CyberSecurityBoard
Sponsor Register Login

HybridPetya Mimics NotPetya, UEFI Attacks Highlighted

A new ransomware variant named HybridPetya has been identified, mimicking the infamous NotPetya malware's destructive behavior while incorporating advanced UEFI (Unified Extensible Firmware Interface) attack techniques. This evolution in ransomware tactics underscores the increasing sophistication of cyber threats targeting enterprise environments. HybridPetya combines the destructive payload of NotPetya with stealthy firmware-level attacks, making detection and remediation significantly more challenging for security teams. The malware exploits vulnerabilities in the UEFI firmware, allowing it to persist even after traditional system reimaging or hard drive replacement. This persistence mechanism elevates the threat level, as compromised firmware can reinfect systems upon reboot, bypassing conventional security controls. Security researchers emphasize the importance of firmware integrity monitoring and robust endpoint protection strategies to mitigate such advanced threats. Organizations are urged to update their UEFI firmware regularly, apply security patches promptly, and employ multi-layered defense mechanisms including network segmentation and behavioral analytics. The emergence of HybridPetya signals a worrying trend where ransomware actors are leveraging low-level system components to enhance attack resilience and impact. This development calls for heightened vigilance and investment in cybersecurity infrastructure to protect critical assets from evolving ransomware threats.

This Cyber News was published on www.infosecurity-magazine.com. Publication date: Mon, 15 Sep 2025 15:50:03 +0000


Cyber News related to HybridPetya Mimics NotPetya, UEFI Attacks Highlighted

HybridPetya Mimics NotPetya, UEFI Attacks Highlighted - A new ransomware variant named HybridPetya has been identified, mimicking the infamous NotPetya malware's destructive behavior while incorporating advanced UEFI (Unified Extensible Firmware Interface) attack techniques. This evolution in ransomware ...
3 weeks ago Infosecurity-magazine.com
New HybridPetya Weaponizing UEFI Vulnerability - A new variant of the notorious Petya ransomware, dubbed HybridPetya, has emerged, exploiting a critical UEFI vulnerability to enhance its attack capabilities. This sophisticated malware leverages the Unified Extensible Firmware Interface (UEFI) flaw ...
3 weeks ago Cybersecuritynews.com CVE-2024-12345
UEFI Failing: What to Know About LogoFAIL Attacks - Security researchers, known for their inquisitive and unconventional methods, have recently scrutinized UEFI, revealing significant vulnerabilities called LogoFAIL vulnerabilities. These experts, who investigate systems to uncover unusual ways to ...
1 year ago Securityboulevard.com
New HybridPetya ransomware can bypass UEFI Secure Boot - A new variant of the notorious Petya ransomware, dubbed HybridPetya, has been discovered with the capability to bypass UEFI Secure Boot, a critical security feature designed to prevent unauthorized firmware, operating systems, or UEFI drivers from ...
3 weeks ago Bleepingcomputer.com
HybridPetya Ransomware Bypasses Secure Boot - HybridPetya ransomware has emerged as a sophisticated threat capable of bypassing secure boot protections, posing significant risks to enterprise security. This ransomware variant combines features from both Petya and NotPetya strains, enabling it to ...
3 weeks ago Darkreading.com CVE-2017-0144
Merck Settles With Insurers Over $700m NotPetya Claim - Merck has finally reached a settlement with its insurers after they had refused to pay out following the NotPetya campaign due to a cyber-warfare policy exclusion. The pharmaceuticals giant claimed it was entitled to around $700m from its carriers ...
1 year ago Infosecurity-magazine.com
London Calling: Hey, US, Let's Chat About Cyber AI - Globally, the estimated cost of recovering from the impact of the WannaCry attack is between $4 billion and $8 billion. Not long after the WannaCry attack, businesses and governments around the world were impacted by a similar, more devastating, ...
1 year ago Securityboulevard.com
Merck settles with insurers who denied $700 million NotPetya claim - Pharmaceutical giant Merck has reportedly reached a settlement with insurers over their refusals to cover losses stemming from the NotPetya cyberattack in 2017. In early 2022, a New Jersey court ruled that the warfare exemption did not apply to the ...
1 year ago Therecord.media
LogoFAIL bugs in UEFI code allow planting bootkits via images - Multiple security vulnerabilities collectively named LogoFAIL affect image-parsing components in the UEFI code from various vendors. Researchers warn that they could be exploited to hijack the execution flow of the booting process and to deliver ...
1 year ago Bleepingcomputer.com
LogoFAIL attack can install UEFI bootkits through bootup logos - Multiple security vulnerabilities collectively named LogoFAIL affect image-parsing components in the UEFI code from various vendors. Researchers warn that they could be exploited to hijack the execution flow of the booting process and to deliver ...
1 year ago Bleepingcomputer.com
9 UEFI Flaws Expose Computers to Remote Attacks - Hackers exploit UEFI flaws to gain unauthorized access to a system's firmware, enabling them to implant persistent malware or manipulate the boot process. This provides a stealthy entry point that allows attackers to bypass traditional security ...
1 year ago Gbhackers.com
Merck Settles NotPetya Insurance Claim, Leaving Cyberwar Definition Unresolved - A legal definition of cyberwar and its relationship with kinetic war has been avoided by a settlement between Merck and its insurers over damage caused by NotPetya. Merck had lodged an insurance claim for $1.4 billion for damage caused by the ...
1 year ago Securityweek.com
Definition from TechTarget - Cyber attacks aim to disable, disrupt, destroy or control computer systems or to alter, block, delete, manipulate or steal the data held within these systems. They're identified as nation-state attackers, and they've been accused of attacking the IT ...
1 year ago Techtarget.com
9 Best DDoS Protection Service Providers for 2024 - eSecurity Planet content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More. One of the most powerful defenses an organization can employ against distributed ...
1 year ago Esecurityplanet.com
LogoFAIL Attack: A Deep Dive into UEFI Vulnerabilities - A new threat has emerged, sending shockwaves through the cybersecurity industry - the LogoFAIL attack. This vulnerability targets the image-parsing components within the UEFI code, affecting a multitude of devices and posing a serious risk to the ...
1 year ago Securityboulevard.com
CVE-2022-49357 - In the Linux kernel, the following vulnerability has been resolved: efi: Do not import certificates from UEFI Secure Boot for T2 Macs On Apple T2 Macs, when Linux attempts to read the db and dbx efi variables at early boot to load UEFI Secure Boot ...
7 months ago Tenable.com
New Lenovo UEFI firmware updates fix Secure Boot bypass flaws - Lenovo is warning of high-severity BIOS flaws that could let attackers bypass Secure Boot on all-in-one desktops using customized Insyde UEFI firmware. Insyde also published a bulletin explaining that the flaws arise from OEM-specific customizations ...
2 months ago Bleepingcomputer.com
Enterprise, Consumer Devices Exposed to Attacks via Malicious UEFI Logo Images - Firmware security company Binarly on Wednesday disclosed the details of an attack method that can be used to compromise many consumer and enterprise devices by leveraging malicious UEFI logo images. The attack method, dubbed LogoFAIL, exploits ...
1 year ago Securityweek.com
PixieFail flaws impact PXE network boot in enterprise systems - A set of nine vulnerabilities, collectively called 'PixieFail,' impact the IPv6 network protocol stack of Tianocore's EDK II, the open-source reference implementation of the UEFI specification widely used in enterprise computers and servers. The ...
1 year ago Bleepingcomputer.com CVE-2023-45229 CVE-2023-45230 CVE-2023-45231 CVE-2023-45232 CVE-2023-45233 CVE-2023-45234 CVE-2023-45235 CVE-2023-45236 CVE-2023-45237
Dark Web Tool Arms Ransomware Gangs: E-commerce & Aviation Industries Targeted - Cybersecurity researchers have published two concerning reports where the first report highlights the surge in cyber attacks against the aviation and aerospace industries - And the second report exposes a dark web tool called TMChecker fueling ...
1 year ago Hackread.com LockBit
The year of Mega Ransomware attacks with unprecedented impact on global organizations - A Staggering 1 in every 10 organizations worldwide hit by attempted Ransomware attacks in 2023, surging 33% from previous year, when 1 in every 13 organisations received ransomware attacks Throughout 2023, organizations around the world have each ...
1 year ago Blog.checkpoint.com
The Evolution of Ransomware 4 Types of Cyber Threats in 2023 - Security professionals and CISOs have been protecting their organizations from ransomware for a long time, adapting to changes in technology to protect against the risks of stolen data or disruptions to important systems. Cybercriminals are always ...
2 years ago Trendmicro.com
How Swiftslicer Malware Wiper is Affecting Ukrainian Companies - Recent reports have revealed the emergence of Swiftslicer, a destructive wiper malware, in Ukraine. This malware targets computer networks in order to cause wide-spread data loss, disrupting operations of its victims. This development is especially ...
2 years ago Welivesecurity.com
PixieFail Bugs in UEFI Open Source Implementation Threaten Computers - A collection of security vulnerabilities found within the de facto open source implementation of the UEFI specification could expose systems to a range of threats, from remote code execution and denial-of-service to data leakage and DNS cache ...
1 year ago Securityboulevard.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)