Here are this week’s highlights in cybersecurity:
- New Linux Kernel bug (dubbed Dirty Pipe) allows a regular user to escalate privileges to root. More
- Google buys cybersecurity giant Mandiant for $5.4 billion to strengthen their cloud security. More.
- Nvidia was hacked. Attackers got employee passwords and some proprietary information which they leaked online (DLSS source code). Two expired code-signing certificates were also in the leak. Malware signed with these certificates was already spotted in the wild. Windows still trusts them, even if expired, but they can be blocked. Hackers also demanded Nvidia to remove a feature that limits the Ethereum mining performance on some GPUs. More
- Same hacker group breached Samsung and leaked 200 GB of source code. Samsung confirmed the leak concerns Galaxy devices. More
- The hacker group is preparing for more leaks. Candidates seem to be MercadoLibre (breach confirmed here), Impresa (confirmed) and Vodafone (confirmed).
- Researchers from Amsterdam discovered a new variant of the Spectre attack that bypasses existing mitigations. Intel confirmed. ARM also confirmed. A video demonstrating the exploit by extraction the root password from the /etc/shadow file is available here. More
- APT41 compromised six US State government networks by exploiting vulnerable Internet facing web applications. In the process, they used a zero-day vulnerability in the USAHerds application (CVE-2021-44207) and the infamous Log4j vulnerability (CVE-2021-44228). More
- Security researchers found a way to make the Amazon Echo hack itself using self-issuing voice commands. More
Don’t have time to check this page? You can get the news summary every week in your email inbox by subscribing to my newsletter.