Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label Gamers. Show all posts

The Importance of Security CPR to your Business Cannot be Overstated

 


In a recent article, the FBI indicated that cybercrime increased by 207 percent between 2008 and 2021. There was an estimated loss of $7 billion in business in 2021 due to cybercrime. The probability of a successful cyberattack occurring at present is approximately one every 39 seconds. In the 21st century, cyber security is no longer considered a luxury but a necessity for all businesses. 

Cybersecurity extends far beyond a collection of technologies, applications, and networking infrastructure. A culture of awareness, policies, procedures, supporting technologies, and a support network are all crucial to cyber security. Businesses must be able to recover and respond in the event of a calamity because no protective measures are fully effective. 

A solid cybersecurity foundation can be built based on the Security CPR model, which encompasses three keystones:  
  • Communication and Education 
  • Prevention and protection 
  • Recovery and Response
Communication and Education 

In terms of cybersecurity, the human factor poses a serious risk. Certainly, you and your team want to do the finest job you can for your company and for the people with whom you deal on a daily basis. Human nature is the prime weapon used by cyberattackers to gather information and coerce humans into taking harmful actions.  

These actions, at the time, appeared to be helpful to the attacker. Communicating with your team is the most effective way to ensure they are aware of potential risks. They should know what to look for and know what steps to take to institute action when they encounter them. A situation like this is particularly relevant when there is suspicion of an attack.  

The message of security awareness is reinforced through education and security awareness training. Continuous education is crucial to keeping your team up-to-date with the latest cyber threats while maintaining a focus on cybersecurity at all times. 

Prevention and protection

Defending against an attack involves preventing it from the start. The purpose of protection is to be able to stop an attack from taking place or in the middle of it. Security technology and services must be matched with policies and procedures that are reasonable to accomplish both prevention and protection. 

Keeping attackers out of a system is the key to prevention. Next-generation endpoint protection protects your devices against malware, DNS/web protection blocks malware from infecting your devices, advanced threat protection tests your inbound email for phishing, malicious links, and infected attachments before they reach your device's inbox, and a cloud-based endpoint support system ensures features are continuously updated. 

Protecting against an attack focuses on stopping the attack in its tracks. Using multi-factor authentication (MFA), you can ensure that an attacker with your username and password cannot access your account if they get their hands on your credentials. 

Encryption of your disks and emails prevents an attacker from accessing and reusing your data if it is on your system. Cybersecurity is a field where a wide variety of services are offered. However, these solutions do not have to be expensive. Proper configuration of your current security services is all that is required for some security solutions. Many other services are available for a small monthly fee per user or computer that can be purchased on an as-needed basis. As a company, you can use security services to manage your costs by making sure you prevent and protect against the most common types of attacks. You can also protect against those that would cause the greatest harm to your business. 

Recovery and Response

No prevention or protection can be guaranteed to be foolproof. After a company has been affected by an incident, the process of recovery involves returning it to normal operation. Managing the effects of a successful cyberattack on your organization is determined by how you respond to the challenges and issues that arise. 

It is the entire process of recovering your business from an incident, including the return of your business to normal operations (RTNO) and the return to business as usual (RTO). All of your computers may need to be wiped and reinstalled if they have been infected with ransomware. 

To prevent yourself from becoming a victim of a cyberattack, you need to plan, implement, and verify continuity services before you come under attack. For example, running a pre-attack image of your servers and workstations in a temporary data center enables you to provide a quick return to operations (RTO) while the repair and recovery process is ongoing as an image of the servers is being created. 

Responding to an incident is an activity that takes place across the entire company. If you are victimized by a successful attack, you will need to deal with your insurance carrier, employees, customers, vendors, as well as law enforcement if the attack was successful. The incident may also trigger mandatory reporting requirements in several jurisdictions. It may also trigger litigation and significant financial and other penalties if the possible loss of protected information is involved. 

Conflicting interests are liable to add a level of complexity to your response. Even though your insurance carrier may press you to pay the ransom to save money on the recovery, you may be violating federal law. The law is 18 U.S. Code 2339B, along with other sections that might apply. 

Successful recovery and response is the result of thinking exactly, what needs to be done to recover and respond to a disaster and establishing an incident response (IR) plan, developing and validating the plan of action, and ensuring that the resources you will need are either available directly, or through your insurance company. 

Using the Security CPR model, there are several ways to understand, plan for, and respond to risks and attacks. When dealing with a cyberattack, it is imperative to incorporate these tenets as much as possible. Make sure that you remain aware of them throughout your operations.

Cybercriminals are Targeting Gamers Next

 


In 2023, cybercriminals will be seeking out your money and data to steal from you. That is the news gamers, and metaverse pioneers need to be aware of. 

It has been reported that while the objectives of those looking to break into consumers' personal information and steal their financial information will remain the same next year, they will be targeting new people and redeveloping platforms to try to get around the defenses set in place. 

There will be a variety of online frontiers, including gaming platforms and virtual reality worlds, that will be open to cyber criminals. This is because more people and businesses learn, how to deal with traditional email phishing, texting scams, and social media scams. This, according to Kaspersky researchers, could be an opportunity for cybercriminals as more people and companies learn about them. 

According to Kaspersky Researcher, Sony's PlayStation Plus gaming subscription service is currently competing against Microsoft's GamePass service across the globe. There is an expectation that this will encourage a wider number of people to play online games in general. 

There is also a significant increase in criminal behavior associated with those accounts, and related scams are on the rise, Kaspersky said that it is not unlike the subscription-related fraud that has been happening lately.  

Unless you know where your data is being stored or who it has been shared with, it can be challenging to ensure it is safe and private. 

Jeremy Snyder, founder, and CEO of FireTail, a cybersecurity firm that specializes in providing threat-aware technology, noted that even the most basic online activities, such as ordering takeout through a meal delivery service, could involve three or more companies and that no one knows how secure each company's system will be. 

Snyder believes that a lack of visibility will be an imminent risk to security and privacy heading into 2023 and beyond. There is a great deal of data that companies are gathering and sharing these days. However, their knowledge of where that data is or who has access to it is often limited. 

Snyder asked, "Will 2023 mark the year that companies finally start recognizing how serious this problem is?" and if so, what would it look like? In response to that question, I would say, that, "I hope so." 

Wildix explained in its statement that it will also be the responsibility of consumers to think about where their data will be stored. Particularly when it comes to the collection of Internet of Things devices that they have. 

In a recent instance, he noted having seen Wi-Fi traffic being collected by a robotic vacuum sent to a power station in Mongolia daily. He wondered, "How much of that traffic is coming from things in your house you aren't aware of ?" Many things are overlooked that no one thinks about. 

As a consumer, it is also imperative to maintain a record of personal information shared on social media, according to Jeff Hodgin, vice president of products for CyberGRX. People who post on social media are promoting themselves as a brand through these posts. This is similar to how a company posts on social media. The more popular the brand, the more lucrative the target is for cybercriminals. 

"A person wishing to promote themselves should think about the risks involved before making such a move," said Hodgin. The person should ask themselves: "What is my exposure? What would be the consequences of a breach? How likely is that to occur?"

Microsoft Alert a Major Click Fraud Scheme Targeting Gamers

Microsoft is keeping tabs on a widespread click fraud scheme that targets gamers and uses covertly installed browser extensions on hacked devices.

The act of exaggerating the number of clicks on pay-per-click advertisements that constitutes a fraudulent click. According to experts, botnets are responsible for approximately a third of the traffic created by advertising on ad networks. To safeguard their image and keep their clients happy, advertising platforms frequently use click fraud prevention techniques, such as the Google search engine. 

In a series of tweets over the weekend, Microsoft Security Intelligence stated that "attackers monetize clicks generated by a web node WebKit or malicious browser extension stealthily installed on devices."

The internet company clarified in a tweet that the initiative targets unaware people who click rogue advertising or comments on YouTube. 

By doing this, a fake game cheats ISO file will be downloaded, and when opened, it will install the threat actors' necessary browser node-webkit (NW.js) or browser extension. Microsoft also mentioned that they saw the actors using Apple Disk Image files, or DMG files, indicating that the campaign is a cross-platform endeavor. 

It's important to note that the ISO file contains hacks and cheats for the first-person shooter game Krunker. Cheats are software tools that provide users of a game with a distinct advantage over other players.

DMG files, which are Apple Disk Image files usually used to distribute software on macOS, are also employed in the attacks in place of ISO images, demonstrating that the threat actors are aiming their attacks at several operating systems.

The discovery is no longer shocking because threat actors frequently use gamers as fine targets in their efforts, especially those who are scrambling to locate free cheats online.

The prevalence of virus spreading through well-known game franchises was demonstrated earlier in September by a report from endpoint security provider and customer IT security software company Kaspersky. The most popular file was distributed via Minecraft, which had 131,005 users infected between July 2021 and June 2022. 



Norton Research Shows That Almost 42% of UK Gamers Have Encountered Cyber-Attack

 

Regardless of whether casual or diehard, gamers polled in the UK said that they would rather spend their time playing video games than attending a sporting event or concert (72%), going on a date (72%), or reading a book (68 % ). 

The 2021 Norton Cyber Safety Insights Report: Special Release – Gaming & Cybercrime, undertaken by The Harris Poll among more than 700 UK adults who as of now play online games, discovered that even more than two in five UK gamers (42 percent) have encountered a cyberattack on their gaming account or gadget. Nearly four in five (78 percent) of the those polled say they have been monetarily impacted as a direct consequence, losing an average of £145. 

The study also revealed remarkable conclusions about gamer-to-gamer cyber risks as well as the extents gamers would go to win. More than a quarter of British gamers polled (28%) are at least slightly likely to hack into a friend's, family member's, or romantic partner's gaming account if they knew that it would give a competitive benefit in an online video game. This perception is much more pronounced among hardcore gamers, with approximately half of those polled (48 percent) simply stating they are at least somewhat likely, highlighting serious gamers' tenacity to win. 

“These findings are jarring, but there are some gamers out there that will do whatever it takes to win,” said BigCheeseKIT, gamer, and Twitch streamer. “I’ve learned that when you’re gaming online, it’s so important to be mindful of who you are friends with online and what information you share when gaming online. While this is especially true for professional gamers who have that public profile, it’s clear this goes for any online gamer.” 

The competitive spirit pervades all sorts of gamers, from casual to diehard. If they knew it would give them a competitive advantage, nearly half of UK gamers polled (43 percent) said that they are at least somewhat probable to exploit loopholes or technical problems in a game, and nearly one-third (34 percent) would download cheats to their gaming account or systems, pay to take possession of some other user's gaming account (30 percent), or hack into a spontaneous player's gaming account (29 percent ). 

“Scammers know that – for both experienced and casual gamers – cheats, skins, and limited edition items are highly sought after,” said Armin Buescher, Technical Director at NortonLifeLock. “Offering these competitive boosts is a perfect opportunity to share malicious links or trick gamers into downloading malware that, if successful, can rob players of their gaming profile, personal information, or more. Having security that specifically helps protect against these threats can give players peace of mind so they can focus on the enjoyment of the game itself.”

Discord CDN and API Exploits Drive Wave of Malware Detections

 

As per the researchers, the number of reported Discord malware detections has increased significantly since last year. Even users who have never interacted with Discord are at risk, even though the network is mostly utilized by gamers as Discord has a malware problem.

Discord develops servers, or unique groups or communities of people, who can communicate instantly via voice, text, and other media. 

According to research issued by Sophos, occurrences have increased 140 times since 2020. The major cause of the Discord spike is its content delivery network (CDN) and application programming interface (API), both of which have been exploited by cybercriminals. 

The CDN of Discord is being exploited to host malware, while its API is being utilized to exfiltrate stolen data and allow hacker command-and-control channels. 

Since Discord is extensively used by younger gamers who play Fortnite, Minecraft, and Roblox, most of the virus floating around involves pranking, such as using code to crash an opponent's game, as per Sophos. However, the increase in data thieves and remote access trojans is more concerning, according to the report. 

“But the greatest percentage of the malware we found have a focus on credential and personal information theft, a wide variety of stealer malware as well as more versatile RATs. The threat actors behind these operations employed social engineering to spread credential-stealing malware, then use the victims’ harvested Discord credentials to target additional Discord users,” the report added. “And this excludes the malware not hosted within Discord that leverage Discord’s application interfaces in various ways. At just before publication time, more than 4,700 of those URLs, pointing to a malicious Windows .exe file, remained active.” 

In April, Sophos discovered 9,500 malicious URLs on Discord's CDN. After a few months, the number had risen to 17,000 URLs. Sophos pointed out that Discord's "servers" are actually Google Cloud Elixir Erlang virtual machines with Cloudfare, and that they can be made "public" or "private" for a subscription, with keys to invite others to attend. 

According to the report, Discord's CDN is just Google Cloud Storage, which makes the information exchanged available on the internet. 

Discord: Easy Target
According to the report, “once files are uploaded to Discord, they can persist indefinitely unless reported or deleted.” 

Phishing messages and virus URLs may also be sent using Discord chat channels. Many Discord scams promise game "cheats," but instead send credential stealers of various kinds, as per Sophos. 

Sonatype discovered three malicious software packages in a prominent JavaScript code repository in January, including Discord token and credential stealers that allowed hackers to steal users' personal details. This isn't the first time a security concern has been brought to Discord's notice. Cisco's Talos released a report in April warning users that Discord and Slack were being frequently utilized to deploy RATs and data stealers. 

In February, Zscaler THreatLabZ reported that spam emails linked to the pandemic were spreading on Discord in an attempt to get users to download the XMRig cryptominer virus. PandaStealer, a data-stealing virus, was spreading through a spam operation on Discord by May. 

According to Sophos experts, Discord has responded positively to their findings and is actively trying to improve safety on the platform. However, as more businesses use Discord to provide services, Sophos advises that they should be mindful of the dangers that lie on the site. 

Sophos added, “With more organizations using Discord as a low-cost collaboration platform, the potential for harm posed by the loss of Discord credentials opens up additional threat vectors to organizations. Even if you don’t have a Discord user in your home or office, abuse of Discord by malware operators poses a threat.” On the Discord CDN, the team discovered old malware such as spyware and phoney app info stealers.

66,000 Gamers Exposed due to Cloud Misconfiguration

 

VIPGames.com, a free platform with a sum of 56 accessible classic board and games like Hearts, Crazy Eights, Euchre, Dominoes, Backgammon, and others, has uncovered the personal data of tens of thousands of users. 

A research group at WizCase found the wide-open server, with zero encryption and no password protection, through a straightforward search. It was traced back to VIPGames.com, a mainstream free-to-play card and table game platform with 100,000 Google Play downloads and about 20,000 active daily players globally.

“Online gaming brings together user personal information, transaction details, and gaming habits. This fusion of confidential information creates a lucrative environment for cybercriminals to exploit,” the WizCase report clarified. “Gaming platforms routinely experience multiple attacks from hackers, sabotage from competing platforms, intra-platform attacks by players targeting the Internet connections of rival users, and more.” In this situation, over 30GB of information was leaked in the security snafu, including 23 million records. In this trove, the researchers selected 66,000 client profiles including usernames, emails, device details, IP addresses, hashed passwords, Facebook, Twitter, and Google IDs, in-game transaction details, bets, and details about restricted players. 

The passwords were hashed utilizing the Bcrypt algorithm utilizing 10 rounds which, while tedious, isn't incomprehensible for a determined attacker to break, WizCase contended. These could then be utilized to attempt to open different sites and accounts utilized by the same gamers. The firm cautioned that if a threat actor had found the exposed data, they might have created persuading phishing assaults by email or telephone, utilizing the extensive personal information in these profiles. 

WizCase said if a client was prohibited for exhibitionism, somebody who knows their email address or social media accounts could threaten to uncover them. Additionally, given bans are ultimately at the arbitrators' caution, a restricted player's very own reputation might be destroyed if the allegation was without merit. 

For clients, experts concur basic prescribed procedures for online security is consistently a smart thought — be cautious about what you share, try not to tap on dubious messages or interfaces and proper password hygiene is important, WizCase exhorted. The firm additionally proposed utilizing a VPN service to keep location data secure and install good antivirus software while the industry struggles to keep up.