Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label Authetication. Show all posts

Insomniac Games Cybersecurity Breach

A cyberattack has compromised the prestigious game company Insomniac Games, exposing private data without authorization. Concerns over data security in the gaming business have been raised by this hack, which has spread throughout the community.

Targeting Insomniac Games, the company behind the well-known Spider-Man series, the cyberattack was purportedly executed by a gang going by the name Rhysida. Fans and the gaming industry were left in a state of anticipation and fear as the hackers obtained access to a treasure mine of data, including secret footage of new projects like Wolverine.

The leaked information not only included sneak peeks into future game developments but also internal data that could compromise the studio's operations. The gravity of the situation prompted a rallying of support for Insomniac Games from both the gaming community and industry professionals.

Amid the chaos, cybersecurity experts have been quick to emphasize the importance of robust security measures in an era where digital attacks are becoming increasingly sophisticated. This incident serves as a stark reminder that even major players in the gaming industry are vulnerable to cyber threats.

Insomniac Games responded promptly to the breach, acknowledging the incident and assuring fans that they are taking necessary steps to address the issue. The studio urged users to remain vigilant and promptly report any suspicious activities related to their accounts.

The gaming community, known for its passionate fanbase, has shown solidarity with Insomniac Games in the wake of the cyberattack. Messages of support have flooded social media platforms, emphasizing the need for collective efforts to combat cyber threats and protect the integrity of the gaming industry.

As the situation unfolds, industry leaders and policymakers are likely to scrutinize the incident to enhance cybersecurity protocols across the gaming landscape. The hack serves as a wake-up call for developers and publishers to invest in cutting-edge security measures to safeguard intellectual property and user data.

Leaders in the industry and legislators will probably be closely examining the incident as it develops to improve cybersecurity practices in the gaming sector. Developers and publishers should take note of this hack and invest in state-of-the-art security solutions to protect user data and intellectual property.

The recent hack on Insomniac Games serves as a reminder that even the biggest names in the gaming business are susceptible to online attacks. The aftermath of this disaster calls for the gaming community as a whole to prioritize cybersecurity in addition to data security. One thing is certain as the gaming industry struggles with the fallout from this breach: protecting digital assets is critical to the business's long-term viability and public confidence.

CISA Alerts on Serious Flaws in Industrial Equipment & Infrastructure

 

According to the US government's CISA and private security researchers, 56 vulnerabilities have been discovered in industrial operational technology (OT) systems from ten global manufacturers, including Honeywell, Ericsson, Motorola, and Siemens, putting more than 30,000 devices worldwide at risk. 

Some of these flaws obtained CVSS severity ratings as high as 9.8 out of 10. This is especially unfortunate given that these devices are employed in vital infrastructure throughout the oil and gas, chemical, nuclear, power generation and distribution, manufacturing, water treatment and distribution, mining, and construction and automation industries. 

Remote code execution (RCE) and firmware vulnerabilities are the most serious security problems. If exploited, these flaws might allow criminals to shut down electricity and water infrastructure and damage the food supply. This is not to claim that all or any of these situations are practically achievable; rather, these are the kind of devices and processes involved. 

Forescout's Vedere Labs uncovered the flaws in devices produced by 10 vendors and used by the security firm's customers and termed them OT:ICEFALL. As per the researchers, the vulnerabilities affect at least 324 enterprises worldwide – a figure that is likely to be far higher in reality because Forescout only has access to its own clients' OT devices. In addition to the previously mentioned firms, the researchers discovered weaknesses in Bently Nevada, Emerson, JTEKT, Omron, Phoenix Contact, and Yokogawa devices.

OT Devices are insecure by design

The majority of issues are found in level 1 and level 2 OT devices. Physical processes are controlled by level 1 devices such as programmable logic controllers (PLCs) and remote terminal units (RTUs), whereas level 2 devices include supervisory control and data acquisition (SCADA) and human-machine interface systems.

In addition to the 56 highlighted in a Vedere report today, the threat-hunting team uncovered four more that are still being kept under wraps owing to responsible disclosure. One of the four allows an attacker to compromise credentials, two let an attacker to change the firmware of OT systems, and the fourth is an RCE through memory write flaw. 

Many of these flaws are the consequence of OT products' "insecure-by-design" build, according to Forescout's head of security research Daniel dos Santos. Several OT devices lack fundamental security protections, making them simpler for criminals to exploit, he said. 

Since that earlier analysis, "there have been real-word real incidents, real malware that has abused insecure-by-design functionality of devices to cause disruption and physical damage, like Industroyer in Ukraine in 2016, or Triton in the Middle East in 2017. One instance of insecure-by-design is unauthenticated protocols. So basically, whenever you interact with the device you can call sensitive functions on the device, invoke this function directly without it asking for a password," dos Santos stated.

The security researchers found nine vulnerabilities related to protocols that have no authentication on them: CVE-2022-29953, CVE-2022-29957, CVE-2022- 29966, CVE-2022-30264, CVE-2022-30313, CVE-2022-30317, CVE-2022-29952 and CVE-2022-30276. 

The majority of these may be used to download and run firmware and logic on other people's devices, resulting in RCEs, or shutdowns and reboots that can create a denial of service circumstances. In an ideal world, equipment employing these protocols is not linked to computers and other systems in such a way that a network intruder may abuse them. 

Credential compromise: Most common issue

Five of the flaws were noted more than once by Vedere Labs because they had various possible consequences. More than a third of the 56 vulnerabilities (38%) can be exploited to compromise user login credentials, while 21% might allow a criminal to change the firmware if exploited, and 14% are RCEs. 

Other vulnerability categories include denial of service and configuration manipulation (eight percent), authentication bypass (six percent), file manipulation (three percent), and logic manipulation (two percent). 

Fixing these security flaws will be difficult, according to the researchers, since they are the consequence of OT products being vulnerable by design, or because they need modifications in device firmware and supported protocols. 

As a result, they did not reveal all of the technical information for the faulty OT devices, which explains the lack of depth. They did, however, advise users to read each vendor's security advisory, which is expected to be released today or soon. Furthermore, where possible, the security shop suggests disconnecting OT and industrial control system networks from corporate networks and the internet.