#1 Trusted Cybersecurity News Platform Followed by 4.50+ million
The Hacker News Logo
Get the Free Newsletter
SaaS Security Posture Management

Online gaming | Breaking Cybersecurity News | The Hacker News

Critical Flaw in All Blizzard Games Could Let Hackers Hijack Millions of PCs

Critical Flaw in All Blizzard Games Could Let Hackers Hijack Millions of PCs

Jan 23, 2018
A Google security researcher has discovered a severe vulnerability in Blizzard games that could allow remote attackers to run malicious code on gamers' computers. Played every month by half a billion users—World of Warcraft, Overwatch, Diablo III, Hearthstone and Starcraft II are popular online games created by Blizzard Entertainment . To play Blizzard games online using web browsers, users need to install a game client application, called ' Blizzard Update Agent ,' onto their systems that run JSON-RPC server over HTTP protocol on port 1120, and " accepts commands to install, uninstall, change settings, update and other maintenance related options. " Google's Project Zero team researcher Tavis Ormandy discovered that the Blizzard Update Agent is vulnerable to a hacking technique called the " DNS Rebinding " attack that allows any website to act as a bridge between the external server and your localhost. Just last week, Ormandy revealed a simi
Free Online Game website offers $13,000 Reward to expose details on DDoS attack

Free Online Game website offers $13,000 Reward to expose details on DDoS attack

Feb 20, 2014
Currently there are more than Million people worldwide playing Windows Games, Computer Games and Online Video Games, at least an hour a day, but the gaming servers are often insecure and misconfigured. Yesterday, a popular multiplayer Free Online Game ' Wurm ' servers were knocked offline by Distributed Denial of Service (DDoS) attack. Servers were targeted shortly after its most recent update. The Online Game company announced a Bounty Reward of  €10,000  ($13,000) for information about the attacker involved in the recent DDOS attack .  As the gaming servers go down, the company will lose gamers, reputation and revenue. The Wurn Online Game developer said: " We can offer 10,000 Euro for any tips or evidence leading to a conviction of the person responsible for this attack. " Free Online Game service was already planning to change the server, but the DDoS attack made the gaming application offline for more than a day. " Shortly after todays update we wer
cyber security

Cracking the Code to Vulnerability Management

websitewiz.ioVulnerability Management / Cloud Security
Vulnerability management in the cloud is no longer just about patches and fixes. In this latest report, the Wiz Security Research team put vulnerability management theory into practice using recently identified vulnerabilities as examples. Get the FREE report
New Report: Unveiling the Threat of Malicious Browser Extensions

New Report: Unveiling the Threat of Malicious Browser Extensions

Dec 06, 2023Browser Security / Privacy
Compromising the browser is a high-return target for adversaries. Browser extensions, which are small software modules that are added to the browser and can enhance browsing experiences, have become a popular browser attack vector. This is because they are widely adopted among users and can easily turn malicious through developer actions or attacks on legitimate extensions. Recent incidents like  DataSpii  and the  Nigelthorn  malware attack have exposed the extent of damage that malicious extensions can inflict. In both cases, users innocently installed extensions that compromised their privacy and security. The underlying issue lies in the permissions granted to extensions. These permissions, often excessive and lacking granularity, allow attackers to exploit them. What can organizations do to protect themselves from the risks of browser extensions without barring them from use altogether (an act that would be nearly impossible to enforce)?  A new report by LayerX, "Unveiling the
Cybersecurity Resources