Cisco has created a protection system against attacks directed towards the master boot record open source. This tool can block ransomware and other malicious programs that want to infect said MBR sector. Although it is a tool intended for Microsoft Windows operating systems and this is a Linux blog, but we usually give news about free and open source software in general.
The tool in question it's called MBRFilter and it works by signing the disk system and putting the sector in read-only mode so that it can only be read and prevents third parties with malicious intent from writing code to it for other dubious purposes. The good news is that Cisco has created it under the open-source philosophy and in versions for both 32 and 64-bit. You can explore the code by accessing the project page on Github.
Although we now live in the UEFI era, for those who still do not know what MBR is or has been (in systems with BIOS), say that it is a necessary sector of the hard disk and that it contains an executable code stored in the first hard drive sector to be able to launch or boot the boot loadero boot loader of the operating system (in this case Windows). Information about the disk, partitions and the file system with which it has been formatted resides there.
Well, it is this privileged sector where many thugs have been set to carry out their attacks and make the malware reside in that area, causing problems on infected computers that did not have an easy solution. In some cases it was necessary to format the computer or in the best cases make use of certain tools to get rid of these annoyances that remained hidden for many antivirus (see bootkit or boot-level rootkits). Now Cisco wants to avoid this with its tool and provide a little more security ...