SUBSCRIBE NOW

Tag: Cybersecurity

Malwarebytes, Fortinet, Veriff, SecureWorks Extend Their Layoffs Lists

Posted on by admin12

In the fast-evolving world of cybersecurity, 2023 has witnessed a grim trend. Across the industry, at least 46 cybersecurity companies have made the difficult decision to lay off 4,738 employees.

These workforce reductions have sent shockwaves through the tech community, signaling a significant shift in the landscape of digital defense. The actual numbers might be even higher, as some companies chose not to disclose their precise figures.

Malwarebytes’ Second Round of Layoffs

Malwarebytes, a prominent California-based cybersecurity protection software and services provider, is the most recent contributor to this disheartening statistic.

Approximately 100 to 110 employees were on the receiving end of pink slips. This unfortunate event follows a similar wave of layoffs almost a year ago when Malwarebytes let go of 14% of its global workforce, as reported by techcrunch.com.

This news arrives just a week after Malwarebytes made headlines for a different reason—its acquisition of online privacy company Cyrus. According to the company, this strategic acquisition aims to bolster its mobile privacy solutions.

Marcin Kleczynski, CEO of Malwarebytes, shared some insights regarding these recent layoffs with TechCrunch. He explained that these cuts primarily impacted corporate employees and were part of a broader “strategic reorganization” within the company.

Fortinet and the Unreported Layoffs

Fortinet, an employer with a substantial workforce of 13,677 people as of June 2023, also made headlines with its layoffs. Although the number of affected employees remains undisclosed, it was confirmed that the sales, channel, and business development groups bore the brunt of these reductions.

This move came in response to lower-than-expected earnings for the quarter, highlighting the intense competition and challenges cybersecurity firms face in the current market.

Veriff and SecureWorks Join the Wave

Estonia-based identity verification company Veriff had to make the painful decision to lay off 101 employees, which accounted for 21% of its workforce.

Meanwhile, American cybersecurity company SecureWorks also had to tighten its belt, cutting 300 positions, which represents a 15% reduction in its workforce.

Also Read, Google’s Motion to Disprove Advertising Antitrust Case Denied by US Judge

Rapid7 and Other Significant Announcements

In this wave of layoffs, Boston cybersecurity company Rapid7 announced plans to eliminate 18% of its workforce, affecting 470 positions. Amongst the most substantial recent announcements was OneTrust, which made headlines by reducing its workforce by a staggering 25%, amounting to 950 employees.

The cloud and security services firm F5 followed suit by laying off 9% of its staff, impacting 623 employees. Sophos, another major player in the cybersecurity field, concluded this string of unfortunate events by cutting 10% of its headcount, totaling 450 employees.

These layoffs have undoubtedly created ripples of concern throughout the cybersecurity industry. As companies adapt to the ever-changing landscape of digital threats and challenges, they also grapple with the need to streamline operations and navigate an increasingly competitive market.

The future of these affected employees remains uncertain, but the industry is bracing itself for what lies ahead.

Conclusion

In an industry built on the premise of safeguarding digital assets and privacy, the cybersecurity sector is confronting its own set of challenges.

While companies are taking strategic measures to stay afloat, the human toll of these layoffs is significant. The impact on the lives of thousands of employees cannot be understated.

Also Read, TikTok Introduces Enhanced Search Ad Features for Marketers

Frequently Asked Questions – FAQs

Why are cybersecurity companies laying off employees in 2023?

Cybersecurity companies face increased competition and market challenges, prompting them to restructure and streamline their operations through workforce reductions.

How has the cybersecurity industry evolved in recent years?

The cybersecurity industry has evolved rapidly due to the ever-changing digital threat landscape, necessitating adaptability and efficiency in business operations.

What is the significance of Malwarebytes’ recent acquisition of Cyrus?

Malwarebytes’ acquisition of Cyrus aims to enhance its mobile privacy solutions, reflecting its commitment to improving its cybersecurity offerings.

How can laid-off employees in the cybersecurity sector cope with these challenges?

Laid-off employees can explore retraining opportunities, network within the industry, and consider freelance or consulting work to navigate these challenging times.

What does the future hold for the cybersecurity industry?

The future of the cybersecurity industry is uncertain, but it will likely continue to evolve rapidly in response to emerging digital threats and technological advancements.

Over 2M Websites at Risk: New Cyber Threat in Popular WordPress Plugin

Posted on by Admin

“According to the latest event, researchers have discovered that certain cyber attacks can exploit the latest version of WordPress. Authorities have asked users of the Advanced Custom Fields plugin for WordPress to update. They urged to make the update to version 6.1.6 of WordPress.”

WordPress, a widely used CMS is a free and open-source CMS written in hypertext preprocessor language and coupled with a MySQL or MariaDB database. WordPress, which powers 43% of the web, updates itself yearly as a content management system (CMS).

Also Read, Halcyon Gets $50M Fund for Anti-Ransomware Tool Development

According to the latest event, researchers have discovered that certain cyber attacks can exploit the latest version of WordPress. Authorities have asked users of the Advanced Custom Fields plugin for WordPress to update. They urged to make the update to version 6.1.6 of WordPress.

The vulnerability, known as CVE-2023-30777, represents a case of reflected cross-site scripting (XSS). Malicious actors can exploit this vulnerability to inject absurd executable scripts into otherwise benign websites.

Users have installed the Advanced Custom Fields plugin, available in both pro and free versions, more than two million times. Security researchers discovered and reported the vulnerability to the WordPress team on May 2, 2023.

Patchstack researcher Rafie Muhammad said, “This vulnerability allows any unauthenticated user to steal sensitive information. In this case, the vulnerability enables privilege escalation on the WordPress site by tricking a privileged user into visiting the crafted URL path.”

Users can experience reflected XSS cyber attacks when they unknowingly click on a fake link sent through email or other means, such as messages. This action allows malicious code to infiltrate the vulnerable website, which then reflects the attack back to the user’s browser.

Imperva, a cyber security leader notes, “[A reflected XSS attack] is typically a result of incoming requests not being sufficiently sanitized, which allows for the manipulation of a web application’s functions and the activation of malicious scripts,”

It is worth noting that the vulnerability CVE-2023-30777 can start on the configuration of Advanced Custom Fields or on a default installation. However, only logged-in accounts with plugin access can perform this task.

Halcyon Gets $50M Fund for Anti-Ransomware Tool Development

Posted on by Admin

“The startup said the Series A funding was led by SYN Ventures, a renowned investment company that gives early-stage funding to cybersecurity companies. Halcyon also took on equity investments from Corner Capital and Dell Technologies Capital.”

Halcyon, a startup based in Texas, US, developing an anti-ransomware engine powered by AI that will help companies ward off data extortion attacks, has got $50 million in funding from known venture capital investors.

Also Read, CISA Launch Open-Source Tool to Detect Microsoft Cloud Hacking

The startup said the Series A funding was led by SYN Ventures, a renowned investment company that gives early-stage funding to cybersecurity companies. Halcyon also took on equity investments from Corner Capital and Dell Technologies Capital.

The new funding gives a boost to Halcyon to accelerate the development and adoption of what it is calling a “cyber resilience platform” built to defeat extortion and ransomware campaigns.

Halcyon is marketing a platform that ensures a multi-layered approach to defeat ransomware and it is developed using a lightweight engine that merges prevention engines with AI models trained solely on ransomware.

Pre-execution ransomware prevention is a feature that uses AI/ML engines to identify and avoid any known bad executables such as off-the-shelf commodity ransomware and forwards unknown but skeptical executables to the extra security layers for further analysis.

Jon Miller, the Co-Founder, of Halcyon, said, “We engineered to embrace failure as a core concept of protection. Stopping ransomware requires multiple prevention and detection techniques, all trained extensively on years of actual ransomware attacks.”

Halcyon has also provided features to trick ransomware into revealing or aborting the attack by exploiting features hardcoded in the ransomware itself.

CISA Launch Open-Source Tool to Detect Microsoft Cloud Hacking

Posted on by Admin

“Known as the ‘Untitled Goose Tool’ and developed along with Sandia, a U.S. Department of Energy national laboratory, the tool can dump telemetry information from Microsoft 365, Microsoft Azure, and Azure Active Directory.”

CISA, the American Cybersecurity & Infrastructure Security Agency has released a new open-source incident response (OSIR) tool designed to detect signs of unauthorized activity in Microsoft cloud environments.

Also Read, Hackers in Order to Install Frebniis Malware Hacks IIS Feature

Known as the ‘Untitled Goose Tool’ and developed along with Sandia, a U.S. Department of Energy national laboratory, the tool can dump telemetry information from Microsoft 365, Microsoft Azure, and Azure Active Directory. 

CISA said, “Untitled Goose Tool is a robust and flexible hunt and incident response tool that adds novel authentication and data gathering methods in order to run a full investigation against a customer’s Azure Active Directory (AzureAD), Azure, and M365 environments. Untitled Goose Tool gathers additional telemetry from Microsoft Defender for Endpoint (MDE) and Defender for Internet of Things (IoT) (D4IoT).”

With the help of Microsoft cloud interrogation and analysis tool of CISA, security networks, and experts will be able to –

  • Export and review Microsoft Defender for IoT alerts, Azure activity logs, M365 unified audit log, AAD sign-in and audit logs, and Microsoft Defender for Endpoint data for suspicious activity.
  • Query, export, and investigate Azure,  AAD, and M365 configurations.
  • Draw out cloud artifacts from Microsoft’s M365, AAD, and Azure environments without executing additional analytics. 
  • Managing time bounding of the UAL.

Earlier in March 2023, an open-source tool called ‘Decider’ was released by CISA to help defenders generate MITRE ATT&CK mapping reports to fine-tune their security posture based on the tactics and techniques of adversaries.

Decider was launched when a “best practices” guide about MITRE ATT&CK mapping in January was published, highlighting the imperativeness of using the standard. It also announced that starting January 2023, it would alert critical infrastructure entities of Internet-based systems susceptible to ransomware attacks.

The Malware of Worok hides in PNGs

Posted on by Admin

A group of hackers named, Worok is able to hide their malware within PNG images. By this way they are easily infecting victims’ machines for stealing information.

Researchers at Avast have confirmed this. In early. In September 2022 built upon the findings of ESET, the first to spot and report on Worok’s activity.

 

ESET’S warning

 

According to a report by Bleeping Computer, “A newly discovered cyber-espionage group has been hacking governments and high-profile companies in Asia since at least 2020 using a combination of custom and existing malicious tools.

The threat group, tracked as Worok by ESET security researchers who first spotted it, has also attacked targets from Africa and the Middle East.

To date, Worok has been linked to attacks against telecommunications, banking, maritime, and energy companies, as well as military, government, and public sector entities.”

ESET malware researcher Thibaut Passilly said, “We believe the malware operators are after information from their victims because they focus on high-profile entities in Asia and Africa, targeting various sectors, both private and public, but with a specific emphasis on government entities,”.

 

Avast’s Report

 

According to Avast’s researchers, “Our fellow researchers from ESET published an article about previously undocumented tools infiltrating high-profile companies and local governments in Asia. The tools, active since at least 2020 are designed to steal data. ESET dubbed them Worok. ESET monitored a significant break in activity from May 5, 2021 to the beginning of 2022. Nevertheless, when Worok became active again, new targeted victims – including energy companies in Central Asia and public sector entities in Southeast Asia – were infected to steal data based on the types of the attacked companies.”

We live Security by ESET reported, “During the ProxyShell (CVE-2021-34523) vulnerability disclosure in early 2021, we observed activity from various APT groups.”

For more updates on security industry, click here.

Cloudflare cites an increase in “specific, targeted threats”

Posted on by Admin

Cloudflare, a website security and hosting provider, announced on Saturday that it had blocked Kiwi Farms, an online forum known for hateful content. In a post on Cloudflare’s blog, the company said Kiwi Farms posed an “immediate threat to human life,” citing an increase of “targeted threats” over the past two days.

 

Concerns about Kiwi Farms grew after transgender YouTuber and Twitch streamer, Clara Sorrenti (Keffals), had been targeted by a dangerous harassment campaign by users from the site. Last month, Kiwi Farms users waged a swatting attack against Sorrenti, otherwise known as the act of providing a false tip to police that someone’s planning on carrying out a violent crime, resulting in police swarming the victim’s home.

 

Sorrenti later went into hiding and started a #DropKiwifarms campaign that urged Cloudflare to stop serving Kiwi Farms. Users across Twitter shared the hashtag, also with some revealing the harassment they’ve experienced at the hand of Kiwi Farms’ users.

 

Cloudflare initially resisted calls to drop Kiwi Farms, saying that it would be “an abuse of power” to do so. In an update posted to its site last week, Cloudflare outlined its policies on abusive content, laying out an argument for maintaining service without explicitly mentioning Kiwi Farms. In the post, Cloudflare argues that its termination of sites like The Daily Stormer, a neo-Nazi message board, and 8Chan, a forum that breeds extremist content, led “authoritarian regimes” to ask Cloudflare to “terminate security services for human rights organizations.”

 

Breaches in Security

 

“Just as the telephone company doesn’t terminate your line if you say awful, racist, bigoted things, we have concluded in consultation with politicians, policy makers, and experts that turning off security services because we think what you publish is despicable is the wrong policy,” Cloudflare explains.

 

In its more recent update, Cloudflare cites an “unprecedented emergency” as justifying both the takedown and the service’s change of heart. Notably, Cloudflare didn’t provide hosting for Kiwi Farms’ website, but provided security services that many saw as instrumental to keeping the site online.

 

“Visitors to any of the Kiwifarms sites that use any of Cloudflare’s services will see a Cloudflare block page and a link to this post,” Cloudflare explains. “Kiwifarms may move their sites to other providers and, in doing so, come back online, but we have taken steps to block their content from being accessed through our infrastructure.” Cloudflare has also coordinated with law enforcement to address some of the threats on the site, but claims the “process is moving more slowly than the escalating risk.”

 

A group of Hackers stole police data on a billion Chinese citizens

Posted on by Admin

In today’s world Hackers are the criminals everyone should be afraid of. Not only the normal citizens and netizens but Government authorities can also fall prey to them. Recently a group of Hackers claimed that they have stolen data on a billion Chinese citizens from a Shanghai police database. Not only this they are also attempting to sell the data. 23 terabytes of will cost just over $198,000. According to Bloomberg, “The person or group claiming the attack has offered to sell more than 23 terabytes of stolen data from the database, including names, addresses, birthplaces, national IDs, phone numbers and criminal case information, according to an anonymous post on an online cybercrime forum last week. The unidentified hacker was asking for 10 bitcoin, worth around $200,000.” They added, “Shanghai authorities have not publicly responded to the purported hack. Representatives for the city’s police and Cyberspace Administration of China, the country’s internet overseer, did not immediately respond to faxed requests for comment.”

 

The actual threat of Hackers

 

The real threat about this is that the data they have stolen includes old criminal cases which other than police are not expected to to have access of. Engadget says, “the hacker provided a sample of the data, which included crime reports dating as far back as 1995. Reporters confirmed the legitimacy of at least some of the data by calling people whose numbers were listed.” They added, “It’s not yet clear how the hacker infiltrated the police database, though there have been suggestions that they gained access via an Alibaba cloud computing company called Aliyun, which was said to host the database. Alibaba said it’s investigating the matter.

The true scope of the leak is unknown. However, cybersecurity experts have dubbed it the biggest cybersecurity breach in China’s history.”

It will be interesting to see how in future the respective authority handles and takes further steps to cop up with the matter.

Unemployment Benefits in some states are affected by a Cyberattack

Posted on by Admin

Associated Press reported that a cyberattack on a third-party vendor has impacted employment services, including unemployment benefits, in several states. They said, “A cyberattack on a software company has disrupted unemployment benefits and job-seeking assistance for thousands of people in several states.

In Tennessee, the website for unemployment benefits remained down Thursday morning after the vendor, Geographic Solutions Inc., told the state Sunday that service would be interrupted. Some 12,000 Tennesseans rely on the unemployment program, and for now, they’re not getting their payments. The company said that it expects Tennessee’s system to be back online before July 4.”

Paul Toomey, the president of vendor Geographic Solutions, said in a statement on Wednesday, “We recently identified anomalous activity on our network, and immediately took [Tennessee’s] Jobs4TN system offline to halt the activity. With the help of third-party specialists, we are conducting a full investigation to determine the cause and scope of the incident,” He added, “Our current focus is working around the clock to bring Jobs4TN back online. We anticipate that this will occur prior to the July 4th holiday.”

 

The effect of the cyberattack on Unemployment Benefits

 

To what extent the attack has affected is not clear yet. Geographic Solutions who have clients in more than 35 states and territories is down now. Statescoop reported, “California’s Employment Development Department said in a release Wednesday that “dozens of states” are included in the outages. The overall scope of the attack is not immediately clear. Geographic Solutions did not immediately return a call for comment. Louisiana’s workforce commission posted on social media that its HiRE employment website is down and that the outages could affect up to 40 states.”

According to Engadget, “The situation could have a significant effect on those who depend on unemployment benefits and are having problems accessing them. Around 12,000 people rely on such benefits in Tennessee, but the AP reports that they are not receiving payments.”

What makes the ‘custom malware’ a matter of serious concern for the US?

Posted on by Admin

In a piece of recent news, the US is still on high alert for more cyberattacks against critical infrastructure. According to various sources and media outlets, the Cybersecurity and Infrastructure Security Agency, Energy Department, FBI and NSA have issued a warning that hackers have developed custom malware to hijack industrial control systems.

Custom Malware for Industrial Control

Nicknamed Incontroller by Mandiant researchers, the “very likely” state-backed code breaches controllers from Omron and Schneider Electric that are frequently used for industrial automation. Neither the government nor Mandiant attributed Incontroller to a particular country or hacking group.

However, Mandiant said the malware’s capabilities were “consistent” with Russia’s past efforts and its “historical interest” in compromising industrial control systems. The software is complex enough to have required ample expertise to develop, researchers said, and it’s not very useful for “financially motivated” hacks. One component, Tagrun, is a “reconnaissance” tool that provides a detailed look at control processes and production systems.

Aftermath of Custom Malware

The alert’s timing is difficult to ignore. It comes as Ukraine grapples with Russia’s invasion, and recently foiled a cyberattack against an energy provider that was allegedly the work of Russian military operatives. The US Justice Department also indicted Russian government staff over years of energy sector attacks. The response also follows a year after a string of attacks against American infrastructure companies like Colonial Pipeline and JBS, although those were ransomware incidents more likely perpetrated by criminal groups.

Regardless of who’s responsible, there’s no direct protection against Incontroller at the moment. In their warning, US officials recommended common security measures such as multi-factor authentication and frequent password changes to minimize the chances of an intrusion. While it wouldn’t be surprising to see companies deliver security fixes in the near future, there’s still a practical risk that intruders could disrupt power grids, manufacturers and others that depend on the affected equipment.

 

Also Read: What is the ‘North Korean Hacking’ fiasco in the cryptocurrency fiasco?

Lapsus$ Hacked Microsoft and Stole Nearly 37GB of Data

Posted on by Admin

In a piece of recent news, the hacking group Lapsus$ hacked Microsoft recently. Lapsus$ is known for claiming to have hacked Nvidia, Samsung, and more, this week claimed it has even hacked Microsoft. The group posted a file that it claimed contains partial source code for Bing and Cortana in an archive holding nearly 37GB of data.

 

Lapsus$ Hacked Microsoft

 

The massive hacking organization Lapsus$ hacked Microsoft. After investigating, Microsoft confirmed the group that it calls DEV-0537 compromised a single account and stole parts of source code for some of its products. A blog post on its security site says Microsoft investigators have been tracking the Lapsus$ group for weeks, and details some of the methods they’ve used to compromise victims’ systems.

According to the Microsoft Threat Intelligence Center (MSTIC), “the objective of DEV-0537 actors is to gain elevated access through stolen credentials that enable data theft and destructive attacks against a targeted organization, often resulting in extortion. Tactics and objectives indicate this is a cybercriminal actor motivated by theft and destruction.” Microsoft maintains that the leaked code is not severe enough to cause an elevation of risk, and that its response teams shut down the hackers mid-operation.

 

Secrecy of Code

 

Lapsus$ has been on a tear recently if its claims are to be believed. The group says it’s had access to data from Okta, Samsung, and Ubisoft, as well as Nvidia and now Microsoft. While companies like Samsung and Nvidia have admitted their data was stolen, Okta pushed back against the group’s claims that it has access to its authentication service, claiming that “The Okta service has not been breached and remains fully operational.”

Microsoft does not rely on the secrecy of code as a security measure and viewing source code does not lead to elevation of risk. The tactics DEV-0537 used in this intrusion reflect the tactics and techniques discussed in this blog. This isn’t the first time Microsoft’s claimed it assumes attackers will access its source code — it said the same thing after the Solarwinds attack.

In its blog post, Microsoft outlines a number of steps other organizations can take to improve their security, including requiring multifactor authentication, not using “weak” multifactor authentication methods like text messages or secondary email, educating team members about the potential for social engineering attacks, and creating processes for potential responses to Lapsus$ attacks. Microsoft also says that it’ll keep tracking Lapsus$, keeping an eye on any attacks it carries out on Microsoft customers.

 

Also Read: Nvidia hackers target Samsung, release 190GB of sensitive data

Why did Meta issue a prohibit call on its platform for assassination of high-ranking world leaders?

Posted on by Admin

Recently, Meta introduced a new rule where it prohibit call for assassination of high-ranking global leaders. Meta (previously known as Facebook), the parent company of Facebook and Instagram, issued a reminder recently that it prohibits calls on its platforms for the assassination of high-ranking world leaders, following intense scrutiny of the company’s decision last week to relax hate speech policies in Ukraine.

 

Prohibit Call

 

Meta’s latest action on the prohibit calls reflects its seriousness regarding violation of policies. The prohibit calls are vital, according to Meta’s statement. In an internal post to employees, Meta President of Global Affairs Nick Clegg said “we do not permit calls to assassinate a head of state.” Russia opens a criminal case against Meta following temporary hate speech policy change. The internal post, which was reported by Bloomberg and Reuters and confirmed to CNN Business by a Meta spokesperson, does not mention Russian President Vladimir Putin by name. The spokesperson affirmed that the restrictions on calls for assassination apply globally.

Meta’s earlier decision allows Ukrainian users to post otherwise prohibited calls for violent self-defense or condemnation of Russia’s invasion and effectively created more leeway for users in the country to express support for violence on Meta’s platforms. (On Sunday, Mykhailo Fedorov, Ukraine’s Minister of Digital Transformation thanked Meta and said the decision “respect[ed] our right to counter the aggression” from Russia.)

But Meta was forced to clarify its stance after Russia accused it of facilitating “illegal calls for murder and violence” against Russian citizens and opened a criminal case against the company. Russia has separately moved to block Facebook and Instagram in the country as part of a crackdown on information about the war in Ukraine, though a growing number of Russian internet users appear determined to circumvent the ban.

 

Ukraine-Specific Policy

 

The Ukraine-specific policy on hate speech, which is temporary, is “focused on protecting people’s rights to speech as an expression of self-defense in reaction to a military invasion of their country,” Clegg said in a public statement Friday. The statement added that Meta has no quarrel with the Russian people and that “there is no change at all in our policies on hate speech as far as the Russian people are concerned.” Clegg’s internal post on Sunday doubled down on that position.

We are now narrowing the focus to make it explicitly clear in the guidance that it is never to be interpreted as condoning violence against Russians in general,” Clegg wrote, adding that the hate-speech carveout for Ukraine applies only to speech “regarding the Russian military invasion.”

 

Also Read: How can Personal Boundary by Meta enable Digital Privacy Protection?

Nvidia hackers target Samsung, release 190GB of sensitive data

Posted on by Admin

Rising instances of cybersecurity and cyberhacking are affecting the functioning of major tech companies throughout the world. Recently, the concerns for cyber attacking are increasing despite tight and tough security measures. In a piece of recent news, what seems like Samsung might have been a victim of a suspected cyberattack by the group responsible for Nvidia hackers.

 

Sensitive data hacked by Nvidia Hackers

 

According to latest reports, some of Samsung’s confidential data has reportedly leaked due to a suspected cyberattack. A few days ago, South American hacking group Lapsus$ uploaded a trove of data it claims came from the smartphone manufacturer. Bleeping Computer was among the first publications to report on the incident. It is unclear what the timeline of the Samsung breach is, and what sort of contact the hackers have had with the company. There have been no public demands like Lapsus$’s call for open-source drivers and an end to the crypto mining limiter, LHR, from Nvidia.

 

Bootloader Source Code

 

Among other information, the collective says it obtained the bootloader source code for all of Samsung’s recent devices, in addition to code related to highly sensitive features like biometric authentication and on-device encryption.

The leak also allegedly includes confidential data from Qualcomm. The entire database contains approximately 190GB of data and is actively being shared in a torrent. If the contents of the leak are accurate, they could cause significant damage to Samsung. According to The Korean Herald, the company is assessing the situation.

 

NVIDIA Data Breach

 

If Lapsus$ sounds familiar, it’s the same group that claimed responsibility for the recent NVIDIA data breach. In that incident, Lapsus$ says it obtained approximately 1TB of confidential data from the GPU designer, including, the group claims, schematics and driver source code.
The collective has demanded that NVIDIA open source its drivers and remove the cryptocurrency mining limiter from its RTX 30-series GPUs. It’s unclear what, if any demands, Lapsus$ has made of Samsung. The group has previously said its actions haven’t been politically motivated.

 

Also Read: Meta Introduces ‘Personal Boundary’ for User Safety in the Metaverse

Global Chief Insights is a world’s most trusted print and digital magazine for industry leaders and professionals to share their experiences, ideas.
Facebook Twitter Linkedin

QUICK LINKS

CONTACT US

Address : 411 W 1st St, Suite 261, Sanford, FL 32771, United States
Phone : +1302-261-5313
Email: [email protected]

LATEST ISSUES

@2024 Global Chief Insights LLC. | All Rights Reserved
Privacy Policy
General Disclaimer
Terms and Conditions