Categories
Security

Elden Ring publisher Bandai Namco confirms reports it was hacked

Bandai Namco, the game publisher behind popular titles like Elden Ring, Dark Souls, and Tekken, confirmed that it was the victim of a hack. According to a report from Eurogamer, the publisher says it experienced “unauthorised access” to its “internal systems” when the breach took place on July 3rd.

Reports that Bandai Namco suffered an attack surfaced earlier this week. On Monday, vx-underground, a group that tracks malware source code across the web, posted a screenshot on Twitter showing that the group behind the ALPHV ransomware, also known as BlackCat, added Bandai Namco to its list of victims with the words “data soon.”

While Bandai Namco’s statement confirms that a hack took place, it still doesn’t indicate who was behind the attack or what kind of data the hackers managed to steal (if any). In a statement obtained by Eurogamer, Bandai Namco says hackers targeted internal systems of its companies in “Asian regions (excluding Japan)” and that it has “taken measures such as blocking access to the servers to prevent the damage from spreading.” The company adds that “there is a possibility” customer information associated with its toys and collectibles business may have been compromised as well.

According to BleepingComputer, the BlackCat ransomware group first emerged in November 2021 and has since breached over 60 companies across the world. The hackers behind BlackCat may be related to the bad actors who carried out last year’s major Colonial Pipeline breach. They recently targeted a government agency in Austria, a Swiss aviation service, and the luxury fashion brand Moncler. The BlackCat gang also started letting users search through stolen information on its site as a way to get its victims to pay up.

“We are currently identifying the status about [the] existence of [the] leakage, scope of the damage, and investigating the cause,” Bandai Namco explains. “We offer our sincerest apologies to everyone involved for any complications or concerns caused by this incident.” The Verge reached out to Bandai Namco with a request for comment but didn’t immediately hear back.



Repost: Original Source and Author Link

Categories
Security

The NRA confirms it was hacked last year

The National Rifle Association (NRA) has confirmed it was the subject of a ransomware attack that took place last October, according to a report from Gizmodo.

In a filing to the Federal Election Commission (FEC), the organization’s political action committee (PAC), explains the NRA experienced a ransomware attack on October 20th, 2021 that brought its “network offline for two weeks.” Since the NRA wasn’t “able to access email or network files until the second week of November,” the NRA failed to report nearly $2,500 worth of donations, which was the reason for the filing.

Last year, a Russian cybercriminals group that goes by the name of Grief took credit for allegedly hacking the NRA and posting what appeared to be stolen documents on the dark web. Grief, which is said to be associated with well-known Russia-based hacking group Evil Corp, threatened to release more documents if its payment threshold wasn’t met.

There’s no word on whether the NRA ever paid up. The organization never publicly confirmed the attack at the time, and instead issued a statement on Twitter, saying it “does not discuss matters relating to its physical or electronic security,” and that it “takes extraordinary measures to protect information.”

The NRA didn’t immediately respond to The Verge’s request for comment. It notes in the filing that it “has implemented additional cybersecurity measures to reduce the likelihood of a recurrence.”



Repost: Original Source and Author Link

Categories
Security

Microsoft confirms Lapsus$ hackers stole source code via ‘limited’ access

The hacking group Lapsus$, known for claiming to have hacked Nvidia, Samsung, and more, this week claimed it has even hacked Microsoft. The group posted a file that it claimed contains partial source code for Bing and Cortana in an archive holding nearly 37GB of data.

On Tuesday evening, after investigating, Microsoft confirmed the group that it calls DEV-0537 compromised “a single account” and stole parts of source code for some of its products. A blog post on its security site says Microsoft investigators have been tracking the Lapsus$ group for weeks, and details some of the methods they’ve used to compromise victims’ systems. According to the Microsoft Threat Intelligence Center (MSTIC), “the objective of DEV-0537 actors is to gain elevated access through stolen credentials that enable data theft and destructive attacks against a targeted organization, often resulting in extortion. Tactics and objectives indicate this is a cybercriminal actor motivated by theft and destruction.”

Microsoft maintains that the leaked code is not severe enough to cause an elevation of risk, and that its response teams shut down the hackers mid-operation.

Lapsus$ has been on a tear recently if its claims are to be believed. The group says it’s had access to data from Okta, Samsung, and Ubisoft, as well as Nvidia and now Microsoft. While companies like Samsung and Nvidia have admitted their data was stolen, Okta pushed back against the group’s claims that it has access to its authentication service, claiming that “The Okta service has not been breached and remains fully operational.”

Microsoft:

This week, the actor made public claims that they had gained access to Microsoft and exfiltrated portions of source code. No customer code or data was involved in the observed activities. Our investigation has found a single account had been compromised, granting limited access. Our cybersecurity response teams quickly engaged to remediate the compromised account and prevent further activity.

Microsoft does not rely on the secrecy of code as a security measure and viewing source code does not lead to elevation of risk. The tactics DEV-0537 used in this intrusion reflect the tactics and techniques discussed in this blog. Our team was already investigating the compromised account based on threat intelligence when the actor publicly disclosed their intrusion. This public disclosure escalated our action allowing our team to intervene and interrupt the actor mid-operation, limiting broader impact.

This isn’t the first time Microsoft’s claimed it assumes attackers will access its source code — it said the same thing after the Solarwinds attack. Lapsus$ also claims that it only got around 45 percent of the code for Bing and Cortana, and around 90 percent of the code for Bing Maps. The latter feels like a less valuable target than the other two, even if Microsoft was worried about its source code revealing vulnerabilities.

In its blog post, Microsoft outlines a number of steps other organizations can take to improve their security, including requiring multifactor authentication, not using “weak” multifactor authentication methods like text messages or secondary email, educating team members about the potential for social engineering attacks, and creating processes for potential responses to Lapsus$ attacks. Microsoft also says that it’ll keep tracking Lapsus$, keeping an eye on any attacks it carries out on Microsoft customers.



Repost: Original Source and Author Link

Categories
Computing

Nvidia Confirms RTX 2060 Super, Arriving Next Week

Digital Trends may earn a commission when you buy through links on our site.

Nvidia announced a 12GB variant of its RTX 2060 graphics card, and it should arrive on December 7. The announcement follows months of rumors and speculation that Nvidia could revitalize its popular last-gen card to ease the burden of the GPU shortage. It brings with it a significant memory upgrade.

The announcement didn’t come at a big tech event or closed-door press briefing. Instead, Nvidia revealed the card through the patch notes of GeForce driver 497.09. Originally, this seemed like a mistake. Nvidia didn’t acknowledge the card through a blog post about the driver, instead burying in on the fourth page of the patch notes (direct PDF link).

Dan Baker/Digital Trends

It looks like this silent announcement was Nvidia’s plan all along. You can find the 12GB RTX 2060 alongside the standard 6GB RTX 2060 on Nvidia’s product page. The updated version includes twice the amount of video memory as the base model, as well as some boosts to core count and clock speed.

The 12GB RTX 2060 matches the specs of the RTX 2060 Super, but note that Nvidia isn’t using the Super branding on the new card. The 12GB model includes 2,176 CUDA cores, a base clock speed of 1,470MHz, and a boost clock speed of 1,470MHz — the same specs as the RTX 2060 Super.

The lack of Super branding is important. Nvidia hasn’t announced the pricing of the card yet, but the company says that the price will reflect that the 12GB model is a premium version of the $349 RTX 2060. The RTX 2060 Super launched for $399, so hopefully this 12GB model will be below that mark.

Originally, we viewed a 12GB RTX 2060 as nothing but hot air. At the beginning of 2021, Nvidia introduced some additional RTX 2060 Super supply into the market. The company didn’t make a fuss about it publicly, idly letting the cards bolster supply while it focused on manufacturing additional RTX 30-series cards.

Since then, rumors of a 12GB RTX 2060 variant have run amok. There wasn’t much to lend creditability to these rumors outside of the murmurs from Twitter and YouTube leakers. That was until Gigabyte, one of Nvidia’s desktop graphics card partners, filed several listings for 12GB RTX 2060 graphics cards.

We should see various 12GB RTX 2060 models next week. It seems Nvidia is intentionally launching the card under the radar, perhaps in a bid to deter scalpers and bots from snatching up the cards when they launch.

That could be why Nvidia hasn’t revealed the pricing. Given the shortages of components, the list prices set by Nvidia and AMD are unrealistic at best and inaccurate at worst. That’s something we saw with the RX 6600 XT, where some models launched for $200 more than the price set by AMD. No official pricing from Nvidia means that board partners are free to set a reasonable price based on the cost of components.

Although these are positive efforts, we’re not sure how much they’ll help alleviate the GPU shortage. Even the base RTX 2060 has been subject to price increases, so we’ll be waiting to see if this new 12GB model changes that.

Editors’ Choice




Repost: Original Source and Author Link

Categories
Game

Epic’s latest Fortnite teaser all but confirms entirely new Chapter 3 map

Epic Games has kicked off Black Friday by dropping a new Fortnite Chapter 3 teaser, one that all but confirms players will, indeed, drop onto an entirely new map once the current season ends. Rumors about the new map have been circulating for a while, but the first real indication came from Epic itself with the Chapter 3 announcement.

Epic Games/YouTube

Following rumors about a big change, Epic confirmed that Fortnite‘s current season will be the last in the game’s second chapter, meaning next month will bring the big Chapter 3 update. The announcement was made in a teaser trailer, which the company followed up with another tweet today.

To properly understand the new tweet, you should first check out Epic’s teaser trailer: it ends with the name for this finale, “The End.” Players noted that when flipped upside down, “The End” shows what appears to be Steamy Stacks and a large mountain or volcano.

Image: Fortnite/Epic Games

The decision to place the landscape silhouette underside down doesn’t seem to be a mere style choice. Fans have been speculating that Chapter 3 will essentially “flip” the battle royale island, bringing the fight to the other side. Assuming that does take place, it raises new questions.

Will the map get a full overhaul, or will it be a mirrored version of the current map with smaller changes throughout? Given complaints from players that the current chapter is starting to feel stale, it seems reasonable that Epic would overhaul the island.

The company seemingly reinforces that speculation with its new tweet, indicating that once Chapter 3 arrives, Fortnite players will get an entirely new experience akin to when they first played Fortnite. The big change will be ushered in by the Chapter 2 – Season 8 finale scheduled for December 4 at 1 PM PT / 4 PM ET.

Popular Fortnite data-miner and leaker HYPEX claims in a recent tweet that the Season 8 finale will result in another “black hole,” which is a placeholder that persists for a few days while Epic updates Fortnite with major changes. Should the leak prove true, the black hole will disappear and Chapter 3 will arrive on December 7.

HYPEX goes on to claim that the sources who provided this information have “never” been wrong in the past. The account also indicates that it knows more about Chapter 3 than it has revealed, saying the next chapter is “SOO good.” Epic says Chapter 2 will end with players battling the Cube Queen and whatever she has planned in a one-time in-game event on December 4.



Repost: Original Source and Author Link

Categories
Computing

Gigabyte Inadvertently Confirms 12GB Nvidia RTX 2060 Rumors

When rumors of a 12GB Nvidia RTX 2060 Super refresh started making the rounds, we said that they probably weren’t true. But it looks like we may have been wrong. Graphics card maker Gigabyte filed a new listing with the Eurasian Economic Commission (EEC) that inadvertently confirms this card’s existence..

Twitter user @momomo_us uncovered the listing, which lists four Gigabyte graphics cards. Although the listing doesn’t call out the 12GB RTX 2060 Super by name, the model numbers all line up with previous Gigabyte RTX 2060 cards, with one notable change — 12GB of RAM. The GV-N2060WF2OC-6GD (Gigabyte’s Windforce RTX 2060), for example, is listed as GV-N2060WF2OC-12GD.

Dan Baker/Digital Trends

The listing comes amid mounting evidence for a refresh to Nvidia’s last-gen card. On November 14, a day before the listing went live, YouTube channel Gamers Nexus published a video saying that a 12GB RTX 2060 Super was on the way. This isn’t a channel that normally leaks new releases, but that, combined with the ECC filing and murmurs from around the community, has an 12GB RTX 2060 Super looking likely.

A dedicated leaking channel, Moore’s Law is Dead, revealed in October that the card would arrive in 2022 to take on low-end AMD RDNA 2 graphics cards. Rumors of Nvidia reintroducing the RTX 2060 in some form date back to January 2021, and they haven’t stopped since.

The question: Why? Nvidia released the RTX 3080 more than a year ago, so it’s a strange move to resurrect a GPU that’s more than two years old. There could be a good reason to bring it back, though. It’s no secret that graphics cards are tough to find right now, and Nvidia could be splitting its manufacturing efforts to get more cards out in the wild.

Evidence of the GPU shortage emerged when it was revealed that Nvidia was having manufacturing yield issues with its RTX 30-series graphics cards. Nvidia chose Samsung as its manufacturing partner, and reports circulating shortly after the launch showed that the manufacturer produced fewer usable chips than expected.

Samsung didn’t build the RTX 2060 Super — chipmaker TSMC did. TSMC is the semiconductor company behind AMD’s Ryzen 5000 processors and Radeon RX 6000 graphics cards, as well as a longtime partner for Nvidia. It looks like Nvidia could be splitting its manufacturing to bypass supply chain issues.

That’s something the company did with its GTX 10-series GPUs. The range started on TSMC’s 16nm manufacturing process, but Nvidia eventually moved to Samsung’s 14nm process. Reintroducing the RTX 2060 Super allows Nvidia to quickly produce new cards on a node the company is already familiar with.

The strange bit is the 12GB of video memory. The RTX 2060 Super originally launched with 6GB, and doubling that to 12GB probably won’t do much for gaming performance. That’s something Nvidia’s RTX 3060 proved — even with 12GB of video memory, which is more than the RTX 3080, it performs below other cards in the range.

Unfortunately, an RTX 2060 Super refresh may not be enough to alleviate supply chain issues. Nvidia has been clear that it expects the GPU shortage to continue throughout 2022, so hunting down a graphics card will continue to be a practice in patience.

It’s also possible that the 12GB RTX 2060 Super won’t ever see the light of day. Although multiple sources have confirmed the existence of the card, it’s possible that Nvidia has shelved the idea. That’s something Nvidia already did with the 20GB RTX 3080 Ti, which was reportedly canned earlier this year.

Editors’ Choice






Repost: Original Source and Author Link

Categories
Computing

Apple Confirms High Power Mode On M1 Max MacBook Pro

Apple has just confirmed that the 16-inch version of the latest MacBook Pro will support the new High Power mode. This applies only to models that run on the M1 Max chip. High Power mode is Apple’s new invention made to maximize performance during periods of intense workloads, such as color grading an 8K ProRes video.

In order to enable the new High Power mode, users will likely need the 16-inch version of the new MacBook Pro, equipped with an M1 Max chip and running MacOS Monterey. According to Apple, the new mode will be enabled through System Preferences and will not be on by default.

It’s still somewhat unclear what the new High Power setting will fully entail. It’s clear that it’s meant to let the MacBook Pro handle periods of highly intensive workloads. Such tasks can involve working with 4K or 8K videos, video editing, design work, and more.

Although this feature should let the 16-inch MacBook Pro run smoothly during resource-intensive tasks, code-level references that were previously found indicate that this will make the fans louder. Whether the temperatures will rise beyond what’s acceptable remains to be seen, but Apple did optimize these new Macs to offer better airflow. Battery life reduction is also to be expected during High Power mode usage.

The first references to the new feature were discovered last month by Filipe Espósito of 9to5Mac in the beta of MacOS Monterey. Prior to this, in 2020, references to “Pro Mode” were found in MacOS Catalina 10.15.3. At that time, the internal code that was found suggested this option will make apps run faster while quickly exhausting the Mac’s battery.

Lifestyle image of someone using the new Macbook Pro 2021.

Apple hasn’t made a statement as to whether the feature will be enabled on the M1 Pro chip or whether it will be available on the 14-inch MacBook Pro at all. For now, it’s safe to assume that High Power mode will remain reserved for the 16-inch MacBook. This marks a difference compared to the previous assumptions that the 14-inch and 16-inch MacBook Pros will offer the exact same performance, but it still remains to be seen whether this is true.

Pre-orders for the new 14-inch and 16-inch MacBook Pros, equipped with the new-and-improved M1 Pro and M1 Max chips, have already started rolling in. The first units are set to be shipped soon and will arrive on October 26. At that point, we can expect more reviews of High Power mode, which should clarify the extent of the performance increase provided by this setting. Regardless of the final outcome, it’s already clear that the new notebooks are swiftly topping the ranks of the best MacBooks out there due to the new M1 Pro and M1 Max chips installed inside.

Editors’ Choice




Repost: Original Source and Author Link

Categories
Security

Visible confirms account breaches, blames ‘outside sources’

Cell service provider Visible has confirmed customer reports of attackers accessing and changing user accounts, and it has said that the breaches were carried out using usernames and passwords from “outside sources.” In a statement to The Verge (which you can read in full below), the Verizon-owned carrier said that it’s worked to “mitigate the issue” since it became aware of it, though it doesn’t mention exactly what measures it’s put in place to protect customers.

Starting earlier this week, customers of Verizon’s lower-cost service were reporting unauthorized charges from Visible on their PayPals or credit card statements, as well as emails telling them that their accounts’ passwords or addresses had been changed. Some customers have been frustrated with a lack of response from the company, as it hasn’t sent out emails or texts about the situation and was largely silent on social media until Wednesday, when it posted a Twitter thread.

In both its statement and on Twitter, the company recommends resetting your password if it’s one you’ve used for other services. It’s good advice, but the company has turned off its password reset system — it wasn’t available yesterday, and as of Wednesday morning you’ll still get an error if you try to change your password.

Hackers getting into accounts using passwords found elsewhere is very common, that’s why everybody (including Visible) says to use unique passwords for each service and to change your passwords in the case of a breach. Security experts also recommend using two-factor authentication, which can help protect you even if your password fails (like in a situation where you’re not able to change it). Visible, however, doesn’t support two-factor authentication, which means that its customers are still potentially open to these kinds of attacks.

Here’s Visible’s full statement.

Visible is aware of an issue in which some member accounts were accessed and/or charged without their authorization. As soon as we were made aware of the issue, we immediately initiated a review and started deploying tools to mitigate the issue and enable additional controls to further protect our customers.

Our investigation indicates that threat actors were able to access username/passwords from outside sources, and exploit that information to login to Visible accounts. If you use your Visible username and password across multiple accounts, including your bank or other financial accounts, we recommend updating your username/password with those services.

Protecting customer information — including securing customer accounts — is critically important to our company and our customers. As a reminder, our company will never call and ask for your password, secret questions or account PINs. If you feel your account has been compromised, please reach out to us via chat at visible.com.



Repost: Original Source and Author Link

Categories
Security

Twitter Confirms DMs Were Accessed in Last Week’s Major Hack

Twitter has revealed more information about the major hack involving a Bitcoin scam that targeted dozens of high-profile accounts on its service on Wednesday, July 15.

The company said in a tweet on Wednesday, July 22, that following a complete review of all of the impacted  Twitter accounts, it believes that “for up to 36 of the 130 targeted accounts, the attackers accessed the DM [direct message] inbox, including 1 elected official in the Netherlands.” Twitter did not name the elected official.

Although it declined to offer specific information on the other 35 accounts whose DMs were possibly accessed, it added that so far there is no evidence to suggest the hackers accessed the DMs of any other former or current elected official. In other words, Barack Obama and Joe Biden — if they use the DM function — can breathe a sigh of relief.

As for the likes of Bill Gates, Elon Musk, Jeff Bezos, and Kanye West, who were among some of the other high-profile individuals targeted in the hack, it appears at this stage that their messages could have been accessed.

The scam involved a fake tweet encouraging followers to send payments to a Bitcoin wallet. The ruse had some success, too, as data on Blockchain.com revealed that more than $115,000 via 392 transactions was sent to the Bitcoin wallet posted in the messages.

As soon as Twitter spotted the attack last week, it locked down the affected accounts and removed the fake tweets. The company said it had been the victim of “a coordinated social engineering attack by people who successfully targeted some of our employees with access to internal systems and tools.”

The hack message on Bill Gates’ account. We have removed the account number linked by the scammers. Digital Trends

Later on Wednesday, Twitter also repeated some of the findings it uncovered last week, saying the perpetrators downloaded data from eight accounts via its “Your Twitter Data” tool, adding that none of these included verified accounts.

To recap:
????130 total accounts targeted by attackers
????45 accounts had Tweets sent by attackers
????36 accounts had the DM inbox accessed
????8 accounts had an archive of “Your Twitter Data” downloaded, none of these are Verified

— Twitter Support (@TwitterSupport) July 23, 2020

Twitter said it is continuing to communicate directly with the account holders that were impacted by the hack. The FBI is also investigating the incident.

Digital Trends has asked Twitter if it can offer any additional information at this stage and we will update this article when we hear back.

Updated to include Twitter’s recap.

Editors’ Choice




Repost: Original Source and Author Link

Categories
Tech News

Google Pixel 6 leak confirms weird new direction

The Google Pixel 6 represents a whole new direction for the industrial design of the Google Pixel line. It would appear that smartphone that represents the most essential bits of the Android experience from Google does not need to be basic – it does not need to be a clean, standard slate on which Android itself is the only focus. With the leaks we’re seeing now, it’s clear that the Google Pixel 6 will take the Google smartphone experience out a whole new door.

Imagery shown in the leak from Ice Universe this week shows a Google Pixel 6 with a sort of bar section near its head. This is the “bridge”, as we’re calling it, that holds the device’s camera array. As cameras on smartphones went from single lens to multiple lens, the back-facing camera array went from a circle to an island. Now, with Google Pixel 6, this island spans the length of the smartphone.

The Google Pixel 6 will likely be released in more than one configuration, probably as a Google Pixel 6 and a Google Pixel 6 Pro, or Max, or XL. The case leaked this week shows spaces for a single microphone hole at the top of the phone, power and volume keys to the right, two speaker arrays at the bottom, and a space for a USB-C port.

At the bottom right is likely a case-maker addition – a place where a user can run an attachment loop that could fit around one’s wrist, act as a loop for fun dangling toys, etc. The clarity of the case also likely indicates the manufacturer’s knowledge of the beauty of the color scheme(s) of the phone – they’ll let them shine through.

The Google Pixel 6 device family will likely be released at the same time, in late September or early October of 2021. Cross your fingers we’ll see a release without delay – you never know here in the new world, not quite out of a pandemic, in a place where anything could happen!



Repost: Original Source and Author Link