HybridPetya and UEFI Threats - BTS #60

In this episode of Below the Surface, the hosts discuss various cybersecurity topics, including the evolution of malware with a focus on Hybrid Petya, the implications of UEFI vulnerabilities, and the security risks associated with Windows 10's end of life. They also explore the vulnerabilities of Cisco ASA devices, the rise of supply chain attacks exemplified by NPM worms, and the persistent threat of Row Hammer attacks on DDR5 technology. The conversation highlights the significance of visibility in cybersecurity and the necessity for enhanced security practices to counter evolving threats.

Chapters

00:00 Introduction and Podcast Overview

02:55 Hybrid Petya: The New Threat Landscape

06:03 Understanding UEFI and Secure Boot Vulnerabilities

09:00 The Evolution of Ransomware Techniques

11:54 Windows 10 End of Life Concerns

14:56 The Future of Secure Boot and User Responsibility

22:50 The Shift in Consumer Trust Towards Microsoft

25:11 The Rise of Alternatives: Linux and SteamOS

28:41 Security Concerns with Windows 10 and 11

31:57 Exploiting End-of-Life Devices

36:39 The Challenge of Legacy Infrastructure

39:41 VPN Security: Risks and Solutions

45:40 The Dilemma of Compliance and Visibility

50:16 Supply Chain Vulnerabilities and NPM Attacks

55:54 The Rowhammer Attack and Hardware Security

01:03:40 The Need for Visibility and Signatures in Security