Shade BIOS:释放 UEFI 恶意软件的全部隐蔽性.pdf

编号:981884 PDF 44页 2.13MB 下载积分:VIP专享
下载报告请您先登录!

1、#BHUSA BlackHatEventsShade BIOSShade BIOSUnleashing the Full Stealth of UEFI MalwareUnleashing the Full Stealth of UEFI MalwareKazuki Matsuo(InfPCTechStack)2025/08/06 Oceanside C,Level 2#BHUSA BlackHatEventsWhoami-Kazuki Matsuo(InfPCTechStack)TitleSecurity Researcher at FFRI Security,Inc.InterestsUE

2、FI BIOS,SMM(Negative Rings)Previous workSmmPack:Obfuscation for SMM Modules with TPM Sealed Key DIMVA 2024Youve Already Been Hacked:What if There Is a Backdoor in Your UEFI OROM?BHUSA 2024#BHUSA BlackHatEventsImportance of UEFI SecurityIs infecting BIOS overkill?Well,what about in these two fields N

3、ational Security BIOS is a reasonable place to install backdoors Many companies are involved in its vast supply chain(unlike OS,VMM,CPU)Leaked documents and toolkits,such as Vault 7 and vector-edk clearly confirm thatUEFI security is considered to be criticalCloud Security Can compromise every VMs S

4、trong rivalry with hypervisor-basedsecurity Fractured,AmliImage from https:/www.binarly.io/blog/attacking-pre-efi-ecosystem#BHUSA BlackHatEventsChallenges of Existing UEFI malwareIn-the-wild UEFI bootkits(Lojax-BlackLotus)After all,they all perform malicious activities in userland or kernel Not pure

5、-BIOS malware(they just support userland/kernel malbehaviors)Dependent on OS-level security(despite BIOS having higher privileges than OS)Leaked BIOS/UEFI backdoors(Jetplow,vector-edk,)Legacy BIOS or SMM backdoors:Very specific attack targets UEFI backdoors:Identical to UEFI bootkitsPoC BIOS/UEFI ma

6、lware in the research fields There are several SMM backdoors but they require device-specific implementation=They suffer from OS&Hardware-Dependence#BHUSA BlackHatEventsOS Dependence of Existing BootkitsThey can disable OS security mechanisms ESPector disables DSE(Driver Signature Enforcement)Cosmic

友情提示

1、下载报告失败解决办法
2、PDF文件下载后,可能会被浏览器默认打开,此种情况可以点击浏览器菜单,保存网页到桌面,就可以正常下载了。
3、本站不支持迅雷下载,请使用电脑自带的IE浏览器,或者360浏览器、谷歌浏览器下载即可。
4、本站报告下载后的文档和图纸-无水印,预览文档经过压缩,下载后原文更清晰。

本文(Shade BIOS:释放 UEFI 恶意软件的全部隐蔽性.pdf)为本站 (竿头日上) 主动上传,三个皮匠报告文库仅提供信息存储空间,仅对用户上传内容的表现方式做保护处理,对上载内容本身不做任何修改或编辑。 若此文所含内容侵犯了您的版权或隐私,请立即通知三个皮匠报告文库(点击联系客服),我们立即给予删除!

温馨提示:如果因为网速或其他原因下载失败请重新下载,重复下载不扣分。
客服
商务合作
小程序
服务号
折叠