Security News

Just days after leaking data it claims to have exfiltrated from chipmaker NVIDIA, ransomware group Lapsus$ is claiming another international company among its victims - this time releasing data purportedly stolen from Samsung Electronics. Lapsus$ had earlier announced on its Telegram channel that it had breached Samsung and offered a taste of what it had as proof, including biometric authentication information and source code from both Samsung and one of its suppliers, Qualcomm.

Adafruit has disclosed a data leak that occurred due to a publicly-viewable GitHub repository. On Friday, March 4th, Adafruit announced that a publicly-accessible GitHub repository contained a data set comprising information on some user accounts.

American chipmaking company NVIDIA on Tuesday confirmed that its network was breached as a result of a cyber attack, enabling the perpetrators to gain access to sensitive data, including source code purportedly associated with its Deep Learning Super Sampling technology. "We have no evidence of ransomware being deployed on the NVIDIA environment or that this is related to the Russia-Ukraine conflict," the company said in a security notice.

This week's biggest story is the massive data leak from the Conti ransomware operation, including over 160,000 internal messages between members and source code for the ransomware and TrickBot operation. A Ukrainian security researcher has leaked over 60,000 internal messages belonging to the Conti ransomware operation after the gang sided with Russia over the invasion of Ukraine.

The Lapsus$ data extortion group leaked today a huge collection of confidential data they claim to be from Samsung Electronics, the South Korean giant consumer electronics company. In a note posted earlier today, the extortion gang teased about releasing Samsung data with a snapshot of C/C++ directives in Samsung software.

Approximately 260,000 nonpublic disciplinary records stored on behalf of The State Bar of California were found to be exposed to the public and to have been republished on Judyrecords.com, a website that aggregates over 630 million public court records. Full case records were not disclosed, the State Bar said, and it's not yet clear how many attorney and witness names were revealed.

The Lapsus$ data extortion group has released what they claim to be data stolen from the Nvidia GPU designer. The first round of messages from Lapsus$ included a leak of what the actor said were hashed passwords of all Nvidia employees and a claim that the company hacked back to encrypt their virtual machine with the data.

Activists have reportedly leaked the contents of internal chats from the Russia-affiliated Conti ransomware gang as the Ukraine war continues. Conti ransomware group previously put out a message siding with the Russian government.

The crooks said unless Nvidia releases a software update that removes its recent crypto-coin mining limiter, they will leak what sounds like internal hardware documents - a hw folder, specifically. NCC Group released figures indicating a huge jump in the use of ransomware, with America the top target at 53 per cent of monitored infections, and Europe at 30 per cent.

CybelAngel published a research revealing that data leaks and shadow assets are the greatest source of exposure to cyberattacks faced by large organizations across the globe. Based on data from a sample group of customers, the research report reveals that data leak incidents increased, overall, by 63% and vulnerable shadow assets exposure grew by 40% in 2021.