(3652) Windows11 BIOS/UEFI画面の起動コマンド #shorts #windows #bios #uefi #裏技 - YouTube https://www.youtube.com/shorts/5-Cjnk_18A4
#uEFI
Patina, một dự án mới của Open Device Partnership, đang triển khai firmware UEFI sử dụng ngôn ngữ lập trình Rust. Mục tiêu là tạo ra một giải pháp firmware an toàn và hiện đại hơn.
#Patina #Rust #UEFI #Firmware #OpenSource #Programming #PhanSun #LapTrinh #MaNguonMo
Patina là dự án mới của Open Device Partnership, triển khai firmware UEFI hoàn toàn bằng Rust, hứa hẹn tăng tính an toàn và hiệu suất cho phần mềm hệ thống. 🛠️🚀 #Rust #UEFI #OpenSource #Firmware #CôngNghệ #MãNguồnMở #PatinaProject
Microsoft lança correção para bug de vídeo nos novos Surface Copilot+
🔗 https://tugatech.com.pt/t72669-microsoft-lanca-correcao-para-bug-de-video-nos-novos-surface-copilot
#copilot #DSP #firmware #ia #microsoft #processador #processadores #programação #qualcomm #rust #segurança #snapdragon #software #streaming #UEFI #windows
Running Code in the Pre-Boot Environment
Before your operating system loads, the UEFI (Unified Extensible Firmware Interface) runs. The code in the UEFI is responsible for getting the initial bits of your operating system loaded and then passes control to it for it to load the rest of its components. For the sake of having a better understanding of how things work, this past weekend I decided to write code that would run from the UEFI.
Computer motherboard hardware and software must be so full of security vulnerabilities and backdoors.
#motherboards #securityvulnerabilities #rootkits #computersecurity #computerviruses #viruses #trojans #bios #uefi #bootsector #backdoors #proprietarysoftware #firmware #closedsourcesoftware
Installation of Ubuntu with hardware-backed full disk encryption (TPM) fails with ClientError #systeminstallation #uefi #encryption #tpm #subiquity
Xiaomi laptop dual boot: Ubuntu installed but Windows always boots #boot #dualboot #partitioning #grub2 #uefi
Dual boot setup on Xiaomi laptop: can't boot into Ubuntu after installation #boot #dualboot #partitioning #grub2 #uefi
🖥️ 6 façons de vérifier la version du BIOS/UEFI de votre PC
👉 https://www.justgeek.fr/verifier-version-bios-uefi-pc-142670/
Estoy empezando a dudar si seguir con #Aeon, ya que ciertos aspectos del sistema me resultan tan retorcidos como opacos.
Los aspectos a los que me refiero no están relacionados con el sistema operativo en sí, sino con #SecureBoot, #TPM y #UEFI. En serio, que vuelva legacy #BIOS, porque esto es una completa locura.
Es básicamente seguridad basada en oscuridad.
A variant of the infamous Petya/NotPetya ransomeware virus has been discovered that is capable of bypassing UEFI Secure Boot on outdated systems.
Resurrecting My Windows Partition After 4 Years 🖥️🎮
Sometimes Linux life is bliss. I have my terminal, my editor, my tools, and Steam games that run natively. For nearly four years, I didn’t touch Windows once — and I didn’t miss it. And then Fortnite happened. My girlfriend Enya and her wife Kyra got hooked, and naturally I wanted to join them. But Fortnite refuses to run on Linux — some copy-protection magic that digs into the Windows kernel. It’s rare these days for a game to be Windows-only, but rare enough to shatter my […]https://amedee.be/resurrecting-my-windows-partition-after-4-years-%f0%9f%96%a5%ef%b8%8f%f0%9f%8e%ae/
cpu and the usb ports still active even after shutdown #dualboot #uefi #powermanagement #shutdown #2504
Steam vai verificar se o seu PC está pronto para os jogos anti-batota mais exigentes
🔗 https://tugatech.com.pt/t72027-steam-vai-verificar-se-o-seu-pc-esta-pronto-para-os-jogos-anti-batota-mais-exigentes
#BIOS #computador #hardware #internet #segurança #software #steam #UEFI #Valve #videojogos #windows
Funny. You can, without hassle, install Windows on a separate drive and it will happily oblige. However, if there is another drive with an existing OS, Windows will—in its infinite wisdom—piggyback on its bootloader partition and add Windows Boot Manager on there, instead of making its own on the drive where it's being installed.
Frankly, serves me right for not disconnecting the other drive physically, but it is a badly reachable NVMe, so I couldn't be bothered.
It's been a packed 24 hours in the cyber world, with major disruptions to phishing operations, nation-state actors leveraging AI, significant breaches impacting critical infrastructure and financial services, and a notable resentencing in a high-profile cybercrime case. Let's dive in:
Recent Cyber Attacks and Breaches 🚨
- UK telco Colt Technology Services is still reeling from an August cyberattack, with recovery efforts now expected to stretch into late November. The Warlock ransomware group is claiming responsibility, and the incident is suspected to have originated from SharePoint exploits.
- The Jaguar Land Rover (JLR) cyberattack continues to send "shockwaves" through the UK automotive supply chain, with supplier Autins reporting a 55% share price drop and production halts. This highlights the significant economic security implications of attacks on critical industrial players.
- Venture capital firm Insight Partners has begun notifying over 12,000 individuals about a ransomware breach that occurred in October, with servers encrypted in January. The attack, initiated via a sophisticated social engineering campaign, led to the exfiltration of sensitive personal, banking, and tax information.
- SonicWall has warned customers to reset credentials after a security breach of its MySonicWall.com platform exposed firewall configuration backup files. Threat actors used brute-force attacks to access these files, which contain encrypted passwords and other data that could significantly aid firewall exploitation.
- The ShinyHunters extortion group claims to have stolen over 1.5 billion Salesforce records from 760 companies by exploiting compromised Salesloft Drift OAuth tokens. This extensive data theft, linked to the "Scattered Lapsus$ Hunters" collective, involved scanning source code for secrets and exfiltrating sensitive customer support ticket data.
💻 The Register | https://go.theregister.com/feed/www.theregister.com/2025/09/17/uk_telco_colts_cyberattack_recovery/
🗞️ The Record | https://therecord.media/jlr-cyber-shockwave-auto-sector
🤖 Bleeping Computer | https://www.bleepingcomputer.com/news/security/vc-giant-insight-partners-warns-thousands-after-ransomware-breach/
🤖 Bleeping Computer | https://www.bleepingcomputer.com/news/security/sonicwall-warns-customers-to-reset-credentials-after-MySonicWall-breach/
🤫 CyberScoop | https://cyberscoop.com/sonicwall-cyberattack-customer-firewall-configurations/
🤖 Bleeping Computer | https://www.bleepingcomputer.com/news/security/shinyhunters-claims-15-billion-salesforce-records-stolen-in-drift-hacks/
Threat Actor Activity and AI in Cybercrime 🕵️
- Microsoft and Cloudflare have successfully disrupted RaccoonO365, a major Phishing-as-a-Service (PhaaS) operation, by seizing 338 domains and associated infrastructure. The financially motivated group, tracked as Storm-2246, stole over 5,000 Microsoft 365 credentials from 94 countries, often preceding malware and ransomware attacks.
- The notorious Scattered Spider group has resurfaced, shifting its focus to the financial sector despite recent claims of "going dark" alongside other cybercrime groups. ReliaQuest observed a targeted intrusion against a US banking organisation, where initial access was gained via social engineering and Azure AD self-service password reset, followed by lateral movement and credential dumping.
- North Korean Kimsuky hackers (APT43) are leveraging OpenAI's ChatGPT to generate deepfake military ID cards for phishing campaigns targeting South Korean defence institutions. This demonstrates a growing trend of nation-state actors using generative AI to create highly convincing forgeries and enhance social engineering tactics.
- The RevengeHotels group is also employing AI to boost its attacks on hotels, primarily in Brazil and Latin America, using phishing emails to deliver the VenomRAT remote access trojan. The use of large language models has enabled the hackers to produce cleaner, more structured malicious code, making their payment card data theft campaigns more effective.
📰 The Hacker News | https://thehackernews.com/2025/09/raccoono365-phishing-network-shut-down.html
🤖 Bleeping Computer | https://www.bleepingcomputer.com/news/security/microsoft-and-cloudflare-disrupt-massive-raccoono365-phishing-service/
📰 The Hacker News | https://thehackernews.com/2025/09/scattered-spider-resurfaces-with.html
💻 The Register | https://go.theregister.com/feed/www.theregister.com/2025/09/17/scattered_spider_bank_attack/
🗞️ The Record | https://therecord.media/north-korea-kimsuky-hackers-phishing-fake-military-ids-chatgpt
🗞️ The Record | https://therecord.media/hackers-payment-data-guests-steal
New Vulnerability: DDR5 Rowhammer ⚠️
- Researchers from Google and ETH Zurich have discovered a new class of Rowhammer vulnerability, dubbed "Phoenix" (CVE-2025-6202), affecting DDR5 memory modules. This attack, while computationally expensive, can corrupt data in adjacent memory cells, posing a risk to data integrity and potentially enabling privilege escalation.
- The vulnerability stems from repeatedly accessing specific rows of memory cells, which can degrade data in neighbouring cells, a known issue that DDR5 was thought to be more resistant to without additional refresh management commands.
- While AMD has released a BIOS update to protect systems using its processors, the discovery highlights the ongoing challenge of securing modern memory architectures and the need for system builders to implement robust defences like JEDEC's Per-Row Activation Counting (PRAC).
💻 The Register | https://go.theregister.com/feed/www.theregister.com/2025/09/17/ddr5_dram_rowhammer/
Legal and Regulatory Developments ⚖️
- The founder of BreachForums, Conor Brian Fitzpatrick (Pompompurin), has been resentenced to three years in prison for his role in running the cybercrime forum and possessing child sexual abuse material (CSAM). This follows an appeals court vacating his initial lenient sentence of 17 days time served.
- Fitzpatrick pleaded guilty to access device conspiracy, access device solicitation, and possession of CSAM, and has agreed to forfeit over 100 domain names, electronic devices, and cryptocurrency. The resentencing underscores the severity of his crimes, which involved facilitating the sale of over 14 billion individual records.
📰 The Hacker News | https://thehackernews.com/2025/09/doj-resentences-breachforums-founder-to.html
💻 The Register | https://go.theregister.com/feed/www.theregister.com/2025/09/17/breachforums_founder_prison/
Data Privacy Win Against Big Tech 🔒
- A California federal judge has rejected Meta's attempt to overturn a jury verdict finding the tech giant liable for illegally obtaining sensitive reproductive health data from millions of women via the Flo period tracking app. The ruling confirms Meta directly acquired user communication content in real-time without proper consent.
- The judge's unusually harsh wording called Meta's attempt to nullify the verdict "improper," reinforcing the significance of this case as one of the first major verdicts on how big tech handles sensitive health data. This could pave the way for further litigation and increased scrutiny of data collection practices.
🗞️ The Record | https://therecord.media/judge-rejects-meta-attempt-overturn-flo-privacy-lawsuit
Linux Arm64 and UEFI Secure Boot 🐧
- The adoption of UEFI Secure Boot for Linux on Arm64 devices presents a more fragmented landscape compared to x86, primarily due to the diversity of Arm chip manufacturers and their firmware implementations. While the UEFI specification is architecture-independent, its practical application varies significantly.
- Many Arm devices rely on the u-boot bootloader, which offers UEFI compliance but requires users to create and deploy their own certificates and keys, unlike the x86 world where Microsoft-signed shims are common.
- While some Linux distributions like Debian, Ubuntu, and SUSE offer out-of-the-box Secure Boot support on Arm with Microsoft keys, others like Fedora and RHEL require manual certificate deployment or disabling Secure Boot initially, highlighting ongoing integration challenges.
💻 The Register | https://go.theregister.com/feed/www.theregister.com/2025/09/17/uefi_secure_boot_for_linux/
#CyberSecurity #ThreatIntelligence #Ransomware #Phishing #AI #NationState #APT #Vulnerability #Rowhammer #DDR5 #DataBreach #IncidentResponse #Cybercrime #Legal #DataPrivacy #Linux #UEFI #InfoSec
Client Info
Server: https://mastodon.social
Version: 2025.07
Repository: https://github.com/cyevgeniy/lmst