Microsoft releases guidance on how organizations can check their systems for the presence of BlackLotus, a powerful threat first analyzed by ESET researchers
Microsoft has released guidance on how organizations can detect BlackLotus, a powerful threat that was first analyzed by ESET researchers. BlackLotus is a UEFI bootkit that is capable of operating on Windows systems even with UEFI Secure Boot enabled, giving them full control over Windows’s boot process all while disabling various OS security mechanisms. What exactly should organizations look for in order to determine if their systems had been compromised by this powerful malware? Find out in the video.
Make sure to also review our notes on mitigating and remediating BlackLotus attacks.