Cybersecurity company VPN Overview has discovered a serious vulnerability in Sega’s European resources.
Research Company VPN Overview discovered SEGA keys in the Amazon Web Services public storage. The incident took place back in October, but it was only given publicity now.
Experts found that an incorrectly configured cloud storage basket could be used for hacker attacks on customers and employees of the European branch of Sega.
The landing pages of key projects of the company, including Sonic the Hedgehog, Bayonetta and Total War, as well as the root site of Sega.com, were at risk of hacking. Security specialists were able to run executable scripts at the addresses of these resources, which could have serious consequences.
The API key to the Mailchimp service, which was actually publicly available, provided researchers with a list of more than 250,000 email addresses of users, along with their associated IP addresses and passwords, which they managed to recover from hashes. The researchers argue that “an attacker could effectively spread the ransomware virus through a compromised email address and Sega cloud services.”
However, due to the fact that the first clues were in the possession of the researchers, the problem was quickly corrected. Otherwise, cybercriminals could steal personal data or use sites to distribute phishing programs.
“The issue of protecting national security is more important than short-term profits,” not all US chipmakers are happy with the sanctions, according to Gina Raimondo.
US Commerce Secretary Gina Raimondo admitted that not all American chipmakers are happy with the sanctions against China, since the restrictions lead to a loss of profit.
“I know there are heads of chip companies sitting in the room who are a little annoyed by what I did because [они] lose profits. But that’s life. The issue of protecting national security is more important than short-term profit,” said Gina Raimondo.
She added that mostly representatives of this industry cooperate and help her department, but she also acknowledged the presence of some problems.
We have a good relationship. But of course there is some natural tension. For the first time, we refused an entire country, i.e. China, in access to semiconductors and equipment. We will continue to work in this direction.
She also acknowledged that if Japan and the Netherlands, which have leading positions in semiconductor manufacturing equipment, continue to supply China, then sanctions will make no sense.
iMessage for Android only lasted a few days. Nothing Chats app removed from Google Store and has security issues
The other day, a rather curious event happened on the market quite quietly. Nothing has introduced the Nothing Chats application, which could be called just another instant messenger, but the point is that this application actually allows Android owners to exchange messages with iPhone owners via iMessage. And a few days later, this application was removed from the Google Store.
Nothing initially stated that this was done due to the discovery of several bugs that simply needed to be fixed. However, it seems that the real reason is something else, and it is worse.
Let us remind you that the interaction between the Android messenger and iMessage occurs on a third party. She is represented by the Sunbird company, which provides its platform through which the magic happens. However, it turned out that in terms of data security, this platform is apparently much worse than Sunbird itself stated. In particular, there is no end-to-end encryption.
The Sunbird platform, and therefore the Nothing Chats app, requires a new user of the app to submit their Apple ID credentials to set up syncing. This data is then authenticated on your behalf using a virtual machine running MacOS. The main problem is that the request containing user credentials occurs over an unencrypted channel (HTTP).
The situation as a whole is more complex and is fully described on the Text.Blog website, where several specialists explain how they discovered the problem and what it is. Among other things, they show that they can obtain users’ personal data.
Thus, in fact, Nothing may not be to blame for the situation, but whether the application will now return to the Google Store is an open question.
“Eliminate the password with best-in-class security keys.” New Google Titan Security Keys Unveiled
Google has introduced a new version of the Titan Security Key. The new product is already available for purchase at a price of $30.
In its press release, Google from the very first lines focuses on the fact that this solution allows you to abandon passwords.
Eliminate passwords and prevent attacks with best-in-class security keys that can store up to 250 unique access keys, and learn about our commitment to providing 100,000 keys to high-risk users worldwide by 2024
We are talking about free distribution of 100,000 such devices. Google says it and its partners will distribute the Titan Security Key to users around the world.
The new version of the dongle is available in two versions: USB-A and USB-C. The first one costs 30 dollars, but for some reason they ask for 35 dollars for the second one. Both versions have an NFC module for easy and fast connection to mobile devices.
Google Keys supports FIDO2, so can be used as a two-factor authentication solution.
Google introduced Gemini – the ChatGPT “killer”
Google has officially announced the launch of its own artificial intelligence system, Gemini. According to Google CEO Sundar Pichai, who...
India wants to follow the example of the EU to oblige everyone to switch to USB-C, but Apple really doesn’t like it. The company asks for an exception for older iPhones
Apple has already switched its smartphones to USB-C port due to the latest EU laws, but now India wants to...
Apple will not be greedy and will add support for Qi2 wireless charging for iPhone 13 and iPhone 14 smartphones
Apple, in its new iOS update, has added support for the Qi2 wireless charging standard to older iPhone models. Qi2...
A truly gigantic vapor chamber and a truly very bright screen. OnePlus 12 was presented yesterday, and today it was dismantled
OnePlus 12 was presented only yesterday, and now we can look at a video with its disassembly. At the same...
Components6 days ago
The old GeForce RTX 3060 will still fight. Nvidia is going to reduce the price of this video card and extend its lifespan to combat AMD
Components3 days ago
Gamer’s Lexus TX presented: with RGB lighting, powerful acoustics and a pair of large monitors in the cabin
Components6 days ago
GeForce RTX 4090 D (Dragon) will retain the same AD102 GPU as the original model
News4 days ago
Ten times weaker than Nvidia H100, but entirely our own development. Loongson introduced LG200 AI accelerator