Quantcast
Channel: BOT24
Viewing all articles
Browse latest Browse all 8064

Security Done Wrong: Leaky FTP Server (AMI-Bios Sourcecode and UEFI Signing Key)

$
0
0

A few hours ago I received a call from my frequent research partner, Brandon Wilson, about an open FTP server hosted in Taiwan serving up some rather interesting data. Internal emails, various system images (and even the Ghost software!), numerous photos - some personal, some high resolution PCB images, private specification sheets, Excel documents loaded with private information - but that wasn’t the worst.
In a folder called code was quite a treasure. The source code for different versions of American Megatrends (AMI) firmware - but there was even a bonus on top of that! They included their private signing key with the code in the ‘Ivy Bridge’ archive


Viewing all articles
Browse latest Browse all 8064

Trending Articles