The Lapsus$ data extortion group leaked today a huge collection of confidential data they claim to be from Samsung Electronics, the South Korean giant consumer electronics company. The leak comes less than a week after Lapsus$ released a 20GB document archive from 1TB of data stolen from Nvidia GPU designer. In a note posted earlier today, the extortion gang teased about releasing Samsung data with a snapshot of C/C++ directives in Samsung software. READ MORE...
Popular open-source computer hardware company Adafruit Industries accidentally exposed customer data via the GitHub account of a former employee. As you've probably figured out already, Adafruit is named after after Ada Lovelace, a nineteenth-century British intellectual who was a computer programmer long before any programmable computers existed. The company sells a wide range of miniature open-source hardware boards and kits for hobbyists and professionals alike. READ MORE...
Mozilla has released an out-of-band security update for Firefox, Firefox Focus, and Thunderbird, fixing two critical vulnerabilities (CVE-2022-26485, CVE-2022-26486) exploited by attackers in the wild. The two patched zero-days are both memory corruption bugs of the "use-after-free" kind, meaning that they may allow attackers to use memory that has been freed by the program. READ MORE...
Cisco has released a security advisory about two vulnerabilities in the API and web-based management interfaces of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS). The flaws could allow an authenticated, remote attacker with read/write privileges to the application to write files or execute arbitrary code on the underlying operating system of an affected device as the root user. READ MORE...
Part I of this series examined newly-leaked internal chats from the Conti ransomware group, and how the crime gang dealt with its own internal breaches. Part II explored what it's like to be an employee of Conti's sprawling organization. Today's Part III looks at how Conti abused popular commercial security services to undermine the security of their targets, as well as how the team's leaders strategized for the upper hand in ransom negotiations with victims. READ MORE...
Disk wipers are one particular type of malware often used against Ukraine. The implementation and quality of those wipers vary, and may suggest different hired developers. The day before the invasion on Ukraine by Russian forces on February 24, a new data wiper was found to be unleashed against a number of Ukrainian entities. This malware was given the name "HermeticWiper" based on a stolen digital certificate from a company called Hermetica Digital Ltd. READ MORE...
Hey webop_geeks, you_are_already_dead, a note claiming to be left by the REvil ransomware gang declared, embedded into the attack itself as a string of text in the URL for the extortion demand. Imperva reported the interesting twist on Friday - one of several it's seen in the evolution of distributed denial-of-service (DDoS) attacks so far this year. READ MORE...
An Nvidia code-signing certificate was among the mountain of files stolen and leaked online by criminals who ransacked the GPU giant's internal systems. At least two binaries not developed by Nvidia, but signed this week with its stolen cert, making them appear to be Nvidia programs, have appeared in malware sample database VirusTotal. This leak means sysadmins should take steps to ensure code recently signed by the rogue cert is detected and blocked as it is most likely going to be malicious. READ MORE...