Tag Archive for: Gaming

Tips for computer privacy settings on your browser, social media, and online gaming

/in


Some of the products written about here are offered in affiliation with AOL. We may receive a share from purchases made via links on this page. Pricing and availability are subject to change.

Middle-aged Asian man using laptop work from home.

When was the last time you checked your privacy settings? (Photo: Getty)

Chances are your privacy settings are something you clicked on once and then basically forgot about it. But it’s a good idea to occasionally go back and evaluate your settings to make sure they’re still right for you.

If you don’t like how a particular site is using your information or if you’ve changed your mind about sharing certain aspects of your profile, then you can and should go back and update your privacy settings. If you’d rather not share any personal information at all, there are other ways to use the internet without giving up too much control over what happens to your data.

Software, such as System Mechanic, works to help keep your private life, well, private. The software bundle helps protect your computer by patching security holes within your device and alerting you of any compromised privacy settings. System Mechanic also helps find browser-stored passwords that are vulnerable to hacking.

Along with installing System Mechanic, you can also choose to browse the internet anonymously by opening a private browser or by turning off cookies and pop-ups for greater privacy.

Try System Mechanic for 30 days free*

Student studying at home, have meeting online. Creative occupation, work from home, freelance, online learning, business, studying concept. Distance education

Periodically review your privacy settings to make sure they still work for you. (Photo: Getty)

Tips on privacy settings for social media

Some companies will ask permission at every point where they collect user data — including during sign-up, registration, account creation, login, purchase, and delivery. Social networking sites offer guides or “Frequently Asked Questions” about their privacy tools. Review these resources and refer to them if you have a question about how to adjust your settings on the service.

In addition, check your privacy settings across your social media sites. They allow you to choose who sees when you send messages, photos, videos, etc., and they also give you tools to manage how long those conversations stay stored on both of them.

Some social media sites also let you…

Source…

How to conduct a cyber-war gaming exercise

/in


Defenses are in place, and a cybersecurity strategy has been designed. But how does your organization know they work? Conducting a cyber-war game can expose any shortcomings a real attacker may uncover.

Most cybersecurity professionals are aware they need to conduct cyber-war gaming exercises to ensure overall cybersecurity readiness. But questions remain about how to conduct this exercise, including the following:

  • What should the cyber-war games include?
  • How often should they be conducted?
  • Who should participate?
  • What documentation is required?
  • What should the end results and deliverables look like?

Let’s look at what’s needed for successful cyber-war game exercises, starting with what they are and why businesses should conduct them.

Characteristics of an effective cyber-war game

Cyber-war games are creative exercises in which an incident response team reacts to a hypothetical set of scenarios.

The military has long conducted war games, also known as tactical decision games, because they work. Participants learn to understand the unintended consequences of decisions in the context of the chaos of warfare. As the military adage attributed to Prussian Field Marshal Helmuth von Moltke the Elder goes, “No plan survives first contact with the enemy.”

Now, take those lessons, and adopt them for cyber-war gaming. One important element to conduct effective cyber-war games is to develop scenarios that incorporate multiple unplanned events and generate perfect-storm scenarios. For instance, what if the attack vector is an IoT network and an attack on the connected HVAC system brought the data center down? Or what if a Session Initiation Protocol man-in-the-middle attack compromised sensitive voice calls, while a DDoS attack took down the email server? Or what if a key person is out with the flu?

Another important element is how often the exercises are held. Conducting cyber-war gaming on a regular basis is key — ideally, quarterly but minimally annually. It’s less important to craft the perfect game than it is to conduct cyber-war gaming early and often, learning and improving as you go.

Critical cyber-war gaming roles

The two most important roles in cyber-war gaming are…

Source…

Inside the $625 Million Axie Hack and What It Means for Crypto Gaming

/in


Videogames based on blockchain networks appear to be a prime target for thieves, raising more concerns about the security of cryptocurrencies held on these decentralized gaming networks.

Thieves targeting Axie Infinity, a popular blockchain-based videogame, made off with 173,600 ether tokens and $25.5 million in USDC, a type of stablecoin that is pegged to the dollar. The theft occurred on March 23, according to developers of Axie, but was announced publicly on March 29. At recent prices for ether, the heist was worth about $615 million, down slightly from the $625 million value when the theft was disclosed.

Axie is a “play-to-earn” game in which users create and collect virtual pets. The creatures are nonfungible tokens, or NFTs, that are traded in the game, using various cryptos as currency. The hack occurred on a blockchain “bridge” network called Ronin, which is used for transferring cryptos between the Ethereum network and Axie. Sky Mavis, the Vietnam-based game studio behind Axie, manages Ronin.

The Ronin hack is disconcerting, partly because of the size of the theft, but also because of how it transpired. Ronin is managed by just nine computer “nodes” that validate transactions in the network. Typically, it takes a majority of nodes to form a consensus on the validity of a transaction, enabling it to be recorded on the blockchain. In this case, the hackers gaining control of just five nodes did the trick.

Axie said it “recruited an all star cast of partners” to secure the Ronin network, according to its foundational white paper. But the attackers still managed to hack the nodes and forge fake withdrawals, Axie said in a post on the attack.

In response, Axie said it has increased the threshold for validating transactions to eight nodes from five, according to the Ronin’s Newsletter site. “While the investigations are ongoing, at this point we are certain that this was an external breach,” the site said on Wednesday. “All evidence points to this attack being socially engineered, rather than a technical flaw.”

Axie also said it is working with the blockchain data firms Chainalysis and




Source…

Bot malware uncovered using gaming applications on Microsoft store

/in


Check Point Research has revealed a new malware Electron-bot that is actively being distributed through Microsoft’s official store. 

With more than 5000 machines already affected in 20 countries so far, the malware continually executes attacker commands, such as controlling social media accounts on Facebook, Google and Sound Cloud. The malware can register new accounts, log in, comment on and “like” other posts. 

CPR urges users to immediately delete applications from a number of publishers.

Dubbed Electron-bot by CPR, the malware’s full capabilities include SEO poisoning, an attack method in which cybercriminals create malicious websites and use search engine optimisation tactics to make them show up prominently in search results. This method is also used as a sell as a service to promote other websites ranking.

The malware also utilises Ad Clicker, a computer infection that runs in the background and constantly connects to remote websites to generate ‘clicks’ for advertisement, hence profiting financially by the amount of times an advertisement is clicked.

It can promote social media accounts, such as YouTube and SoundCloud to direct traffic to specific content and increase views and ad clicking to generate profits, as well as promote online products, to generate profits with ad clicking or increase store rating for higher sales.

 

In addition, as Electron-bot’s payload is dynamically loaded, the attackers can use the installed malware as a backdoor in order to gain full control on the victim’s machine.

“This research analysed a new malware called Electron-bot that has attacked more than 5000 victims globally,” says Daniel Alima, Malware Analyst at Check Point Research.

“Electron-bot is downloaded and easily spread from the official Microsoft store platform. The Electron framework provides Electron apps with access to all of the computer resources, including GPU computing. 

“As the bot’s payload is loaded dynamically at every run time, the attackers can modify the code and change the bots behaviour to high risk,” he says. 

“For example, they can initialise another second stage and drop a new malware such as ransomware or a RAT. All of this can…

Source…