Leak of Intel Boot Guard Keys Could Have Security Repercussions for Years

Click here to subscribe to Informationweek.com

Categories: Services | Professionals Business goods Financially Kantoor Marketing Retail Retail Industry Machines Age: 14 until 18 year 19 until 30 year 31 until 64 years

1 year ago

Html
Text

While Intel is still investigating the incident, the security industry is bracing itself for years of potential firmware insecurity if the keys indeed were exposed.

Follow Dark Reading:

May 11, 2023

LATEST SECURITY NEWS & COMMENTARY

Leak of Intel Boot Guard Keys Could Have Security Repercussions for Years While Intel is still investigating the incident, the security industry is bracing itself for years of potential firmware insecurity if the keys indeed were exposed. Microsoft Fixes Failed Patch for Exploited Outlook Vulnerability Adding a single character to a function in the previous Outlook patch rendered that fix useless, researchers say. RapperBot Crew Drops DDoS/CryptoJacking Botnet Collab Cryptomining is a logical partner for an existing IoT-focused DDoS botnet, so the RapperBot authors customized XMRig to make it happen. Infamous Twitter Hacker Cops to Cybercrimes, Extradited to US for Trial Confessed cybercriminal hijacked Twitter, TikTok, and Snapchat accounts; defrauded victims; and more. Free Tool Unlocks Some Encrypted Data in Ransomware Attacks "White Phoenix" automated tool for recovering data on partially encrypted files hit with ransomware is available on GitHub. Dark Reading Goes Global While the goal of the site's new DR Global section is to expand international coverage, the initial focus will be cybersecurity professionals in the Middle East and Africa. The Industrywide Consequences of Making Security Products Inaccessible Accessibility won't solve all of the industry's problems, but it can help tackle a few. Sysco Data Breach Exposes Customer, Employee Data Food distribution company first learned of the cyberattack in March 2023. (Sponsored Article) Unifying XDR and SIEM Capabilities in 1 Platform Discover how unifying XDR and SIEM in a single platform provides comprehensive protection against modern threats. MORE NEWS / MORE COMMENTARY


HOT TOPICS
Microsoft Patches 2 Zero-Day Vulnerabilities The 49 CVEs in Microsoft's May security update is the lowest volume in nearly two years. The Problem of Old Vulnerabilities — and What to Do About It The vulnerabilities most often exploited by ransomware attackers are already known to us. MORE

EDITORS' CHOICE

Microsoft Patches 2 Zero-Day Vulnerabilities The 49 CVEs in Microsoft's May security update is the lowest volume in nearly two years. LATEST FROM THE EDGE
Identifying Compromised Data Can Be a Logistical Nightmare Being able to trace an incident backward from breach to data source is vital in restoring and improving cybersecurity. LATEST FROM DR TECHNOLOGY
New Bazel Ruleset Helps Developers Build Secure Container Images A new ruleset from Bazel, an open source build and test tool from Google, allows developers to create Docker images and generate software bills of materials about what is inside the containers.

WEBINARS

Next-Generation Supply Chain Security

Supply chain attacks are on the rise. Attackers are injecting malicious code into software and hardware components to create backdoors into the organization. As the Kaseya attack demonstrated, compromising a widely used product gives attackers privileged access into corporate networks. ...

Unleashing AI to Assess Cybersecurity Risk

Advancements in artificial intelligence technology and machine learning and deep learning algorithms can also transform enterprise risk management by giving security teams greater visibility and insights to assess the organization's cyber risk and overall security posture. In this webinar, experts ...

View More Dark Reading Webinars >>

WHITE PAPERS

ESG Report: Automated Application Security Testing for Faster Development A Security Leader's Guide to Leveraging MDR for Security Maturity and Development Every Minute Matters: Real-World Incident Response Timelines In Action The Big Business Of Cybercrime: A Deep Dive Guide The 3 Approaches to Breach & Attack Simulation Technologies What Are the Top and Niche Use Cases for Breach and Attack Simulation Technology? 2023 Gartner Market Guide for Cloud-Native Application Protection Platforms (CNAPP)

View More White Papers >>

FEATURED REPORTS

How Enterprises Are Managing Application Security Risks in a Heightened Threat Environment

Concerns over API security and low-code/no-code use added to an already-full plate of application security challenges for many organizations over the last year. IT and security decision-makers are deeply concerned about compromises resulting from vulnerabilities in the software supply ...

Successfully Managing Identity in Modern Cloud and Hybrid Environments

Cloud promised to simplify the security and management of enterprise systems. In many ways it has, but when it comes to identity management it's as complicated as ever. This report details how to get identity programs on track -- and ...

Shoring Up the Software Supply Chain Across Enterprise Applications

Supply chain security attacks are growing at an alarming pace, and things are going to keep getting worse until DevSecOps teams get on the same page. A little help from the feds could also be welcome Modern-day software development depends ...

View More Dark Reading Reports >>

PRODUCTS & RELEASES

Experian Announces US Fintech Data Network to Combat Fraud Global Research From Delinea Reveals That 61% of IT Security Decision Makers Think Leadership Overlooks the Role of Cybersecurity in Business Success Keeper Security Announces Minority Growth Equity Investment From Summit Partners Privoro and Samsung Partner to Provide Trusted Control Over Smartphone Radios and Sensors MORE PRODUCTS & RELEASES

CURRENT ISSUE

How Enterprises Are Managing Application Security Risks in a Heightened Threat Environment
DOWNLOAD THIS ISSUE
VIEW BACK ISSUES

Dark Reading Daily
-- Published By Dark Reading
Informa Tech Holdings LLC | Registered in the United States
with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA

To opt-out of any future Dark Reading Daily Newsletter emails, please respond here.

Thoughts about this newsletter? Give us feedback.

Keep This Newsletter Out Of Your SPAM Folder
Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list:

If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation.

We take your privacy very seriously. Please review our Privacy Statement.

Share on

Other newsletters from Informationweek.com

Beyond Washington, DC: The State of State-Based Data Privacy Laws Informationweek.com
3 hours ago
Faux ChatGPT, Claude API Packages Deliver JarkaStealer Informationweek.com
5 hours ago
Final Chance: Urgent Invite for December 3rd Informationweek.com
6 hours ago

More newsletters from Informationweek.com

Related newsletters

View other categories

Services | Professionals Business goods Financially Kantoor Marketing Retail Retail Industry Machines