Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

NVIDIA Developer Forums Hacked

Computer graphics technology firm NVIDIA, a company that holds more the 5,000 patent and credited with inventing the GPU, on Thursday said it had shut down its “NVIDIA Developer Zone,” after the online community for developers had been hacked.

Computer graphics technology firm NVIDIA, a company that holds more the 5,000 patent and credited with inventing the GPU, on Thursday said it had shut down its “NVIDIA Developer Zone,” after the online community for developers had been hacked.

NVIDIA Hacked“We did this in response to attacks on the site by unauthorized third parties who may have gained access to hashed passwords,” a post explained commenting on the shut down. “We are investigating this matter and working around the clock to ensure that secure operations can be restored.”

NVIDIA did not say how many accounts may have been exposed as result of the breach.

The company reminded that it would never request any sensitive via by email, and that nobody should provide personal, financial or sensitive information (including new passwords) in response to any email purporting to be sent by an NVIDIA employee or representative.

This attack follows a string of attacks that occurred this week, including approximately 1M user accounts at Phandroid, an online community for Android users and developers, a breach at Yahoo! that led to the loss of 450,000 records, and attack on Formspring resulting in 420,000 hashed passwords being exposed. In other news, Best Buy reported an uptick in hacking attempts on their users’ accounts, and a vulnerability in web hosting control panel software Plesk that resulted in it being linked to a run of 50,000 websites being compromised.

“It is often the case that obvious database vulnerabilities– such as weak passwords and default configuration settings– are initially overlooked and never fully remediated,” said Slavik Markovich, CTO of Database Security at McAfee. 

“Because users often use the same password across different accounts, cyber criminals might be able to access other sites, company networks, and banking accounts if they can successfully map the compromised email address to the individual that owns it, ”said Chris Petersen, chief technology officer and founder of SIEM vendor LogRhthm.

“An organization’s sensitive information can never be adequately secured if it lacks dedicated tools and processes to gain complete visibility into their databases’ security weaknesses and eliminate the opportunity for the bad guys to exploit them,” added Markovich.

Related Insight: The Most Prevalent Attack Techniques Used By Hackers

Written By

For more than 10 years, Mike Lennon has been closely monitoring the threat landscape and analyzing trends in the National Security and enterprise cybersecurity space. In his role at SecurityWeek, he oversees the editorial direction of the publication and is the Director of several leading security industry conferences around the world.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Expert Insights

Related Content

Cybercrime

Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.

Cybercrime

The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.

Cybercrime

The FBI dismantled the network of the prolific Hive ransomware gang and seized infrastructure in Los Angeles that was used for the operation.

Cybercrime

A new study by McAfee and the Center for Strategic and International Studies (CSIS) named a staggering figure as the true annual cost of...

Cybercrime

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Application Security

PayPal is alerting roughly 35,000 individuals that their accounts have been targeted in a credential stuffing campaign.

Cybercrime

CISA, NSA, and MS-ISAC issued an alert on the malicious use of RMM software to steal money from bank accounts.

Cybercrime

The degree of danger that may be introduced when adversaries start to use AI as an effective weapon of attack rather than a tool...