CSOonline

Secure Boot no more? Leaked key, faulty practices put 900 PC/server models in jeopardy

PKfail: An AMI Platform Key discovered on GitHub led researchers to uncover test keys in firmware images from major PC and server vendors, something hackers could exploit if leaked to gain kernel ...
ExtremeTech

Microsoft leaks Secure Boot credentials, shows why backdoor 'golden keys' can't work

Over the past year, there's been a raging debate over what kinds of encryption companies should use and whether they should retain the ability to crack end-user devices when ordered to do so by the ...
SDxCentral

VU#455367: Insecure Platform Key (PK) used in UEFI system firmware signature

A vulnerability in the user of hard-coded Platform Keys (PK) within the UEFI framework, known as PKfail, has been discovered. This flaw allows attackers to bypass critical UEFI security mechanisms ...