Cyber attackers continue to move down the compute stack with the latest variant of TrickBot now targeting firmware for malicious manipulations.  This is when it gets serious.  The firmware sits below the operating system and is a perfect place for malware to hide from detection or eviction.  It is very tough to accomplish, but if successful, the TrickBot authors may be able to perform a disappearing act to the frustration of security software.

The TrickBot botnet has already proven resilient and has continuously evolved since its introduction in 2016.  Its authors are considered highly capable and very active.

Researchers are evaluating the new functionality, dubbed TrickBoot, to determine its limitations and see how dangerous it has become.  A more clear picture should emerge in the next few weeks.

E-mail me when people leave their comments –

CISO and Cybersecurity Strategist

You need to be a member of CISO Platform to add comments!

Join CISO Platform

RSAC Meetup Banner

CISO Platform

A global community of 5K+ Senior IT Security executives and 40K+ subscribers with the vision of meaningful collaboration, knowledge, and intelligence sharing to fight the growing cyber security threats.

Join CISO Community Share Your Knowledge (Post A Blog)