South Korean consumer giant Samsung has reportedly suffered a major data breach with extortion group LAPSUS$ claiming to have access to 190GB of Samsung information. Ransomware is believed to be the attack method used by LAPSUS$ to target Samsung, which has confirmed a security breach of certain internal company data. The incident comes just a week after the same group released a 20GB document archive from 1TB of data stolen from graphics chip maker Nvidia.
Attackers claim to have 190GB of Samsung data
The ransomware group first teased the data haul on Friday, March 4, with a snapshot of C/C++ directives in Samsung software. A description of the leak was subsequently published that cited source code for every Trusted Applet installed in Samsung’s TrustZone environment used for encryption, access control, and hardware cryptography. LAPSUS$ posted three torrent files adding up to 190GB, supposedly containing the stolen data. Included in the torrent was a short description for the content available in each of the three archives, according to Bleeping Computer:
More Stories
FCC Fines Major U.S. Wireless Carriers for Selling Customer Location Data
The U.S. Federal Communications Commission (FCC) today levied fines totaling nearly $200 million against the four major carriers — including...
The Darkgate Menace: Leveraging Autohotkey & Attempt to Evade Smartscreen
Authored by Yashvi Shah, Lakshya Mathur and Preksha Saxena McAfee Labs has recently uncovered a novel infection chain associated with...
How to Delete Your Browser History
Until recently, people had little control over how companies used their online data. But, with data privacy now a human...
Study Reveals Alarming Levels of USPS Phishing Traffic
The top malicious domains attracted over 100,000 hits each, according to Akamai Security Read More
Judge0 Sandbox Vulnerabilities Expose Systems to Takeover Risk
Tanto Security uncovered three vulnerabilities which could allow attackers to execute sandbox escapes and gain root permissions on host machines...
Voter Registration System Taken Offline in Coffee County Cyber-Incident
Coffee County has discovered malicious cyber-activity on its IT systems, and it reportedly severed its connection to Georgia’s state voter...