The Register
A new ransomware strain dubbed HybridPetya was able to exploit a patched vulnerability to bypass Unified Extensible Firmware Interface (UEFI) Secure Boot on unrevoked Windows systems, making it the fourth publicly known bootkit capable of punching through the feature and hijacking a PC before the operating system loads.
ESET researchers discovered the ransomware-bootkit combo after samples were uploaded to VirusTotal in February, and named it HybridPetya because of its similarities to the infamous Petya and NotPetya malware strains.
The silver lining: the code seems to be just a proof-of-concept (PoC) at this point, and the threat hunters say they've seen no indications of its use in the wild. Also, it doesn't show the same aggressive network propagation as NotPetya.
Still, HybridPetya
Local News in Arizona
CNN
Associated Press US News
Raw Story
America News
AlterNet
Local News in Maryland
Associated Press US and World News Video
Newsday
RadarOnline