https://www.bleepingcomputer.com/news/security/new-windows-10-secured-core-pcs-block-firmware-level-attacks/

Microsoft introduced a new range of devices called Secured-core PCs which come with built-in protection against firmware attacks that have been increasingly used by state-sponsored hacking groups.

The APT28 cyber-espionage group (also tracked as Sednit, Fancy Bear, Strontium, and Sofacy), for instance, used a Unified Extensible Firmware Interface (UEFI) rootkit dubbed LoJax as part of its 2018 operations.