Hacker Leaks the Entirety of Video Gaming Giant Twitch, Including Platform Source Code
Ransomware gang uses Python script to encrypt VMware ESXi servers, Apache issues patch for flaw in HTTP Web Server project exploited in the wild, Google to auto-enroll uses in 2SV, much more
An anonymous hacker claims to have leaked the entirety of video live-gaming giant Twitch and has posted a 125GB torrent link of the leak to 4chan. They say they intend to “foster more disruption and competition in the online video streaming space” because “their community is a disgusting toxic cesspool.”
One anonymous Twitch source said that the leaked data is legitimate, including the source code for the Amazon-owned streaming platform. Some Twitch users who have examined the leak say it includes encrypted passwords and recommended that users enable two-factor authentication to be safe.
The torrent also reportedly includes Unity code for a game called Vapeworld, which appears to be chat software based on Amazon’s unreleased Steam competitor Vapor. The leak also shows that popular streamers such as Shroud, Nickmercs, and DrLupo have earned millions from working with the popular streaming platform. The hacker said that this is just the first part of the content due to be leaked but hasn’t stated what they plan to release. (Chris Scullion / Video Games Chronicle)
Sinoc @Sinoc229https://t.co/7vTDeRA9vt got leaked. Like, the entire website; Source code with comments for the website and various console/phone versions, refrences to an unreleased steam competitor, payouts, encrypted passwords that kinda thing. Might wana change your passwords.
Researchers at Sophos say that operators of an unknown ransomware gang are using a Python script to encrypt virtual machines hosted on VMware ESXi servers, which have Python installed by default.
An investigation into a recent ransomware attack revealed the method. Researchers at Sophos say it was one of the quickest attacks they’ve ever investigated, with the attackers spending just over three hours on the target's network before encrypting the virtual disks in a VMware ESXi server. The researchers say that administrators who operate ESXi or other hypervisors on their networks should follow security best practices, avoiding password reuse and using complex, difficult to brute-force passwords of adequate length. (Sergiu Gatlan / Bleeping Computer)
The Apache Software Foundation released a security patch to address a vulnerability (CVE-2021-41773) in its HTTP Web Server project that has been actively exploited in the wild.
Attackers could exploit the vulnerability using a path traversal attack to map URLs to files outside the expected document root. Ash Daulton discovered the attackers along with the cPanel Security Team, both of which reported the issue to the Apache team. (Catalin Cimpanu / The Record)
Yubico has released its first hardware security key that uses fingerprints instead of passwords.
Yubico’s new Bio Series supports the latest FIDO2/WebAuthn and U2Fopen authentication standards to which Yubico contributes. (Scharon Harding / Ars Technica)
Many personal computer users in China cannot switch to Windows 11 because their devices lack a critical component called a trusted platform module (TPM) chip.
TPM is an international encryption standard, and a TPM chip is a component on the motherboard. China banned TPM back in 1999 and rolled out its own standard called the Trusted Cryptography Module (TCM). Workarounds to help Windows 11 bypass the TPM requirement are challenging to implement and come with compromises. (Josh Ye / South China Morning Post)
Researchers at BlackBerry say that an increasingly active Chinese government-linked hacking group, APT 41, impersonated Indian government agencies with phishing lures related to COVID-19 statistics and tax legislation.
The campaign preys on people’s hopes for a swift end to the pandemic as a lure to entrap its victims. The campaign began in July 2020, and the infrastructure used to operate it remained active until March 2021. (Tim Starks / Cyberscoop)
Google has pledged $1 million to the Secure Open Source (SOS) Rewards program, a new open-source security project hosted by the Linux Foundation.
Under the program, developers can earn $500 to $10,000 to improve the security of critical open-source app. (Dev Kundaliya / Computing)
Google announced plans to auto-enroll 150 million user accounts into its two-step verification (2SV) system by the end of the year.
The company is currently auto-enrolling Google accounts that have the proper backup mechanisms to make a seamless transition to 2SV, including phones with the recent versions of Android. Starting next year, more users will have 2SV enabled on their accounts as part of a carefully executed staggered rollout plan. Google also said that starting November 1, all YouTube creator accounts that have monetization features enabled wouldn’t be able to access the YouTube Studio section of the site unless they enable a 2SV solution. (Catalin Cimpanu / The Record)
A proposal included in the draft version of the Federal Information Security Modernization Act (FISMA) of 2021, sponsored by Senators Gary Peters (D-MI) and Rob Portman (R-OH), would require the Cybersecurity and Infrastructure Security Agency (CISA) to appoint cybersecurity advisers from its department to work with each federal agency CIO.
Each adviser would be responsible for providing ongoing assistance and advice to their assigned CIO and act as the designated point of contact between each department and CISA in the event of a cybersecurity breach. (John Hewitt Jones / Fedscoop)
Speaking at Mandiant’s Cyber Defense Summit National Security Agency (NSA) Director Paul Nakasone said that the U.S. would face ransomware attacks “every single day” over the next five years.
Speaking at the same event, Anne Neuberger, the deputy national security advisor for Cyber and Emerging Technology, said that an upcoming Biden administration-organized meeting of 30 countries to address cybersecurity is a “counter-ransomware initiative” with a focus on “cryptocurrency, resilience, disruption, and diplomacy.” (Maggie Miller / The Hill)
Related: The Record by Recorded Future
Thales, Europe’s largest defense electronics supplier, and Google are partnering to offer state-vetted cloud computing services to store some of France’s most sensitive data.
Thales and Google Cloud said they would create a France-based company with Thales as the majority shareholder. Thales will run Google software on its infrastructure with layers of security to ensure cybersecurity and the protection of data from extraterritorial rules. (Mathieu Rosemain / Reuters)
LA-based cloud security company Orca has raised $550 million in a Series C venture investing round.
Led by Temasek, the investment giant owned by Singapore’s government, the round also includes substantial participation from venture capital firms CapitalG (Alphabet’s independent growth fund), Redpoint Ventures, GGV, ICONIQ Capital, Lone Pine Capital, Stripes, Adams Street Partners, Willoughby Capital, and Harmony Partners. (Stephanie Pearl Li / KrASIA)
Duality, a startup that makes privacy-preserving data analysis tools based on homomorphic encryption, has raised $30 million in a Series B venture funding round.
LG Technology Ventures led the round with Euclidean Capital and the National Bank of Canada’s corporate venture capital arm. NAventures also participated, along with previous backers Intel Capital, Hearst Ventures, and Team8. (Ingrid Lunden / TechCrunch)
Israeli SaaS applications startup Adaptive Shield raised $30 million in a Series A venture funding round.
Insight Partners led the Series A round with participation from Okta Ventures and Vertex Ventures Israel. (Duncan Riley / Silicon Angle)
Blockchain analysis firm Chainalysis firm has acquired cybercrime forensic company Excygent.
Chainalysis intends to use its acquisition of Excygent to reduce cybercrime further, especially ransomware, and to promote “greater financial freedom with less risk.” (MK Manoylov / The Block)