Samsung confirmed that "certain internal company data" including source codes of Galaxy phones, Knox were accessible to unauthorized users after...

Continue reading
Samsung Electronics officially announced threat actors have managed to steal source codes of unreleased Galaxy series smartphones along with other confidential information following the confirmation of its network intrusion.
Samsung Electronics has been receiving several outreaches from reporters across North America & South Korea throughout the weekend to get their reaction about the data breach claimed to have leaked out by Lapsus$ group, but they didn't utter a word in the same regard until now.

Almost 190GB of archived documents were leaked out last week after the infamous cyber extortion group made it publicly available, along with a description of leaked contents claimed to belong to Samsung Electronics.
Last Monday, concerned representatives at Samsung Electronics opened up to Bloomberg confirming that _" certain internal company data"_ were accessible to an unauthorized party following infiltration into their network.
`According to our initial analysis, the breach involves some source code relating to the operation of Galaxy devices but does not include the personal information of our consumers or employees` - Samsung
Additionally, Samsung representatives didn't confirm the claims of any ransom demands received regarding this ransomware attack before the data leak, like the Nvidia leak.
On the flip side, Lapsus$ is still engaged in negotiating with the buyer resulting in the delay of leaking the rest of the stolen details.
Samsung had its cache leaked, appears to be much larger & allegedly includes details about its Trusted Applet in the TrustZone environment of Samsung for sensitive tasks such as hardware cryptography, binary encryption, and access control.
Lapsus$ moreover claimed to have access to source code for Knox, Samsung’s proprietary security and management framework present on most of its devices in the same dump.

148 malicious npm packages masquerading as student proxy and school Wi-Fi bypass tools. Rather than compromising developers during installation