Intel has confirmed that the alleged leak of its Alder Lake BIOS resource code is authentic, most likely increasing cybersecurity challenges for shoppers.
Very last week, the firm’s BIOS/UEFI code was apparently posted on 4chan and Github in a repository named ‘ICE_TEA_BIOS.’ This repository consists of 5.97 GB of documents, resource code, private keys, change logs and compilation tools.
In a statement to Tom’s Hardware, an Intel spokesperson stated: “Our proprietary UEFI code appears to have been leaked by a third party. We do not feel this exposes any new security vulnerabilities as we do not rely on obfuscation of information as a security evaluate. This code is protected beneath our bug bounty application in the Project Circuit Breaker marketing campaign, and we really encourage any scientists who may well determine opportunity vulnerabilities to deliver them our focus as a result of this program. We are achieving out to both equally consumers and the security research group to preserve them informed of this situation.”
Protect and backup your data using AOMEI Backupper. AOMEI Backupper takes secure and encrypted backups from your Windows, hard drives or partitions. With AOMEI Backupper you will never be worried about loosing your data anymore.
Get AOMEI Backupper with 72% discount from an authorized distrinutor of AOMEI: SerialCart® (Limited Offer).
➤ Activate Your Coupon Code
It is presently unclear how the supply code was accessed, and who was dependable.
The leak relates to Intel’s 12th generation Intel Main processors, unveiled in November 2021. In spite of Intel’s reassurances, the leak could pose a security risk for customers, building it a lot easier for cyber-criminals to find vulnerabilities in the merchandise.
Sam Linford, vice president of EMEA Channels at Deep Intuition, commented: “The theft of source code is an really terrifying prospect for companies and can open up the doorway to cyber-attacks. Source code retains huge price to cyber-criminals as it is section of a company’s intellectual property.
“Cyber-criminals are normally on the lookout for new tactics or vulnerabilities in buy to capture security groups off guard. Incidents like this, where stolen source code could be employed to start cyber-attacks, exhibits us that it is critical that we start off searching to a prevention-initial frame of mind.”
There have been various incidents of an organization’s supply code remaining leaked this 12 months. In August 2022, password administration business LastPass discovered that portions of its resource code were stolen, and in September 2022, a hacker stole source code for Grand Theft Automobile 5 and the in-enhancement version of Grand Theft Vehicle 6 from gaming big Rockstar Video games.
Some elements of this article are sourced from:
www.infosecurity-magazine.com