Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label GPU. Show all posts

NVIDIA's Dominance in Shaping the Digital World

 


NVIDIA, a global technology powerhouse, is making waves in the tech industry, holding about 80% of the accelerator market in AI data centres operated by major players like AWS, Google Cloud, and Microsoft Azure. Recently hitting a monumental $2 trillion market value, NVIDIA's stock market soared by $277 billion in a single day – a historic moment on Wall Street.

In a remarkable financial stride, NVIDIA reported a staggering $22.1 billion in revenue, showcasing a 22% sequential growth and an astounding 265% year-on-year increase. Colette Kress, NVIDIA's CFO, emphasised that we are at the brink of a new computing era.

Jensen Huang, NVIDIA's CEO, highlighted the integral role their GPUs play in our daily interactions with AI. From ChatGPT to video editing platforms like Runway, NVIDIA is the driving force behind these advancements, positioning itself as a leader in the ongoing industrial revolution.

The company's influence extends to generative AI startups like Anthropic and Inflection, relying on NVIDIA GPUs, specifically RTX 5000 and H100s, to power their services. Notably, Meta's Mark Zuckerberg disclosed plans to acquire 350K NVIDIA H100s, emphasising NVIDIA's pivotal role in training advanced AI models.

NVIDIA is not only a tech giant but also a patron of innovation, investing in over 30 AI startups, including Adept, AI21, and Character.ai. The company is actively engaged in healthcare and drug discovery, with investments in Recursion Pharmaceuticals and its BioNeMo AI model for drug discovery.

India has become a focal point for NVIDIA, with promises of tens of thousands of GPUs and strategic partnerships with Reliance and Tata. The company is not just providing hardware; it's actively involved in upskilling India's talent pool, collaborating with Infosys and TCS to train thousands in generative AI.

Despite facing GPU demand challenges last year, NVIDIA has significantly improved its supply chain. Huang revealed plans for a new GPU range, Blackwell, promising enhanced AI compute performance, potentially reducing the need for multiple GPUs. Additionally, the company aims to build the next generation of AI factories, refining raw data into valuable intelligence.

Looking ahead, Huang envisions sovereign AI infrastructure worldwide, making AI-generation factories commonplace across industries and regions. The upcoming GTC conference in March 2024 is set to unveil NVIDIA's latest innovations, attracting over 300,000 attendees eager to learn about the next generation of AI.

To look at the bigger picture, NVIDIA's impact extends far beyond its impressive financial achievements. From powering AI startups to influencing global tech strategies, the company is at the forefront of shaping the future of technology. As it continues to innovate, NVIDIA remains a key player in advancing AI capabilities and fostering a new era of computing.


Cybercriminals Use Google Ads to Deploy Malware

 

Hackers are utilizing the Google Ads service more consistently than ever before to transmit malware. As soon as the victims click the download link on the threat actors' fake versions of the official websites, trojanized software is distributed. 

Grammarly, MSI Afterburner, Slack, Dashlane, Malwarebytes, Audacity, Torrent, OBS, Ring, AnyDesk, Libre Office, Teamviewer, Thunderbird, and Brave are some of the companies impersonated in these operations.

Raccoon Stealer, a modified variant of Vidar Stealer, and the IcedID loader are two examples of malware propagating to victims' systems. As a result, anyone looking for reliable software on a site with no active ad blocker will see commercials first and be more inclined to click on them because they closely resemble the search result.

Threat actors use a method in that phase to get beyond Google's automatic checks. If Google determines that the launch site is malicious, the operation is blocked and the advertisements are withdrawn. The trick, according to Guardio and Trend Micro, is to send users who click on the advertisement to a malicious site imitating the software project from a relevant but innocuous site made by the threat actor.

Vermux, a threat group, was discovered employing a significant number of masquerAds websites and domains, mainly operating out of Russia, to target GPUs and cryptocurrency wallets owned by Americans.

According to the researchers, in October they came across a malvertising operation where hackers, identified as DEV-0569, utilized Google Ads to send consumers to a malicious file download page. Microsoft claimed that it informed Google about the traffic distribution network abuse.

As per Microsoft, the techniques enable the group to reach more people and increase the number of victims. From August through October, Microsoft observed the threat actor distributing the BATLOADER malware using phishing emails that seemed to be genuine installers for various programs, including TeamViewer, Adobe Flash Player, Zoom, and AnyDesk. 

Use the necessary safety protocols such as an ad-blocker on your browser to block these campaigns by prohibiting Google Search sponsored results from appearing. Users should scroll down until they find the desired software project's official domain. Furthermore, a suspicious installer's unusually large file size is a red flag.  

Patches for Firefox Updates in an Emergency Two Zero-Day Vulnerabilities 

 

Mozilla released an emergency security upgrade for Firefox over the weekend to address two zero-day flaws which have been exploited in attacks. The two security holes, identified as CVE-2022-26485 and CVE-2022-26486 graded "critical severity," are use-after-free issues detected and reported by security researchers using Qihoo 360 ATA. 

WebGPU is a web API that uses a machine's graphics processing unit to support multimedia on web pages (GPU). It is used for a variety of tasks, including gaming, video conferencing, and 3D modeling. 

Both zero-day flaws are "use-after-free" problems, in which a program attempts to use memory that has already been cleared. When threat actors take advantage of this type of flaw, it can cause the program to crash while also allowing commands to be executed without permission on the device.

According to Mozilla, "an unanticipated event in the WebGPU IPC infrastructure could escalate to a use-after-free and vulnerable sandbox escape." 

Mozilla has patched the following zero-day vulnerabilities: 

  • Use-after-free in XSLT parameter processing - CVE-2022-26485 During processing, removing an XSLT argument could have resulted in an exploitable use-after-free. There have been reports of cyberattacks in the wild taking advantage of this weakness. 
  • Use-after-free in the WebGPU IPC Framework - CVE-2022-26486 A use-after-free and exploit sandbox escape could be enabled by an unexpected event in the WebGPU IPC framework. There have been reports of attacks in the wild that take advantage of this weakness. 
Since these issues are of extreme concern and are being actively exploited, it is strongly advised to all Firefox users that they upgrade their browsers right away. By heading to the Firefox menu > Help > About Firefox, users can manually check for new updates. Firefox will then look for and install the most recent update, prompting you to restart your browser.

Hackers are Selling Tool to Hide Malware in GPUs

 

Cybercriminals are moving towards malware attacks that can execute code from a hacked system's graphics processing unit (GPU). Although the approach is not new, and demo code has been published in the past, most of the projects to date have come from academics or were unfinished and unpolished. 

Recently in August, the proof-of-concept (PoC) was sold on a hacker forum, perhaps signaling hackers' shift to a new level of complexity in their attacks. 

Code Tested on Intel, AMD, and Nvidia GPUs

In a brief post on a hacking forum, someone offered to sell the proof-of-concept (PoC) for a strategy that keeps harmful code protected from security solutions scanning the system RAM. The seller gave a brief description of their technique, claiming that it stores malicious code in the GPU memory buffer and then executes it from there. 

As per the advertiser, the project only works on Windows PCs that support OpenCL 2.0 and above for executing code on various processors, including GPUs. It also stated that he tested the code on Intel (UHD 620/630), Radeon (RX 5700), and GeForce (GTX 740M(? ), GTX 1650) graphics cards. 

However, there are fewer details regarding this new hack, but the post went live on August 8 and was apparently sold for an unknown amount on August 25.

Another hacker forum user mentioned that GPU-based malware had been done before, citing JellyFish, a six-year proof-of-concept for a Linux-based GPU rootkit. 

The vendor dismissed the links to the JellyFish malware, stating that their approach is unique and does not rely on code mapping to userspace. There is no information regarding the transaction, such as who purchased it or how much they paid. Only the seller's article claims to have sold the malware to an unidentified third party. 

Academic Study

Researchers at the VX-Underground threat repository stated in a tweet on Sunday that the malicious code allows binary execution by the GPU in its memory region. They also noted that the technique will be demonstrated soon. 

PoCs for a GPU-based keylogger and a GPU-based remote access trojan for Windows were also disclosed by the same researchers that created the JellyFish rootkit. All three projects were released in May 2015 and are open to the public. 

While the mention of the JellyFish project implies that GPU-based malware is a new idea, the foundation for this attack approach was developed around eight years ago. 

Researchers from the Institute of Computer Science - Foundation for Research and Technology (FORTH) in Greece and Columbia University in New York demonstrated in 2013 that GPUs can execute a keylogger and save recorded keystrokes in their memory space [PDF document here]. 

The researchers previously evidenced that malware authors may use the GPU's processing capabilities to pack code with extremely sophisticated encryption methods considerably faster than the CPU.

The Streamer for Gamer Nvidia Shield Tv Detected with Security Bugs

 

Computer gaming giant that goes by the motto of “level up experience more”, Nvidia detected bugs in its Shield TV. This gaming company is an American multinational technology company headquartered in California, USA. Nvidia is an artificial intelligence computing giant. The foremost work of Nvidia is to design graphics processing unit (GPU) for the gaming world and the professional market. They also develop the system on a chip unit for the mobile computing and automotive market.

In recent times, Nvidia acknowledged three security bugs in the Nvidia Shield TV which could have proved to be harmful and may permit services denial with rights escalation and data loss of the user. Nvidia Shield TV has been developed for gamers to play smart house, PC games from the PC console to television, and stream on and off the local and online internet servers. Better said, it’s a “set-top gadget” used for gaming. Subsequently, for the video-friendly graphics processing unit (GPU) monitor device, Nvidia solely published a security alert for a security bug cluster detected. 

Nvidia Shield TV interface, the NVDEC part of the hardware-dependent decoder encompasses a high– severity by CVE- 2021- 1068. Such bugs arise in the hardware when the actors can write or read from a memory location that is outside the scope of the intended boundary of the buffer. This issue later may lead to a service denial or the escalation of privileges. It has a fair rating of 7.8 CVSS.

The remaining two bugs do not hold high- severity. The flaw CVE- 2021- 1069 was detected in the NV host feature and could easily cause the data to be lost due to the null point reference. Whereas another bug CVE- 2021- 1067 endures in the application of the RPMB command status. In the RPMB command, the actors can write to the Write Protect Configuration Block, which also may lead to a service denial or the escalation of privileges. By using the upgrade note that appears on the notification screen, or via the Settings>About>System update, users can download and install the software update to secure a system. It will prevent them from any further loss of data by the detected bugs.