Tag Archive for: Reports

Google reports a significant surge in zero-day vulnerabilities in 2023

/in


A new report released today by Google LLC’s Threat Analysis Group and Google-owned Mandiant warns that zero-day exploits have become more common amid a rise in nation-state hackers.

The report, “We’re All in this Together: A Year in Review of Zero-Days Exploited In-the-Wild in 2023,” detailed 97 zero-day vulnerabilities observed by Google in 2023, up from 62 in 2023 but down from 106 in 2021. Zero-day attacks exploit a previously unknown vulnerability in software before developers have had the opportunity to fix it.

Of the 97 zero-days tracked in 2023, 36 targeted enterprise-focused technologies, such as security software and devices, while the remaining 61 affected end-user platforms and products, such as mobile devices, operating systems, browsers and other applications.

Adversary exploitation of enterprise-specific technologies jumped 64% over the previous year, with Google also seeing a general increase in the number of enterprise vendors targeted since 2019. Attackers were seen to be shifting to third-party components and libraries in 2023, as zero-day vulnerabilities in both were found to be a prime attack surface in 2023.

Commercial surveillance vendors — companies that develop and sell tools and software designed for monitoring and gathering intelligence, often used by governments — were found to be behind 75% of known zero-day exploits targeting Google products and Android ecosystem devices in 2023. CSVs were also found to be behind 60% of the 37 zero-day vulnerabilities in browsers and mobile devices exploited in 2023.

The report alleges that China was the lead source of government-back exploitation, claiming that Chinese cyber espionage groups exploited 12 zero-day vulnerabilities in 2023, up from seven in 2022.

Another finding in the report was surprising: The Google researchers found that exploitation associated with financially motivated actors proportionally decreased in 2023, with financially motivated actors found to account for only 10 zero-day exploits last year. Threat group FIN11 was found to be behind three of them.

“Exploiting zero-days is no longer a niche capability,” the report notes. “The proliferation of exploit technology…

Source…

Activision is investigating reports of malware stealing player data

/in


Call of Duty MW II Season 6 Blackcell

Activision is reportedly investigating the possibility of malware that’s been targeting players in Call of Duty in attempts to steal player data. At the moment it doesn’t seem to be confirmed where the malware comes from or how it’s infecting players’ PCs. However, there is talk that the malware was able to infect player PCs through the downloads of unauthorized software for use with Call of Duty.

In other words, players who had their data stolen may have been infected with the malware after downloading cheat software. First reported by TechCrunch, the main goals of these hackers aren’t yet clear. TechCrunch says the hackers were “trying to steal passwords for various types of accounts.” It’s also noted that it isn’t just passwords for gaming accounts that are being targeted. But also the passwords for crypto wallets.


Activision has acknowledged these claims and is actively looking into the situation. The company is also “aware of some claims that some player credentials across the broader industry could be compromised from malware from downloading or using unauthorized software.” It isn’t confirmed yet that these hacks were caused by the downloads of unauthorized third-party software.




Following reports of malware stealing player data, Activision says company servers are safe

The good news for legitimate players, it seems, is that Activision company servers are reportedly fine. A spokesperson for Activision Blizzard who spoke with TechCrunch says that the company servers “remain secure and uncompromised.” So it’s quite likely that only players downloading and using unauthorized third-party software have been impacted.

Call of Duty has had an ongoing issue with cheaters using third-party software to gain an advantage. Activision’s anti-cheat team has implemented a number of mitigations over the last couple of years to try and stop them. For instance, players caught using aim assist on PC through unauthorized software will have the game immediately shut down. Other mitigations cause enemy players to become invisible for those cheating, as well as make them invincible to damage.

While it hasn’t been confirmed that players…

Source…

Hacker exposed weakness in German electronic ID, magazine reports

/in


A hacker has reportedly uncovered security gaps in the online functions of Germany’s new national ID cards, according to the news magazine Der Spiegel.

Using his own software instead of the official government AusweisApp, the hacker managed to access login data for the so-called eID function of Germany’s identity card, which is intended to allow German citizens to securely identify themselves online.

According to the report, this is activated for more than 50 million ID card holders and serves as the basis for digital administrative procedures. It is also used for identification at banks, among other things.

The hacker, who goes by the pseudonym “CtrlAlt,” used the trick to open an account at a major German bank under someone else’s name.

A spokesman for the Chaos Computer Club (CCC), a well-known German hacker and computer security group, confirmed to Der Spiegel that the hacker had exposed a critical point in the eID procedure on mobile devices.

“This is a realistic attack scenario,” the spokesman told the news magazine. “It must be prevented that an ID app other than the officially approved one can register and log into the cell phone for eID authentication.”

The hacker had already informed Germany’s Federal Office for Information Security (BSI) of his findings on December 31.

The agency told Der Spiegel that it saw no reason to “change the risk assessment for the use of the eID,” since the vulnerability appeared to be not in the eID system itself but in devices used by consumers.

However, the agency said it would still examine a possible adjustment to the system.

Source…

CBS and Paramount’s parent company reports hack affecting over 80,000 people

/in


National Amusements, CBS and Paramount’s parent company, reported a year-old hack this month affecting 82,128 people. TechCrunch first covered the breach, revealed in a company legal filing with Maine’s Attorney General under a 2005 state digital privacy law. National Amusements hasn’t commented publicly on the intrusion outside of the legal filing, and it isn’t clear if customer (or “only” employee) data was stolen.

Maine’s data breach notification says the hack occurred over a year ago, from December 13 to 15, 2022. It states 82,128 people were affected, 64 of whom were Maine residents. National Amusements’ senior vice president of human resources filed the notice, which may suggest (but not confirm) that it revolved largely or entirely around internal employee data. The filing says the company began notifying customers in writing on December 22, 2023 — 372 days after the breach.

“On or about December 15, 2022, National Amusements became aware of suspicious activity in our computer network,” the notification letter to victims reads. “We immediately took steps to secure our network and minimize any disruption to our operations.”

However, that last sentence contains an inconsistency, as the notice posted by Maine’s Attorney General’s office lists the “date breach discovered” as August 23, 2023. That suggests the company didn’t know about the intrusion until eight months after the incident, hardly qualifying as “immediately” taking steps.

The filing says hackers accessed financial information, including “account number or credit/debit card number (in combination with security code, access code, password or PIN for the account).” National Amusements wrote in Maine’s notice that it’s offering victims 12 months of Experian credit monitoring and identity theft services to customers whose social security numbers were taken.

Engadget contacted National Amusements for confirmation or additional info. We will update this article if we hear back.

National Amusements gained a controlling stake in Paramount and CBS in 2019 following the Viacom-CBS merger. This hack appears separate from one Paramount disclosed in August through Massachusetts’…

Source…