#1 Trusted Cybersecurity News Platform Followed by 4.50+ million
The Hacker News Logo
Get the Free Newsletter
SaaS Security Posture Management

hack gaming server | Breaking Cybersecurity News | The Hacker News

Epic Games Hit With Class Action Lawsuit Over Hacked 'Fortnite' Accounts

Epic Games Hit With Class Action Lawsuit Over Hacked 'Fortnite' Accounts
Aug 13, 2019
Epic Games, the creator of the popular 'Fortnite' video game, is facing a class-action lawsuit from gamers over hacked Fortnite accounts, accusing the company of failing to maintain adequate security measures and notify users of the security breach in a timely manner. The lawsuit, filed by 'Franklin D. Azar and Associates' in the United States District Court in North Carolina on behalf of over 100 affected users, claims that "affected Fortnite users have suffered an ascertainable loss in that they have had fraudulent charges made to their credit or debit cards." According to the lawsuit, Epic Games acknowledged a vulnerability in its system that allowed hackers to unauthorizedly access players' account and purchase in-game currency using their saved credit or debit cards. Apparently, the law firm is trying to connect two separate reports—first, a responsible vulnerability disclosure in Fortnite system and second, multiple password reuse and phish

Account Takeover Vulnerability Found in Popular EA Games Origin Platform

Account Takeover Vulnerability Found in Popular EA Games Origin Platform
Jun 26, 2019
A popular gaming platform used by hundreds of millions of people worldwide has been found vulnerable to multiple security flaws that could have allowed remote hackers to takeover players' accounts and steal sensitive data. The vulnerabilities in question reside in the "Origin" digital distribution platform developed by Electronic Arts (EA)—the world's second-largest gaming company with over 300 million users—that allows users to purchase and play some of the most popular video games including Battlefield, Apex Legends, Madden NFL, and FIFA. The Origin platform also manages users EA Games account authentication and allows them to find friends, join games, and manage their profiles. Discovered by researchers at Check Point and CyberInt, the vulnerabilities when chained together could have allowed attackers to hijack gamer's EA account just by convincing them into opening an official webpage from the EA Games website. To perform this attack, as shown in th

Guide: How to Minimize Third-Party Risk With Vendor Management

SaaS
websitewww.vanta.comVendor Risk Management
Manage third-party risk while dealing with challenges like limited resources and repetitive manual processes.

AI Solutions Are the New Shadow IT

AI Solutions Are the New Shadow IT
Nov 22, 2023AI Security / SaaS Security
Ambitious Employees Tout New AI Tools, Ignore Serious SaaS Security Risks Like the  SaaS shadow IT  of the past, AI is placing CISOs and cybersecurity teams in a tough but familiar spot.  Employees are covertly using AI  with little regard for established IT and cybersecurity review procedures. Considering  ChatGPT's meteoric rise to 100 million users within 60 days of launch , especially with little sales and marketing fanfare, employee-driven demand for AI tools will only escalate.  As new studies show  some workers boost productivity by 40% using generative AI , the pressure for CISOs and their teams to fast-track AI adoption — and turn a blind eye to unsanctioned AI tool usage — is intensifying.  But succumbing to these pressures can introduce serious SaaS data leakage and breach risks, particularly as employees flock to AI tools developed by small businesses, solopreneurs, and indie developers. AI Security Guide Download AppOmni's CISO Guide to AI Security - Part 1 AI evoke

Zero-Day Flaws in Counter-Strike 1.6 Let Malicious Servers Hack Gamers' PCs

Zero-Day Flaws in Counter-Strike 1.6 Let Malicious Servers Hack Gamers' PCs
Mar 14, 2019
If you are a Counter-Strike gamer, then beware, because 39% of all existing Counter-Strike 1.6 game servers available online are malicious that have been set-up to remotely hack gamers' computers. A team of cybersecurity researchers at Dr. Web has disclosed that an attacker has been using malicious gaming servers to silently compromise computers of Counter-Strike gamers worldwide by exploiting zero-day vulnerabilities in the game client. According to the researchers, Counter-Strike 1.6, a popular game that's almost two decades old, contains unpatched multiple remote code execution (RCE) vulnerabilities in its client software that let attackers execute arbitrary code on the gamer's computer as soon as they connect to a malicious server, without requiring any further interaction from the gamers. It turned out that a Russian gaming server developer, nicknamed 'Belonard,' has been exploiting these vulnerabilities in the wild to promote his business and create a
Cybersecurity Resources