Search This Blog
Powered by Blogger.

Blog Archive

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label Fortnite. Show all posts
Ransom Demand
CloudSEK Customer Data Customer Data Exposed Cybersecurity Breach Data Breach Fortnite IAM system MFA Ransom Demand

Fortinet Cybersecurity Breach Exposes Sensitive Customer Data

 

Fortinet experienced a significant cybersecurity breach involving a third-party cloud drive, where 440 GB of data was leaked by a hacker named “Fortibitch” after the company refused to pay the ransom. The breach affected about 0.3% of Fortinet’s customers, roughly 1,500 corporate users, and included sensitive information such as financial documents, HR data, customer details, and more. Experts highlight that the breach underscores the critical need for implementing rigorous cybersecurity measures like multi-factor authentication (MFA) and robust identity access management (IAM) systems. 

Multi-factor authentication is particularly emphasized as a vital layer of defense against unauthorized access, significantly reducing the risk of data exposure when combined with strong identity access management. Organizations need to ensure that they enforce MFA and other identity management protocols consistently, especially for accessing essential systems like SharePoint and cloud storage services. Jim Routh, Chief Trust Officer at Saviynt, pointed out the growing concern over cloud security, given its increased adoption in software development and data storage. He stressed that without proper safeguards, such as MFA and secure access controls, sensitive data is at risk of exposure. 

Cybersecurity analyst Koushik Pal from CloudSEK echoed this sentiment, advocating for stricter IAM policies and urging organizations to regularly monitor repositories for potential misconfigurations, exposed credentials, or sensitive data leaks. This kind of vigilance is necessary for all teams to adhere to security best practices and minimize vulnerabilities. Relying on third-party vendors for data storage, as Fortinet did, is not inherently dangerous but introduces additional risks if strict security protocols are not enforced. The breach serves as a reminder that even established cybersecurity companies can fall victim to attacks, highlighting the need for ongoing vigilance. 

According to Routh, it’s crucial for system administrators to manage accounts meticulously, ensuring that identity access management protocols are properly configured and that privileged access is monitored effectively. The breach exemplifies how cybercriminals exploit security weaknesses to gain unauthorized access to sensitive data. As cloud technologies continue to be integrated into businesses, the responsibility to protect data becomes increasingly important. Cybersecurity experts emphasize that organizations must invest in proper training, regularly update security measures, and remain vigilant to adapt to evolving cyber threats. 

Ensuring that MFA, identity management systems, and monitoring practices are in place can go a long way in protecting against similar breaches in the future. This Fortinet incident serves as a wake-up call, showing that no organization is entirely immune to cyber threats, regardless of its expertise in cybersecurity.
Read more »
Malware Attack
AIVD Chinese Cyber Espionage Campaign Cyber Security Dutch intelligence FortiGate devices Fortnite Malware Attack

Dutch Intelligence Warns of Extensive Chinese Cyber-Espionage Campaign


 

The Dutch Military Intelligence and Security Service (MIVD) has issued a warning about the far-reaching consequences of a Chinese cyber-espionage operation disclosed earlier this year. According to the MIVD, the scale of this campaign is "much larger than previously known," impacting numerous systems across multiple sectors. 

In a joint report with the General Intelligence and Security Service (AIVD) released in February, the MIVD described how Chinese hackers exploited a critical vulnerability in FortiOS/FortiProxy (CVE-2022-42475). This remote code execution flaw was used over several months between 2022 and 2023 to deploy malware on susceptible Fortigate network security devices. During this "zero-day" period, about 14,000 devices were compromised. Targets included various Western governments, international organizations, and many companies within the defense industry. 

The malware, identified as the Coathanger remote access trojan (RAT), was detected on a network used by the Dutch Ministry of Defence for research and development (R&D) of unclassified projects. However, network segmentation prevented the attackers from spreading to other systems. The MIVD highlighted that this previously unknown malware strain could persist through system reboots and firmware upgrades. It was used by a Chinese state-sponsored hacking group in a political espionage campaign targeting the Netherlands and its allies. 

This persistent access allowed the state actor to maintain control over compromised systems even after security updates were applied. "The exact number of victims with malware installed is unknown," stated the MIVD. "However, the Dutch intelligence services and the NCSC believe that the state actor could potentially expand its access to hundreds of victims worldwide and engage in further actions such as data theft." Since February, the Dutch military intelligence service discovered that the Chinese threat group had accessed at least 20,000 FortiGate systems globally over a span of a few months in 2022 and 2023, beginning at least two months before Fortinet disclosed the vulnerability. 

The Coathanger malware's ability to intercept system calls to avoid detection and its resilience against firmware upgrades make it particularly difficult to remove. Fortinet disclosed in January 2023 that the CVE-2022-42475 vulnerability was exploited as a zero-day to target government organizations and related entities. The MIVD's findings mirror the characteristics of another Chinese hacking campaign that targeted unpatched SonicWall Secure Mobile Access (SMA) devices with cyber-espionage malware designed to withstand firmware updates. 

The revelations from Dutch intelligence underscore the increasing sophistication and persistence of state-sponsored cyber-espionage campaigns. As cyber threats continue to evolve, the importance of robust cybersecurity measures and vigilant monitoring becomes ever more critical to protect sensitive information and infrastructure from these advanced persistent threats.
Read more »
Tech Giant
App Developers App Store Apple Data Breach Digital Services Epic Games Financial Exploit Fortnite Google Tech Giant

Epic Games Wins: Historic Decision Against Google in App Store Antitrust Case

The conflict between tech behemoths Google and Apple and Fortnite creator Epic Games is a ground-breaking antitrust lawsuit that has rocked the app ecosystem. An important turning point in the dispute occurred when a jury decided to support the gaming behemoth over Google after Epic Games had initially challenged the app store duopoly.

The core of the dispute lies in the exorbitant fees imposed by Google and Apple on app developers for in-app purchases. Epic Games argued that these fees, which can go as high as 30%, amount to monopolistic practices, stifling competition and innovation in the digital marketplace. The trial has illuminated the murky waters of app store policies, prompting a reevaluation of the power dynamics between tech behemoths and app developers.

One of the key turning points in the trial was the revelation of internal emails from Google, exposing discussions about the company's fear of losing app developers to rival platforms. These emails provided a rare glimpse into the inner workings of tech giants and fueled Epic Games' claims of anticompetitive behavior.

The verdict marks a significant blow to Google, with the jury finding in favor of Epic Games. The decision has broader implications for the tech industry, raising questions about the monopolistic practices of other app store operators. While Apple has not yet faced a verdict in its case with Epic Games, the outcome against Google sets a precedent that could reverberate across the entire digital ecosystem.

Legal experts speculate that the financial repercussions for Google could be substantial, potentially costing the company billions. The implications extend beyond financial penalties; the trial has ignited a conversation about the need for regulatory intervention to ensure a fair and competitive digital marketplace.

Industry observers and app developers are closely monitoring the fallout from this trial, anticipating potential changes in app store policies and fee structures. The ruling against Google serves as a wake-up call for tech giants, prompting a reassessment of their dominance in the digital economy.

As the legal battle between Epic Games and Google unfolds, the final outcome remains years away. However, this trial has undeniably set in motion a reexamination of the app store landscape, sparking debates about antitrust regulations and the balance of power in the ever-evolving world of digital commerce.

Tim Sweeney, CEO of Epic Games, stated "this is a monumental step in the ongoing fight for fair competition in digital markets and for the basic rights of developers and creators." In the coming years, the legal structure controlling internet firms and app store regulations will probably be shaped by the fallout from this trial.

Read more »
PDF Exploits
Child Safety Data Breach Fortnite Fraud Apps Gaming Community Malicious actor Online Gaming PDF Exploits

Scammers Exploit Kids with Fake Fortnite and Roblox Offers

Children are increasingly the targets of sophisticated internet fraud in an era where digital connections predominate. Recent studies point to a concerning pattern where con artists leverage children's love of well-known video games like Fortnite and Roblox to commit marketing fraud, enticing young users with phony incentives. The need for parents and guardians to be always on the lookout for their children's internet activity is underlined by the meeting point of innocent excitement and malicious purpose.

Scammers are taking advantage of the exponential growth in the number of youthful gamers in the gaming business. Threat actors have allegedly created a sophisticated method of operation that revolves around making alluring offers that promise exclusive in-game currency or content for games like Fortnite and Roblox. These fraudulent schemes are frequently disseminated through websites, PDFs, or emails that at first glance seem real.

The scam's mechanics involve leveraging children's insatiable appetite for virtual rewards. Kids are prompted to click on links or download attachments under the pretext of accessing rare skins, virtual currency, or exclusive items for their beloved games. Unbeknownst to them, these actions often lead to a cascade of malicious events. The links can take them to phishing sites designed to steal personal information, while attachments might contain malware that compromises the security of the device and data.

Young gamers need to be informed about the dangers present in the digital world by parents, guardians, and instructors. To prevent kids from becoming victims of these frauds, the following precautions can be taken:

  • Open Dialogue: Initiate open conversations with kids about online safety and potential scams. Encourage them to share any suspicious messages they come across.
  • Teach Critical Thinking: Impart critical thinking skills to help children assess the authenticity of offers. Teach them to verify the legitimacy of websites and scrutinize URLs.
  • Emphasize Privacy: Stress the importance of not sharing personal information online, including email addresses and passwords, without explicit parental consent.
  • Implement Security Measures: Install reputable security software that can detect phishing attempts, malicious links, and malware.
  • Monitor Online Activities: Keep a watchful eye on your child's online interactions, friend lists, and downloads.
Cybercriminals' strategies evolve along with technology, thus it is crucial for both young gamers and the adults who serve as their mentors to remain knowledgeable and proactive. Together, one can make sure that people who want to take advantage of children's innocence don't ruin the fun of virtual exploration and creativity in games like Roblox and Fortnite. 

Read more »
Trojan Attacks
BitRAT Crypto Currency Fortnite malware Microsoft Excel Phishing and Spam PowerShell Trojan Attacks

Three Malware Fileless Phishing Campaigns: AveMariaRAT / BitRAT /PandoraHVNC

 

A phishing effort that was distributing three fileless malware onto a victim's device was detailed by cybersecurity experts at Fortinet's FortiGuard Labs. AveMariaRAT, BitRAT, and PandoraHVNC trojan viruses are spread by users who mistakenly run malicious attachments delivered in phishing emails. The viruses are dangerously capable of acquiring critical data from the device.
 
Cybercriminals can exploit the campaign to steal usernames, passwords, and other sensitive information, such as bank account numbers. BitRAT is particularly dangerous to victims because it can take complete control of infected Windows systems, including viewing webcam activity, listening to audio through the microphone, secretly mining for cryptocurrency that is sent to the attackers' wallet, and downloading additional malicious files.

The first phishing mail appears to be a payment report from a reputable source, with a brief request to view a linked Microsoft Excel document. This file contains dangerous macros, and when you open it, Microsoft Excel warns you about using macros. If the user disregards the warning and accepts the file, malware is downloaded. The malware is retrieved and installed onto the victim's computer using Visual Basic Application (VBA) scripts and PowerShell. For the three various types of malware that can be installed, the PowerShell code is divided into three pieces. This code is divided into three sections and employs the same logic for each virus: 
  • A dynamic mechanism for conducting GZip decompression is included in the first "$hexString." 
  • The second "$hexString" contains dynamic PowerShell code for decompressing the malware payload and an inner.Net module file for deploying it. 
  • The GZip-compressed malware payload is contained in the "$nona" byte array. The following PowerShell scripts are retrieved from the second $hexString and are used to decompress the malware payload in $nona and to deploy the malware payload into two local variables using the inner.Net module. 
The study doesn't explain as to why the phishing email contains three malware payloads, but it's conceivable that with three different types of malware to deploy, the cybercriminals will have a better chance of gaining access to whatever critical information they're after. 

Phishing is still one of the most prevalent ways for cyber thieves to deliver malware because it works – but there are steps you can take to avoid being a victim. Mysterious emails claiming to offer crucial information buried in attachments should be avoided, especially if the file requires users to allow macros first. Using suitable anti-spam and anti-virus software and training workers on how to recognize and report phishing emails, businesses may help workers avoid falling victim to phishing emails.
Read more »
Minecraft
Cybersecurity Discord Fortnite Minecraft

Hackers Attack Gaming Industry, Sell Player Accounts on Darkweb


Generating a tremendous revenue of $120.1 billion in 2019, the gaming industry is one of the largest and fastest-growing sectors. But this success comes at a high cost as it attracts hackers as a potential target. However, cyber-attacks in the video game industry are hard to trace, making the sector vulnerable to cybercriminals in recent times.



About the attacks
As per recent research, there exist covert markets that trade stolen gaming accounts. These trades can generate an unbelievable amount of $1 billion annually with this business. The Fortnite and Minecraft together amount to 70% of what these underground markets make. According to reports, Roblox, Runescape, Fortnite, and Minecraft are responsible for generating $700 annually. Experts at Night Lion security say that hackers selling stolen Fortnite player accounts are making up to $1 million annually.

 Recent developments 
Hackers are now operating as a hierarchical organization, appointing designations for different work. The structured enterprise has positions like developers, senior managers, project managers, sales, and public relations to sensationalize their services.

  • The actors are using open cloud services and digital platforms to conduct their business. 
  • The hackers steal in-game inventories like skins, crates, and coupons from player accounts and sell them on the black market for a lower price. 
  • These hackers often target top gaming accounts and steal player profiles to trade them for lower prices in the underground market. 

Recent attacks 

  • Last month, experts found a game named "Fall Guys: Ultimate Knockout," which contained malicious javascript API. It stole data from target players' discord and browser. 
  • In June 2020, around 1.3 million Stalker Online players' accounts were stolen and sold on the dark web later. 
  • In July 2020, a Nintendo leak revealed the game's details before they were officially launched in the market. 


The gaming industry now faces a bigger challenge to protect its community from the rising attacks. A proactive and multi-layered approach can help gamming companies protect their customers, along with products and services. However, gamers should be careful, too, avoiding re-use of the same password on other platforms.
Read more »
Subscribe to: Posts (Atom)