Security News

Lapsus$ suspects arrested for Microsoft, Nvidia, Okta hacks
2022-03-24 20:25

As Lapsus$ data extortion gang announced that several of its members are taking a vacation, the City of London Police say they have arrested seven individuals connected to the gang. The latest public message from the group on Wednesday announced that some of its members were taking a vacation until March 30.

Nvidia’s Morpheus AI security framework to land in April
2022-03-23 01:22

GTC Nvidia teased several updates to its Morpheus AI security framework at GTC this week, and also announced it would make the application framework generally available in April. In addition to releasing a pre-built version of Morpheus, Nvidia will also publish the framework's full source code on GitHub to allow developers to modify Morpheus and build security applications on top of the software.

Nvidia’s breach might help cybercriminals run malware campaigns
2022-03-08 00:40

Code-signing certificate theft - more common than you might think. The compromise of signing certificates is an old technique that's been used in the past by several cybercriminals to sign their malware.

Nvidia’s Stolen Code-Signing Certs Used to Sign Malware
2022-03-07 17:46

Two of Nvidia's code-signing certificates were part of the Feb. 23 Lapsus$ Group ransomware attack the company suffered - certificates that are now being used to sign malware so malicious programs can slide past security safeguards on Windows machines. Security researchers noted last week that binaries that hadn't been developed by Nvidia, but which had been signed with its stolen certificate to come off like legitimate Nvidia programs, had appeared in the malware sample database VirusTotal.

Hackers Who Broke Into NVIDIA's Network Leak DLSS Source Code Online
2022-03-05 22:47

American chipmaking company NVIDIA on Tuesday confirmed that its network was breached as a result of a cyber attack, enabling the perpetrators to gain access to sensitive data, including source code purportedly associated with its Deep Learning Super Sampling technology. "We have no evidence of ransomware being deployed on the NVIDIA environment or that this is related to the Russia-Ukraine conflict," the company said in a security notice.

Malware now using stolen NVIDIA code signing certificates
2022-03-05 20:45

Threat actors are using stolen NVIDIA code signing certificates to sign malware to appear trustworthy and allow malicious drivers to be loaded in Windows. The leak includes two stolen code-signing certificates used by NVIDIA developers to sign their drivers and executables.

Malware now using NVIDIA's stolen code signing certificates
2022-03-05 20:45

Threat actors are using stolen NVIDIA code signing certificates to sign malware to appear trustworthy and allow malicious drivers to be loaded in Windows. The leak includes two stolen code-signing certificates used by NVIDIA developers to sign their drivers and executables.

Leaked stolen Nvidia key can sign Windows malware
2022-03-05 04:09

An Nvidia code-signing certificate was among the mountain of files stolen and leaked online by criminals who ransacked the GPU giant's internal systems. At least two binaries not developed by Nvidia, but signed this week with its stolen cert, making them appear to be Nvidia programs, have appeared in malware sample database VirusTotal.

NVIDIA data breach exposed credentials of over 71,000 employees
2022-03-03 21:59

More than 71,000 employee credentials were stolen and leaked online following a data breach suffered by US chipmaker giant Nvidia last month. The Have I Been Pwned data breach notification service has added data belonging to 71,335 compromised accounts to its database on Wednesday.

NVIDIA confirms data was stolen in recent cyberattack
2022-03-01 16:46

Chipmaker giant Nvidia confirms that its network was breached in a cyberattack last week, giving intruders access to proprietary information data and employee login data. In an initial statement last week, Nvidia said it was investigating an incident that reportedly impacted some systems, causing an outage.