How to confirm cyberattack through investigation.
NVIDIA, the computer behemoth famed for its high-end GPUs, has reportedly been hacked. The company partially verified the occurrence when it admitted to looking into the situation after media reports surfaced.
NVIDIA Potentially Suffered A Cyberattack
‘We are investigating an incident… We are still working to evaluate the nature and scope of the event and don’t have any additional information to share at this time.
‘Our business and commercial activities continue uninterrupted.
But this mere phrase doesn’t coincide with users’ observations and the reports from the underground world. According to Bleeping Computer, an insider has confirmed that the incident “completely compromised” the tech giant’s internal systems. Moreover, a criminal group has claimed on the dark web to have targeted NVIDIA. Specifically, the LAPSUS$ ransomware group has admitted to attacking the NVIDIA network and stealing data. They seemingly stole 1TB of “confidential” data from the firm’s systems. The attackers even leaked NVIDIA employees’ password hashes to back this claim.
Zyxel Warns Firewall Users of Authentication Bypass Vulnerability.
Zyxel Firewall Vulnerabilities;
Zyxel detailed on how an authentication bypass vulnerability endangered the security of its Firewall devices in an alert, which was shared with the public.
Tracked as CVE-2022–0342, the vulnerability existed due to poor access control mechanism in the CGI program. As described, “An authentication bypass vulnerability caused by the lack of a proper access control mechanism has been found in the CGI program of some firewall versions. The flaw could allow an attacker to bypass the authentication and obtain administrative access of the device. This vulnerability first caught the attention of external researchers who then reported the matter to Zyxel. The tech firm has acknowledged Alessandro Sgreccia from Tecnical Service Srl, and Roberto Garcia H and Victor Garcia R from Innotec Security, for discovering this bug. Following the reports, Zyxel officials started working on a fix which they subsequently released with the following software updates. As mentioned, the affected products and their firmware versions include,
USG/ZyWALL (firmware version ZLD V4.20 through ZLD V4.70) USG FLEX (firmware version ZLD V4.50 through ZLD V5.20) ATP (firmware version ZLD V4.32 through ZLD V5.20) VPN (firmware version ZLD V4.30 through ZLD V5.20) NSG (firmware version V1.20 through V1.33 Patch 4)
Consequently, the firm released the following firmware updates with the patch. USG/ZyWALL (ZLD V4.71) USG FLEX (ZLD V5.21 Patch 1) ATP (ZLD V5.21 Patch 1) VPN (ZLD V5.21) Besides, for NSG users, the vendors have released a hotfix (V1.33p4_WK11) for now. The firm has pledged to roll out the Standard patch V1.33 Patch 5 in May 2022.
Since the vulnerability fixes have been released, all Zyxel customers using the affected devices should ensure receiving the updates. Let us know your thoughts in the comments.
Attribution link: https://latesthacksystem.com/2022/04/04/zyxel-warns-firewall-users-for-authentication-bypass-vulnerability/