BlackLotus and the Untold Story of how UEFI Secure Boot Became a Gateway for Cyber Attacks on Millions of Servers

6/8/2023 12:00:00 PM [(UTC-05:00) Eastern Time (US & Canada)] - Can't make the live event? Register anyway to receive a link to the recording.

Show/Hide All Time Zones

All Time Zones


Dateline Standard Time-(UTC-12:00) International Date Line West	6/8/2023 4:00:00 AM
UTC-11-(UTC-11:00) Coordinated Universal Time-11	6/8/2023 5:00:00 AM
Aleutian Standard Time-(UTC-10:00) Aleutian Islands	6/8/2023 7:00:00 AM
Hawaiian Standard Time-(UTC-10:00) Hawaii	6/8/2023 6:00:00 AM
Marquesas Standard Time-(UTC-09:30) Marquesas Islands	6/8/2023 6:30:00 AM
Alaskan Standard Time-(UTC-09:00) Alaska	6/8/2023 8:00:00 AM
UTC-09-(UTC-09:00) Coordinated Universal Time-09	6/8/2023 7:00:00 AM
Pacific Standard Time (Mexico)-(UTC-08:00) Baja California	6/8/2023 9:00:00 AM
UTC-08-(UTC-08:00) Coordinated Universal Time-08	6/8/2023 8:00:00 AM
Pacific Standard Time-(UTC-08:00) Pacific Time (US & Canada)	6/8/2023 9:00:00 AM
US Mountain Standard Time-(UTC-07:00) Arizona	6/8/2023 9:00:00 AM
Mountain Standard Time (Mexico)-(UTC-07:00) La Paz, Mazatlan	6/8/2023 9:00:00 AM
Mountain Standard Time-(UTC-07:00) Mountain Time (US & Canada)	6/8/2023 10:00:00 AM
Yukon Standard Time-(UTC-07:00) Yukon	6/8/2023 9:00:00 AM
Central America Standard Time-(UTC-06:00) Central America	6/8/2023 10:00:00 AM
Central Standard Time-(UTC-06:00) Central Time (US & Canada)	6/8/2023 11:00:00 AM
Easter Island Standard Time-(UTC-06:00) Easter Island	6/8/2023 10:00:00 AM
Central Standard Time (Mexico)-(UTC-06:00) Guadalajara, Mexico City, Monterrey	6/8/2023 10:00:00 AM
Canada Central Standard Time-(UTC-06:00) Saskatchewan	6/8/2023 10:00:00 AM
SA Pacific Standard Time-(UTC-05:00) Bogota, Lima, Quito, Rio Branco	6/8/2023 11:00:00 AM
Eastern Standard Time (Mexico)-(UTC-05:00) Chetumal	6/8/2023 11:00:00 AM
Eastern Standard Time-(UTC-05:00) Eastern Time (US & Canada)	6/8/2023 12:00:00 PM
Haiti Standard Time-(UTC-05:00) Haiti	6/8/2023 12:00:00 PM
Cuba Standard Time-(UTC-05:00) Havana	6/8/2023 12:00:00 PM
US Eastern Standard Time-(UTC-05:00) Indiana (East)	6/8/2023 12:00:00 PM
Turks And Caicos Standard Time-(UTC-05:00) Turks and Caicos	6/8/2023 12:00:00 PM
Paraguay Standard Time-(UTC-04:00) Asuncion	6/8/2023 12:00:00 PM
Atlantic Standard Time-(UTC-04:00) Atlantic Time (Canada)	6/8/2023 1:00:00 PM
Venezuela Standard Time-(UTC-04:00) Caracas	6/8/2023 12:00:00 PM
Central Brazilian Standard Time-(UTC-04:00) Cuiaba	6/8/2023 12:00:00 PM
SA Western Standard Time-(UTC-04:00) Georgetown, La Paz, Manaus, San Juan	6/8/2023 12:00:00 PM
Pacific SA Standard Time-(UTC-04:00) Santiago	6/8/2023 12:00:00 PM
Newfoundland Standard Time-(UTC-03:30) Newfoundland	6/8/2023 1:30:00 PM
Tocantins Standard Time-(UTC-03:00) Araguaina	6/8/2023 1:00:00 PM
E. South America Standard Time-(UTC-03:00) Brasilia	6/8/2023 1:00:00 PM
SA Eastern Standard Time-(UTC-03:00) Cayenne, Fortaleza	6/8/2023 1:00:00 PM
Argentina Standard Time-(UTC-03:00) City of Buenos Aires	6/8/2023 1:00:00 PM
Greenland Standard Time-(UTC-03:00) Greenland	6/8/2023 2:00:00 PM
Montevideo Standard Time-(UTC-03:00) Montevideo	6/8/2023 1:00:00 PM
Magallanes Standard Time-(UTC-03:00) Punta Arenas	6/8/2023 1:00:00 PM
Saint Pierre Standard Time-(UTC-03:00) Saint Pierre and Miquelon	6/8/2023 2:00:00 PM
Bahia Standard Time-(UTC-03:00) Salvador	6/8/2023 1:00:00 PM
UTC-02-(UTC-02:00) Coordinated Universal Time-02	6/8/2023 2:00:00 PM
Mid-Atlantic Standard Time-(UTC-02:00) Mid-Atlantic - Old	6/8/2023 3:00:00 PM
Azores Standard Time-(UTC-01:00) Azores	6/8/2023 4:00:00 PM
Cape Verde Standard Time-(UTC-01:00) Cabo Verde Is.	6/8/2023 3:00:00 PM
UTC-(UTC) Coordinated Universal Time	6/8/2023 4:00:00 PM
GMT Standard Time-(UTC+00:00) Dublin, Edinburgh, Lisbon, London	6/8/2023 5:00:00 PM
Greenwich Standard Time-(UTC+00:00) Monrovia, Reykjavik	6/8/2023 4:00:00 PM
Sao Tome Standard Time-(UTC+00:00) Sao Tome	6/8/2023 4:00:00 PM
Morocco Standard Time-(UTC+01:00) Casablanca	6/8/2023 5:00:00 PM
W. Europe Standard Time-(UTC+01:00) Amsterdam, Berlin, Bern, Rome, Stockholm, Vienna	6/8/2023 6:00:00 PM
Central Europe Standard Time-(UTC+01:00) Belgrade, Bratislava, Budapest, Ljubljana, Prague	6/8/2023 6:00:00 PM
Romance Standard Time-(UTC+01:00) Brussels, Copenhagen, Madrid, Paris	6/8/2023 6:00:00 PM
Central European Standard Time-(UTC+01:00) Sarajevo, Skopje, Warsaw, Zagreb	6/8/2023 6:00:00 PM
W. Central Africa Standard Time-(UTC+01:00) West Central Africa	6/8/2023 5:00:00 PM
GTB Standard Time-(UTC+02:00) Athens, Bucharest	6/8/2023 7:00:00 PM
Middle East Standard Time-(UTC+02:00) Beirut	6/8/2023 7:00:00 PM
Egypt Standard Time-(UTC+02:00) Cairo	6/8/2023 7:00:00 PM
E. Europe Standard Time-(UTC+02:00) Chisinau	6/8/2023 7:00:00 PM
Syria Standard Time-(UTC+02:00) Damascus	6/8/2023 7:00:00 PM
West Bank Standard Time-(UTC+02:00) Gaza, Hebron	6/8/2023 7:00:00 PM
South Africa Standard Time-(UTC+02:00) Harare, Pretoria	6/8/2023 6:00:00 PM
FLE Standard Time-(UTC+02:00) Helsinki, Kyiv, Riga, Sofia, Tallinn, Vilnius	6/8/2023 7:00:00 PM
Israel Standard Time-(UTC+02:00) Jerusalem	6/8/2023 7:00:00 PM
South Sudan Standard Time-(UTC+02:00) Juba	6/8/2023 6:00:00 PM
Kaliningrad Standard Time-(UTC+02:00) Kaliningrad	6/8/2023 6:00:00 PM
Sudan Standard Time-(UTC+02:00) Khartoum	6/8/2023 6:00:00 PM
Libya Standard Time-(UTC+02:00) Tripoli	6/8/2023 6:00:00 PM
Namibia Standard Time-(UTC+02:00) Windhoek	6/8/2023 6:00:00 PM
Jordan Standard Time-(UTC+03:00) Amman	6/8/2023 7:00:00 PM
Arabic Standard Time-(UTC+03:00) Baghdad	6/8/2023 7:00:00 PM
Turkey Standard Time-(UTC+03:00) Istanbul	6/8/2023 7:00:00 PM
Arab Standard Time-(UTC+03:00) Kuwait, Riyadh	6/8/2023 7:00:00 PM
Belarus Standard Time-(UTC+03:00) Minsk	6/8/2023 7:00:00 PM
Russian Standard Time-(UTC+03:00) Moscow, St. Petersburg	6/8/2023 7:00:00 PM
E. Africa Standard Time-(UTC+03:00) Nairobi	6/8/2023 7:00:00 PM
Volgograd Standard Time-(UTC+03:00) Volgograd	6/8/2023 7:00:00 PM
Iran Standard Time-(UTC+03:30) Tehran	6/8/2023 7:30:00 PM
Arabian Standard Time-(UTC+04:00) Abu Dhabi, Muscat	6/8/2023 8:00:00 PM
Astrakhan Standard Time-(UTC+04:00) Astrakhan, Ulyanovsk	6/8/2023 8:00:00 PM
Azerbaijan Standard Time-(UTC+04:00) Baku	6/8/2023 8:00:00 PM
Russia Time Zone 3-(UTC+04:00) Izhevsk, Samara	6/8/2023 8:00:00 PM
Mauritius Standard Time-(UTC+04:00) Port Louis	6/8/2023 8:00:00 PM
Saratov Standard Time-(UTC+04:00) Saratov	6/8/2023 8:00:00 PM
Georgian Standard Time-(UTC+04:00) Tbilisi	6/8/2023 8:00:00 PM
Caucasus Standard Time-(UTC+04:00) Yerevan	6/8/2023 8:00:00 PM
Afghanistan Standard Time-(UTC+04:30) Kabul	6/8/2023 8:30:00 PM
West Asia Standard Time-(UTC+05:00) Ashgabat, Tashkent	6/8/2023 9:00:00 PM
Ekaterinburg Standard Time-(UTC+05:00) Ekaterinburg	6/8/2023 9:00:00 PM
Pakistan Standard Time-(UTC+05:00) Islamabad, Karachi	6/8/2023 9:00:00 PM
Qyzylorda Standard Time-(UTC+05:00) Qyzylorda	6/8/2023 9:00:00 PM
India Standard Time-(UTC+05:30) Chennai, Kolkata, Mumbai, New Delhi	6/8/2023 9:30:00 PM
Sri Lanka Standard Time-(UTC+05:30) Sri Jayawardenepura	6/8/2023 9:30:00 PM
Nepal Standard Time-(UTC+05:45) Kathmandu	6/8/2023 9:45:00 PM
Central Asia Standard Time-(UTC+06:00) Astana	6/8/2023 10:00:00 PM
Bangladesh Standard Time-(UTC+06:00) Dhaka	6/8/2023 10:00:00 PM
Omsk Standard Time-(UTC+06:00) Omsk	6/8/2023 10:00:00 PM
Myanmar Standard Time-(UTC+06:30) Yangon (Rangoon)	6/8/2023 10:30:00 PM
SE Asia Standard Time-(UTC+07:00) Bangkok, Hanoi, Jakarta	6/8/2023 11:00:00 PM
Altai Standard Time-(UTC+07:00) Barnaul, Gorno-Altaysk	6/8/2023 11:00:00 PM
W. Mongolia Standard Time-(UTC+07:00) Hovd	6/8/2023 11:00:00 PM
North Asia Standard Time-(UTC+07:00) Krasnoyarsk	6/8/2023 11:00:00 PM
N. Central Asia Standard Time-(UTC+07:00) Novosibirsk	6/8/2023 11:00:00 PM
Tomsk Standard Time-(UTC+07:00) Tomsk	6/8/2023 11:00:00 PM
China Standard Time-(UTC+08:00) Beijing, Chongqing, Hong Kong, Urumqi	6/9/2023 12:00:00 AM
North Asia East Standard Time-(UTC+08:00) Irkutsk	6/9/2023 12:00:00 AM
Singapore Standard Time-(UTC+08:00) Kuala Lumpur, Singapore	6/9/2023 12:00:00 AM
W. Australia Standard Time-(UTC+08:00) Perth	6/9/2023 12:00:00 AM
Taipei Standard Time-(UTC+08:00) Taipei	6/9/2023 12:00:00 AM
Ulaanbaatar Standard Time-(UTC+08:00) Ulaanbaatar	6/9/2023 12:00:00 AM
Aus Central W. Standard Time-(UTC+08:45) Eucla	6/9/2023 12:45:00 AM
Transbaikal Standard Time-(UTC+09:00) Chita	6/9/2023 1:00:00 AM
Tokyo Standard Time-(UTC+09:00) Osaka, Sapporo, Tokyo	6/9/2023 1:00:00 AM
North Korea Standard Time-(UTC+09:00) Pyongyang	6/9/2023 1:00:00 AM
Korea Standard Time-(UTC+09:00) Seoul	6/9/2023 1:00:00 AM
Yakutsk Standard Time-(UTC+09:00) Yakutsk	6/9/2023 1:00:00 AM
Cen. Australia Standard Time-(UTC+09:30) Adelaide	6/9/2023 1:30:00 AM
AUS Central Standard Time-(UTC+09:30) Darwin	6/9/2023 1:30:00 AM
E. Australia Standard Time-(UTC+10:00) Brisbane	6/9/2023 2:00:00 AM
AUS Eastern Standard Time-(UTC+10:00) Canberra, Melbourne, Sydney	6/9/2023 2:00:00 AM
West Pacific Standard Time-(UTC+10:00) Guam, Port Moresby	6/9/2023 2:00:00 AM
Tasmania Standard Time-(UTC+10:00) Hobart	6/9/2023 2:00:00 AM
Vladivostok Standard Time-(UTC+10:00) Vladivostok	6/9/2023 2:00:00 AM
Lord Howe Standard Time-(UTC+10:30) Lord Howe Island	6/9/2023 2:30:00 AM
Bougainville Standard Time-(UTC+11:00) Bougainville Island	6/9/2023 3:00:00 AM
Russia Time Zone 10-(UTC+11:00) Chokurdakh	6/9/2023 3:00:00 AM
Magadan Standard Time-(UTC+11:00) Magadan	6/9/2023 3:00:00 AM
Norfolk Standard Time-(UTC+11:00) Norfolk Island	6/9/2023 3:00:00 AM
Sakhalin Standard Time-(UTC+11:00) Sakhalin	6/9/2023 3:00:00 AM
Central Pacific Standard Time-(UTC+11:00) Solomon Is., New Caledonia	6/9/2023 3:00:00 AM
Russia Time Zone 11-(UTC+12:00) Anadyr, Petropavlovsk-Kamchatsky	6/9/2023 4:00:00 AM
New Zealand Standard Time-(UTC+12:00) Auckland, Wellington	6/9/2023 4:00:00 AM
UTC+12-(UTC+12:00) Coordinated Universal Time+12	6/9/2023 4:00:00 AM
Fiji Standard Time-(UTC+12:00) Fiji	6/9/2023 4:00:00 AM
Kamchatka Standard Time-(UTC+12:00) Petropavlovsk-Kamchatsky - Old	6/9/2023 5:00:00 AM
Chatham Islands Standard Time-(UTC+12:45) Chatham Islands	6/9/2023 4:45:00 AM
UTC+13-(UTC+13:00) Coordinated Universal Time+13	6/9/2023 5:00:00 AM
Tonga Standard Time-(UTC+13:00) Nuku'alofa	6/9/2023 5:00:00 AM
Samoa Standard Time-(UTC+13:00) Samoa	6/9/2023 5:00:00 AM
Line Islands Standard Time-(UTC+14:00) Kiritimati Island	6/9/2023 6:00:00 AM

Webinar Registration

UEFI Secure Boot is supposed to ensure a solid, trusted boot process to guarantee that from the moment it powers up, your CPU never runs untrusted code. UEFI handles this during the pre-OS phase of booting and then carefully passes the baton to the kernel. Both Linux and Windows support UEFI SecureBoot.

Bootloaders are a key component of UEFI and at the end of the day bootloaders are just software. And software has vulnerabilities. The design of UEFI anticipates this and provides a way to blacklist vulnerable bootloaders with the Secure Boot Forbidden Signature Database – otherwise known as the DBX.

Sounds good in theory but the whole area of UEFI Secure Boot is so broken it’s hard to know where to begin – making things like BlackLotus so viable. What’s broken about UEFI Secure Boot?

It takes months for vulnerable bootloaders to make it into the DBX published on UEFI’s website
It can take still longer for Microsoft to update Windows to install the new DBX. Why? Read on..
DBX updates can only be applied if you have updated your firmware so that your system doesn’t depend on any vulnerable bootloaders that are now revoked. Otherwise your system is bricked
It’s not easy to update firmware – every system is different

This creates conditions for the perfect storm. Enter BlackLotus, the first in-the-wild UEFI bootkit. BlackLotus runs on fully updated Windows 11 with UEFI Secure Boot enabled. The one prerequisite is admin authority which is a given for the vast majority of Windows users. Similar to the older “rootkit”, UEFI bootkits are powerful; they allow the attacker to own the OS at a very low level. This in turn allows them to be invisible while doing anything to, on or from the system. And understand that UEFI bootkit attacks DO NOT need physical access.

In this real training for free webinar, I’ll explain how BlackLotus works based on research at welivesecurity and our sponsor Eclypsium. I can’t demonstrate BlackLotus because it’s sold on the dark web. But we’re going to do something just as cool. Security Researcher, Nate Warfield is back and will do a live demonstration of another BlackLotus style bootkit designed at Eclypsium to use the same UEFI Secure Boot vector involving the DBX.

After taking over the system, Nate will fix the vulnerability and show how the attack is now defeated.

Eclypsium is a natural fit for this topic because they have extensive experience in both firmware and bootloader attacks, including multiple vulnerabilities discovered in GRUB and Secure Boot. While Microsoft released patches to address these reports in 2020 and 2022, full remediation required additional administrative steps and as a result, a large majority of systems remain vulnerable to these attacks today.

Please join us for this technical and eye-opening real training for free session.

First Name:
Last Name:
Work Email:
Phone:
Job Title:
Organization:
Country:
State:
	Your information will be shared with the sponsor. By clicking "Submit", you're agreeing to our Privacy Policy and consenting to be contacted by us and the sponsor. Tweet

Upcoming Webinars

BlackLotus and the Untold Story of how UEFI Secure Boot Became a Gateway for Cyber Attacks on Millions of Servers

Additional Resources

User name:
Password:
	/ Forgot?
	Register

May 2023 Patch Monday	"Patch Tuesday - 3 Zero Days but a pretty light month "

Home

Follow @randyfsmith

About | Newsletter | Contact

Ultimate IT Security is a division of Monterey Technology Group, Inc. ©2006-2023 Monterey Technology Group, Inc. All rights reserved.
Disclaimer: We do our best to provide quality information and expert commentary but use all information at your own risk. For complaints, please contact abuse@ultimatewindowssecurity.com.