The hacker group that recently broke into systems belonging to graphics chip maker Nvidia has released two of the company’s old code-signing certificates. Researchers warn the drivers could be used to sign kernel-level malware and load it on systems that have driver signature verification.
The certificates were part of a large cache of files that hackers claim totals 1TB and includes source code and API documentation for GPU drivers. Nvidia confirmed it was the target of an intrusion and that the hackers took “employee passwords and some Nvidia proprietary information,” but did not confirm the size of the data breach.
What happened with the Nvidia data breach?
On February 24 an extortion group calling itself LAPSUS$ claimed publicly that it had administrative access to multiple Nvidia systems for around a week and managed to exfiltrate 1TB of data including hardware schematics, driver source code, firmware, documentation, private tools and SDKs, and “everything about Falcon” — a hardware security technology embedded in Nvidia GPUs that’s meant to prevent those GPUs from being misprogrammed.
More Stories
Court Rules Against NSO Group
The case is over: A jury has awarded WhatsApp $167 million in punitive damages in a case the company brought...
European Vulnerability Database Launches Amid US CVE Chaos
ENISA has officially launched the European Vulnerability Database as required by the NIS2 directive Read More
M&S Confirms Customer Data Stolen in Cyber-Attack
M&S Chief Executive, Stuart Machin, said that the firm has written to customers to inform them that some personal information...
UK Considers New Enterprise IoT Security Law
The UK government wants to hear feedback on a possible new standard or legislation to improve enterprise IoT security Read...
Hacktivist Attacks on India Overstated Amid APT36 Espionage Threat
Hacktivist claims on Indian infrastructure raised alarms, but investigations showed minimal damage Read More
Criminal Proxy Network Infects Thousands of IoT Devices
The criminal proxy network infected thousands of IoT and end-of-life devices, creating dangerous botnet Read More