A UEFI Firmware Bootkit in the Wild

A UEFI Firmware Bootkit in the Wild

nullcon via YouTube Direct link

Shell Code Loader

12 of 20

12 of 20

Shell Code Loader

Class Central Classrooms beta

YouTube videos curated by Class Central.

Classroom Contents

A UEFI Firmware Bootkit in the Wild

Automatically move to the next video in the Classroom when playback concludes

  1. 1 Introduction
  2. 2 Definitions
  3. 3 Past examples
  4. 4 Prevalence
  5. 5 How it works
  6. 6 EFI driver
  7. 7 Attacker code
  8. 8 Modifying the boot manager
  9. 9 OSL Arc Transfer to Kernel
  10. 10 ZW Create section
  11. 11 Patch Guard
  12. 12 Shell Code Loader
  13. 13 User Mode Components
  14. 14 C2 Servers
  15. 15 Timeline
  16. 16 Possible attack scenario
  17. 17 Victims
  18. 18 Threat actors
  19. 19 How to disinfect
  20. 20 Conclusion

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.