Chinese Hackers Backdoor Gaming Titles

Infosecurity Magazine | March 12, 2019

Chinese Hackers Backdoor Gaming Titles
Chinese hackers have launched supply chain attacks against three gaming companies in order to spread malware far and wide across Asian endpoints, according to ESET. The security vendor’s malware researcher, Marc-Etienne M.Léveillé, wrote in a blog post on Monday that the attacks are the work of the well-known Winnti Group, which has used such tactics before. It targeted two gaming titles and a “gaming platform application," compromising them with the same backdoor code. Although two of the developers have now fixed the compromise, ESET warned that one of the games, Infestation, is still distributing the trojanized version. The firm has thus far been unable to contact its Thai developer, Electronics Extreme. It’s still unclear what the final payload is as ESET wasn’t able to analyze the DLL file in question. However, we do know that the group behind it didn’t want any users in Russia or China to be affected, as the malware is designed to stop running if either system language is detected.

Spotlight

Communication service providers (CSPs) offer a variety of services to enterprises that complement basic network connectivity such as router, firewall, carrier-grade network address translation (CGNAT), session border controller (SBC), virtual private network (VPN), WAN traffic control, WAN acceleration, WAN traffic monitoring functionality, and so on. Conventionally, these services are offered through fixed-function proprietary boxes installed on customer premises.

Spotlight

Communication service providers (CSPs) offer a variety of services to enterprises that complement basic network connectivity such as router, firewall, carrier-grade network address translation (CGNAT), session border controller (SBC), virtual private network (VPN), WAN traffic control, WAN acceleration, WAN traffic monitoring functionality, and so on. Conventionally, these services are offered through fixed-function proprietary boxes installed on customer premises.

Related News

DATA SECURITY

Use NetSPI's New Ransomware Attack SimulationTo Improve Ransomware Attack Resiliency

NetSPI | June 18, 2021

The leader in attack surface management and enterprise penetration testing, NetSPI, has announced its new service for ransomware attack simulation., In collaboration with its ransomware security experts, the new service enables organizations to emulate ransomware families of real-world to find and fix dangerous susceptibilities in their defenses for cybersecurity. Major cybersecurity gaps were exposed globally in the recent ransomware attacks. The Biden administration in the U.S. urges all business leaders to take enough precautions to get away from ransomware. Deputy national security advisor for emerging and cyber technology, Anne Neuberger, recommends various companies in a recent memo to use third-party pentester to test the security of the systems and the ability to defend a sophisticated cyber-attack effectively. NetSPI closely collaborates during a ransomware attack simulation engagement with companies to simulate sophisticated ransomware techniques, tactics, and procedures (TTPs) utilizing its tailor-made technology for breach and attack simulation. Following each engagement, organizations get access to NetSPI's technology to run custom plays independently and unceasingly assess how well their cybersecurity platform will hold up to a ransomware attack. About NetSPI NetSPI, the leader in attack surface management and enterprise security testing, has a partnership with the most significant global cloud providers, nine of the top 10 U.S. banks, many of the Fortune® 500, and three of the world's five largest healthcare companies. NetSPI experts perform deep dive manual penetration testing of network, application, and cloud occurrence surfaces, historically testing over 1 million resources to find 4 million specific vulnerabilities. NetSPI is headquartered in Minneapolis, MN, and is a portfolio company of private equity firms Sunstone Partners, KKR, and Ten Eleven Ventures.

Read More

DATA SECURITY

ISTARI, the Cyber Risk Management Company, to Invest in Pioneer Prevalent AI (PAI)

ISTARI | July 05, 2021

A global cybersecurity platform, ISTARI, which is dedicated to helping clients managing digital risk and build cyber resilience, and the leaders in Security Data Science, Prevalent AI (PAI), has today announced that ISTARI has opted to become an important minority shareholder of PAI. Industry veterans Sir Iain Lobban, Paul Stokes, Arun Raj, and Andrew France OBE founded PAI in 2017. When founded, they had the aims such as enabling organisations to quickly ingest, convert and contextualise complex, large, and disparate data sources by using their Security Data Science Platform and connected services, increasing the capability to respond to cyber riss and attacks in time and prevent it. Rashmy Chatterjee, the Chief Executive Officer of ISTARI commented that they are thrilled to welcome PAI to the ISTARI Collective. In response, Sir Iain Lobban, PAI Founder and Chairman, added that this is a spectacular match to join together with the same aim and goal protecting organizations from cyber threats. About ISTARI ISTARI was established in 2020 and headquartered in Singapore. It is a an investment company, founded by Temasek. It is an advisory practice, investor and educator through its cyber Academy and has a global presence in the US, Europe and Singapore. About PREVALENT AI PREVALENT AI (PAI), the leaders in Security Data Science, provides successful cyber analytics solutions for both government and commercial. Founded by former UK government cyber officials and industry experts in 2017, the company has changed the way organisations use risk data. Its 75 professionals work out of two offices, which are located in London and Cochin, India.

Read More

DATA SECURITY

Untangle Taps Brigantia Partners To Grow SMB Security Distribution in the UK

Untangle | August 10, 2021

Untangle Inc., a leader in comprehensive network security for small-to-medium businesses (SMBs) and distributed enterprises, today announced a partnership with Brigantia Partners to support its successful award-winning SMB security solutions in the United Kingdom. According to the latest Untangle SMB IT Security Report, 45% of businesses indicated that they have adjusted or reevaluated their IT security roadmap based on recent security breaches and ransomware attacks. As the threat of cyberattack continues to grow, SMBs demands require a multi-layer approach to security which includes comprehensive support and services. This strategic partnership with Brigantia empowers a new market of SMBs with protection, visibility and control across their entire digital attack surface. "Our partnership with Brigantia will enable us to reach MSPs with specific needs that Brigantia understands," said Scott Devens, CEO at Untangle. "Brigantia has a deep understanding of IT Managed Services within the UK, and together with Untangle, will be able to provide the best in class products, support and services. Untangle is energized by Brigantia's approach to building their UK business and we look forward to a successful partnership where we grow together." Brigantia is an award-winning, value-added managed services distributor providing comprehensive, cost-effective IT solutions. The company has three distinct business areas designed to add maximum value to its reseller, MSP, MSSP and consultant partners' businesses: Brigantia Distribution, Brigantia Consulting, and Brigantia Enhance. Through its partnership with Untangle, customers now benefit from a robust product stack that offers comprehensive security with deep analysis and insights, network orchestration, reliable connectivity and network performance. "After years of searching for a next-generation firewall solution that is clearly aimed at the SME and MSP marketspace, Brigantia Partners is excited to be launching the award-winning range from Untangle." said Martin Wright, Managing Director at Brigantia Partners Limited. "With this new addition to our portfolio, we are providing our partners with an enterprise-level firewall and VPN solution that is simple to deploy and manage, while also fitting into SME budgets." Untangle leverages a fully cloud supported console which provides day to day analysis and alert system to ensure that customers are alerted of any malicious activity. With MSPs now empowered by NG Firewall, which offers highly customizable protection and robust filtering capabilities, customers can now ensure they receive the full advanced protection of the Untangle Network Security Framework. Brigantia and Untangle share the same commitment to supporting SMBs and distributed organizations against cyber attacks. Working in tandem with the Untangle SD-WAN product line, Brigantia can offer end users a homogeneous, professional solution for SMEs with multiple locations. To learn more, please visit www.brigantia.com. About Untangle Untangle is an innovator in cybersecurity designed specifically for the below-enterprise market, safeguarding businesses, home offices, nonprofits, schools and governmental organizations. Untangle's integrated suite of software and appliances provides enterprise-grade capabilities and consumer-oriented simplicity to organizations with limited IT resources. Untangle's award-winning network security solutions are trusted by over 40,000 customers around the world. Untangle is headquartered in San Jose, California.

Read More