Navigating the BootHole Mitigation Process


This event qualifies for * CPEs


Eclypsium researchers recently disclosed an arbitrary code execution vulnerability in the GRUB2 bootloader that can bypass Unified Extensible Firmware Interface (UEFI) and OS Secure Boot, impacting other OS defenses. In this webinar, John Loucaides, VP of Research & Development at Eclypsium, will help government agencies understand how to navigate the complex process of mitigating the GRUB2 BootHole vulnerability - without inadvertently making systems unusable or breaking enterprise disaster recovery processes.
 
Why is this a concern?

Attackers exploiting this vulnerability can install persistent and stealthy bootkits or malicious bootloaders that could give them control over the victim device. While Windows does not use GRUB, the fact that UEFI-based computers 'trust' the vulnerable version of GRUB makes it possible for a Windows boot process to be compromised by this vulnerability. The impact includes public/private cloud instances, data center servers, end-user desktops/laptops, and Linux-based OT / IoT devices.
 
 
The National Security Agency has released a Cybersecurity Advisory (CSA) on the BootHole vulnerability (CVE-2020-10713), indicating that it poses a risk to a majority of Linux distributions and systems running on Windows 8 or later versions. That includes those on National Security Systems, Department of Defense (DoD) systems, as well as the Defense Industrial Base (DIB).
 
 
Join us to learn more about how to safely mitigate this vulnerability!

Speaker and Presenter Information

John LoucaidesVP of Research & Development, Eclypsium

Relevant Government Agencies

DOD & Military, Dept of Homeland Security, Other Federal Agencies, Federal Government, State & Local Government


Register


Event Type
On-Demand Webcast


This event has no exhibitor/sponsor opportunities


Cost
Complimentary:    $ 0.00


Website
Click here to visit event website


Event Sponsors

Eclypsium


Organizer
Eclypsium Government Team at Carahsoft


Contact Event Organizer



Return to search results