Circle, the firm behind USDC stablecoin, issued a warning about an active phishing campaign attempting to lure users into transferring tokens to malicious...
TorGuard has settled a copyright infringement lawsuit filed by several movie companies last year. The VPN provider stood accused of failing to take action against subscribers who were pirating films. As part of the settlement, TorGuard agrees to block BitTorrent traffic on U.S. servers; however, it stresses that user privacy is in no way affected by this decision.
From: TF, for the latest news on copyright battles, piracy and more.
Samsung on Monday confirmed a security breach that resulted in the exposure of internal company data, including the source code related to its Galaxy smartphones. "According to our initial analysis, the breach involves some source code relating to the operation of Galaxy devices, but does not include the personal information of our consumers or employees," the electronics giant told Bloomberg.
The fallout continues from the ransomware attack that targeted Nvidia, as it has been discovered that some of the company’s older GPU drivers can now conceal malware. According to TechPowerUp, stolen code-signing certificates are being used to place malware on unsuspecting PCs. This was also confirmed by @BillDemirkapi on Twitter. The code-signing certificates expired in 2014 and 2018, but that doesn’t stop Windows from recognizing these as legitimate. And this could be a massive issue for those who aren’t sure what to look out for.
BleepingComputer pointed out the kinds of malware making the rounds. These include Cobalt Strike Beacons, Mimikatz, backdoors, and Remote Access Trojans. This is clearly a problematic situation for Nvidia, and it’s unknown how much worse the situation could become in the next few weeks. But for now, it’s important that users remain vigilant for anything that seems out of the ordinary. Particularly when it comes to downloadin...
Organizations worldwide should remain on high alert for cyberattacks as the risk of major cyber-spillover from the crisis in Ukraine continues to loom large
Last week Nvidia confirmed that it had been the victim of an internal hack, though it claimed no customer information was compromised. While the hackers have made some very strange demands, threatening to release sensitive corporate data if Nvidia doesn't unlock some of its most powerful graphics cards for cryptocurrency mining, regular users didn't need to worry much. Today we're seeing one of the first effects of the hack on end-users: Nvidia GPU driver packages with malware hidden inside.
While it was always possible for malefactors to host links pretending to be drivers in the hopes of installing viruses, trojans, and other nasty stuff on a user's PC, this situation is more concerning. The hackers appear to have leaked Nvidia's official code signing certificates, a means by which users (and Microsoft) can verify that a downloaded program comes from the publisher it says it's from.
That's allowing files containing a host of popular malware suites to be posted and downloaded, bypassing Windows Defender's built-in executable verification and slipping past anti-virus software. BleepingComputer reports that two now-expired (but still usable) verification codes have been compromised and used to deliver remote access trojans. Another example, using the Nvidia verification to sign a fake Windows driver, was also spotted.
While it's possible to block the installation of packages with the expired codes using Windows Defender, it's an advanced technique that's probably only of interest to your company's sysadmin. For regular users looking for the latest graphics card drivers (or any driver, for that matter), the advice is the same as always: be careful to only download it from the official source—the Nvidia website or your installation of GeForce Experience, in this case.
Samsung has reportedly been hacked by the same group that attacked Nvidia last week.
According to Bleeping Computer, the hacking group has released almost 190 GB of confidential data and code from a number of Samsung projects, including biometric data, source code for Samsung's activation servers, and "full source code for technology used for authorising and authenticating Samsung accounts".