March 8, 2022: Lapsus$ Breach of Nvidia and Microsoft Vulnerabilities Dominate News

Lead Story: Lapsus$ Breach of Nvidia

On March 8, 2022, the hacking group Lapsus$ accessed Nvidia's systems, stealing sensitive data and employee credentials. The group demanded that Nvidia remove an Ethereum mining limiter from their GPUs, threatening to release the stolen data, which included code-signing certificates. This breach raises significant concerns, as the certificates could be used to sign malware, despite their expiration. The incident highlights the increasing audacity of cybercriminals and their focus on high-profile targets in the tech sector. CISO Series

Microsoft Vulnerabilities

In March 2022, Microsoft patched 92 vulnerabilities, including three critical zero-days. Notably, the Remote Desktop Client vulnerability (CVE-2022-21990) received a CVSS score of 8.8, indicating a high impact potential. Organizations are urged to apply the patches promptly to mitigate risks associated with these vulnerabilities. HHS.gov

Sharkbot Banking Trojan Discovered

A new variant of the Sharkbot banking trojan was identified in the Google Play Store, disguised as an antivirus application. This malware is capable of autonomously executing banking transactions and employs advanced evasion techniques, posing a serious threat to users' financial data. Organizations and individuals need to remain vigilant against such deceptive applications. Arctic Wolf

CISA Adds Vulnerabilities to Catalog

The Cybersecurity and Infrastructure Security Agency (CISA) has added 22 vulnerabilities to its Known Exploited Vulnerabilities Catalog. This move highlights the critical need for organizations, especially in the healthcare sector, to prioritize timely patching to protect against exploitation. Failing to address these vulnerabilities could lead to significant risks for critical infrastructure. HHS.gov

Analyst Perspective

The events of March 8, 2022, underscore a troubling trend in cybersecurity, where high-profile organizations are targeted by sophisticated threat actors like Lapsus$. The significant number of vulnerabilities reported by Microsoft and CISA emphasizes the ongoing challenges faced by organizations in maintaining robust security postures. As cyber threats continue to evolve, the necessity for proactive measures, swift patch management, and user education becomes increasingly vital to safeguard against emerging and persistent vulnerabilities.