FORT MEADE, Md. — Malicious cyber actors could take advantage of a known vulnerability in the Microsoft Windows secure startup process to bypass Secure Boot protection and execute BlackLotus malware.
To guide system administrators and network defenders on how to mitigate this threat, the National Security Agency (NSA) is publicly releasing the “BlackLotus Mitigation Guide” Cybersecurity Information Sheet (CSI). The guide provides an overview of recommended actions to detect and prevent malicious activities associated with BlackLotus.