...that alone 'could provide a false sense of security,' NSA warns in this handy free guide for orgs
After installing both security patches and enabling optional mitigations, which includes a Code Integrity Boot Policy, organizations should harden their defensive policies. Specifically, NSA suggests organizations use endpoint and firmware monitoring tools to look for changes to the EFI boot partition, which, so long as they are legitimate changes should be infrequent. And then block any changes outside of a scheduled update.
"If unexpected changes are detected within the EFI boot partition, prevent the device from rebooting," the guide says. And finally, the NSA suggests admins customize UEFI Secure Boot — but this is only recommended for"expertly administered and exposed infrastructures" because of limited, long-term effectiveness.For Windows admins following this advice: update Secure Boot with DBX deny-list hashes, which will prevent executing older boot loaders that are vulnerable to exploits.
We reckon the above advice is worth checking out, if not to stop BlackLotus infections but also to prevent similar bootkit malware in future invading your IT estate. ®
United States Latest News, United States Headlines
Similar News:You can also read news stories similar to this one that we have collected from other news sources.
Star Wars Jedi: Survivor patch puts an end to training dummy's adventuresEA has released another patch for Star Wars Jedi: Survivor across PC and consoles.
Read more »
Bentley’s Mulliner division enters a purple patch with the BaturJust 18 examples of the new Bentley Batur will be built for customers, designed as the ultimate platform for creative specifications and a showcase for in-car craft and design
Read more »
Horner: Red Bull must support Perez through "difficult" F1 patchRed Bull needs to support Perez through the 'difficult' F1 patch he's going through, says Horner. 'I think he just needs a good weekend to just lift his confidence.'
Read more »
Horner: Red Bull must support Perez through “difficult” F1 patch🗣 'I think he just needs a good weekend to just lift his confidence.' Red Bull boss Christian Horner says that the Milton Keynes team has to continue to support Sergio Perez as his 'difficult' F1 run continues ⬇️
Read more »
Jedi: Survivor update fixes bounty hunters neglecting to kill you, but this is not the performance patch you're looking forPatch 6 takes aim a few issues, including a teleporting target dummy
Read more »
Household numbers up 15 in 20 years as more Scots opt to live aloneThe number of households in Scotland has increased 15% in 20 years as more Scots opt to live on their own, figures show.
Read more »