The Russian-speaking threat actor behind a backdoor known as Tomiris is primarily focused on gathering intelligence in Central Asia, fresh findings from Kaspersky reveal.
"Tomiris's endgame consistently appears to be the regular theft of internal documents," security researchers Pierre Delcher and Ivan Kwiatkowski said in an analysis published today. "The threat actor targets government and

The Russian-speaking threat actor behind a backdoor known as Tomiris is primarily focused on gathering intelligence in Central Asia, fresh findings from Kaspersky reveal.

"Tomiris's endgame consistently appears to be the regular theft of internal documents," security researchers Pierre Delcher and Ivan Kwiatkowski said in an analysis published today. "The threat actor targets government and diplomatic entities in the CIS."

The Russian cybersecurity firm's latest assessment is based on three new attack campaigns mounted by the hacking crew between 2021 and 2023.

Tomiris first came to light in September 2021 when Kaspersky highlighted its potential connections to Nobelium (aka APT29, Cozy Bear, or Midnight Blizzard), the Russian nation-state group behind the SolarWinds supply chain attack.

Similarities have also been unearthed between the backdoor and another malware strain dubbed Kazuar, which is attributed to the Turla group (aka Krypton, Secret Blizzard, Venomous Bear, or Uroburos).

Spear-phishing attacks mounted by the group have leveraged a "polyglot toolset" comprising a variety of low-sophistication "burner" implants that are coded in different programming languages and repeatedly deployed against the same targets.

Besides using open source or commercially available offensive tools, the custom malware arsenal used by the group falls into one of the three categories: downloaders, backdoors, and information stealers -

*   **Telemiris** - A Python backdoor that uses Telegram as a command-and-control (C2) channel.
*   **Roopy** - A Pascal-based file stealer that's designed to hoover files of interest every 40-80 minutes and exfiltrate them to a remote server.
*   **JLORAT** - A file stealer written in Rust that gathers system information, runs commands issued by the C2 server, upload and download files, and capture screenshots.

Kaspersky's investigation of the attacks has further identified overlaps with a Turla cluster tracked by Google-owned Mandiant under the name UNC4210, uncovering that the QUIETCANARY (aka TunnusSched) implant had been deployed against a government target in the CIS by means of Telemiris.

"More precisely, on September 13, 2022, around 05:40 UTC, an operator attempted to deploy several known Tomiris implants via Telemiris: first a Python Meterpreter loader, then JLORAT and Roopy," the researchers explained.

UPCOMING WEBINAR

Zero Trust + Deception: Learn How to Outsmart Attackers!

Discover how Deception can detect advanced threats, stop lateral movement, and enhance your Zero Trust strategy. Join our insightful webinar!

Save My Seat!

"These efforts were thwarted by security products, which led the attacker to make repeated attempts, from various locations on the filesystem. All these attempts ended in failure. After a one-hour pause, the operator tried again at 07:19 UTC, this time using a TunnusSched/QUIETCANARY sample. The TunnusSched sample was blocked as well."

That said, despite the potential ties between the two groups, Tomiris is said to be separate from Turla owing to differences in their targeting and tradecrafts, once again raising the possibility of a false flag operation.

On the other hand, it's also highly probable that Turla and Tomiris collaborate on select operations or that both the actors rely on a common software provider, as exemplified by Russian military intelligence agencies' use of tools supplied by a Moscow-based IT contractor named NTC Vulkan.

"Overall, Tomiris is a very agile and determined actor, open to experimentation," the researchers said, adding "there exists a form of deliberate cooperation between Tomiris and Turla."

Found this article interesting? Follow us on Twitter __ and LinkedIn to read more exclusive content we post.

Russian Hackers Tomiris Targeting Central Asia for Intelligence Gathering

Is Elon Musk's "maximum truth-seeking AI" achievable? Overcoming bias in artificial technologies is crucial for cybersecurity, but doing it could be a challenge.

Concerns over bias in emerging artificial intelligence (AI) tools received a fresh airing recently when billionaire Elon Musk talked about his plans to create a "maximum truth-seeking AI" as an alternative to OpenAI's Microsoft-backed ChatGPT and Google's Bard technologies. 

In an interview with Fox News' Tucker Carlson earlier this month, Musk expressed concern over what he described as ChatGPT being trained to lie and to be politically correct, among other things. He described a so-called "TruthGPT" as a third option that would be unlikely "annihilate humans," and would offer the "best path to safety" compared with the other generative AI tools.

Musk has offered no timetable for his planned chatbot. But he has already established a new AI firm called X.AI, and has reportedly begun hiring AI staff from ChatGPT creator OpenAI as well as from Google and its parent, Alphabet.

Meanwhile, of course, AI bias affects cybersecurity risk as well. 

**Surfacing a Familiar Concern**

Musk's comments to Carlson echoed some of the sentiments that he and hundreds of other tech leaders, ethicists, and academicians expressed in an open letter to AI companies in March. The letter urged organizations involved in AI research and development to pause their work for at least six months, so policymakers have an opportunity to put some guardrails around the use of the technology. In making their argument, Musk and the others pointed to the potential for biased AI tools flooding "our information channels with propaganda and untruth" as one of their main concerns.

Suzannah Hicks, data strategist and scientist at the International Association of Privacy Professionals (IAPP) says the fundamental problem with bias in AI and machine learning is that it stems from human decision-making. All AI models learn from extremely large data sets and are not programmed explicitly to respond in specific ways. Typically, bias happens in the data that humans choose to input into the model.

"If biased data is entered into the model, then the output will likely contain bias as well," Hicks says. "Bias can also be introduced through data omission or by data scientists choosing a variable as a proxy for something other than what the data element is," she says. As an example, Hicks points to a machine learning algorithm that might take the number of "clicks" a user makes when browsing Netflix as a proxy for a positive indicator. "I may be clicking on movies to read their description and decide I don’t like it, but the model may misinterpret the click as an indicator of a 'like,'" she says.

Similarly, a lending service that uses AI to determine credit eligibility might end up denying a disproportionately high number of loans to people in a high-crime ZIP code if the ZIP code was part of the data set in the AI tool's learning model. "In this case, the ZIP code is being used as a proxy for human behavior, and by doing so produces a biased result," Hicks says.

Andrew Barratt, vice president at Coalfire, says his own testing of a text-to-image generation tool provided one example of the bias that exists in emerging AI technologies. When he asked the tool to generate a photorealistic image of a happy man enjoying the sun, the tool only generated Caucasian skin tones and features, though the input he provided contained no racial context. He says one concern going forward is that providers of AI platforms seeking to monetize their technologies could introduce bias into their models in a way that is favorable to advertisers or platform providers.

Whenever you monetize a service, you typically want to maximize the monetization potential with any further evolution of that service, says Krishna Vishnubhotla, vice president of product strategy at Zimperium. Often that evolution can start deviating from the original goals or evolution path — a concern that Musk vocalized about ChatGPT in his interview with Carlson. "Herein lies the issue that Elon talks about," Vishnubhotla says.

**Cybersecurity Bias in Artificial Intelligence**

While Musk et al didn't specifically call out the implications of AI bias on cybersecurity, that's been a topic for some time, and it's worth revisiting in the era of ChatGPT. As Aarti Borkar, a former IBM and Microsoft executive and now with a venture capital fund, noted in a groundbreaking column for Fast Company in 2019, with AI becoming a prime security tool, bias is a form of risk.

"When AI models are based on false security assumptions or unconscious biases, they do more than threaten a company’s security posture," Borkar wrote. "AI that is tuned to qualify benign or malicious network traffic based on non-security factors can miss threats, allowing them to waltz into an organization’s network. It can also over-block network traffic, barring what might be business-critical communications."

With ChatGPT being enthusiastically introduced into cybersecurity products, the risk of faulty hidden bias could contribute even more to false positives, abuse of privacy, and cyber defense that has gaping holes. And to boot, cybercriminals could also poison the AI to influence security outcomes.

"If the AI were to be hacked and manipulated to provide information that’s seemingly objective but is actually well-cloaked biased information or a distorted perspective, then the AI could become a dangerous … machine," according to the Harvard Business Review.

So the question becomes whether there really can be completely unbiased AI, and what it would take to get there.

**Eliminating Bias in AI**

The first step to eliminating data bias is to understand the potential for it in AI and machine learning, Hicks says. This means understanding how and what data variables get included in a model.

Many so-called "black-box" models, such as neural networks and decision trees, are designed to independently learn patterns and make decisions based on their data sets. They don't require the user or even the developer to fully understand how it might have arrived at a particular conclusion, she says. 

"AI and machine leaning rely on black-box models a great deal, because they can handle vast amounts of data and produce very accurate results," Hicks notes. "But it’s important to remember they are exactly that — black boxes — and we have no understanding of how they come to the result provided."

The authors of a World Economic Forum blog post last October argued that open source data science (OSDS) — where stakeholders collaborate in a transparent way — might be one way to counter bias in AI. Just as open source software transformed software, OSDS can open up the data and models that AI tools use, the authors said. When data and AI models are open, data scientists would have an opportunity to "identify bugs and inefficiencies, and create alternate models that prioritize various metrics for different use cases," they wrote.

**The EU's Proposed AI Risk Classification Path**

The European Union's proposed Artificial Intelligence Act is taking another approach. It calls for an AI classification system in which AI tools are classified based on the level of risk they present to health, safety, and an individual's fundamental rights. AI technologies that present an unacceptably high risk, such as real-time biometrics ID systems, would be banned. Those deemed as presenting limited or minimal risk, such as video games and spam filters, would be subject to some basic oversight. High-risk AI projects, such as autonomous vehicles, would be subject to rigorous testing requirements and show evidence of adherence to specific data quality standards. Generative AI tools such as ChatGPT would be subject to some of these requirements as well.

**The NIST Approach**

In the US, the National Institute of Standards and Technology (NIST) has recommended that stakeholders broaden the scope of where they look when searching for sources of bias in AI. In addition to machine learning processes and the data used in training AI tools, the industry should consider the societal and human factors, NIST said in a special publication on the need for standards to identify and manage bias in AI. 

"Bias is neither new nor unique to AI and it is not possible to achieve zero risk of bias in an AI system," NIST noted. To mitigate some of the risk, NIST will develop standards for "identifying, understanding, measuring, managing, and reducing bias."

Rethinking Safer AI: Can There Really Be a 'TruthGPT'?

With 60% of organizations taking more than four days to resolve cybersecurity issues, Unit 42’s Global Incident Response Service dramatically reduces time to remediate threats.

**SANTA CLARA, Calif., April 24, 2023 –** Palo Alto Networks (NASDAQ: PANW), the global cybersecurity leader, today announced the expansion of its Unit 42 Digital Forensics and Incident Response Service. The Global Digital Forensics and Incident Response service combines depth of incident response experience with the breadth of AI-powered solutions, including Cortex® XDR® and XpanseTM, and Prisma® Cloud, to equip enterprises to respond immediately and recover faster than most any digital forensics and incident response (DFIR) service in the market.

To help organizations better respond to complex threats, Palo Alto Networks’ unique knowledge of security and a deep understanding of advanced attacker behavior enables Unit 42 to undertake a rigorous investigation with rapid response. According to Wendi Whitmore, senior vice president of Palo Alto Networks Unit 42, “No other security vendor in the industry can match Palo Alto Networks’ telemetry or our breadth of products to stop attacks in real-time. We analyze data from thousands of customers globally, generating over 500 billion daily events. This massive dataset enables responders to contextualize threats and respond effectively. Coupled with our expertise in cloud threats, SOC automation, and network security, this advanced intelligence helps companies recover and emerge stronger than before.”

Unit 42 specializes in cyber DFIR and responds to thousands of customer events annually from ransomware incidents to the rising cloud attacks. Backed by a global team of incident responders, threat intelligence experts, and consultants, Unit 42 has handled some of the largest data breaches in history.

According to the recent Unit 42 Cloud Threat report, more than 60% of organizations take over four days to resolve security issues, while threat actors typically exploit a misconfiguration or vulnerability within hours. Unit 42 recently engaged with a large enterprise customer after a zero-day vulnerability allowed an authentication bypass and remote code execution (RCE) exploit. The threat actor leveraged the vulnerability to drop web shells and launch a crypto miner onto the client's unpatched CRM system hosted on a popular cloud service provider (CSP). Through unauthorized access, the threat actor stole a CSP credential that provided access to sensitive databases, which they made publicly available on the Internet. As part of the investigation, Unit 42 leveraged Cortex XDR to ingest the CSP CloudTrail logs for rapid threat hunting and analysis and Prisma Cloud to assess the client's CSP environment. Using Prisma Cloud, Unit 42 assisted the client in remediating the CSP misconfigurations and implementing security best practices during the incident, in real-time, improving their security posture overall.

**The Unit 42 Digital Forensics and Incident Response Service includes:**

*   Assessments: To evaluate and test controls against real-world threats proactively, Unit 42 offers many assessments, including compromise assessments, ransomware readiness assessments, attack surface assessments, and more. 
*   IR Preparedness: Helping organizations pressure test technical controls, network security, response playbooks, and more. Services include Penetration Testing, Purple Teaming and Tabletop exercises. 
*   Incident Response: Quickly jumpstart an intelligence-led investigation, deploying Palo Alto Networks tools within minutes to contain threats and gather the evidence needed to analyze an incident fully. Unit 42 IR services include cloud incident response, expert malware analysis, and ransomware investigation. 
*   Managed Threat Hunting: Offers round-the-clock monitoring from Unit 42 experts to discover attacks anywhere in an organization. Threat hunters work on an organization’s behalf to discover advanced threats, such as state-sponsored attackers, cybercriminals, malicious insiders, and malware. 
*    Managed Detection and Response: Combines Cortex XDR with Unit 42's industry-leading threat intelligence to offer continuous 24/7 threat detection, investigation and response.

In the Forrester Wave™: Cybersecurity Incident Response Services, Q1 2022 Forrester noted that organizations “…seeking support in preparing for and responding to incidents in sprawling cloud environments should look at Palo Alto Networks.” 

**About Unit 42** 

Palo Alto Networks Unit 42 brings together world-renowned threat researchers, elite incident responders, and expert security consultants to create an intelligence-driven, response-ready organization passionate about helping you proactively manage cyber risk. Together, our team serves as your trusted advisor to help assess and test your security controls against the right threats, transform your security strategy with a threat-informed approach, and respond to incidents in record time so that you get back to business faster. 

Approved by Cybersecurity Insurance Plans Unit 42 is on the approved vendor panel of more than 70 major cybersecurity insurance carriers. If you need to use Unit 42 services in connection with a cyber insurance claim, Unit 42 can honor any applicable preferred panel rate in place with the insurance carrier. For the panel rate to apply, just inform Unit 42 at the time of the request for service. 

Under Attack? Get in touch with the Unit 42 Incident Response team at start.paloaltonetworks.com/contact-unit42.html or call North America Toll-Free: 866.486.4842 (866.4.UNIT42), EMEA: +31.20.299.3130, UK: +44.20.3743.3660, APAC: +65.6983.8730, or Japan: +81.50.1790.0200. 

Follow Palo Alto Networks on Twitter, LinkedIn, Facebook and Instagram. 

**About Palo Alto Networks** 

Palo Alto Networks is the world’s cybersecurity leader. We innovate to outpace cyberthreats, so organizations can embrace technology with confidence. We provide next-gen cybersecurity to thousands of customers globally, across all sectors. Our best-in-class cybersecurity platforms and services are backed by industry-leading threat intelligence and strengthened by state-of-the-art automation. Whether deploying our products to enable the Zero Trust Enterprise, responding to a security incident, or partnering to deliver better security outcomes through a world-class partner ecosystem, we’re committed to helping ensure each day is safer than the one before. It’s what makes us the cybersecurity partner of choice. 

At Palo Alto Networks, we’re committed to bringing together the very best people in service of our mission, so we’re also proud to be the cybersecurity workplace of choice, recognized among Newsweek’s Most Loved Workplaces (2021 and 2022), Comparably Best Companies for Diversity (2021), and HRC Best Places for LGBTQ Equality (2022). For more information, visit www.paloaltonetworks.com. 

Palo Alto Networks, Cortex, Cortex XDR, Cortex Xpanse, Prisma Cloud, Unit 42 and the Palo Alto Networks logo are trademarks of Palo Alto Networks, Inc. in the United States and in jurisdictions throughout the world. All other trademarks, trade names, or service marks used or mentioned herein belong to their respective owners. Any unreleased services or features (and any services or features not generally available to customers) referenced in this or other press releases or public statements are not currently available (or are not yet generally available to customers) and may not be delivered when expected or at all. Customers who purchase Palo Alto Networks applications should make their purchase decisions based on services and features currently generally available.

Palo Alto Networks Takes Aim At Cyberattacks With the Expansion of Unit 42's Digital Forensics & Incident Response Service Globally

Powered by Cribl, a CrowdStrike Falcon Fund partner, and available to CrowdStrike Falcon platform customers.

**AUSTIN, Texas and RSA Conference 2023, SAN FRANCISCO, April 24, 2023** – CrowdStrike (Nasdaq: CRWD) today introduced CrowdStream, powered by open observability company Cribl, which transforms how customers can get any data, from any security or IT source, directly into the CrowdStrike Falcon platform to solve XDR, log management and AI-based analytics challenges in a rapid, cost effective way.

Organizations struggle to get the complete visibility across the security and IT data sources needed to effectively stop increasingly sophisticated adversaries as they move across attack surfaces to breach organizations. Collecting and routing this siloed data is creating a heavy burden of complexity and cost, especially as data volumes continue to exponentially grow across ever-multiplying data sources.

CrowdStream is a new native platform capability that directly connects any data source into the CrowdStrike Falcon platform using Cribl’s observability pipeline technology. By sitting between data sources and their destination, CrowdStream provides an elegant and cost-effective way to get data into the CrowdStrike Falcon platform to greatly accelerate the adoption of XDR and log management, as well as aggregating the required data to train advanced AI/ML models.

CrowdStream transforms an organization’s ability to unify siloed security and IT data by:

• **Easily connect and rout****e** data from any source into the CrowdStrike Falcon platform, accelerating the adoption of XDR and log management by minimizing the complexity and cost of onoboarding data sources.

• **Unify data within the CrowdStrike Falcon platform for insights** and near-instant search at petabyte scale to provide the rich visibility and aggregated telemetry needed to eliminate threats, run deep analytics and hunt for adversaries.

• **Cut log management costs** by sending the right data (and only the right data) to a modern log management solution such as CrowdStrike Falcon LogScale. Recently, a large financial institution switched to CrowdStrike Falcon LogScale and saved at least $5 million dollars over three years in infrastructure and licensing costs.

• **Consolidate** point products by centralizing and normalizing data within the CrowdStrike Falcon platform to continuously address new security and IT use cases with fully integrated capabilities built on a unified data model.

“Cybersecurity is ultimately a data problem. Today’s adversary techniques are growing more sophisticated including the use of initial access, lateral movement, privilege escalation, defense evasion and data extortion. However, organizations are still struggling to effectively and efficiently collect the right data from a variety of security and IT point products they deploy to root out and shut down threats from adversaries,” said Michael Sentonas, president at CrowdStrike. “For organizations to stay ahead of these threats, it is imperative they have real-time visibility and data at their fingertips. We see the CrowdStream technology as a game-changer that significantly improves our customer’s ability to get the right data, from any source, directly into the CrowdStrike Falcon platform to solve the hardest security and IT challenges in an elegant, cost-effective way.”

“Cribl is a proud CrowdStrike Falcon Fund partner, as we were one of CrowdStrike’s first investments. We see this expanded strategic partnership with CrowdStrike as another step to solving the massive data problem that cybersecurity teams face today,” said Clint Sharp, co-founder and CEO, Cribl. “By making the process of data collection for the CrowdStrike Falcon platform easier, CrowdStream will revolutionize the way that organizations quickly gain value from XDR and log management.”

**Additional Resources**

• For more information on CrowdStream, please visit the CrowdStrike blog and Cribl website.

**About Cribl**

Cribl makes open observability a reality for today’s tech professionals. The Cribl product suite defies data gravity with radical levels of choice and control. Wherever the data comes from, wherever it needs to go, Cribl delivers the freedom and flexibility to make choices, not compromises. It’s enterprise software that doesn’t suck, enables tech professionals to do what they need to do, and gives them the ability to say “Yes.” With Cribl, companies have the power to control their data, get more out of existing investments, and shape the observability future. Founded in 2017, Cribl is a remote-first company with an office in San Francisco, CA. For more information, visit www.cribl.io or our LinkedIn, Twitter, or Slack community.

**About CrowdStrike**

CrowdStrike (Nasdaq: CRWD), a global cybersecurity leader, has redefined modern security with one of the world’s most advanced cloud-native platforms for protecting critical areas of enterprise risk – endpoints and cloud workloads, identity and data.

Powered by the CrowdStrike Security Cloud and world-class AI, the CrowdStrike Falcon® platform leverages real-time indicators of attack, threat intelligence, evolving adversary tradecraft and enriched telemetry from across the enterprise to deliver hyper-accurate detections, automated protection and remediation, elite threat hunting and prioritized observability of vulnerabilities.

Purpose-built in the cloud with a single lightweight-agent architecture, the Falcon platform delivers rapid and scalable deployment, superior protection and performance, reduced complexity and immediate time-to-value.

CrowdStrike: We stop breaches.

CrowdStrike Introduces CrowdStream to Accelerate and Simplify XDR Adoption

Categories: Podcast
This week on Lock and Code, we speak with Courtney Brown about a mental health nonprofit's use of AI to speak to people suffering emotional distress. 



(Read more...)




The post Removing the human: When should AI be used in emotional crisis? Lock and Code S03E09 appeared first on Malwarebytes Labs.

In January, a mental health nonprofit admitted that it had used Artificial Intelligence to help talk to people in distress. 

Prompted first by a user's longing for personal improvement—and the difficulties involved in that journey—the AI tool generated a reply, which, with human intervention, could be sent verbatim in a chat box, or edited and fine-tuned to better fit the situation. The AI said:

“I hear you. You’re trying to become a better person and it’s not easy. It’s hard to make changes in our lives, especially when we’re trying to do it alone. But you’re not alone. There are people here who care about you and want to help you. I’m proud of you for making the decision to try to improve your life. It takes a lot of courage and strength. I send you love and support as you go through this journey.”

This was experimental work from Koko, a mental health nonprofit that integrated the GPT-3 large language model into its product for a short period of time that is now over. In a video demonstration posted on Twitter earlier this year, Koko co-founder Rob Morris revealed that the nonprofit had used AI to provide "mental health support to about 4,000 people" across "about 30,000 messages." Though Koko pulled GPT-3 from its system after a reportedly short period of time, Morris said on Twitter that there are several questions left from the experience. 

"The implications here are poorly understood," Morris said. "Would people eventually seek emotional support from machines, rather than friends and family?"

Today, on the Lock and Code podcast with host David Ruiz, we speak with Courtney Brown, a social services administrator with a history in research and suicidology, to dig into the ethics, feasibility, and potential consequences of relying increasingly on AI tools to help people in distress. For Brown, the immediate implications draw up several concerns. 

> "It disturbed me to see AI using 'I care about you,' or 'I'm concerned,' or 'I'm proud of you.' That made me feel sick to my stomach. And I think it was partially because these are the things that I say, and it's partially because I think that they're going to lose power as a form of connecting to another human."

But, importantly, Brown is not the only voice in today's podcast with experience in crisis support. For six years and across 1,000 hours, Ruiz volunteered on his local suicide prevention hotline. He, too, has a background to share. 

Tune in today as Ruiz and Brown explore the boundaries for deploying AI on people suffering from emotional distress, whether the "support" offered by any AI will be as helpful and genuine as that of a human, and, importantly, whether they are simply afraid of having AI encroach on the most human experiences. 

You can also find us on Apple Podcasts, Spotify, and Google Podcasts, plus whatever preferred podcast platform you use.

Removing the human: When should AI be used in emotional crisis? Lock and Code S03E09

Print management software provider PaperCut said that it has "evidence to suggest that unpatched servers are being exploited in the wild," citing two vulnerability reports from cybersecurity company Trend Micro.
"PaperCut has conducted analysis on all customer reports, and the earliest signature of suspicious activity on a customer server potentially linked to this vulnerability is 14th April 01

Threat Intel / Cyber Attack

Print management software provider PaperCut said that it has "evidence to suggest that unpatched servers are being exploited in the wild," citing two vulnerability reports from cybersecurity company Trend Micro.

"PaperCut has conducted analysis on all customer reports, and the earliest signature of suspicious activity on a customer server potentially linked to this vulnerability is 14th April 01:29 AEST / 13th April 15:29 UTC," it further added.

The update comes as the U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a critical flaw (CVE-2023-27350, CVSS score - 9.8) to the Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation.

Cybersecurity company Huntress, which found about 1,800 publicly exposed PaperCut servers, said it observed PowerShell commands being spawned from PaperCut software to install remote management and maintenance (RMM) software like Atera and Syncro for persistent access and code execution on the infected hosts.

Additional infrastructure analysis has revealed the domain hosting the tools – windowservicecemter\[.\]com – was registered on April 12, 2023, also hosting malware like TrueBot, although the company said it did not directly detect the deployment of the downloader.

TrueBot is attributed to a Russian criminal entity known as Silence, which in turn has historical links with Evil Corp and its overlapping cluster TA505, the latter of which has facilitated the distribution of Cl0p ransomware in the past.

"While the ultimate goal of the current activity leveraging PaperCut's software is unknown, these links (albeit somewhat circumstantial) to a known ransomware entity are concerning," Huntress researchers said.

UPCOMING WEBINAR

Zero Trust + Deception: Learn How to Outsmart Attackers!

Discover how Deception can detect advanced threats, stop lateral movement, and enhance your Zero Trust strategy. Join our insightful webinar!

Save My Seat!

"Potentially, the access gained through PaperCut exploitation could be used as a foothold leading to follow-on movement within the victim network, and ultimately ransomware deployment."

Users are recommended to upgrade to the fixed versions of PaperCut MF and NG (20.1.7, 21.2.11, and 22.0.9) as soon as possible, regardless of whether the server is "available to external or internal connections," to mitigate potential risks.

Customers who are unable to upgrade to a security patch are advised to lock down network access to the servers by blocking all inbound traffic from external IPs and limiting IP addresses to only those belonging to verified site servers.

Found this article interesting? Follow us on Twitter __ and LinkedIn to read more exclusive content we post.

Russian Hackers Suspected in Ongoing Exploitation of Unpatched PaperCut Servers

Repetier Server through 1.4.10 does not have CSRF protection.

Here you can download the free version of Repetier-Server. To get the Pro version with all features, you just have to enter your Repetier-Server Pro license code you can get here. Repetier-Server Monitor is always free.

** Repetier-Server 1.4.10**

**After installing Repetier-Server you can activate a completely free test period of 14 days to test out all Pro features. If you are satisfied, we are happy if you decide for a Pro version and support this project.**

**Download Older Versions**

**Show Changelog**

**Which version is the right?**

For the linux versions we currently only have Debian installer which work with all newer Debian like distributions like Ubuntu as long as your libc version is greater equal the used version. See table below:

*   **Linux 32 bit Intel (intel32):** libc 2.19 like used in Ubuntu 14.04LTS
*   **Linux 64 bit Intel (amd64):** libc 2.13 like used in Debian Wheezy
*   **Linux 32 bit ARM (armhf):** libc 2.16 like used in Debian Jessie. Use armel if you have a older libc.
*   **Linux 64 bit ARM (armhf 64 bit):** libc 2.23 like used in Ubuntu 16.04
*   **Linux 32 bit ARM (armel):** libc 2.13 like on Raspberry-Pi Raspian
*   **Windows: Vista, 7, 10 and 11**
*   **Mac: OS X 10.13 or later**

For the arm boards we have two versions depending on the arm architecture. The widespread Raspberry-PI uses the armel version. Boards with better hardware like Beagle bon black should use the faster armhf version.

For update informations, please check out our changelog.

** Repetier-Server Monitor 1.4.5**

Free desktop app to connect multiple Repetier-Server PRO or OEM instances at once with additional functions like easy g-code upload from any slicer, Repetier-Server backup, …  
Read more …

**Show Changelog**

**System requirements**

*   Windows 7 and higher (64 bit), Mac OS X 10.10 and higher and Linux (64 bit)
*   200 MB disc storage
*   The current version of Repetier-Server
*   If under linux the screen is empty add –disable-gpu as parameter. Happens especially under virtual machines.

**Troubleshooting:**

If you have any problems with our software, here you will find help:

*   Manual including installation instructions and other documentations
*   Frequently askes questions
*   Our forum for answers and questions not covered in the above sources

**Notice for Raspberry Pi users**

The Pi is very power sensitive. If it does not receive stable 5V, you may experience stability issues like bad connections or temperature errors. Use a solid 3A power supply, best with 5.1 V output. Also a cheap usb cable with thin wires can cause voltage loss. We recommend an AWG20 USB cable.

More information

CVE-2023-31061: Download - Repetier-Server

Pumpkin Sandstorm. Spandex Tempest. Charming Kitten. Is this really how we want to name the hackers wreaking havoc worldwide?

Hackers—particularly state-sponsored ones focused on espionage and cyberwar, and organized cybercriminals exploiting networks worldwide for profit—are not pets. They wreck businesses, sow chaos, disrupt critical infrastructure, support some of the world's most harmful militaries and dictatorships, and help those governments spy on and oppress innocent people worldwide.

So why, when I write about these organized hacker groups as a cybersecurity reporter, do I find myself referring to them with cute pet names like Fancy Bear, Refined Kitten, and Sea Turtle?

Why, when I interview different cybersecurity firms about a particular unit of Russian military intelligence hackers, do I have to internally translate that this company refers to Fancy Bear as Pawn Storm, while this one calls them Iron Twilight? Why, when I wrote a news piece earlier this week about a North Korea–linked hacking team that has spied on their South Korean neighbors, stolen millions in cryptocurrency to fund the totalitarian regime of Kim Jong-un, and corrupted the software distributed by multiple companies to spread malicious code worldwide, did I find myself referring to them as "the hacker group known as Kimsuky, Emerald Sleet, or Velvet Chollima"? It is all, frankly, a little embarrassing—and to the average reader, lends reporting about cyber conflict about as much gravity as the play-by-play of a Pokémon card game.

A few days ago, Microsoft's cybersecurity division announced it was changing the entire taxonomy of names it uses for the hundreds of hacker groups that it tracks. Instead of its previous system, which gave those organizations the names of elements—a fairly neutral, scientific-sounding system as these things go—it will now give hacker groups two-word names, including in their description a weather-based term indicating what country the hackers are believed to work on behalf of, as well as whether they're state-sponsored or criminal.

That means Phosphorous, an Iranian group that Microsoft reported this week has been targeting US critical infrastructure like seaports, energy companies, and transit systems, now has the less-than-fearsome name Mint Sandstorm. Iridium, Russia's most aggressive and dangerous cyberwar-focused military hacker unit more commonly known as Sandworm—responsible for multiple blackouts in Ukraine and the most destructive malware in history—now has the whimsical title of Seashell Blizzard. Barium, a team of Chinese hackers that's carried out more software-supply-chain attacks than perhaps any group worldwide, is now Brass Typhoon—a phrase that, I confess, I have a hard time separating from flatulence.

Many of the new names sounded so absurd that I actually double-checked Microsoft hadn't published the new labeling system on April 1. Periwinkle Tempest. Pumpkin Sandstorm. Spandex Tempest. Gingham Typhoon. “These names are just really silly,” says Rob Lee, the founder and CEO of industrial-control-system cybersecurity firm Dragos. “I mean, talk about not being taken seriously as a profession.”

Goofiness aside, the new system is counterproductive for actual cybersecurity analysis, Lee argues. Given that Microsoft's threat intelligence is some of the best in the world, analysts and customers across the industry will have to actually revise their databases—and even some of their products—to match Microsoft's new naming scheme, he says. And the revised system now locks in educated guesses about the national loyalties of hackers with no indication of the analysts' degree of confidence in those assessments, Lee adds.f

What if a hacker group thought to be part of a nation’s intelligence agency turns out to be a hacker-for-hire contractor? Or cybercriminals temporarily conscripted to work on behalf of a government? “Assessments change over time,” Lee says. “Like, ‘We told you it was Dirty Mustard and now it’s Swirling Tempest,’ and you’re like, what the fuck?” (Lee’s own firm, Dragos, admittedly gives hacker groups mineral names that are often confusingly similar to Microsoft’s old system. But at least Dragos has never called anyone Gingham Typhoon.)

When I reached out to Microsoft about its new naming scheme, the head of its Threat Intelligence Center, John Lambert, explained the rationale behind the change: Microsoft's new names are more distinct, memorable, and searchable. In contrast to Lee's point about choosing neutral names, the Microsoft team _wanted_ to give customers more context about hackers in the names, Lambert says, immediately identifying their nationality and motive. (Instances that are not yet fully attributed to a known group are given a temporary classifier, he notes.)

Microsoft's team was also just running out of elements—there are, after all, only 118 of them. “We liked weather because it's a pervasive force, it's disruptive, and there's a kindred spirit because the study of weather over time involves improvement in sensors, data, and analysis,” says Lambert. “That's cybersecurity defenders' world, too.” As for the adjectives preceding those meteorological terms—often the real source of the names' inadvertent comedy—they're chosen by analysts from a long list of words. Sometimes they have a semantic or phonetic connection to the hacker group, and sometimes they're random. “There’s some origin story to each one,” Lambert says, “or it could just be a name out of a hat.”

There's a certain, stubborn logic behind the cybersecurity industry's ever-growing sprawl of hacker group handles. When a threat intelligence firm finds evidence of a new team of network intruders, they can't be sure they're seeing the same group that another company has already spotted and labeled, even if they do see familiar malware, victims, and command-and-control infrastructure between the two groups. If your competitor isn't sharing everything they see, it's better to make no assumptions and track the new hackers under your own name. So Sandworm becomes Telebots, and Voodoo Bear, and Hades, and Iron Viking, and Electrum, and—_sigh_—Seashell Blizzard, as every company's analysts get a different glimpse of the group's anatomy.

But, sprawl aside, did these names have to be quite so on-their-face ridiculous? To some degree, it may be wise to give names to hacker gangs that rob them of their malevolent glamour. Members of the Russian ransomware group EvilCorp, for instance, are not likely to be happy with Microsoft's rebranding them as Manatee Tempest. On the other hand, is it really appropriate to label a group of Iranian hackers that seeks to penetrate crucial elements of US civilian infrastructure Mint Sandstorm, as if they're an exotic flavor of air freshener? (The older name given to them by Crowdstrike, Charming Kitten, is certainly not any better.) Did the Israeli hacker-for-hire mercenaries known as Candiru, who have sold their services to governments targeting journalists and human rights activists, really need to be renamed Caramel Tsunami, a brand befitting a Dunkin’ beverage, and one that's already taken by a strain of cannabis?

Kevin Mandia, one of the original hacker hunters and the founder and CEO of the cybersecurity firm Mandiant, captured this problem in a speech at the Cybersecurity Threat Intelligence Summit in 2018. “I’ve always wondered, how do you get into a boardroom and say, ‘Sir, I know you’re breached. You’re in the headlines. And you were hacked by Fluffy Snuggle Duck,’” Mandia said. “It just doesn’t work.”

Mandia concedes today that in the five years since his Fluffy Snuggle Duck comment, he's become more inured to the silly hacker group names. “I don't care what they're called, I just want to make sure we have the catalog right. Do we have the fingerprints for them, do we have defenses for them?” he says.

In our interview, though, he still seemed to be genuinely tripped up by the labeling scheme of his competitor Crowdstrike, which names hackers after different animals based on their nationality. “Bear is Russia … or is it?” Mandia pondered out loud. “Panda is China. But that’s a bear. I’m confused already.”

Mandia and Lee both dream of a day when a government body—say, the US National Institute of Standards and Technology—comes up with a hacker group naming convention that can be adopted across the industry. But they both also say that companies would never stick to it. Marketing aside, the fog of war in cybersecurity research means analysts at different companies will never be sure they're looking at the same entities—unless they all agree to openly share every scrap of their closely guarded intelligence.

Until then, well, just watch out for Periwinkle Tempest. Last year, Periwinkle Tempest launched crippling ransomware attacks across the entire nation of Costa Rica, leading the country's government to declare a national emergency. Periwinkle Tempest are some of the most dangerous hackers in the world. Periwinkle Tempest. Seriously.

Hacker Group Names Are Now Absurdly Out of Control

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday added three security flaws to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation.
The three vulnerabilities are as follows -

CVE-2023-28432 (CVSS score - 7.5) - MinIO Information Disclosure Vulnerability 
CVE-2023-27350 (CVSS score - 9.8) - PaperCut MF/NG Improper Access Control

Patch Management / Vulnerability

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday added three security flaws to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation.

The three vulnerabilities are as follows -

*   **CVE-2023-28432** (CVSS score - 7.5) - MinIO Information Disclosure Vulnerability
*   **CVE-2023-27350** (CVSS score - 9.8) - PaperCut MF/NG Improper Access Control Vulnerability
*   **CVE-2023-2136** (CVSS score - TBD) - Google Chrome Skia Integer Overflow Vulnerability

"In a cluster deployment, MinIO returns all environment variables, including MINIO\_SECRET\_KEY and MINIO\_ROOT\_PASSWORD, resulting in information disclosure," MinIO maintainers said in an advisory published on March 21, 2023.

Data gathered by GreyNoise shows that as many as 18 unique malicious IP addresses from the U.S., the Netherlands, France, Japan, and Finland have attempted to exploit the flaw over the past 30 days.

The threat intelligence company, in an alert published late last month, also noted how a reference implementation provided by OpenAI for developers to integrate their plugins to ChatGPT relied on an older version of MinIO that's vulnerable to CVE-2023-28432.

"While the new feature released by OpenAI is a valuable tool for developers who want to access live data from various providers in their ChatGPT integration, security should remain a core design principle," GreyNoise said.

Also added to the KEV catalog is a critical remote code execution bug affecting PaperCut print management software that allows remote attackers to bypass authentication and run arbitrary code.

The vulnerability has been addressed by the vendor as of March 8, 2023, with the release of PaperCut MF and PaperCut NG versions 20.1.7, 21.2.11, and 22.0.9. Zero Day Initiative, which reported the issue on January 10, 2023, is expected to release additional technical details on May 10, 2023.

UPCOMING WEBINAR

Zero Trust + Deception: Learn How to Outsmart Attackers!

Discover how Deception can detect advanced threats, stop lateral movement, and enhance your Zero Trust strategy. Join our insightful webinar!

Save My Seat!

According to an update shared by the Melbourne-based company earlier this week, evidence of active exploitation of unpatched servers emerged in the wild around April 18, 2023.

Cybersecurity firm Arctic Wolf said it "has observed intrusion activity associated with a vulnerable PaperCut Server where the RMM tool Synchro MSP was loaded onto a victim system."

Lastly added to the list of actively exploited flaws is a Google Chrome vulnerability affecting the Skia 2D graphics library that could enable a threat actor to perform a sandbox escape via a crafted HTML page.

Federal Civilian Executive Branch (FCEB) agencies in the U.S. are recommended to remediate identified vulnerabilities by May 12, 2023, to secure their networks against active threats.

Found this article interesting? Follow us on Twitter __ and LinkedIn to read more exclusive content we post.

CISA Adds 3 Actively Exploited Flaws to KEV Catalog, including Critical PaperCut Bug

NVIDIA DGX-2 SBIOS contains a vulnerability where an attacker may modify the ServerSetup NVRAM variable at runtime by executing privileged code. A successful exploit of this vulnerability may lead to denial of service.

**Details**

This section provides a summary of potential vulnerabilities that this security update addresses and their impact. Descriptions use CWE™, and base scores and vectors use CVSS v3.1 standards.

**CVE ID**

**Description**

**Base Score**

**Vector**

CVE‑2022‑42274

NVIDIA BMC contains a vulnerability in the IPMI handler, where an attacker with the required privileges can cause a buffer overflow, which may lead to denial of service or code execution.

7.8

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CVE‑2022‑42280

NVIDIA BMC contains a vulnerability in the SPX REST authorization handler, where an unauthorized user can exploit a path traversal, which may lead to escalation of privileges.

7.1

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

CVE‑2022‑42282

NVIDIA BMC contains a vulnerability in the SPX REST API, where an attacker with the required privileges can access arbitrary files, which may lead to information disclosure.

6.5

AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CVE‑2022‑42283

NVIDIA BMC contains a vulnerability in the IPMI handler, where an attacker with the required privileges can cause a buffer overflow, which may lead to denial of service or code execution.

6.4

AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

CVE‑2022‑42286

NVIDIA DGX-2 SBIOS contains a vulnerability in Bds, which may lead to code execution, denial of service, or escalation of privileges.

6.0

AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H

CVE‑2022‑42287

NVIDIA BMC contains a vulnerability in the IPMI handler, where an attacker can upload and download arbitrary files under certain circumstances, which may lead to denial of service, escalation of privileges, information disclosure, or data tampering.

6.0

AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N

CVE‑2022‑42289

NVIDIA BMC contains a vulnerability in the SPX REST API, where an attacker with the required privileges can inject arbitrary shell commands, which may lead to code execution, denial of service, information disclosure, or data tampering.

7.2

AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

CVE‑2022‑42290

NVIDIA BMC contains a vulnerability in the SPX REST API, where an attacker with the required privileges can inject arbitrary shell commands, which may lead to code execution, denial of service, information disclosure, or data tampering.

7.2

AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

CVE‑2023‑0200

NVIDIA DGX-2 contains a vulnerability in OFBD where a user with high privileges and a pre-conditioned heap can cause an access beyond a buffers end, which may lead to code execution, escalation of privileges, denial of service, and information disclosure.

7.5

AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

CVE‑2023‑0201

NVIDIA DGX-2 SBIOS contains a vulnerability in Bds, where a user with high privileges can cause a write beyond the bounds of an indexable resource, which may lead to code execution, denial of service, compromised integrity, and information disclosure.

6.7

AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

CVE‑2023‑0202

NVIDIA DGX A100 SBIOS contains a vulnerability where an attacker may modify arbitrary memory of SMRAM by exploiting the GenericSio and LegacySmmSredir SMM APIs. A successful exploit of this vulnerability may lead to denial of service, escalation of privileges, and information disclosure.

7.5

AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

CVE‑2023‑0206

NVIDIA DGX A100 SBIOS contains a vulnerability where an attacker may modify arbitrary memory of SMRAM by exploiting the NVME SMM API. A successful exploit of this vulnerability may lead to denial of service, escalation of privileges, and information disclosure.

7.5

AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

CVE‑2023‑0207

NVIDIA DGX-2 SBIOS contains a vulnerability where an attacker may modify the ServerSetup NVRAM variable at runtime by executing privileged code. A successful exploit of this vulnerability may lead to denial of service.

7.5

AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

The NVIDIA risk assessment is based on an average of risk across a diverse set of installed systems and may not represent the true risk to your local installation. NVIDIA recommends consulting a security or IT professional to evaluate the risk to your specific configuration.

**Security Updates**

The following table lists the NVIDIA software products affected, versions affected, and the updated version that includes this security update.

To protect your system, download and install this firmware update through the NVIDIA Enterprise Support Portal.

**CVE IDs Addressed**

**Hardware Platform**

**System**

**Affected Versions**

**Updated Version**

**Firmware Container**

CVE‑2022‑42274  
CVE‑2022‑42280  
CVE‑2022‑42282  
CVE‑2022‑42283  
CVE‑2022‑42287  
CVE‑2023‑0200  
CVE‑2023‑0201

DGX-2

DGX-2

All BMC versions prior to 1.08.00

01.08.00

23.3.1

CVE‑2022‑42286  
CVE‑2022‑42289  
CVE‑2022‑42290  
CVE‑2023‑0207

DGX-2

DGX-2

All SBIOS versions prior to 0.33

0.33

23.3.1

CVE‑2023‑0202  
CVE‑2023‑0206

DGX A100

DGX A100

All SBIOS versions prior to 1.18

1.18

22.12.1

**AMI Security Advisory CVEs Addressed**

CVE‑2022‑40259  
CVE‑2022‑40242  
CVE‑2022‑2827

DGX Station A100

DGX Station A100

All BMC versions prior to 2.01.00

2.01.00

23.3.1

**Additional Information****Security Vulnerabilities Reported by AMI**

The following table lists potential security vulnerabilities in some AMI MegaRAC SP-X Baseboard Management Controllers that have been reported by AMI. These vulnerabilities may allow user enumeration, unauthorized access, or arbitrary code execution.

**CVE ID**

**Severity**

**Summary**

CVE‑2022‑40259

Critical

AMI MegaRAC Redfish Arbitrary Code Execution

CVE‑2022‑40242

High

MegaRAC Default Credentials Vulnerability

CVE‑2022‑2827

High

AMI MegaRAC User Enumeration Vulnerability

The following table lists the status of the NVIDIA response to these vulnerabilities for each NVIDIA DGX system.

**System**

**Status**

DGX-1

Not vulnerable - no response required

DGX-2

Not vulnerable - no response required

DGX A100

To be addressed in May 2023 as stated in NVIDIA DGX A100 Server and DGX Station A100 - December 2022

DGX Station

Not vulnerable - no response required

DGX Station A100

Addressed in this update

**Security Vulnerabilities Reported by Intel**

The following table lists potential security vulnerabilities in some Intel Processors that have been reported by Intel. These vulnerabilities may allow escalation of privileges or denial of service. They are addressed in DGX-2 SBIOS release version 0.33.

**CVE ID**

**Severity**

**Summary**

CVE‑2020‑12357

High

Intel(R) Processors Privilege Escalation Vulnerability

CVE‑2020‑8670

High

Intel(R) Processors Privilege Escalation Vulnerability

CVE‑2020‑8700

High

Intel(R) Processors Privilege Escalation Vulnerability

CVE‑2020‑12359

High

Intel(R) Processors Privilege Escalation Vulnerability

CVE‑2020‑12358

Medium

Intel(R) Processors Denial of Service Vulnerability

CVE‑2021‑0095

Medium

Intel(R) Processors Denial of Service Vulnerability

CVE‑2020‑12360

Medium

Intel(R) Processors Privilege Escalation Vulnerability

CVE‑2020‑24486

Medium

Intel(R) Processors Denial of Service Vulnerability

**Acknowledgements**

CVE‑2022‑42274, CVE‑2022‑42280, CVE‑2022‑42282, CVE‑2022‑42283, CVE‑2022‑42286, CVE‑2022‑42287, CVE‑2022‑42289, CVE‑2022‑42290: The NVIDIA Offensive Security Research (OSR) team reported these issues.

**Get the Most Up to Date Product Security Information**

Visit the NVIDIA Product Security page to

*   Subscribe to security bulletin notifications
*   See the current list of NVIDIA security bulletins
*   Report a potential security issue in any NVIDIA supported product
*   Learn more about the vulnerability management process followed by the NVIDIA Product Security Incident Response Team (PSIRT)

**Revision History**

  

**Revision**

**Date**

**Description**

1.0

March 23, 2023

Initial release

**Support**

If you have any questions about this security bulletin, contact NVIDIA Support.

**Disclaimer**

ALL NVIDIA INFORMATION, DESIGN SPECIFICATIONS, REFERENCE BOARDS, FILES, DRAWINGS, DIAGNOSTICS, LISTS, AND OTHER DOCUMENTS (TOGETHER AND SEPARATELY, “MATERIALS”) ARE BEING PROVIDED “AS IS.” NVIDIA MAKES NO WARRANTIES, EXPRESS, IMPLIED, STATUTORY, OR OTHERWISE WITH RESPECT TO THE MATERIALS, AND ALL EXPRESS OR IMPLIED CONDITIONS, REPRESENTATIONS AND WARRANTIES, INCLUDING ANY IMPLIED WARRANTY OR CONDITION OF TITLE, MERCHANTABILITY, SATISFACTORY QUALITY, FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT, ARE HEREBY EXCLUDED TO THE MAXIMUM EXTENT PERMITTED BY LAW.

Information is believed to be accurate and reliable at the time it is furnished. However, NVIDIA Corporation assumes no responsibility for the consequences of use of such information or for any infringement of patents or other rights of third parties that may result from its use. No license is granted by implication or otherwise under any patent or patent rights of NVIDIA Corporation. Specifications mentioned in this publication are subject to change without notice. This publication supersedes and replaces all information previously supplied. NVIDIA Corporation products are not authorized for use as critical components in life support devices or systems without express written approval of NVIDIA Corporation.

Tag

#intel