Recently Browsing 0 members
No registered users viewing this page.
By Abhay V
It took hackers $10 worth of stolen cookies and some lies to breach EA's systems
by Abhay Venkatesh
Reports broke yesterday of a massive data breach at Electronic Arts that resulted in the theft of close to 780GB worth of data containing FIFA 21 and Frostbite engine source code. While the code itself isn’t being made available on the web, hackers have reportedly posted screenshots of some of the stolen content as proof of possession. Today, a new report on Motherboard provides more information on how the hack was carried out. It cites statements made to the publication by a “representative for the hackers”.
The hackers claim that they started off by purchasing stolen cookies for $10 from the web. These cookies possibly containing Slack login details of EA employees were then used to gain access to a Slack channel, with the hackers likely masquerading as internal employees. The account was then used to reach out to IT Support to request multifactor tokens, saying that they “lost our phone at a party last night”. The tokens were then used to access EA’s corporate network using the employees' credentials.
Once inside the network, the bad actors discovered a service that was used by developers to compile games. They then created virtual machines in the server and subsequently gained access to the source code. Motherboard says that the representative has provided screenshots of the Slack chats and various steps of the process to corroborate the claims. Interestingly, the publication says that EA confirmed the “contours of the description of the breach”. However, EA has reiterated that the breach has not resulted in the compromise of any player data.
In addition to the game data, the hackers have reportedly also gained access to documentation pertaining to PlayStation VR, digital crowds in FIFA, and AI in games, among other details. The publication adds that Sony has not responded to requests for comment.
By Usama Jawad96
Microsoft encourages cloud adoption amid Nobelium cyberattacks
by Usama Jawad
Microsoft uncovered sophisticated phishing attacks targeting thousands of accounts belonging to government personnel and human rights organizations last week, attributing the malicious activity to Nobelium. The hacking group has been previously linked to the Russian foreign intelligence agency SVR and the recent SolarWind attacks.
Now, Microsoft has proposed what needs to be done in order to prevent cyberattacks of this magnitude in the future.
A blog post penned by Microsoft Corporate Vice President, Customer Security and Trust Tom Burt states that the company has been monitoring the situation closely and antivirus software coupled with solutions like Microsoft Defender for Office 365 are detecting and protecting against malware. This is why a large number of organizations have not been compromised despite being targeted.
An important point that Burt raised is the need to differentiate between "espionage as usual activities" like the Nobelium attack from last week versus crippling cyberattacks like SolarWinds and Colonial Pipelines. As such, there also needs to be clearer distinction between how to respond to such activities. The executive went on to say that:
Lastly, the Redmond tech giant emphasized the importance of transitioning to the cloud where providers are working actively to follow the latest cybersecurity standards and managed tooling. It also encouraged that everyone should enable two-factor authentication when using digital services, as the bare minimum. Burt praised the U.S. government's Cybersecurity Executive Order which highlights the need for public and private sectors to collaborate and strengthen the cybersecurity infrastructure of not only government tooling, but also the ecosystem in general. The executive called the U.S. government's recent commitment to cybersecurity "unprecedented" and indicated that the collaboration should continue.
By Usama Jawad96
Runtime inspection of XLM macros is now available in Microsoft Excel
by Usama Jawad
Excel 4.0 (XLM) is an old macro language which Microsoft released for Excel back in 1992. Although it is a legacy language and most organizations have since migrated to Visual Basic for Applications (VBA), some continue to use XLM because of its functionalities and interoperability with the OS. Microsoft has noticed that due to its continued use, malicious actors have started to abuse XLM macros more frequently, which is why the company is now enabling runtime inspection of XLM code in Microsoft Excel.
Microsoft's Antimalware Scan Interface (AMSI) was already integrated with VBA back in 2018 and has been very successful in exposing and stopping malware attacks dependent upon the particular technology. Naturally, malicious actors have recently shifted focus to relatively less secure technologies such as XLM to call Win32 APIs and run shell commands for their activities. As such, Microsoft is now enabling runtime inspection of XLM code in Office 365 applications such as Excel.
Multiple tools and antivirus solutions can utilize AMSI to request scans of data to detect potential threats. The Redmond tech giant uses it heavily with Microsoft Defender for Endpoint for threat detection in various applications such as Office VBA macros, JScript, VBScript, PowerShell, WMI, dynamically loaded .NET assemblies, and MSHTA/Jscript9.
Microsoft has noted that this new integration with XLM is essential, saying that:
Multiple malicious groups have been named which are using XLM macros as an attack surface for their activities including Trickbot, Zloader, and Ursnif.
Runtime inspection of XLM in Microsoft is now available in AMSI, which means that it can be performed by any antivirus solution that is registered as an AMSI provider for a machine. Under default configurations, files that are from trusted locations or are trusted documents will not be scanned at runtime. The same also applies for files that are opened when the security settings are configured to enable all macros. The feature is enabled by default on the February Current Channel and Monthly Enterprise Channel for Microsoft 365 subscription users.
By News Staff
This All-In-One 2021 Super-Sized Ethical Hacking Bundle is only $42.99
by Steven Parker
Today's highlighted deal comes via our Online Courses section of the Neowin Deals store, where you can save 98% off the All-In-One 2021 Super-Sized Ethical Hacking Bundle. Be a data master player with the world's best-selling online Excel diploma! Lifetime access to 60 hours and 300 easy-to-follow lessons and projects.
This bundle consists of the following courses:
Complete Python 3 Ethical Hacking Course: Zero to Mastery
Learn to Code 10+ Penetration Testing Tools from Scratch Complete Ethical Hacking & Penetration Testing Course
Web Hacking, Phishing, NMAP, Password Cracking, Penetration Testing, Metasploit & More Website Hacking in Practice: Hands-On Course 101
Understand Today's Top Hacking Threats & How to Combat Them Hacking Wireless Networks: Theory & Practice
Explore the Essentials of Hacking Networks with this Example-Driven Course Hacking in Practice: Certified Ethical Hacking Mega Course
Explore Today's Cyber Threats & Shut Them Down with 20+ Hours of Practical Training Hack People, Systems & Mobile Devices: Advanced Social Engineering
Learn Advanced Social Engineering Techniques to Crack Mobile Devices Learn Burp Suite for Advanced Web Penetration Testing
Perform Hands-On Security Testing to Master Burp Suite Learn Server Security with BitNinja
Enjoy Real-Time Protection, Automatic False Positive Handling & Threat Analysis All-in-One Hacking Guide: From Zero to Hero
Master Ethical Hacking Techniques & Methodologies Used in Penetration Systems PenTesting with OWASP ZAP: Mastery Course
Must-Have Tool Mastery for Hackers, PenTesters, Developers, Coders & Experienced Security Professionals Mastering Burp Suite Community Edition: Bug Hunters Perspective
Learn Burp Suite Community Edition to Use It Effectively as an Ethical Hacker, Web Security Tester, or Bug Bounty Hunter Kali Linux Hacker Tools, Tricks & Techniques
A Beginner Course for Ethical Hackers Who Are New in Kali Linux Bug Bounty: Web Hacking
Get Paid to Legally Hack The World's Biggest Web Apps Learn Network Attacks & Security
Explore Different Types of Network Attacks & Secure Yourself From Them Master in Hacking with Metasploit
Hack Almost All Operating System Introduction to Python & Hacking with Python
Create Your Own Hacking Scripts Ethical Hacker Certification Course
Hack Windows, Linux, Android, & All Kinds of Operating Systems! Complete NMAP: Learn Ethical Hacking with NMAP
Become an Ethical Hacker & Cyber Security Expert with NMAP Good to know
Length of time users can access this course: Lifetime Certification of completion included Updates included Redemption deadline: redeem your code within 30 days of purchase For specifications and instructor info please click here.
Here's the deal:
This eLearnExcel: The Excel Certification School Bundle normally costs $3,284, but can now be yours for just $42.99, for a limited time, that's a saving of $3,241.01 (98%) off!
Learn more about it, or get this deal now
See all Online Courses on offer. This is a time-limited offer that ends soon.
Get $1 credit for every $25 spent · Give $10, Get $10 · 10% off for first-time buyers.
Not for you?
That's OK, there are other deals on offer you can check out here.
Home Gym Giveaway | Ultimate Gaming Giveaway (feat. PlayStation 5 & Xbox Series X) Ivacy VPN - 5 year subscription for just $1 per month NordVPN - 2 year subscription at up to 68% off Private Internet Access VPN - subscriptions at up to 71% off Unlocator VPN or SmartDNS - unblock Geoblock with 7-day free trial Neowin Store for our preferred partners. Subscribe to Neowin - for $14 a year, or $28 a year for Ad-Free experience Disable Sponsored posts · Neowin Deals · Free eBooks · Neowin Store
Disclosure: This is a StackCommerce deal or giveaway in partnership with Neowin; an account at StackCommerce is required to participate in any deals or giveaways. For a full description of StackCommerce's privacy guidelines, go here. Neowin benefits from shared revenue of each sale made through our branded deals site, and it all goes toward the running costs.
Malwarebytes says it was targeted by SolarWinds hackers too
by Paul Hill
In a blog post, the digital security firm Malwarebytes said that it had been targeted by the nation state actor implicated in the SolarWinds breach late last year that affected the U.S. government, Microsoft, Nvidia, VMware, and others.
According to the computer security firm, it does not use SolarWinds but was attacked via another intrusion vector that leveraged applications that had privileged access to Microsoft Office 365 and Azure. Malwarebytes said that the attacker managed to get access to "a limited subset of internal company emails" but didn't find any evidence that their production systems had been compromised.
Malwarebytes’ incident response group worked with Microsoft’s Detection and Response Team (DART) to find out how the attack happened. Explaining what the teams did, Malwarebytes CEO Marcin Kleczynski said:
To ensure that none of its products and systems were compromised, it carried out an analysis of the Malwarebytes source code, build and delivery processes and even reverse-engineered its software. This, coupled with the fact that none of its internal systems were compromised, led the company to declare that its software remains safe to use.
To combat these sophisticated attacks, Malwarebytes has called on other security companies to continue sharing information so that responses are effective. It also thanked the security community for working over the holiday period to respond to the hack.