Paul's Security Weekly (Audio) UEFI Vulnerabilities Galore - PSW #878
Jun 12, 2025
Dive into the intriguing rise of 'bad box' malware targeting low-cost devices and the alarming security risks posed by unsecured internet cameras. Discover the complexities behind UEFI vulnerabilities, including the notorious 'Hydrophobia' flaw. The hosts hilariously critique the confusing world of refurbished MacBook sales while exploring reverse engineering in payment security. They also tackle contrasting perspectives on AI’s efficiency and its societal implications, referencing films that shape our view of technology.
AI Snips
Chapters
Books
Transcript
Episode notes
Bad Boxes Ship with Malware
- Cheap Android TV devices often ship with pre-installed malware from various threat actors.
- These devices become monetized for ads and botnet use, showing an ongoing, persistent threat.
Block Malware Domains or Root Device
- Use tools like Pi-hole to intercept and block known malicious domain names linked to infected devices.
- Rooting infected Android TVs allows manual removal of malicious apps, improving cleanup effectiveness.
UEFI Vulnerabilities Bypass Secure Boot
- UEFI vulnerabilities allow attackers to bypass secure boot by exploiting NVRAM variables.
- Signed malicious software can be used across devices due to shared root of trust certificates, raising supply chain concerns.
