腾讯网

Linux 启动漏洞可绕过现代 Linux 系统的安全启动保护

现代Linux发行版存在一个重大漏洞,攻击者通过短暂物理接触即可利用initramfs(初始内存文件系统)操控绕过安全启动(Secure Boot)保护机制。 该攻击利用系统启动失败时可访问的调试shell,注入持久性恶意软件,这些恶意软件可在系统重启后继续存活,即使用户 ...
Hackaday

This Week In Security: Sharepoint, Initramfs, And More

There was a disturbance in the enterprise security world, and it started with a Pwn2Own Berlin. [Khoa Dinh] and the team at Viettel Cyber Security discovered a pair of vulnerabilities in Microsoft’s ...
Linux Journal

FOSS Project Spotlight: LinuxBoot

The more things change, the more they stay the same. That may sound cliché, but it's still as true for the firmware that boots your operating system as it was in 2001 when Linux Journal first ...