1. KADOKAWA warns against the illegal dissemination of leaked information; 2. The company is working to minimize secondary damage and protect privacy; 3. Legal action will be taken against those who maliciously spread the information.
Recent #Cyber Security news in the semiconductor industry
➀ Intel highlights its own security efforts, reporting a high percentage of vulnerabilities discovered internally;
➁ Intel criticizes AMD and Nvidia for higher numbers of firmware vulnerabilities and security issues;
➂ AMD has 78 unaddressed vulnerabilities, while Nvidia's GPU vulnerabilities are all high severity.
➀ StormBamboo compromised an ISP using insecure HTTP protocols to install malware and malicious Chrome extensions; ➁ The attack highlights the dangers of non-encrypted network communications in key infrastructure; ➂ The breach demonstrates the risk of unsecured automated processes in software updates.
➀ Hackers are set to release open-source plans for a $500 laser-based hacking tool, the RayV Lite, which uses 3D printing and a Raspberry Pi. ➁ This tool exploits vulnerabilities in chips caused by laser-induced glitches, potentially bypassing hardware security protocols. ➂ The release aims to raise awareness and prompt hardware manufacturers to enhance security against such attacks.
❶ Germany has summoned the Chinese ambassador to protest a cyberattack by state-controlled Chinese cyber actors on the Federal Agency for Cartography and Geodesy (BKG) in 2021. ❷ The BKG, responsible for mapping and geodata in Germany, is crucial for state security and critical infrastructure providers. ❸ The German government has passed a draft law requiring large organizations in crucial industries to implement the European NIS 2 Directive, highlighting the vulnerability of the system.
❶ Researchers in Uruguay have developed an AI model that can reconstruct digital signals from leaked electromagnetic radiation from HDMI cables, enabling long-range screen snooping. ❷ The AI model can misinterpret approximately 30% of characters, but the error rate is low enough for humans to read most text accurately. ❸ The researchers believe such attacks are more likely to occur in highly sensitive industrial or government settings rather than typical home or small business environments.
❶ A secret network of 3,000 'ghost' accounts on GitHub has been discovered spreading malware and phishing links. ❷ The operation, named Stargazer Goblin, has been active since June 2023, using GitHub's community tools to boost malicious code visibility. ❸ The network sells services like repository stars and trusted accounts, potentially earning up to $100,000 since August 2022.