In Q2 2023, the quarterly Top 10 Malware remained consistent with the previous quarter, with the majority of malware switching spots.

Read More

The breach was discovered on July 9 after an unauthorized third party accessed ADSC’s IT infrastructure

Read More

Trellix cybersecurity researchers discussed the implications of these flaws in a new blog post published on Sunday

Read More

‘Ello ello ello. What’s all this then?

Just days after it was learned that the police had exposed the details of their 10,000 staff in Northern Ireland, another force has admitted to an embarrassing breach of sensitive data.

Read more in my article on the Hot for Security blog.

Read More

Group-IB said Gigabud doesn’t execute malicious actions immediately but waits for user authorization

Read More

Vanquishing aliens, building virtual amusement parks, mashing buttons in online battles royale. For some, playing video games is a way to unwind from the day and momentarily journey to new worlds. Others game because they love the competition or enjoy participating in the online community around their favorite game.  

But just like other online realms, gaming isn’t free of cybercriminals. Cybercriminals take advantage of highly trafficked online gaming portals to make a profit on the dark web.  

The next time you log on to your virtual world of choice, level up your gaming security to protect your device and your personally identifiable information (PII).   

Why Do Cybercriminals Target Gamers? 

Gaming companies host a trove of valuable information. Gamers trust these platforms with their payment information, personal details, passwords, and with the safety of their gaming characters on which they spend thousands of hours and hundreds of dollars upgrading.  

Cybercriminals also target gamers through malware disguised as an advantage. Cheat software for online games is common as players strive to be the best among their opponents. For instance, a malware scam targeted players seeking an advantage for “Call of Duty: Warzone.” The malware creators advertised the “cheat software” on YouTube with instructions on how to download it. The video received thousands of views and hundreds of comments, which made it look legitimate.  

One of the steps in installing the “cheat software” was that users had to disable antivirus programs and firewalls. Users let the cybercriminals walk right into their device! From there, an aggressive type of fileless malware called a dropper infected the device. A dropper doesn’t download a malicious file; rather, it creates a direct pathway to deliver an additional payload, such as credential-stealing malware.1  

5 Gamer Security Tips 

Competitive gaming is, well, competitive. So, if you invest a lot of real money into your characters, be especially vigilant and follow these five important tips to protect your online accounts. 

1. Do not reveal personal information

It’s common for gamers to use variations of their real names and birthdates in their public-facing usernames. Doing this could reveal personal information that you’d rather keep private. Consider using a nickname or a combination of random numbers instead. Along this same vein, don’t reveal personal details about yourself (phone number, hometown, places you visit regularly, etc.) on chats or streams. Lurking cybercriminals can gather these personal details to impersonate you. 

2. Edit your privacy settings 

On some online PC games, you can join campaigns with gamers from all over the world. While the interconnectivity is great, carefully vet who you allow to follow your online profile. If a stranger sends a friend request out of the blue, be on alert. They could have nefarious motives, such as phishing for valuable data. It’s best to customize your privacy settings to make your profile invisible to strangers.  

3. Don’t pirate games or download cheat software

Developers spend a lot of time creating amazing games, so make sure you purchase games legally and play them as they are intended. Research revealed that cracked versions – or unauthorized versions – of popular games sometimes hid ChromeLoader malware, which has the ability to steal credentials stored in internet browsers. Cracked versions of Call of Duty, Elden Ring, Dark Souls 3, Red Dead Redemption 2, and Roblox were found to be harboring malware.2  

Be especially wary of free downloads and cheat software. Instead, go for a challenge and have fun with the game as it’s written.  

4. Log in with a VPN

A virtual private network (VPN) scrambles your online data traffic, foiling nosy digital eavesdroppers you may encounter while online gaming. A VPN makes it nearly impossible for anyone to access your IP address or spy on your online browsing. 

5. Protect your device with antivirus software 

Antivirus software can make your online gaming experience more secure. McAfee antivirus software, which is included in McAfee+, provides real-time threat protection, which means your devices are covered with 24/7 protection from ever-evolving malware and online threats. 

1Ars Technica, “Malicious cheats for Call of Duty: Warzone are circulating online” 

2TechRadar, “Be very careful when downloading these games online – they could be malware” 

The post 5 Online Gaming Tips to Stay Safe From Cybercriminals appeared first on McAfee Blog.

Read More

Security researchers have demonstrated how they were able to exploit a flaw which allowed them to hack the card-shuffling devices used in casinos and poker rooms.

Read more in my article on the Hot for Security blog.

Read More

The NSA discovered the intrusion in 2020—we don’t know how—and alerted the Japanese. The Washington Post has the story:

The hackers had deep, persistent access and appeared to be after anything they could get their hands on—plans, capabilities, assessments of military shortcomings, according to three former senior U.S. officials, who were among a dozen current and former U.S. and Japanese officials interviewed, who spoke on the condition of anonymity because of the matter’s sensitivity.

[…]

The 2020 penetration was so disturbing that Gen. Paul Nakasone, the head of the NSA and U.S. Cyber Command, and Matthew Pottinger, who was White House deputy national security adviser at the time, raced to Tokyo. They briefed the defense minister, who was so concerned that he arranged for them to alert the prime minister himself.

Beijing, they told the Japanese officials, had breached Tokyo’s defense networks, making it one of the most damaging hacks in that country’s modern history.

More analysis.

Read More