A security breach in March robbed MSI of up to 1.5TB of sensitive data. However, MSI is not the only company impacted.
As a result of the breach, Intel is now investigating a major leak of Intel Boot Guard keys. The extent of the damage is still unclear, but the worst-case scenario is that the security feature is now useless on compromised devices — and that’s a pretty lengthy list.
This whole fiasco seems to have begun with the MSI data breach that took place earlier this year. The Money Message extortion gang targeted MSI in March, saying that it managed to steal around 1.5TB of sensitive data. It demanded a ransom of $4 million to not leak the data to the public.
MSI refused to give in and didn’t pay the ransom, and unfortunately, the hacker gang followed through and started leaking the firmware source code of MSI’s motherboards.
According to Alex Matrosov, the CEO of Binarly, a security platform, the source code may have contained some really sensitive information, such as Intel Boot Guard private keys for 116 MSI products.
Intel Boot Guard prevents the loading of malicious firmware on Intel hardware. The fact that it’s now compromised makes this as much Intel’s problem as it is MSI’s. If threat actors gain access to these keys, they might be able to create powerful malware that’s capable of bypassing Intel’s security measures.
Matrosov claims that Intel Boot Guard may now be ineffective on some of Intel’s best processors, including Tiger Lake, Alder Lake, and Raptor Lake chips running on MSI-based devices.
In a statement to Bleeping Computer, Intel said: “Intel is aware of these reports and actively investigating. There have been researcher claims that private signing keys are included in the data, including MSI OEM Signing Keys for Intel BootGuard. It should be noted that Intel BootGuard OEM keys are generated by the system manufacturer, and these are not Intel signing keys.”
It’s hard to say precisely how big of an impact this leak might have. It’s possible that it opened the door to the creation of malware that can skip right past Intel Boot Guard, and that could be dangerous for affected devices.
If you’re using a build with an MSI motherboard and an Intel chip, take the usual security measures to stay safe. This includes not downloading files from sources you don’t trust and regularly scanning your computer with antivirus software, if you’re using any. We’ll have to wait for Intel and MSI to share more information on the data breach in order to know what happens next.
- Intel may have found the solution to Nvidia’s melting GPUs
- Hackers dug deep in the massive LastPass security breach
- Intel Alder Lake BIOS source code was leaked — should you be worried?
- Intel has a plan for how to beat Nvidia with Arc Alchemist
- Apple’s antivirus strategy for Mac has gone fully preemptive, but is that enough?
Monica is a UK-based freelance writer and self-proclaimed geek. A firm believer in the “PC building is just like expensive…
Intel XeSS massively boosts performance, and it might actually launch soon
Intel’s Tom Petersen and Ryan Shrout have reunited once again for another round of insights into Intel Arc. This time, they delivered a deep dive into the upcoming Intel XeSS technology, which will be Intel’s response to Nvidia’s DLSS.
The tech has long been expected, but it seems that Intel is planning to launch it soon. More importantly, based on the tests provided by Shrout and Petersen, Intel XeSS might be able to serve up a serious performance boost.
Hackers stole LastPass source code in data breach incident
Today, LastPass confirmed a data breach in a blog post describing the incident to its customers that rely on the company’s products for online security. The company emphasized that customer data was not stolen in the breach, however, and that users do not have to do anything to secure their data.
In a post written by CEO Karim Toubba, LastPass stated the following:
How Intel laughs in the face of thermal throttling (but probably shouldn’t)
When I reviewed the MSI GT77 Titan, one thing was clear: Intel’s new 16-core Core i9-12900HX is a monster. It beat everything, delivering the best raw processor performance you can buy right now regardless of heat, power, or noise. It worked, but a closer look at the thermal situation reveals how little room Intel has left to grow.
The GT77 Titan is the best case gaming laptop for the Core i9-12900HX with a massive cooling apparatus on the back that ramps up like a jet engine when the CPU is under load. Even still, this $5,000+ laptop with a cooler almost exclusively designed to handle a 16-core, 55W laptop processor shows thermal throttling immediately in CPU-intensive applications. Unless Intel gets the power and thermal situation under control, it’s hard to expect high-end 13th-gen Raptor Lake chips to deliver in the same way 12th-gen Alder Lake processors have.
Throttling doesn’t matter when you’re the best
The post Massive data breach leaves Intel scrambling for solutions | Digital Trends first appeared on www.digitaltrends.com