Hacking, Security & Privacy News - Page 3

If you're one of them any PC users out there that use WinRAR to handle their compression-related tasks (it's still one of the most popular archive utilities), then you might want to make sure you update to WinRAR version 6.23. Grab it here.

The latest version of the shareware app patches a rather significant security flaw dubbed CVE-2023-40477, allowing hackers to access memory beyond the allocated buffer.

The flaw would give hackers code execution on the target system, though only after opening a malicious RAR file. Still, you're looking at a very serious vulnerability when someone can execute commands on your PC simply because you opened a RAR file, let alone extracted its contents. The fact that it requires the user to open a specific RAR file dropped the security flaw's severity rating to 7.8.

Most modern Ryzen CPUs built using the Zen 3 and Zen 4 architectures (including the latest Ryzen 7000 series) are affected by the 'Inception' vulnerability. A new speculative side-channel attack that can expose sensitive or otherwise secure data - per AMD's description that you can read in full here.

The current understanding of 'Inception' is that the vulnerability is local, meaning you'd need to download malware containing the exploit for a potential issue. AMD notes that older Ryzen CPU hardware using the original Zen and Zen 2 architectures remain unaffected.

Regarding exploits, Inception is similar to the well-known Spectre attack, where secure data is accessed within memory via features in modern CPUs - going as far as to grab passwords, keys, and other secure data. The good news is that the exploit is being addressed in an upcoming AGESA Firmware update due for release later this month.

A Microsoft cloud breach that resulted in China state-backed hackers breaking into U.S. government emails has led the Cyber Security Review Board to launch an investigation.

The Cyber Security Review Board (CSRB) announced on Friday that its investigation will look into cloud-based identity and authentication infrastructure, which will lead to a wider review of all potential and current problems.

This investigation was launched following U.S. government official email accounts being infiltrated by China state-backed hackers that gained access to U.S. Commerce Secretary Gina Raimondo's inbox, several other officials at the U.S. State Department, and officials at a few different government agencies.

US officials have claimed they have discovered what they suspect is Chinese malware designed to perform a specific task.

A new report from The New York Times has revealed that US officials have found Chinese malware across several military systems and that this malware isn't like the typical Chinese malware as it has a specific purpose - to disrupt. According to the report from the NYT, the malware isn't designed for surveillance, which is the typical form of malware that's discovered on US military and government systems.

Experts claim the recently discovered malware is simply to disrupt US military and civilian operations, and according to National Security Agency deputy director George Barnes, "China is steadfast and determined to penetrate our governments, our companies, our critical infrastructure." Notably, Rob Joyce, the director of cybersecurity at the NSA, said last month that the capabilities of the malware are "really disturbing" as it's able to shut off water and power and disable communications for both military bases and civilians.

It's a common belief that DRM in PC game releases, specifically the popular Denuvo Anti-Tamper anti-piracy software, adversely impacts performance. If a PC game is rocking DRM, you're looking at a noticeable drop-off in performance compared to a version of the same PC game without DRM-a pirated copy.

The Denuvo platform is owned by digital security company Irdeto, who bought Denuvo in 2018. In an interview with Ars Technica, Irdeto Chief Operating Officer of Video Games Steeve Huin, said, "There is no perceptible impact on gameplay because of the way we do things." Adding that anti-piracy measures are a benefit to both game publishers and players as it ensures that it protects investments and leads to more games in the future.

"Whether people want to believe it or not, we are all gamers, we love gaming, we love being part of it," Steeve Huin says. "We develop technologies with the intent to make the industry better and stronger." Translation, the people behind Devuno have a different take and want to prove it.

One of the best ways to make money in Starfield is to sell data from planets that you survey.

Starfield has 1,000 planets, and while only about 100 of them have life, that doesn't mean the rest of the 900 planets are complete barren wastelands with nothing to do. Bethesda has outlined an interesting player motivation loop that will keep you busy and reward you for venturing into the unknown and discovering planets.

In a very real sense, Starfield will make players into a kind of interstellar data analyst. You'll land on a planet, survey its life and resources, and then sell that data to a group in the game. This also brings lots of interesting implications--can you sell the data to the highest bidder? What happens if you sell it to the the pirates at the Crimson Fleet...will they start landing on the planets more often? Hmm...

Some ASUS routers need a firmware update applied as soon as possible, as it contains important security fixes.

ASUS published a security advisory urging owners to upgrade to a new firmware release that delivers various resolutions for a raft of vulnerabilities, as Bleeping Computer spotted.

This includes a fix for nine security holes, including some severe ones - such as CVE-2022-26376, which is a memory corruption vulnerability, and CVE-2018-1160. The latter is an out-of-bounds write Netatalk flaw that can be leveraged to carry out arbitrary code execution.

Lockpick is a tool used to legitimately play Nintendo Switch games on PC, in that it's designed to work with games you own via accessing the physical files and keys. With the upcoming The Legend of Zelda: Tears of the Kingdom leaking ahead of its launch, the creators of Lockpick have reportedly received a DMCA takedown notice from Nintendo.

One of Lockpick's programmers/contributors took to Twitter to confirm this by stating, "Nintendo has just issued multiple DMCA takedown requests to GitHub, including for Lockpick, the tool for dumping keys from your own Switch."

He argues that pirates that emulate software do not use keys from their own copies of games, though emulation has always been a legal grey area regarding what and what you cannot do with the physical copies of games you own.

Google Authenticator is a popular app that gives your accounts an additional layer of two-step authentication security and is widely used by millions. But, it's the sort of app that is limited to a single Android or iOS device, which puts a lot of pressure on people to ensure that they don't lose their smartphone where Authenticator is installed.

It's a potential issue that Google is well aware of, and it is looking to remedy it by making the one-time passwords backup and sync to your Google Account.

"One major piece of feedback we've heard from users over the years was the complexity in dealing with lost or stolen devices that had Google Authenticator installed," writes Christiaan Brand, Google's Group Product Manager, in a new blog post. "Since one-time codes in Authenticator were only stored on a single device, a loss of that device meant that users lost their ability to sign in to any service on which they'd set up 2FA using Authenticator."

Google has pushed out an update for its Chrome browser to patch up a serious vulnerability.

This is a fix for a zero-day security flaw (CVE-2023-2136), so it's been deployed in a fair old hurry by Google, which acknowledged that it was aware that an exploit for the vulnerability exists in the wild (meaning malicious actors out there have already leveraged this flaw to their advantage).

Bleeping Computer reports that running the new version of Chrome, 112.0.5615.137 (or 138), ensures that this problem is cured, and indeed a bunch of other vulnerabilities - eight of them in total.