Does your organization use HPE servers? Have a read of our latest blog for the steps to take in order to assess your devices for the presence of the #iLOBleed implant.

Read to learn more! https://eclypsium.com/2022/01/12/the-ilobleed-implant-lights-out-management-like-you-wouldnt-believe/

Takeaways: Reducing Risk of iLOBleed and BMC Implants
Organizations should also take the following steps to reduce their exposure to iLOBleed and other BMC implants.

  1. Isolate BMCs or other out-of-band management interfaces from production networks using VPNs, VLANS, firewalls, and other security technologies. Do not expose BMCs directly to the Internet.
  2. Monitor iLO Audit logs via Redfish or XML interfaces to catch malicious changes early. Securely configure the management interfaces by changing default passwords and configuring authentication and encryption mechanisms like certificates. For Gen10/iLo5 systems upgrade to the latest available version and disable the ability to downgrade firmware to prevent the vulnerability from being re-introduced to install implants.
  3. Record BMC version information and check against relevant CVEs. Eclypsium customers can use automatic vulnerability checks and change detection to identify and mitigate firmware vulnerabilities in critical server components including BMC (iLO etc) and UEFI.
  4. Frequently check manufacturer support pages for vulnerabilities and updates in all device components, especially BMC. Eclypsium customers can leverage built-in firmware update management capabilities to automatically discover available updates and deploy them to servers.