Disclosures:
Professional Reviews

The reviews found on GuideHaven consist of evaluations conducted by community reviewers. These assessments take into account the reviewers’ unbiased and knowledgeable analysis of the products and services being reviewed.

Ownership

GuideHaven is a leading cybersecurity review website with a team of experts experienced in testing and evaluating VPNs, antiviruses, password managers, parental controls, and software tools. Our reviews are available in 29 languages, making them accessible to a broad audience since 2018. To further support our readers in their pursuit of online security, we’ve partnered with Kape Technologies PLC, which owns popular products like ExpressVPN, CyberGhost, ZenMate, Private Internet Access, and Intego, all of which may be reviewed on our website.

Affiliate Commissions

GuideHaven contains reviews that follow the strict reviewing standards, including ethical standards, that we have adopted. Such standards require that each review will take into consideration the independent, honest, and professional examination of the reviewer. That being said, we may earn a commission when a user completes an action using our links, at no additional cost to them. On listicle pages, we rank vendors based on a system that prioritizes the reviewer’s examination of each service, but also considers feedback received from our readers and our commercial agreements with providers.

Review Guidelines

The reviews published on GuideHaven are written by community reviewers that examine the products according to our strict reviewing standards. Such standards ensure that each review prioritizes the independent, professional, and honest examination of the reviewer, and takes into account the technical capabilities and qualities of the product together with its commercial value for users. The rankings we publish may also take into consideration the affiliate commissions we earn for purchases through links on our website.

News Heading

Private Keys From MSI Data Heist Leaked by Ransomeware Group

Ari Denial
Published by Ari Denial on May 11, 2024

The recent cyberattack on Taiwanese PC maker, Micro-Star International (MSI) has resulted in crucial data leak, including the alleged Intel’s BootGuard private keys.

The data leak contains firmware image as well as Intel’s BootGuard private signing keys which will affect 166 MSI products, claims Alex Matrosov, founder, and CEO of Binarly Inc. He further claims that the OEM data leak will impact Intel’s entire ecosystem. As companies like Lenovo, Supermicro, HP, among others depend on Intel’s BootGuard security technology for their products.

Intel’s BootGuard is a hardware-based security technology that protects the system by blocking installation of potentially malicious software, for example, tampered UEFI/BIOS firmware. If any threat actors have access to a device’s private BootGuard key, they could easily tamper with the firmware codes and access sensitive information.

The group responsible for the attack is a recently established ransomware gang named Money Message that was first noticed in March 2023. They target mainly Windows and Linux operating systems and claim to exfiltrate the victim’s data before encrypting it. They then threaten to publish it online on their dark leak site if the ransom is not paid within the specified time.

This method of attack was used by them against MSI, and the data leak was a result of the latter’s refusal to pay the ransom of $4 Million. Following the attack, MSI disclosed that normal operations had gradually resumed with no significant impact on financial business. They also urged users to install firmware/BIOS updates only from their official website, and not files from third-party sources.

Furthermore, following last week’s data leak story, Intel has stated that it is investigating the leak associated with its BootGuard OEM signing keys. They’ve also stated that, ‘’Intel BootGuard OEM keys are generated by the system manufacturer and are not Intel signing keys.’’

“Based on our current review and investigation, Supermicro products are not affected.’’ according to the statement released by Supermicro.

Did you like this article? Rate it!
 
 
 
 
 
I hated it I don’t really like it It was ok Pretty good! Loved it!
0 Voted by 0 users
Title
Comment
Thanks for your feedback