According to Valve, fewer than 100 Steam users have installed the malware-embedded games, and they have already notified those users via email.

Although the hackers did not have much success in using Steam to distribute malware this time, Valve has taken significant steps to prevent such an incident from happening again. Starting October 24, game developers will have to pass a Two Factor Authentication check before updating the default branch of a published game (i.e., the version that Steam automatically makes available in an automatic update to the majority of gamers who have the game installed).

SMS will be the only way to receive the two-factor authentication code, so developers will have to register a cell phone number when they want to update the main release of their game.

Steam partners will also need to use SMS verification to add new users to their organization, and Valve says it plans to add two-step security checks to other Steam backend operations in the future.

THIS IS A SPONSOR PROMOTION: >>>>>>>>>>>>>

Geekwills is an online shop that connects consumers with millions of products and brands around the world with the mission to empower them to live their best lives. Geekwills is committed to offering the most affordable quality products to enable consumers and sellers to fulfill their dreams in an inclusive environment.

The post Steam games hacked with malware, Valve urgently activates double authentication appeared first on TechGoing.

HVNC is the abbreviation of Hidden Virtual Network Computing, which is a method to solve remote login (such as browser, operating system/plug-in version, locale, time zone, etc. to fingerprint the user’s system).

HVNC technology is mainly used in technical support services, but before starting the service, the user’s permission is required.

The HVNC malware exposed this time does not require the user’s permission and can launch attacks without the user’s knowledge.

The malware is sold on the dark web for $60,000 (currently about 431,000 RMB), including a reverse shell and a remote file manager. Current test results show that Mac devices with macOS 10 to 13.2 are affected, so users are recommended to upgrade to the latest 13.4.1 version as soon as possible.

The post Affecting macOS 10-13.2, Hackers Sell HVNC Malware for $60,000 appeared first on TechGoing.

MacStealer was revealed earlier this year as a piece of malware designed to steal information from Macs. An Atomic variant was spawned in April of this year and is sold on a monthly basis as a “malware-as-a-service” model.

The recently discovered ShadowVault has been upgraded again, specifically designed to steal sensitive data from macOS systems, and is being sold on the dark web for $500 per month (currently about RMB 3,615), half the price of the Atomic macOS Stealer malware.

According to Guardz, ShadowVault cuts the monthly fee in half, but the system is more sophisticated and capable of stealing, and the malware can have a “catastrophic impact on business functions and user privacy.

Those who want to learn more about the ShadowVault malware can read about it on the Guardz website.

The post Malware ShadowVault Exposed, Specializes in Stealing Sensitive User Information appeared first on TechGoing.

The report that the number of malicious emails was 52.3 million, down 7% sequentially and 13% year-over-year.

In the report, Vade said a new phishing campaign was detected in March of this year that combined multiple sophisticated techniques to steal victims’ cryptocurrency wallets.

The campaign uses Google Translate to bypass detection by email security tools, uses JavaScript and CSS to obfuscate phishing pages, and uses the Interplanetary File System (IPFS) decentralized network to host phishing kits.

The post 562.4 million phishing emails were reported in 1Q 2023, a 102% increase from the previous quarter appeared first on TechGoing.

Global cybersecurity spending (including enterprise products and services) is forecast to grow by 13.2 percent in 2023, and remains a key growth area for channel partners, according to new Canalys forecasts. Under ideal conditions, total spending is expected to reach $223.8 billion in 2023, with cybersecurity service deliveries exceeding product shipments. The continued high level of cyber threats is driving companies to prioritize increased investment in cyber security. As budget holders come under increasing pressure and not all projects will be approved, they must scrutinize spending and focus on the most urgent cyber security needs to minimize the risk of breaches. Government and business spending in this area will increase, but as economic conditions deteriorate, input from small businesses will decrease.

Canalys analysts said, “Ransomware remains the biggest threat to businesses from an operational, financial and branding perspective. But the emergence and misuse of generative AI models such as ChatGPT is taking the cyber risk to another level in 2023. This will enable more cyber security threat actors to accelerate the creation of malicious code at an industrial scale, and increase the frequency and scope of attacks. Organizations are already struggling to deal with current threats and cannot afford to cut back on this spending, as they could become vulnerable to cyber threats if they let their guard down. Instead, they need to work more closely with their channel partners in order to make smarter investments.”

Image source Pexels

The delivery of cybersecurity services (including consulting, outsourcing, deployment, integration, maintenance and managed services) is expected to grow by 14.1 percent to $144.3 billion in 2023. This will account for 64.5% of the global cyber security market share in 2023,” said Canalys research analysts. “This year, organizations will continue to transform their cyber security strategies to improve their defensive capabilities. Implementing a zero-trust architecture to address cybersecurity vulnerabilities that have emerged since the new crown epidemic. This will drive more consulting services from channel partners and create opportunities to deploy and integrate multiple products from different vendors while reducing operational complexity through managed services. Overall, in 2023, more than 90 percent of cyber security product and service spend will be channeled through channel partners.”

In 2023, shipments of cyber security products (including endpoint security, network security, web and email security, data security, rights management, and vulnerability and security analytics) will grow by 11.7% to $79.5 billion. This implies strong growth in the technology sector, but slower growth compared to 2022. At that time, enterprises increase spending to upgrade existing defenses and introduce new capabilities, particularly cloud, IoT / OT and identity security. 2023 will see continued expansion in deal size. However, the sales cycle will be extended as more levels of sign-off are required. It will be even more important for channel partners to conduct risk assessments and demonstrate a return on investment. However, total cyber security spending will still fall short of being able to turn the cyber security threat landscape around due to chronic underinvestment.

The post Global cyber security spending to reach $223.8 billion by 2023, up 13% appeared first on TechGoing.

The number of malware targeting Linux was 75,841 in the third quarter of 2022, up 91 percent year-over-year, and 164,697 in the fourth quarter, up 117 percent year-over-year.

This compares to a decline in other operating systems. The overall number of malware in 2022 was 73.7 million, down 39 percent year-over-year. The number of malware targeting Android declined the most in 2022, dropping 68 percent to 1.1 million from 3.4 million in 2021.

Windows continues to be the most targeted operating system, accounting for more than 95 percent of all malware. Compared to 116.95 million in 2021, the number drops to 70.7 million in 2022, a 40 percent decrease year-over-year. New malware applications targeting macOS dropped from 17,061 in 2021 to 12,584, a 26 percent decrease.

The post Malware targeting Linux hits new high in 2022: 1.9 million, up 50% year-over-year appeared first on TechGoing.