ATT&CK 기법 · Persistence · Stealth

Pre-OS Boot T1542

이 기법을 다룬 REVELARE 한국어 위협 분석 2편 · Persistence · Stealth

이 기법을 다룬 분석

usbliter8: Apple A12·A13 SecureROM 패치 불가 익스플로잇과 신뢰 체인 붕괴 분석

Silver Fox의 ValleyRAT, 깨끗한 ntdll로 EDR을 끊은 7분 분석

MITRE 공식 정의

Adversaries may abuse Pre-OS Boot mechanisms as a way to establish persistence on a system. During the booting process of a computer, firmware and various startup services are loaded before the operating system. These programs control flow of execution before the operating system takes control.(Citation: Wikipedia Booting) Adversaries may overwrite data in boot drivers or firmware such as BIOS (Basic Input/Output System) and The Unified Extensible Firmware Interface (UEFI) t…

attack.mitre.org ↗ATT&CK 매트릭스

플랫폼: Linux, macOS, Network Devices, Windows