#security - December 2023

LogoFAIL is a technique to take advantage of image parsing functions that do not properly validate input arguments and allow for buffer overflows in UEFI bootloaders. The attack is to inject a trojan-horse'd vendor logo into the EFI System Partition. Apple devices not vulnerable due to not using UEFI, but others should make sure they check for BIOS updates from their manufacturer.

https://easybreach.dragonsecurity.io

Type in a password
The client side generates a sha1 hash as you type and the sha1 gets checked against my easybreach api in near realtime, seeded with the hibp password list.