Last week Nvidia confirmed that it had been the victim of an internal hack, though it claimed no customer information was compromised. While the hackers have made some very strange demands, threatening to release sensitive corporate data if Nvidia doesn't unlock some of its most powerful graphics cards for cryptocurrency mining, regular users didn't need to worry much. Today we're seeing one of the first effects of the hack on end-users: Nvidia GPU driver packages with malware hidden inside.
While it was always possible for malefactors to host links pretending to be drivers in the hopes of installing viruses, trojans, and other nasty stuff on a user's PC, this situation is more concerning. The hackers appear to have leaked Nvidia's official code signing certificates, a means by which users (and Microsoft) can verify that a downloaded program comes from the publisher it says it's from.
That's allowing files containing a host of popular malware suites to be posted and downloaded, bypassing Windows Defender's built-in executable verification and slipping past anti-virus software. BleepingComputer reports that two now-expired (but still usable) verification codes have been compromised and used to deliver remote access trojans. Another example, using the Nvidia verification to sign a fake Windows driver, was also spotted.
While it's possible to block the installation of packages with the expired codes using Windows Defender, it's an advanced technique that's probably only of interest to your company's sysadmin. For regular users looking for the latest graphics card drivers (or any driver, for that matter), the advice is the same as always: be careful to only download it from the official source—the Nvidia website or your installation of GeForce Experience, in this case.
Researchers have detailed what they call the "first successful attempt" at decrypting data infected with Hive ransomware without relying on the private key used to lock access to the content. "We were able to recover the master key for generating the file encryption key without the attacker's private key, by using a cryptographic vulnerability identified through analysis," a group of academics
Smaller businesses with limited resources can struggle to know the best steps to protect their organization from the cyber security risks out there. Cyber-attacks...
Today, a large proportion of businesses around the world have an online presence, and this could be in the form of a website or social media accounts. Lots of businesses also store customer information on encrypted online platforms. This has created an opportunity for hackers as they can easily get a hold of your documents […]
In this Desktop Central review, we will talk about how this software can change your lives easier. ManageEngine is a company that provides your company...