The latest bug to strike before the operating system starts up has received the nickname “Boothole” and Eclypsium researchers, Mickey Shkatov and Jesse Michael, discovered the flaw.
Boothole affects the integrity of the boot-up process itself, allowing hackers to execute code that runs the next time a device starts. And can happen even with Secure Boot enabled. Eclypsium found the vulnerability in the GRUB2 bootloader that most Linux systems use.
Worse is that the flaw affects systems using Secure Boot, even if they are not using GRUB2. Almost all signed versions of GRUB2 are vulnerable, meaning it affects virtually every Linux distribution. GRUB2 also supports other operating systems, kernels and hypervisors such as Xen.
Streamlining the lifecycle of joiners, movers, and leavers using no-code automation
The process of onboarding new employees and quickly removing departing staff profiles can be both time-consuming and labour-intensive. In this live webinar, we will look at how to streamline these processes to save time and resources, and providing a smooth experience for both admins and employees.
Key takeaways:
Understanding the importance of securing the joiners, movers and leavers process
Exploring successful attacks that occurred due to errors in managing these transitions
Registering with SC Media is 100% free. Join tens of thousands of cybersecurity leaders today and gain access to the latest analysis shaping the global infosec agenda.
