Exploit: Ransomware
Samsung: Electronics Maker
Risk to Business: 1.664 = Severe
The Lapsus$ hacking group just published a 190-gigabyte trove of confidential data including source code that it claims to have seized from Samsung Electronics in a ransomware attack. Reports say that the stolen code contains the source for every Trusted Applet in Samsung’s TrustZone environment, which handles sensitive tasks such as hardware cryptography and access control. It may also include biometric unlock operation algorithms, the bootloader source for recent devices, activation server source code and the full source code used to authenticate and authorize Samsung accounts. Samsung says that they’re investigating the incident.
No information about consumer/employee PII, PHI or financial data exposure was available at press time.
How it Could Affect Your Customers’ Business Proprietary data is just as much of a win for cybercriminals as credit card or personal data, and worth a chunk of change for the right buyer.
Source: apple insider