calendar, months after piloting the feature in late 2022. The data privacy controls enable "even more organizations to become arbiters of their own data and the sole party deciding who has access to it," Google's Ganesh Chilakapati and Andy Wen said. To that end, users can send and receive emails ... [Read More]( [Twitter]( [Facebook]( [LinkedIn]( [Parallax RAT Targeting Cryptocurrency Firms with Sophisticated Injection Techniques]( Cryptocurrency companies are being targeted as part of a new campaign that delivers a remote access trojan called Parallax RAT. The malware "uses injection techniques to hide within legitimate processes, making it difficult to detect," Uptycs said in a new report. "Once it has been successfully injected, attackers can interact with their victim via Windows Notepad that likely serves as ... [Read More]( [Twitter]( [Facebook]( [LinkedIn]( [Bitdefender Releases Free Decryptor for MortalKombat Ransomware Strain]( Romanian cybersecurity company Bitdefender has released a free universal decryptor for a nascent file-encrypting malware known as MortalKombat. MortalKombat is a new ransomware strain that emerged in January 2023. It's based on a commodity ransomware dubbed Xorist and has been observed in attacks targeting entities in the U.S., the Philippines, the U.K., and Turkey. Xorist, detected since ... [Read More]( [Twitter]( [Facebook]( [LinkedIn]( [New EX-22 Tool Empowers Hackers with Stealthy Ransomware Attacks on Enterprises]( A new post-exploitation framework called EXFILTRATOR-22 (aka EX-22) has emerged in the wild with the goal of deploying ransomware within enterprise networks while flying under the radar. "It comes with a wide range of capabilities, making post-exploitation a cakewalk for anyone purchasing the tool," CYFIRMA said in a new report. Some of the notable features include establishing a reverse ... [Read More]( [Twitter]( [Facebook]( [LinkedIn]( [Application Security vs. API Security: What is the difference?]( As digital transformation takes hold and businesses become increasingly reliant on digital services, it has become more important than ever to secure applications and APIs (Application Programming Interfaces). With that said, application security and API security are two critical components of a comprehensive security strategy. By utilizing these practices, organizations can protect ... [Read More]( [Twitter]( [Facebook]( [LinkedIn]( [APT-C-36 Strikes Again: Blind Eagle Hackers Target Key Industries in Colombia]( The threat actor known as Blind Eagle has been linked to a new campaign targeting various key industries in Colombia. The activity, which was detected by the BlackBerry Research and Intelligence Team on February 20, 2023, is also said to encompass Ecuador, Chile, and Spain, suggesting a slow expansion of the hacking group's victimology footprint. Targeted entities include health, financial, ... [Read More]( [Twitter]( [Facebook]( [LinkedIn]( [cover]( [The Hacker News Webinar: A MythBusting Special -- 9 Myths about File-based Threats]( Say goodbye to the myths and hello to the facts - Register for our webinar on file-based threats now! [Download Now]( Sponsored This email was sent to {EMAIL}. You are receiving this newsletter because you opted-in to receive relevant communications from The Hacker News. To manage your email newsletter preferences, please [click here](. Contact The Hacker News: info@thehackernews.com [Unsubscribe]( The Hacker News | Pearls Omaxe, Netaji Subash Place, Pitampura, Delhi 110034 India