Intel BootGuard private keys leaked following MSI hack
According to John Loucaides, senior vice president of strategy, the leak of BootGuard keys, even OEM keys, is a “big deal” due to the access BootGuard has. “The underlying threat is that attackers will create malicious firmware that appears valid and works on various systems. This is a real threat, ... Read More
Eclypsium Supply Chain Security for Enterprise Infrastructure
A complete enterprise solution, from core to cloud. Eclypsium is a supply chain security platform that builds trust in every device by identifying, verifying andfortifying software, firmware and hardware throughout enterprise infrastructure. The Eclypsium SaaS platformmonitors critical assets from chip to cloud and mitigates risk throughout the asset lifecycle. The ... Read More
Facing the Supply Chain Security Moment of Truth
While it has been coming for years, the industry is now facing its moment of truth for supply chain risks. The accelerating rash of major breaches in the technology supply chain has put threat actors in possession of the source code and secrets that underpin virtually all enterprise infrastructure. This ... Read More
Eclypsium Launches Supply Chain Security Platform for Enterprise Infrastructure
Portland, OR & San Francisco – RSA Conference – April 25, 2023 – Eclypsium®, the digital supply chain security company protecting enterprises’ critical hardware, firmware, and software, today announced the release of its Supply Chain Security Platform. The new platform enables an organization’s IT security and operations teams to continuously ... Read More
Cyber Defense Magazine Names Eclypsium a 2023 Global InfoSec Award Winner for Best Product Firmware
Eclypsium’s digital supply chain security platform heralded as cutting-edge firmware solution SAN FRANCISCO – RSA Conference – April 24, 2023 –Eclypsium®, the digital supply chain security company protecting enterprises’ critical hardware, firmware, and software, today announced that it has been awarded the Cyber Defense Global InfoSec award for Best Product ... Read More
MSI Incident Part 2: Binary Analysis
In the first part of this series, we described the incident between MSI and a new ransomware group known as Money Message. The group claimed to be able to release malicious firmware with what they had stolen, which included MSI’s development framework and private keys. Since this is a serious ... Read More
