MBRFilter: Οι απειλές από Ransomware έχουν αυξηθεί εκθετικά και οι προγραμματιστές κακόβουλων προγραμμάτων (malware) έχουν αρχίσει να κάνουν χρήση του MBR (Master Boot All time lap record) at attacks their. In a few words; Locks the whole o computerand not just a few tabs with important files.
The Talos team at Cisco Systems has released a free, open source tool that protects the MBR sector of computers from amendment from bootkits, ransomware and other malicious attacks.
This Master Boot Record (MBR) is the first sector (512 bytes) on your hard drive that stores the bootloader, a comeye of the code responsible for booting the operating system. Technically, Bootloader is the first code executed by the system BIOS and tells your computer what to do when it starts up.
Advanced malware, such as rootkit and bootkit, take advantage of this process to infect computers by modifying the MBR.
A malicious boot or bootkit software can install ransomware or other malware in the Windows kernel, which is virtually impossible to detect, and thus get unlimited and unauthorized access to your entire computer.
So, the best way to protect your computer from such bootkits is to restrict your MBR from being replaced by unauthorized software.
The Cisco security team, Talos team, has done this with the following freeware software.
You can find it here.
The MBRFilter tool is nothing more than a signed system driver that puts the MBR in "read-only" mode and prevents any malware from modifying the MBR port data.
https://www.youtube.com/watch?v=nLyOi75Wu3A
