app-subdomain-redirection:massive

Google+ shuts down after massive privacy breach (and because nobody used it)

Google+ is dead. Here’s why (beyond the obvious).

Here’s some sudden and disappointing news for all five of you who use Google+.

In a post here, Alphabet Inc (Google’s parent company) stated that they were shutting down the consumer version of Google+. The service will slowly be rolled back over the course of 10 months. Within the post, the company said that 90% of users only used the service an average of 5 seconds per session. Google elaborated on the service’s unpopularity by saying:

“This review crystallized what we’ve known for a while: that while our engineering teams have put a lot of effort and dedication into building Google+ over the years, it has not achieved broad consumer or developer adoption, and has seen limited user interaction with apps. The consumer version of Google+ currently has low usage and engagement: 90 percent of Google+ user sessions are less than five seconds.”

Is Google Search Always the Best Option?

When

A tiny and uninterested userbase wasn’t the only thing that contributed to the demise of Google+. In the post, Google publically revealed that there was a widespread privacy breach that affected over 500,000 users. Basically, the Google+ Application Programming Interface allowed third-party apps integrated with the service to access data that users had marked private. This data includes birthdays, email addresses, work history, and real names.

This breach was discovered back in March, but Google chose not to reveal the problem publicly. Presumably, they wanted to avoid a PR hit, as that was the same time that Facebook was being slammed in the media for not stopping Cambridge Analytica from stealing data from millions of users. It should be noted that while Google discovered the problem in March of 2018, the vulnerability had been present since 2015. Google quickly fixed the issue, but its lack of transparency with its users has eroded public trust in the brand.

Google thought they had stayed afloat after Twitter and Facebook drowned in controversy, but the public is now calling lawmakers to investigate and regulate the internet giant. Public backlash has already begun, and class action lawsuits can’t be far behind.

No Man Sky wins back fans with massive update

You may not have played No Man’s Sky, but you’ve probably heard of it. No Man’s Sky was one of the most anticipated games of 2016, having won awards before it had even been released. Unfortunately, much of that excitement was swept away once the game was out. This was largely due to a lack of promised features that the game would have, such as an in-depth multiplayer. Well, after two years, Hello Games has finally released the patch that might deliver on all those promises fans were excited for.

No Man's Sky Download NOW ►

If you don’t already know, No Man’s Sky is an action-adventure survival game based on exploring and surviving in the depths of space. Each planet is a unique experience, as the universe is open and massive. This new update is meant to expand the player’s experience past simply solo exploration.

The update is called Next, and actually follows three previous major updates, Atlas Rises, Pathfinder, and Foundation. The trailers, demos, and marketing of No Man’s Sky featured many gameplay elements that were not included in the final release. Each of these updates brought along many of those elements, along with a plethora of updates catering to fans, or fixing problems with the current game. Next seems to be the update that brings some of the final major changes that fans were upset about at release.

The biggest and most noteworthy change is, of course, the inclusion of multiplayer. Players can work together, or play as enemies, allowing for a new and exciting experience. Together, they can build bases and develop teamwork, while also being able to fight each other for resources. Along with this, you’ll be able to customize your character to differentiate between you and your new friends.

While the excitement for the multiplayer is understandable, there are many more benefits from this update that players will be excited to discover. This update allows for a fantastic new experience for both new and returning players by completely overhauling the starting content. Along with this, the graphics and UI have been updated immensely, further developing the update’s approach to new and returning players.

On top of this, practically everything has been improved or touched upon. There are new missions, new base mechanics (they can be built anywhere now!), new freighters, and even new graphic updates that completely change your view of the game.

If you own this game, and were disappointed by the lack of content it had on release, then this is the update for you. So many things have been updated to provide more content, that it the game has become far closer to the anticipated game, rather than what the game was when it actually was released.

Up to $1 billion stolen in massive bank hack

Security firm Kaspersky Lab revealed a massive worldwide security breach across 100 banks and electronic payment systems around the world, including those in the United States. It is estimated that as much as $1 billion has been stolen using this security exploit, which first appeared in late 2013.

An ‘Ocean’s Eleven’ style hack

A multinational network of cyber criminals from Russia, Ukraine, China and other European countries are responsible for the breach, according to Kaspersky. What’s interesting is the sophistication and patience the hackers exhibited.

Each attack took an average of two to four months. Using spear phishing, a type of phishing email that targets specific organizations, hackers were able to install malware called Carbanak onto a bank employee’s computer.

Carbanak allowed hackers to monitor the behavior of bankers over months before stealing money. “This allowed the attackers to understand the protocols and daily operational tempo of their targets,” says Kaspersky in its report.

Another method the hackers used to stay under the radar was to limit the amount of money stolen to $10 million from each bank. Kaspersky speculates this limit was dictated by the fact that $10 million is the maximum amount budgeted by banks for fraud risk, hoping banks wouldn’t launch a full scale analysis of its systems. If spread out over 100 banks, the total amount stolen could top $1 billion. Out of the affected banks, 42% are located in Russia and only 10% are in the US.

While most cyber thefts are more smash-and-grab, the methodical nature of this hack is “much more ‘Ocean’s Eleven’”, says managing director of Kaspersky North America Chris Doggett.

Hackers transferred money from banks to personal accounts and even attacked ATMs, scheduling machines to dispense money at specific locations and times where a member of the hacking group would be waiting.

An ongoing attack

No banks have come forward to acknowledge the hack as of yet. However, a representative from Bank of America responded saying it “was not impacted by Carbanak”. Other banks I’ve reached out to did not respond to my inquiries.

Kaspersky says the attack is still on-going and that it is working with law enforcement to track down the hackers. Security reporter Brian Krebs reported on this vulnerability back in December 2014, explaining how Russian and Ukrainian hackers managed to attack ATMs from inside banks.

The attacks began in December 2013 with peak infections occurring in June 2014. Kaspersky knew about the attack but didn’t release details until now because the investigation remains open. The company was asked by law enforcement not to divulge the information too early into the investigation.

Easy pickings

Although the $1 billion figure is shocking, the methods the thieves used to access banking systems are not. Techniques like spear phishing have been around for a long time. Spear phishing targets organizations with fake emails dressed up to look like legitimate correspondences to get bank employees to download infected attachments like Word documents.

Photo credit: 401(K) 2012 via Flickr

Once an employee downloads or clicks on a malicious link, the Carbanak virus gets injected into the computer. Carbanak is what’s known as a RAT (remote access tool), which allows a hacker to see everything on a person’s computer, assume control and even log keystrokes.

After gaining access to one bank’s computers, the hackers then mounted additional spear phishing email attacks against other banks, sending the emails from legitimate bank addresses and impersonating employee behavior.

Banks failed to employ basic security practices

Banks could have avoided being hacked if they took basic security measures. RATs are nothing new and neither are the phishing techniques that plague us today.

The Carbanak virus was distributed in infected Microsoft Office attachments. Having an updated version of Microsoft Office would have stopped the attack dead since these security vulnerabilities have already been patched.

Providing basic cyber security training for employees could have also led to the detection of spear-phishing emails that housed the infection.

On the whole, cyber security is not being taken seriously by many banking institutions. American Express, Capital One and Citibank all lack basic two-factor authentication, which goes a long way in protecting its customers’ accounts. Head over to https://twofactorauth.org/ to see which banks and services still don’t use two-factor. While banks are looking at increasing security for its customers, some forget to increase security for its own employees.

Out of your hands

I’ve preached basic security practices like using a password manager and enabling two-factor authentication but in this case, there’s not much you can do. The Carbanak attack is specifically targeting banks and not individual accounts, but you should still check your accounts often for suspicious behavior.

“Consumers should check both their online and paper statements on a regular basis for unusual activity. Additionally, consumers should be cautious when downloading attachments and opening links from both from people or institutions they do not know and do know. If an email claiming to be your banking institution seems suspicious, it could be a phishing scam and you should double check with your bank to make sure the email is really from them,” says Avast COO Ondrej Vlcek.

Avast Free Antivirus 2015 checks for outdated software

To make sure you don’t fall prey to the same methods of attack as banks affected by Carbanak, make sure to keep your computer updated with the latest software and system updates. Windows users can check for updates in Windows Update and Mac users can check in the Mac App Store. If an email seems suspicious to you, visit your bank’s site directly or give them a call.

You can also use a service like Mint to monitor all of your financial accounts. Mint sends you notifications of any suspicious activity and lets you quickly glance at anything that might be off with your accounts. There are Mint mobile apps (Android | iOS) you can download to get notifications faster.

Unfortunately, corporate negligence for security is commonplace. Target’s breach last summer showed how slow the company ignored early warnings, resulting in 1 to 3 million stolen credit card numbers. Sony Pictures kept their passwords in an unencrypted plaintext file and didn’t encrypt its employees’ emails. Home Depot admitted its 2014 hack was attributed to the company’s policies of meeting security standards, rather than anticipating new threats.

All we can do is wait to hear which banks have been affected and how they’re going to patch their security holes.

Source: Kaspersky [PDF], 2

Blizzard’s massive Hearthstone coming to Android late 2014

Hearthstone: Heroes of Warcraft was released for PC and iPads in spring this year, and it’s hugely popular. A free to play digital card game, you take turns to battle against opponents to gain experience points and access to more cards to battle with.

There are over 20 million hearthstone players according to Blizzard, writing on its Battle.net blog. The post highlights the team’s development achievements this year, and goes on to explain its next steps.

Bringing Hearthstone: Heroes of Warcraft to Android tablets will be the next move. This should happen bu the end of 2014. But mobile users won’t feel left out for long – the game should be available for iPhone and Android phones in early next year. Blizzard says it has a test build running internally, but ‘it needs a bit more work… we’ll be ready to share it with you.. early next year.’

Default player

brightcove.createExperiences();

The challenge with phones is adapting the game’s user interface to work well on smaller screens, and Blizzard would prefer to ‘take the extra time’ making that work well, than release a lazy port of the game designed for bigger screens.

Source: Battle.net Blog

Massive Joe Studios’ Mike Su introduces Age of Monsters

Rock, paper, scissors is an international game. It’s played everywhere in the world to solve disagreements, make bets with, or just pass the time when you were five years old.

Massive Joe Studios are bringing the game back to iOS on iPhone and iPod Touch. Massive Joe Studios’ most well known member might be Jeff Matsuda. Previously a comic book artist, Creative Director on The Batman cartoon, Matsuda is the artistic driving force behind Massive Joe Studios.

I met with CEO/Co-founder Mike Su to talk about Age of Monsters – Rock Paper Scissors; what is planned to be the first game in the created universe of Age of Monsters.

Continue reading “Massive Joe Studios’ Mike Su introduces Age of Monsters”

Tag: app-subdomain-redirection:massive