From The Blog

Game reviews are always fun things to do. I mean it is playing a game and then writing about anything you found while playing it (sounds like fun). The challenge comes from being objective in your writing Vs subjective. Something that I might personally dislike in a game might be the thing that makes a game fun for someone else. It is with that in mind that we bring you our first game review in years. We will be breaking the game down into a couple of areas, objective and subjective findings. So. Let’s kick this off with the fun part, the subjective part.

The popular socialization platform, Discord, is alerting users to a data breach that occurred due to the compromise of a support agent account. The breach appears to be limited in scope to the ticket queue that the third-party agent was responsible for. The ticket queue contained email addresses, attachments and all messages that might have been exchanged during ticket resolution with this agent.

The UK’s CMA (Competition and Markets Authority has added new restrictions on Microsoft and Activision Blizzard after already issuing a formal anti-trust warning over the deal back in January. Now the regulator has added additional orders that prevent either party from “acquiring an interest” in each other without written permission from the CMA.

After a Leak of Babuk ransomware source code in late 2021 researchers have identified 9 separate new stains that are intended to target VMware ESXi. The new variants first started showing up in the 2cond half of 2022. As with ransomware as a service, having leaked source code allows less sophisticated attack groups to utilize the work of others to their advantage. In this case the targeting the Linux based ESXi. ESXi is a great target as it allows for the encryption of infrastructure and prevents the rapid restoration of systems since the infrastructure those servers run on is what has been affected.

After Phill Spencer’s recent comments on why Microsoft can’t beat Sony or Nintendo via “normal methods” we started to wonder why he would make this kind of statement. So, with our usual OCD we dove into some of the things that are happening at both Microsoft and Microsoft Gaming. Microsoft has been in an interesting spot and not for the first time. They seem to get into this spot where they are in between strategic and tactical projects. In this “down” time we tend to seem them look to shore up documentation, investigate acquisitions to expand their reach, and start to plan for their next conquest.

Microsoft’s Patch Tuesday for May included a patch that was a fix for a flaw that was created from another patch back in March 2023. The March patch was meant to fix vulnerability CVE-2023-23397 which was a known exploited critical vulnerability in Microsoft Outlook’s MapUrlToZone security measure. It was allegedly abused by Russian based threat actors since April 2022. The new flaw is a bypass for the fix put in place in March.

There is an old saying that says, when you can no longer do, you teach. This might be a relatively true axiom in the regular world, but in the world of cybercrime it is certainly not what you find happening. Instead, we tend to see that when organized groups no longer want the headache and hassle of doing the heavy lifting for attacks, they just build a platform to sell their tools to others. We have seen ransomware as a service, malware as a service, malvertising as a service, and even phishing as a service.

If I were to build a list of companies that I would not want to build an AI project Meta, the parent company of Facebook is probably sitting at the top of the list. Yet here we are with a company known for manipulating users, user data and a proven habit of abusing the information it has. Meta is building an AI tool they are calling ImageBind that looks to expand on AI currently understands an environment. Most current AI image generators are (in very simple terms) texts to image generators. They take input in the form of words and create an image from learned input (again in very simple terms).

Yesterday we reported on a ransomware attack that impacted PC and component manufacturer MSI. When they, MSI, disclosed the attack they claimed there was no significant impact, but failed to consider that most, if not all, modern ransomware attacks also incorporate exfiltration techniques to ensure a ransom is paid. This this case, the group Money Message had exfiltrated data a claimed 1.5TB of data that included firmware, source code, and databases. This sounds a bit significant at this point.

In January of 2023 the Print Management Software company PaperCut was advised of two Remote Code Execution (RCE) bugs. These bugs were in their PaperCut MF and PaperCut NG software products. PaperCut worked with the group that identified the bugs, TrendMicro, to develop a patch prior to disclosure of the flaw. The patch was made available to PaperCut clients on March 8th and the vulnerability was disclosed on April 20th. However, as is the case with things like this, the patches were not rolled out as one would have hoped.