Connect with us


Fortnite on iOS, macOS to lose cross-play, only work with other Apple devices – MobileSyrup



Epic Games confirmed that Fortnite on Apple device will essentially become a separate platform, losing support for cross-play multiplayer with non-Apple devices.

The news comes as Epic confirms the game also won’t get the next season of content. You can read the full details of that here — in short, Apple removed Fortnite from the App Store over the addition of a direct payment method. Epic refuses to remove it and Apple refuses to allow Fortnite on its platforms with that feature still in the game.

As such, it should come as no surprise that Fortnite players on iOS and macOS won’t be able to play with people on other systems. Without an update, the players on Apple devices won’t have all the new content that comes in the season. Fortnite often brings updates to the map, new cosmetics and other in-game rewards with each season. But this time around, nothing will change for people with Apple devices.

The Verge points out that Fortnite can be installed through Epic’s own launcher on Mac, which theoretically means the company could still update that version of the game. It remains unclear why macOS will get left behind, whether it’s a choice on Epic’s part due to the ongoing legal battle, or a restriction from Apple.

Fortnite fans on Apple platforms will still be able to play the game, but it looks like they’ll be restricted to only playing with players on other Apple devices on the game’s current patch — ‘version 13.40.’ It’ll be a small comfort as everyone else moves onto the exciting new content without them.

Source: The Verge

Let’s block ads! (Why?)

Source link

Continue Reading


Microsoft: Some ransomware attacks take less than 45 minutes – ZDNet



Image: Microsoft

For many years, the Microsoft Security Intelligence Report has been the gold standard in terms of providing a yearly overview of all the major events and trends in the cyber-security and threat intelligence landscape.

While Microsoft unceremoniously retired the old SIR reports back in 2018, the OS maker appears to have realized its mistake, and has brought it back today, rebranded as the new Microsoft Digital Defense Report.

Just like the previous SIR reports, Microsoft has yet again delivered.

Taking advantage of its vantage points over vast swaths of the desktop, server, enterprise, and cloud ecosystems, Microsoft has summarized the biggest threats companies deal with today in the face of cybercrime and nation-state attackers.

The report is 88 pages long, includes data from July 2019 and June 2020, and some users might not have the time to go through it in its entirety. Below is a summary of the main talking points, Microsoft’s main findings, and general threat landscape trends.


2020 will, without a doubt, be remembered for the COVID-19 (coronavirus) pandemic. While some cybercrime groups used COVID-19 themes to lure and infect users, Microsoft says these operations were only a fraction of the general malware ecosystem, and the pandemic appears to have played a minimal role in this year’s malware attacks.

Email phishing in the enterprise sector has also continued to grow and has become a dominant vector. Most phishing lures center around Microsoft and other SaaS providers, and the Top 5 most spoofed brands include Microsoft, UPS, Amazon, Apple, and Zoom.

Microsoft said it blocked over 13 billion malicious and suspicious mails in 2019, and out of these, more than 1 billion contained URLs that have been set up for the explicit purpose of launching a credential phishing attack.

Successful phishing operations are also often used as the first step in Business Email Compromise (BEC) scams. Microsoft said that crooks gain access to an executive’s email inbox, watch email communications, and then spring in to trick the hacked users’ business partners into paying invoices into wrong bank accounts.


Image: Microsoft

Per Microsoft, the most targeted accounts in BEC scams were the ones for C-suites and accounting and payroll employees.

But Microsoft also says that phishing isn’t the only way into these accounts. Hackers are also starting to adopt password reuse and password spray attacks against legacy email protocols such as IMAP and SMTP. These attacks have been particularly popular in recent months as it allows attackers to also bypass multi-factor authentication (MFA) solutions, as logging in via IMAP and SMTP doesn’t support this feature.

Furthermore, Microsoft says it’s also seeing cybercrime groups that are increasingly abusing public cloud-based services to store artifacts used in their attacks, rather than using their own servers. Further, groups are also changing domains and servers much faster nowadays, primarily to avoid detection and remain under the radar.

Ransomware groups

But, by far, the most disruptive cybercrime threat of the past year have been ransomware gangs. Microsoft said that ransomware infections had been the most common reason behind the company’s incident response (IR) engagements from October 2019 through July 2020.

And of all ransomware gangs, it’s the groups known as “big game hunters” and “human-operated ransomware” that have given Microsoft the most headaches. These are groups that specifically target select networks belonging to large corporations or government organizations, knowing they stand to receive larger ransom payments.

Most of these groups operate either by using malware infrastructure provided by other cybercrime groups or by mass-scanning the internet for newly-disclosed vulnerabilities.


Image: Microsoft

In most cases, groups gain access to a system and maintain a foothold until they’re ready to launch their attacks. However, Microsoft says that this year, these ransomware gangs have been particularly active and have reduced the time they need to launch attacks, and especially during the COVID-19 pandemic.

“Attackers have exploited the COVID-19 crisis to reduce their dwell time within a victim’s system – compromising, exfiltrating data and, in some cases, ransoming quickly – apparently believing that there would be an increased willingness to pay as a result of the outbreak,” Microsoft said today.

“In some instances, cybercriminals went from initial entry to ransoming the entire network in under 45 minutes.”

Supply-chain security

Another major trend that Microsoft chose to highlight was the increased targeting of supply chains in recent months, rather than attacking a target directly.

This allows a threat actor to hack one target and then use the target’s own infrastructure to attack all of its customers, either one by one, or all at the same time.

“Through its engagements in assisting customers who have been victims of cybersecurity intrusions, the Microsoft Detection and Response Team has observed an uptick in supply chain attacks between July 2019 and March 2020,” Microsoft said.

But Microsoft noted that while “there was an increase, supply chain attacks represented a relatively small percentage of DART engagements overall.”

Nonetheless, this doesn’t diminish the importance of protecting the supply chain against possible compromises. Here, Microsoft highlights dangers coming from the networks of Managed Service Providers (MSPs, third-parties that provide a very specific service and are allowed to access a company’s network), IoT devices (often installed and forgotten on a company’s network), and open-source software libraries (which make up most of a company’s software these days).

Nation-state groups

As for nation-state hacking groups (also known as APTs, or advanced persistent threats), Microsoft said this year has been quite busy.

Microsoft said that between July 2019 and June 2020, it sent out more than 13,000 nation-state notification (NSN) to its customers via email.

According to Microsoft, most were sent for hacking operations linked back to Russian state-sponsored groups, while most of the victims were located in the US.


Image: Microsoft

These email notifications were sent for email phishing attacks against its customers. Microsoft said it tried to counter some of these attacks by using court orders to seize domains used in these attacks.

Over the past year, Microsoft seized domains previously operated by nation-state groups like Strontium (Russia), Barium (China), Phosphorus (Iran), and Thallium (North Korea).

Another interesting finding of the Microsoft Digital Defense Report is that the primary targets of APT attacks have been non-governmental organizations and the services industry.

This particular finding goes against the grain. Most industry experts often warn that APT groups prefer to target critical infrastructure, but Microsoft says its findings tell a different story.

“Nation state activity is more likely to target organizations outside of the critical infrastructure sectors by a significant measure, with over 90% of notifications served outside of these sectors,” Microsoft said.

As for the techniques that have been preferred this past year (July 2019 to June 2020) by nation-state groups, Microsoft noted several interesting developments, with the rise of:

  • Password spraying (Phosphorus, Holmium, and Strontium)
  • Use of penetration testing tools (Holmium)
  • The use of ever-more-complex spear-phishing (Thallium)
  • The use of web shells to backdoor servers (Zinc, Krypton, Gallium)
  • The use of exploits targeting VPN servers (Manganese)

Image: Microsoft

All in all, Microsoft concludes that criminal groups have evolved their techniques over the past year to increase the success rates of their campaigns, as defenses have gotten better at blocking their past attacks.

Just like in years prior, the entire cybersecurity landscape appears to be sitting on a giant merry-go-round, and constant learning and monitoring is required from defenders to keep up with the ever-evolving attackers, may them be financially-motivated or nation-sponsored groups.

Let’s block ads! (Why?)

Source link

Continue Reading


OnePlus CEO confirms we're not getting an 8T Pro this year – MobileSyrup



As we inch closer to OnePlus’ October 14th event, the company’s CEO has clarified that fans should only get excited about the OnePlus 8T because there won’t be an 8T Pro.

This isn’t a huge surprise since there have been no leaks regarding a higher-level phone.

That said, if you’ve seen the battery and screen specs that the company has shared plus some of the leaks, you’ll know that the 8T is stacking up to be a flagship-level device in its own right.

Last year in Canada, OnePlus only released the 7T in Canada with no 7T pro, so the fact that there’s no pro version this year shouldn’t rattle Canadians too much.

The 8 Pro is still a good option as well since it also has a 120Hz display and a fairly modern chipset. If the 8T leaks are correct, the 8 Pro will be a bit of a larger phone, so people who like giant phones will likely be happier with the 8 Pro.

Beyond the lack of an 8T Pro, OnePlus also mentioned recently that the 8T is going to come with OxygenOS 11 right out of the box. In the OxygenOS 11 beta for the OnePlus 8 and 8 Pro, there are still a lot of bugs, so hopefully, OnePlus can address these before the 8T ships.

Source: 9to5Google

Let’s block ads! (Why?)

Source link

Continue Reading


US judge says Epic was dishonest when it added direct payments to Fortnite – MobileSyrup



A U.S. judge criticized Epic Games for being dishonest during the first court hearing in the ongoing antitrust lawsuit between the Fortnite maker and Apple.

Judge Yvonne Gonzalez Rogers of the United States District Court for the Northern District of California heard arguments from both companies during a three-hour Zoom hearing Monday. Gonzalez Rogers expressed skepticism about Epic’s arguments, especially its claim that it didn’t pose a security threat to Apple.

According to a report from CNN, the judge said that Epic lied and “that’s the security issue.” Gonzalez Rogers went on to say that “there are a lot of people in the public who consider [Epic] heroes for what [they] did, but it’s still not honest.”

Epic has long argued that it was standing up to Apple’s “monopoly.” The game maker says that Apple’s control over iOS and the App Store allows it to force developers into using its payment method and thus hold up monopolistic control over apps.

It all started with a payment system

Back in August, Epic introduced a direct payment method in its popular Fortnite game, which allowed it to bypass Apple’s 30 percent App Store fee. Apple charges the fee for any payments that use its in-app payment method, and also restricts developers from using other payment methods with its App Store guidelines.

Because Fortnite‘s new direct payment directly violated Apple’s rules, it kicked the game off the App Store. Epic responded in turn with a lawsuit. It’s worth noting similar events took place with Google’s Play Store on Android devices. However, a significant difference between the two is that Google allows third-party app stores and the installation of apps from sources outside of the Play Store. As such, Fortnite fans could still get the game on Android by downloading it from other places. Players on iOS can only get the game through the App Store.

After Epic sued Apple, both companies engaged in back-and-forth attacks on each other, ranging from petty to serious. For example, Epic said Apple threatened to terminate its Unreal Engine developer account, which isn’t associated with Fortnite. Gonzalez Rogers previously ruled that Apple can’t terminate that account, but was free to terminate the developer account Epic used for Fortnite. At the same time, the judge ruled Apple didn’t have to return Fortnite to the App Store.

Likewise, Epic also engaged in a public relations campaign positioning itself as the good guy with an ad mimicking Apple’s famous ‘1984’ commercial. Epic added a playable character called ‘Tart Tycoon’ to Fortnite as well. Apple sued Epic seeking damages for harm to its reputation over the campaign. These are just a few examples of the fight between the two companies.

Throughout the lawsuit, Epic petitioned the courts to force Apple to allow Fortnite back on the App Store. That included arguing that the game’s removal caused it irreparable harm. Apple responded in turn, saying Epic used the lawsuit to draw attention to the game as interest waned.

Judge feels the antitrust questions deserve a jury

The hearing didn’t answer any of the looming questions about the antitrust allegations or whether Apple would have to return Fortnite to the App Store. For the latter, the New York Times reports a decision will arrive in the coming days. I don’t expect it to be in Epic’s favour, considering Gonzalez Rogers previously ruled Apple didn’t have to reinstate Fortnite and seems unconvinced by Epic’s arguments.

As for the bigger questions about antitrust, Gonzalez Rogers believes the they are important enough that the case be taken to a jury trial in July 2021.

However, CNN reports that Gonzalez Rogers wasn’t persuaded by Epic’s argument that Apple’s bundled App Store and payment method violate antitrust law. The judge also didn’t completely agree that Apple harmed Epic’s ability to distribute Fortnite through control of the App Store.

“Walled gardens have existed for decades. Nintendo has had a walled garden. Sony has had a walled garden. Microsoft has had a walled garden. What Apple’s doing is not much different… It’s hard to ignore the economics of the industry, which is what you’re asking me to do,” Gonzalez Rogers said.

Epic isn’t the only company taking issue with Apple’s policies

However, Epic’s lawsuit has become something of a rallying cry for many developers who feel they’ve been wronged by Apple’s App Store guidelines. Last week, several companies formed the Coalition for App Fairness, which aims to “defend the fundamental rights of creators to build apps and to do business directly with their customers,” according to Epic CEO Tim Sweeney. Along with Epic, the coalition includes Spotify, Tile and Match Group, which owns several dating services including Tinder and Hinge.

Many developers have accused Apple of applying its App Store rules unfairly, especially in the last few months. For example, a group of news publishers sent a letter to Apple seeking a deal that reduces the 30 percent cut the company takes from subscription services. The letter cited a similar deal Apple gave to Amazon, which CEO Tim Cook testified in a congressional hearing was available to any developer that met the criteria. Apple has not shared what those criteria are.

Epic has also pointed out that Apple’s in-app payment rules differ from app to app, and listed several other services that aren’t forced to use Apple’s system. Finally, there was an instance where Apple blocked updates to the WordPress iOS app until the developer added in-app payments. The company later back-pedalled on the move.

Source: CNN, New York Times Via: The Verge

Let’s block ads! (Why?)

Source link

Continue Reading