Cryptojacking “Game” Found on Steam Store
Valve has taken recent action against an indie-developed game available on Steam, the company’s game/app store, and removed their listing after many customers had complained about cryptomining slowing their systems, once launched. Additionally, the developers have been caught selling in-game items on third-party sites, that were falsely portrayed as being items for another game in hopes of scamming more money from users. Fortunately, Valve was quick to deal with the issue and banned not only the game, but also the developers from submitting new games after their deceptive practices.
In-depth Look at Deepfakes
As special effects technology becomes more advanced, so too are those that would abuse its capabilities to cause unrest. With the release of Deepfakes, a video software that allows anyone to put any face on a body, or into a video, the power once held only by major production studios is now available to anyone with a computer. While many Deepfakes users have opted to create fake pornographic videos using popular celebrities, the software has also been used to cause political tension by falsely placing a politician’s likeness into a video with completely different audio and then distributing it as a legitimate recording.
Personal Data Easily Found by Researcher
A security researcher recently discovered a security flaw that allowed him to access personal records for over half a million customers of Fashion Nexus. While the company claims that no financial data was revealed, the personally identifiable info (PII) would be more than enough for an attacker to start committing large volumes of identity fraud. After quickly resolving the security issue, the company issued a recommendation to all customers of multiple affected e-commerce sites to change their passwords.
Google Removes Android Apps Containing Windows Malware
At least 145 Android apps have been removed from the Google Play Store after researchers discovered that they all contained malicious executables for the Windows operating system. While they will have no effect on an Android device, it still raises questions about the developer and if the system they are creating apps in has been maliciously compromised. A bigger issue would be faced if any device with an infected app was connected to a Windows computer, as the malware itself appears to focus on gathering keyboard input and searching for sensitive information stored on the system.
Yale Discovers Data Breach Nearly a Decade Too Late
After doing some vulnerability testing on several of their servers, Yale University became aware of a data breach that had occurred sometime in 2008. Even though Yale did a complete wipe of the servers in 2011, they had no idea of the previous breach and have only just begun contacting affecting alumni. Data being stored on the servers contained everything from name and physical addresses to social security numbers and birthdays, which would give any attacker significant strides towards stealing identities.
