GPU pixel-stealing, info-stealing on GitHub, Sony hackers hit NTT Docomo
GPUs vulnerable to pixel-stealing attacks
Don’t worry GPUs, you don’t have to feel left out of side channel attacks anymore. A new paper from researchers at the University of Texas at Austin revealed a cross-origin attack impacting GPUs from all major suppliers. A proof-of-concept attack called GPU.zip revealed that data compression used to improve performance can act as a side channel, allowing an attacker to place an iframe on a malicious page and then read pixels displayed on another with up to 97% accuracy. The GPUs applied this compression without any application involvement. Because compression varies between manufacturers, the researchers reverse engineered each one. The attack remains mostly theoretical, but shows a theoretical basis for using GPUs as a side channel.?
Info-stealing commits hit GitHub
A new report from Checkmarx documented a campaign to insert malicious code into breach GitHub accounts. These commits would disguise as GitHub’s Dependabot contributions, ultimately attempting to steal passwords and other authentication secrets. The attackers gained access to the accounts through stolen personal access tokens, which can log into GitHub without two-factor authentication. Most attacks targeted users from Indonesia, but no word what group orchestrated the campaign.
Alleged Sony hackers hit NTT Docomo
It’s been an allegedly busy week for the ransomware group Ransomed.vc. The group claimed to steal 240 gigabytes of data from Sony earlier this week. Now an advisory from Resecurity disclosed the group is demanding a $1 million ransom from Japan’s largest telco, NTT Docomo. No confirmation from the telco on any data breach. Malewarebytes first spotted the group acting as a ransomware operating in August 2023, after previously serving as a dark web forum.?
The wide reach of the libwebp vulnerability?
Earlier this month, we shared a story about a vulnerability disclosed by Google researchers in the Chrome browser. This impacted the libwebp library, used to process WebP images. This allowed for a maliciously crafted WebP file to achieve arbitrary code execution. Google initially believed the vulnerability was specific to Chrome. However, separate CVEs for a libwebp vulnerability appeared from Apple and other companies using the library under active exploitation. Google subsequently assigned a new CVE to the vulnerability to reflect its wider reach.?
领英推荐
Thanks to our sponsor, AppOmni
VC firms look to develop “responsible AI” guidelines
Axios’ sources say a group of influential venture capital firms began working with the US Commerce Department on these guidelines for their portfolio companies. While many larger tech companies like Google, Microsoft, and Meta already made moves to self-regulate ahead of government action, this marks the first move to impact startups. These guidelines ask for commitments for transparency on decision-making with AI models, auditing and testing. It also commits to “establishing internal AI governance processes, mitigating risk, protecting privacy, and prioritizing security.”
(Axios)
Palo Alto Networks eyeing acquisitions
According to Calcalist’s sources, the security giant is in advanced talks to acquire Dig Security, an Israeli cloud data security startup, in a deal worth at least $300 million. This comes after sources also said Palo Alto will soon close on an acquisition of the Israeli endpoint security company Talon Cyber Security in deal that could be worth up to $700 million. So the company could close on a cool $1 billion worth of acquisitions very soon.?
DHS hosts Western Hemisphere Cyber Conference?
This marks the first summit from Homeland Security addressing the cybersecurity concerns in Latin America. The event came out of a visit by DHS Secretary Alejandro Mayorkas to Ecuador, seeing the country developing its cybersecurity protocols. It also comes after the Conti ransomware group performed high profile attacks against Costa Rica last year. The agenda calls for talks on protecting critical infrastructure in the region, addressing ransomware and how countries in the region can coordinate with US national cyber strategy.?
Europe hammered by financial services attacks
New data from Akamai claims attacks on European financial services increased 119% on the year in Q2. In terms of raw numbers, companies in that sector saw roughly 1 billion attacks against web apps and APIs. Insurance accounted for 55% of all web attacks. It also saw a 40% increas in DDoS events, with European financial services accounting for a majority of those events globally. Despite this rise, financial services was only the third-most targeted sector in the block in the year.?