Couverture de NSA Tips

NSA Tips

Blacklotus Mitigation Guide

 Aperçu
Offre à durée limitée

3 mois d'Audible Standard gratuits

3 mois pour 0,00 €/mois, puis 5,99 €/mois. Possibilité de résilier chaque mois.
Essayez pour 0,00 €/mois
L'offre prend fin le 15 Juillet 2026 à 23 h 59.
Plus d'options d'achat

NSA Tips

De : National Security Agency
Lu par : Tom Brooks
Essayez pour 0,00 €/mois

3 mois pour 0,99 €/mois, puis 5,99 €/mois. Possibilité de résilier chaque mois. Offre valable jusqu'au 15 juillet 2026 à 23 h 59.

Acheter pour 8,86 €

Acheter pour 8,86 €

BlackLotus is a recently publicized malware product garnering significant attention within tech media. Similar to 2020’s BootHole (CVE-2020-10713), BlackLotus takes advantage of a boot loader flaw—specifically CVE-2022-21894 Secure Boot bypass known as “Baton Drop”—to take control of an endpoint from the earliest phase of software boot. Microsoft® issued patches for supported versions of Windows to correct boot loader logic. However, patches were not issued to revoke trust in unpatched boot loaders via the Secure Boot Deny List Database (DBX). Administrators should not consider the threat fully remediated as boot loaders vulnerable to Baton Drop are still trusted by Secure Boot. As described in this Cybersecurity Information Sheet (CSI), NSA recommends infrastructure owners take action by hardening user executable policies and monitoring the integrity of the boot partition. An optional advanced mitigation is to customize Secure Boot policy by adding DBX records to Windows® endpoints or removing the Windows Production CA certificate from Linux® endpoints.

PLEASE NOTE: When you purchase this title, the accompanying PDF will be available in your Audible Library along with the audio.

©2023 Tom Brooks (P)2023 Tom Brooks Sécurité et cryptage
adbl_web_anon_alc_button_suppression_t1
Aucun commentaire pour le moment