As further aspects of day by day life go digital, it is extra paramount now than ever to be proactive about on-line safety. As 2022 proved, nevertheless, staying protected is not only a fashionable concern as vulnerabilities have been round for years – many years, even – and may crop up in essentially the most surprising locations and methods.
Safety researchers showcase the RTX 4090’s password cracking energy
The brand new GPU considerably reduces the time required to acquire or recuperate consumer passwords
Safety researcher and password cracker Sam Croley posted benchmarks highlighting the RTX 4090’s password-cracking muscle. Nvidia’s latest flagship GPU shattered the RTX 3090’s earlier benchmark data and doubled efficiency throughout nearly each algorithm examined. The cracked passwords adhered to safety greatest practices and included random letter circumstances, symbols, and numbers.
For years, some Gigabyte and Asus motherboards carried UEFI malware
The CosmicStrand rootkit is the most recent indication that UEFI malware could also be extra frequent than beforehand thought
Safety agency ESET found the primary UEFI rootkit that had been used within the wild again in 2018. This kind of persistent menace was once the topic of theoretical discussions amongst safety researchers, however over the previous years, it is grow to be clear that it is much more frequent than beforehand thought, regardless of being comparatively laborious to develop.
Janet Jackson tune from 1989 declared a cybersecurity vulnerability for crashing laborious drives
Rhythm Nation does not ship out good vibrations
Individuals of the world right now, are we on the lookout for a greater lifestyle?” sang Janet Jackson on her 1989 hit Rhythm Nation, not understanding that the higher lifestyle she was speaking about did not embrace sure laborious drives. It is simply been revealed that the tune has the facility to crash specific fashions of laptops, and it has now been acknowledged as a cybersecurity vulnerability.
GameStop “wiretapped” clients with out consent, claims lawsuit
It offered secret transcripts to a advertising and marketing agency to construct profiles utilizing private info
If it wasn’t silly sufficient that GameStop dove headfirst into the NFT and crypto market proper earlier than the bubble burst, grasp on for a second — the corporate desires you to carry its beer. It’s now being sued for recording customer support chats with out consent and promoting transcripts to a advertising and marketing agency.
QNAP points ransomware warning to customers: safe your gadgets or disconnect unprotected NAS
Ransomware and brute drive assaults from unidentified sources are actively concentrating on community gadgets
QNAP issued a safety assertion urging their NAS customers to take speedy motion and safe their information towards ongoing ransomware and brute drive assaults. Whereas the accountable events haven’t been recognized, the widespread assaults seem to focus on any susceptible community gadgets. The corporate has offered safety setting directions and mitigation actions that any QNAP NAS customers ought to implement instantly.
Nvidia allegedly hacked its hackers, stole its information again
Hacking group Lapsus$ claims to nonetheless have a duplicate of the information
A number of on-line safety teams are reporting that the South American hacker group Lapsus$ is claiming to have been behind the latest cyberattack on Nvidia. It is also claiming that Nvidia hacked them in return, encrypted the stolen information, and ransomed again their machines. For now, that is simply rumour, however makes for an excellent turning-the-tables story.
A number of safety flaws emerge in Australian digital driver’s licenses
Probably much less safe than bodily ID playing cards
The federal government of New South Wales in Australia launched digital driver’s licenses in late 2019, claiming they had been more durable to forge than bodily identification. A safety firm just lately outlined a number of the reason why this is not the case.
Nvidia hackers leak 190GB of delicate information from Samsung
The leaks contains Samsung’s encryption information and supply code
Lapsus$, a hacking group that leaked confidential info from Nvidia simply final week, has reportedly moved to a brand new goal: Samsung. The hackers have claimed an assault that leaked 190GB of confidential info from the South Korean know-how large, together with encryption information and supply code for Samsung’s most up-to-date gadgets.
Teen hacker good points distant management of over 20 Teslas
Full management over automotive doorways, safety system, and extra
This week, a youngster reported that he has gained distant entry to round two dozen Tesla vehicles in a number of nations and is making an attempt to contact their homeowners. The listing of issues he can do to the affected automobiles is lengthy and harmful.
Supply code for Alder Lake BIOS was posted to GitHub
It might’ve uncovered some safety vulnerabilities
Obvious supply code for Alder Lake BIOS has been shared on-line. It appears to have been leaked in its entirety at 5.9 GB uncompressed, probably by somebody working at a motherboard vendor, or by chance by a Lenovo manufacturing accomplice.
