The Kodi Foundation learned that a dump of the Kodi user forum, MyBB software, was being sold on online forums.
Kodi is a multi-platform, open-source media player, manager, and streaming suite. It supports a wide range of third-party add-ons, which give users access to content from numerous sources and let them personalize their viewing.
A total of 3 million posts were made on the Kodi forum by its 401,000 users, who used it to talk about media streaming, share new add-ons, offer help, and more.
Attackers Stole the Forum Database by Logging into the Admin Console
Reports say MyBB admin logs reveal that on February 16 and February 21, the web-based MyBB admin console was accessed using the account of a reliable but presently inactive member of the forum admin team.
Database backups were made using the account, downloaded, and then removed. It also downloaded the database’s existing nightly full backups. The account owner indicated they did not perform these operations using the admin console.
The admin team disabled the compromised account after this incident and started to investigate.
“The nightly full backups that were downloaded expose all public forum posts, all team forum posts, all messages sent through the user-to-user messaging system, and user data including forum username, email address used for notifications, and an encrypted (hashed and salted) password generated by the MyBB (v1.8.27) software”, according to Kodi Forum Data Breach Notification.
Kodi has not yet discovered proof of unauthorized access to the MyBB software server.
Kodi cautions that even if the passwords were hashed and salted, they should all now be regarded as compromised. The admin team is planning a global password reset that may unavoidably affect service availability.
“Users must assume their Kodi forum credentials and any private data shared with other users through the user-to-user messaging system is compromised,” suggest Kodi.
“If you have used the same username and password on any other site, you should follow the password reset/change procedure for that site.”
Setting Up a New Forum Server
The administrators of Kodi told the community earlier today that they are setting up a new forum server even though they have not detected any indications of intrusion on the current ones.
With the most recent MyBB release, the forum will be relaunched. A delay of several days is expected because there is a lot of work to backport security fixes and incorporate customized functional modifications.
Also, Kodi is adopting the uncommon step of providing the Have I Been Pwned data breach reporting service with a list of exposed email addresses linked to forum accounts.
Subscribers of the Have I Been Pwned service will be notified if their email address was among the exposed data once this data has been placed into HIBP. If you don’t subscribe to HIBP, you may still input your email address to view a list of all data breaches that include it.
“The admin team would like to conduct formal penetration testing once the forum and other services are back online,” Kodi said.
In the last 12 months, the UK has been second only to the USA in terms of ransomware attacks, and its education sector has been subjected to a feeding frenzy by Vice Society.
This article is based on research by Marcelo Rivero, Malwarebytes’ ransomware specialist, who monitors information published by ransomware gangs on their dark web sites. In this report, “known attacks” are attacks where the victim opted not to pay a ransom. This provides the best overall picture of ransomware activity, but the true number of attacks is far higher.
Between April 2022 and March 2023, the UK was a prime target for ransomware gangs. During that period:
The UK was the second most attacked country in the world.
Royal Mail was hit with the largest known ransom demand ever: $80 million.
The education sector was hit far harder than in other countries.
The UK was a prime target for Vice Society, which targets education.
In August 2022, a ransomware attack on IT supplier Advanced caused widespread outages across the UK’s National Health Service (NHS), the biggest employer in Europe and the seventh largest in the world. The attack affected services including patient referrals, ambulance dispatch, out-of-hours appointment bookings, mental health services and emergency prescriptions.
Later that year, British newspaper The Guardian experienced a major ransomware attack that shut down part of its IT infrastructure. The Guardian, which operates one of the most visited websites in the world, described the incident as a “highly sophisticated cyberattack involving unauthorised third-party access to parts of our network”, most likely triggered by a successful phishing attempt.
In January 2023, Britain’s multinational postal service, Royal Mail, was attacked by LockBit, arguably the world’s most dangerous ransomware, which demanded the biggest ransom we have ever seen anywhere, in any country: $80 million. Royal Mail rejected the demand, calling it ‘absurd’, and LockBit consequently published the files stolen from the company alongside an illuminating transcript of the negotiation between the two parties.
The UK: Just like the USA
In the 12 months from April 2022 to March 2023, the UK suffered more known ransomware attacks than any country other than the USA. However, the sheer number of ransomware attacks in the USA dwarfs all other countries. Given the disparity between the USA and the UK it would be easy to conclude that ransomware is, first-and-foremost, a USA problem.
It is not.
Known attacks in the ten most attacked countries, April 2022 – March 2023
The USA suffered a little over seven times more attacks in the last twelve months than the UK and it is perhaps not a coincidence that the USA’s economic output, measured by gross domestic product (GDP), was also about seven times larger than the UK.
We can account for the difference in the size of countries’ economies by dividing the number of known ransomware attacks by a country’s nominal GDP, which gives us an approximate rate of attacks per $1T of economic output. On that basis, the USA and the UK suffered nearly identical rates of attack, at around 50 known attacks per $1T.
Measured this way, the UK is third, almost a mirror of its Atlantic cousin and quite different from its geographic and economic near neighbours, France and Germany. In other words, on this measure, ransomware gangs appear to make no distinction between the UK and the USA.
The ten most attacked countries between April 2022 – March 2023, ordered by attacks per $1T GDP
Another way to account for the vast difference in size in countries in the top ten is to divide known attacks by each country’s population. On that measure, the UK ranks fourth, and again suffers a far higher rate of attacks than either France or Germany.
The ten most attacked countries between April 2022 – March 2023, ordered by attacks per capita
The most likely explanation for the difference between the UK, France and Germany is language. To make serious money, ransomware gangs have to be able to attack businesses in the USA. They have to be able to operate inside company networks where things are written in English, understand the value of the English-language data they’ve stolen, and negotiate in English.
However you rank the top ten, English-speaking countries occupy at least three of the top five positions. In the per-capita list they occupy four. It seems that when it comes to ransomware, speaking English may be a serious drawback, which helps ensure the UK is a prime target.
Education, education, education
Over the last 12 months, the education sector in the UK suffered far more than in other countries. Education was the target in 16% of known attacks in the UK, but only 4% in France and Germany, and 7% in the USA.
Known ransomware attacks by industry sector in the UK, April 2022 – March 2023
Our data shows that one of the main reasons for this is Vice Society, an extremely dangerous ransomware group with an appetite for the education sector.
In 2022, LockBit was used in 31% of known attacks globally, 3.5 times more than its nearest competitor, ALPHV. (You can read much more about why LockBit is the number one threat to your business in our 2023 State of Malware report.) As you’d expect, given its global preeminence, LockBit was also the most widely used ransomware in the UK in the last twelve months.
However, in the UK, Vice Society was second, not ALPHV.
Known attacks by the ten most used ransomware in the UK, April 2022 – March 2023
In fact, the UK is one of Vice Society’s favourite targets, accounting for 21% of the group’s known attacks in the last 12 months, a close second to the USA which accounted for 23%, and vastly more than the next country, Spain, which accounted for 8%.
Sadly, Vice Society’s disproportionate interest in the UK lands squarely on the education sector.
76% of Vice Society’s known attacks in the UK over the last 12 months hit the education sector, and Vice Society was responsible for 70% of known attacks on UK education institutions.
Known ransomware attacks by month on the UK education sector, by gang, April 2022 – March 2023
It is worth remembering that our numbers only reflect attacks where a ransom wasn’t paid, and the true number of attacks is far larger.
In 2023, the BBC reported on 14 schools in the UK that were attacked by Vice Society including Carmel College, St Helens, Durham Johnston Comprehensive School (hacked in 2021, documents posted online in January 2022), and Frances King School of English, London/Dublin.
Vice Society doesn’t reinvent the wheel in terms of how it breaks in to its victim’s networks. It uses familiar techniques such as phishing, compromised credentials, and exploits to establish a foothold.
Vice Society is also known to use legitimate software in its attacks, to avoid detection by security tools. This technique, known as “living off the land”, allows the gang to hide in plain sight on victim’s networks. One of the tools it favours is Windows Management Instrumentation (WMI), which is designed for administrators to manage and monitor computers from a remote location. The only effective way to spot attackers who are living off the land is with EDR software operated by trained security staff, or with a service like MDR.
We can only speculate about why Vice Society has such an appetite for UK schools, colleges, and universities, but we know the sector is not exactly awash with money. Education in the UK has suffered a significant drop in funding in the last decade, according to the non-partisan Education Policy Institute, which says that “between 2009–10 and 2019–20, spending per pupil in England fell by 9 percent in real terms.”
Following a spike in inflation in 2022, the UK’s largest teaching union voted to strike for better pay for its members. The strikes themselves are not the cause of education’s susceptibility to ransomware, but they are indicative of the deteriorating financial situation in UK education.
In 2021, this author interviewed a number of people involved in providing cyberprotection for UK schools. The picture in each was the same: Cybersecurity was one responsibility among many being carried by very small numbers of IT staff who were under tremendous pressure, and ill-equipped to fight off the attentions of a ransomware gang like Vice Society.
Conclusions
In the last 12 months there was no hiding place for organisations in the UK. Our analysis of total known attacks, known attacks per $1T of GDP, and known attacks per capita, shows that ransomware gangs treated the entire Anglosphere, not just the USA, as their prime hunting ground. As part of that group, the UK was on the front line against ransomware, and will almost certainly remain there.
Within the UK, the education sector was disproportionately affected. It suffered far more known attacks than education in France or Germany, and accounted for a much higher proportion of known attacks than education did in the USA. The vulnerability of the education sector was exposed by Vice Society, a ruthless ransomware gang with an outsized appetite for education targets. In the last 12 months, Vice Society was as active in the UK as it was in the USA. While LockBit remains the most dangerous ransomware in the world for almost all sectors in almost all countries, in the cash-strapped UK education sector Vice Society is the most dangerous predator.
The education sector in the UK should be alarmed that with an entire world of targets to choose from, ransomware gangs have singled it out for disproportionate attention. More than any other sector, it will need to rethink, reskill and retool its approach to ransomware to fend off the determined attentions of attackers who smell an opportunity.
Detect intrusions. Make it harder for intruders to operate inside your organization by segmenting networks and assigning access rights prudently. Use EDR or MDR to detect unusual activity before an attack occurs.
Stop malicious encryption. Deploy Endpoint Detection and Response software like Malwarebytes EDR that uses multiple different detection techniques to identify ransomware, and ransomware rollback to restore damaged system files.
Create offsite, offline backups. Keep backups offsite and offline, beyond the reach of attackers. Test them regularly to make sure you can restore essential business functions swiftly.
Don’t get attacked twice. Once you’ve isolated the outbreak and stopped the first attack, you must remove every trace of the attackers, their malware, their tools, and their methods of entry, to avoid being attacked again.
Malwarebytes removes all remnants of ransomware and prevents you from getting reinfected. Want to learn more about how we can help protect your business? Get a free trial below.
In a recent update on the Android Developer Blog, the arrival of the app auto-archive feature got confirmation. This feature is similar to one that has been available on iOS devices for a long time. Seeing this feature make its way to Android devices is a big deal as it will be helpful to lots of users.
With this coming feature, Android users will be able to deactivate their apps to free up space. Currently, if you need more space on your Android device, you might need to uninstall some apps. Well, the Android Developer community says that you won’t need to uninstall your apps to free up space any more.
So how exactly can you free up your phone’s storage without uninstalling any apps? The simple answer to that question is ‘app auto-archive,’ and you will soon be able to make use of this feature. But how can you access and make use of this feature if your device is running low on storage space?
Everything you need to know about the coming app auto-archive feature
With this new feature, Android is mimicking Apple, which already has a similar feature. On iOS devices, instead of uninstalling apps, users can simply offload apps. This is a solid replacement for uninstalling apps, as it simply deactivates the app until you need to use it again.
Now the Android community is set to receive a similar feature to help deactivate apps instead of uninstalling them. This feature is ideal for those looking to free up some space on their Android device. So users get to free up to 60% of an app’s storage space instead without uninstalling the said app.
Access to this feature will be found on the Play Store, as Google will give developers the option to activate this feature with their apps. Developers will be to activate auto-archive for their apps with the App Bundle publish system.
If developers don’t use the App Bundle system, they won’t be able to activate the app auto-archive feature. Google keeps this feature exclusive to developers that make use of the App Bundle to publish their apps. Once the app auto-archive feature rolls out, developers will be able to add it to their apps via an update.
Users will then be able to opt into the app auto-archive feature across their Android devices. This will take place on the Play Store while installing an app or making an update that comes with the auto-archive feature. A pop-up window will allow users to enable or disable this feature.
Turning on this feature will archive apps on your device that you haven’t used in a while. The archived apps will appear on the home screen with a cloud icon overshadowing them to tell them apart from other apps. This will be a very easy way to manage the storage on your device, especially if you have lots of apps on your device.
Apple Music is one of the bigger music streaming services out there, behind Spotify. It is one of the more expensive services, actually. And that’s mostly because it just issued a price hike a few months ago. It is now $10.99 per month, compared to $9.99 for Spotify. While students can get Apple Music for just $5.99 per month.
With Apple Music, you can listen to over 100 million songs, and get over 30,000 playlists, all ad-free. It also includes Spatial Audio and Dolby Atmos for audio, which sounds incredible, with the right pair of headphones. Apple Music is one of the only ones offering that, right now. YouTube Music and Spotify are supposed to add it, as well as Lossless in the future, but there’s no word as to when that will happen. It also offers Apple Music Sing, so you can use Apple Music for karoake, as well as Apple Music Classical. Classical is another app, but if you are big into classical music then it’s worth checking out.
But what if we told you that you could get Apple Music for free? Well, you can. And there are a few different ways that you can do this.
Verizon Unlimited
If you want Apple Music free, forever, then Verizon is the best option. On two of its Unlimited plans, it offers Apple Music for free, as long as you keep the plan. Both of these plans are $90 per month for a single line, or as low as $45 per month for five lines.
One Unlimited for iPhone
This is a newer plan from Verizon, which it debuted with the iPhone 14 in late 2022. It’s basically a plan made specifically for iPhone users. You get all the good stuff that Verizon offers like unlimited 5G UW data, 25GB of premium mobile hotspot data, as well as Apple One.
So with Apple One included here, you’ll get Apple Music, Apple TV+, Apple Arcade and iCloud+ included. And you’ll also get up to 50% off a watch, tablet, hotspot or Hum plan.
If you use a lot of Apple’s services already, then this is a really good plan to check out. It can be quite pricey, if you’re not on a family plan however. But where that Apple One plus connectivity is valued at $42.95/month, that’s about half the cost of the actual plan right there.
5G Get More
Verizon’s 5G Get More plan is available with quite a few things included. Not only do you get Apple Music for free, but you also get the Disney+ bundle for free. That includes Disney+, ESPN+ and Hulu. You’ll also get Apple Arcade or Google Play Pass included.
On top of all that, Verizon will take 50% off of a watch, tablet, hotspot or Hum plan. Gives you one TravelPass day per month and 600GB of Verizon Cloud for free. Which makes it a great plan for those that do some traveling, and uses multiple devices.
Apple One plan
While not technically “free” you can get Apple Music included in the Apple One subscription plan, which does also include the other Apple services like TV+, Arcade, iCloud+, News+ and Fitness+.
Apple has three Apple One plans available – Individual, Family and Premier. Individual starts at $16.95 per month, and gives you 50GB of iCloud+, Apple TV+, Apple Music and Apple Arcade. If you purchased these by themselves, you’d be paying $23.96 per month. So it’s not too shabby.
Of course, the better plan, in our opinion is the Premier plan. This one is $32.95 per month. It comes with 2TB of iCloud+ storage, Apple TV+, Apple Music, Apple Arcade, Apple Fitness+ and Apple News+. Separately these would cost you $58.94 per month. This one, unlike the individual plan, can be shared with up to five people. So you can split the cost as well, making that $32.95 a whole lot less.
Best Buy
Over at Best Buy, they will give you a free four-month trial to Apple Music (as well as three months for Apple TV+ and three months of iCloud+), with the purchase of almost any Apple product. This includes MacBooks, Apple Watches, iPads, iPhones and much more. And it is also available for new and returning subscribers. You just can’t be a current subscriber to these services.
It’s pretty easy to redeem as well. Once you purchase your product, Best Buy will send you an email about how to claim these freebies. And you’ll be able to claim your free four months of Apple Music.
As a warning, these freebies do tend to change up every so often. So while right now it is four months free, it may not always be four months. It could be three or six. So be sure to checkout Best Buy, as these will change based on what Apple is offering.
Apple Music free trial
While a lot of streaming services are ditching the free trial, Apple Music has kept it. At least for now. With the free trial, you’ll get a month of the service for free. Just head to the Apple Music web page in your browser, or open the Apple Music app on your phone to get started.
Now, if you had Apple Music, and then ditched it for something else and now want to come back, Apple will sweeten the deal. After an unspecified amount of time, Apple may send you a notification about coming back to Apple Music and getting between three and six months free. Or getting between three and six months for just $10.99 (the cost of a single month), to join Apple Music again.
MERCURY, an Iranian nation-state group, has recently been detected by Microsoft’s Threat Intelligence team operating under the guise of a ransomware attack in hybrid environments.
Since 2017, MERCURY has been conducting espionage campaigns against targets in the Middle East, and this state-sponsored group is financially motivated.
In their current ongoing operation, they are actively targeting both on-premises and cloud environments. As a result of the unrecoverable actions, the operation’s primary objectives were destruction and disruption.
The U.S. government has publicly connected MuddyWater (aka MERCURY) to the Ministry of Intelligence and Security (MOIS), a government agency in Iran linked to this group.
Other Names of MERCURY
While the cybersecurity community has tracked this group under several names, we have listed them below:-
Boggy Serpens
Cobalt Ulster
Earth Vetala
ITG17
MuddyWater
Seedworm
Static Kitten
TEMP.Zagros
Yellow Nix
Microsoft found that MERCURY partnered with DEV-1084, a known cyber-espionage group, to execute lethal attacks. DEV-1084 acted after MERCURY gained access to the target environment.
Links Between DEV-1084 and MERCURY
Here below, we have mentioned all the key links between DEV-1084 and MERCURY:-
DEV-1084 was observed sending threatening emails from an IP address (146.70.106[.]89) linked to MERCURY.
DEV-1084 used the same VPN provider (MULLVAD VPN), historically used by MERCURY.
DEV-1084 used Rport and a customized version of Ligolo, the tools that MERCURY also used in previous attacks.
DEV-1084 used the vatacloud[.]com domain for command and control (C2) during the incident is the same domain that MERCURY operators control.
Technical Analysis
In Microsoft’s assessment, it has been observed that the MERCURY operators have exploited an unpatched internet-facing device to access the targets. DEV-1084 was then given access by Mercury to carry out the work.
Once the threat actors gain access, they use various tools and techniques to maintain persistence. At the same time, this allows them to maintain access to the compromised devices over an extended period.
After implementing this whole proceeding, the threat actors get the following abilities:-
Installing web shells
Adding a local user account and elevating privileges to the local administrator
Installing legitimate remote access tools, such as RPort, Ligolo, and eHorus
Installing a customized PowerShell script backdoor
Stealing credentials
After compromising the highly privileged credentials, DEV-1084 subsequently exploited it to encrypt on-premise devices and delete large amounts of cloud elements like:-
Server farms
Virtual machines
Storage accounts
Virtual networks
Moreover, the malicious actors ultimately control email inboxes by exploiting the Exchange Web Services. Here, they utilize this access to carry out many search operations.
Through this, they detect the identity of a prominent organization member, enabling them to transmit messages to internal and external addressees.
The above-mentioned actions were estimated to have occurred over approximately three hours between 12:38 am in the morning and 3:21 am in the morning, which is the ending time.
DEV-1084, as of right now, cannot be confirmed to be an autonomous threat actor, nor can there be any concrete evidence to support the claim that it operates alongside other Iranian threat actors.
Yum! Brands, owner of KFC, Pizza Hut, and other fast food chains, was breached in January. It recently found employee data has been compromised.
Upon learning that attackers accessed and siphoned data in January, Yum! Brands, the fast-food chain operator behind The Habit Burger Grill, KFC, Pizza Hut, and Taco Bell, has begun sending Notice of Security Breach letters to employees whose data were potentially affected.
“We are writing to provide you with information about a cybersecurity incident involving your personal information that occurred mid-January 2023,” says the breach notice. While the company finds “no evidence of identity theft or fraud” involving the stolen data, it says it is contacting employees “out of an abundance of caution” to provide support and resources they might need.
The notice revealed that employee names, driver’s license numbers, and other ID card numbers are among the data that ransomware attackers took.
According to BleepingComputer, Yum! Brands has yet to provide the number of employees whose data threat actors stole during the attack.
The January ransomware attack
Over three months ago, Yum! Brands said it had experienced a ransomware attack that affected its IT systems, forcing it to close less than 300 restaurant chains in the UK for a day.
“Promptly upon detection of the incident, the Company initiated response protocols, including deploying containment measures such as taking certain systems offline and implementing enhanced monitoring technology,” the company said in a statement. “The Company also initiated an investigation, engaged the services of industry-leading cybersecurity and forensics professionals, and notified Federal law enforcement.”
In its filing with the Securities and Exchange Commission (SEC) in January, Yum! Brands assured investors that although the attack caused a temporary disruption, there would be no negative financial impact.
“While this incident caused temporary disruption, the Company is aware of no other restaurant disruptions and does not expect this event to have a material adverse impact on its business, operations or financial results,” the Form 8-K mentioned.
“…no material adverse effect…”
Yum! Brands continues to believe the ransomware incident would not cause adverse operational or financial effects in the long run.
“While the Company’s response to this incident is ongoing, at this time we do not believe such impact of the incident will ultimately have a material adverse effect on our business, results of operations or financial condition,” the company says in its 2022 annual report to the SEC which it filed on Friday.
The firm has yet to disclose the ransomware group behind the attack.
Detect intrusions. Make it harder for intruders to operate inside your organization by segmenting networks and assigning access rights prudently. Use EDR or MDR to detect unusual activity before an attack occurs.
Stop malicious encryption. Deploy Endpoint Detection and Response software like Malwarebytes EDR that uses multiple different detection techniques to identify ransomware, and ransomware rollback to restore damaged system files.
Create offsite, offline backups. Keep backups offsite and offline, beyond the reach of attackers. Test them regularly to make sure you can restore essential business functions swiftly.
Don’t get attacked twice. Once you’ve isolated the outbreak and stopped the first attack, you must remove every trace of the attackers, their malware, their tools, and their methods of entry, to avoid being attacked again.
Malwarebytes removes all remnants of ransomware and prevents you from getting reinfected. Want to learn more about how we can help protect your business? Get a free trial below.
GeForce NOW isn’t the only cloud gaming service out there, but it is now perhaps the best showcase for the technology, with over 1,500 games, and the recently launched RTX 4080 SuperPODs that Ultimate subscribers have access to. We spent some time early on with the new features to check things out prior to the official rollout on January 19, and have so far loved everything about the upgrade.
With so many available games though, you’d be forgiven for having trouble deciding on what to play. Especially if you’re a newcomer to the service and aren’t sure where to start. Obviously, you’ll want to use GeForce NOW to play the games you already play on a local machine. If you’re already playing them, then you’re probably having fun doing it. And gaming is about fun after all, so you should ultimately play the games you have fun with.
That being said, there are some games available on GeForce NOW that showcase the tech better than others, and we rounded up some of the best options as suggestions for where to start. Also keep in mind that with GeForce NOW you do need to own the game on a compatible platform like Steam, the Epic Games Store, Ubisoft Connect, or GOG. Also worth noting, is that the prices on these games change. Prices listed may not be the current price as some games will be on limited-time sales.
There’s few if any games that really push the limits of what PC gaming can do these days. And that’s precisely why it’s an excellent game to test out GeForce NOW with. In fact it’s one of the best GeForce NOW games with the arrival of the RTX 4080 SuperPODs that launched on January 19.
As long as you’re subscribed to the Ultimate plan, and in my opinion you should be, you’ll get to push this game to the limits. As I have tested it myself, you can crank the graphics all the way up to their absolute maximum. And the game looks and runs great. Cyberpunk 2077 definitely had its rough patches in the early days of its launch. But it’s in a much better spot now and is a wonderful game to behold.
A story that you definitely want to play more than once just to experience the different endings. Although, the combat and build crafting are definitely two of the main reasons to check it out.
If you think you’ll like Cyberpunk 2077, then you will love The Witcher 3. The best part is that if you pick up the game right now, you can get the Complete Edition for $9.99 on GOG (Steam also has it for this price). Which comes with both DLC expansions, Hearts of Stone and Blood and Wine, in addition to the base game. This is normally a $49.99 bundle. Still a good deal, but $10 is a much better deal.
With all of that content, there is hours upon hours of gameplay. With many quests and a vast, sprawling world to explore as Geralt. Plus, the PC version of the game just received all the next-gen upgrades just like PS5 and Xbox Series X. So it’ll look even better with the Ultimate plan.
Destiny 2 is hands down one of the best games out right now not just for its gunplay, but its ever-growing story and the multitudes of activities. As a live service MMO first-person shooter, there’s a lot to dig into. And because it’s multiplayer you can enjoy it with friends. Like any live service game Destiny 2 has its lulls. But overall it’s a really fun game to play and works great on GeForce NOW.
It also runs great on PC as well as on mobile devices, and dedicated devices like the Logitech G Cloud. Giving you tons of options for what screen to play it on. If you’ve never tried Destiny 2 before, definitely give it a shot if you like first-person shooters but also really enjoy rich narrative and multiplayer activities.
Ghostrunner is a perfect example of a game you’d want to try on GeForce NOW. For one, it’s a fast-paced first-person combat game where you play a ninja of sorts. Super-fast reflexes are key to survival in the game. And that means you’re going to want a fast frame rate to ensure there’s no latency with your in-game actions.
It also supports RTX On features for better visuals. Ghostrunner is employs one-hit-one-kill mechanics so there’s definitely a challenge to overcome. But if you can get past the initial hurdle, you’ll be sucked in and hungry for more.
Similar to Ghostrunner in a few ways, Blind Fate: Edo No Yami has both a sort of dystopian, cyberpunk aesthetic and a more challenging style of gameplay. While it’s not one-hit-one-kill, getting through the game won’t be a cakewalk. It’s a souls-like hack and slash which means you will have your work cut out for you.
Aside from that, it also features the RTX On support like Ghostrunner, Witcher 3, and many others on this list. Giving it a good baseline for testing out all the cool features that GeForce NOW has to offer.
As an action adventure game, A Plague Tale: Requiem is rich with story and has a narrative plot that will both intrigue you and feel gut wrenching at times. You play as the siblings Amicia and Hugo, looking for a place to start a new life after fleeing their homeland. You quickly find out however, that it really isn’t so easy thanks to Hugo’s curse. A Plague Tale: Requiem takes you to a fabled island where you just might be able to find a way to save Hugo.
But you’ll certainly have to pay a price. And you’ll soon find that the cost may be harder to live with than you expected. As yet another game with RTX On support, it also looks great as you play through it.
Midnight Suns comes from the geniuses over at Firaxis, the studio behind the wildly popular XCOM and XCOM 2. A major difference between those two games and Midnight Suns though is that this is a tactical RPG. Laden with story elements that XCOM didn’t have as it was more of a strategy game.
Midnight Suns does still carry with it plenty of that tactical gameplay DNA. While you do get to play with some of the most well-known heroes in the Marvel universe, your actual character is a fully customizable super-hero that you create. On your journey to stop Lilith, you can form relationships with some of the other team members, build out your stats and abilities, and introduce upgrades that will help you in later stages.
Combat is done exceptionally well and graphically, some of the fights look quite amazing with all of the ability effects. And, the game is currently on sale till February 9 via the Epic Games Store.
Apex Legends hardly needs an introduction thanks to its wild popularity. That said, it’s one of the few shooters available on GeForce NOW that can support up to 240fps. If you’re subscribed to or sign up for the Ultimate membership, games can run up to 240fps as long as you have a monitor that supports 240Hz.
And with the newly launched RTX 4080 SuperPODs, this is the perfect game to test out those fast frames in the cloud. As a battle royale title you’re going to be going at it with loads of other players in a single match. So you’ll need quick reflexes and the ability to think on your feet.
Most of the games thus far have been more involved titles that are either steeped in action or overflowing with tense combat. LEGO Builder’s Journey features none of that. It’s a much more laid back, and relaxed gameplay experience filled with puzzles and platforming. And it supports RTX On so visuals actually look quite good.
You might think, it’s a LEGO game. How good could can it really look? But check out the trailer and see for yourself. If you’re looking for a more chill gaming experience, this is a good title to jump into. And it’s a great game for anyone no matter the age. Which means you can share it with your kids. It’s definitely one of the best games on GeForce NOW.
Portal is one of the defining PC games from a bygone era. And that’s where Portal with RTX steps in to fill its shoes. To be clear, this is the same Portal that fans have loved since the original. The only difference is that this has updated graphics and visual effects utilizing NVIDIA’s RTX On features. You do however have to own the original Portal to play this version of it. Thankfully, Portal is only $9.99 on Steam. So a pretty cheap game for a great experience.
Alongside the new name for the new streaming service, WBD has also announced pricing. The pricing isn’t that surprising, and is actually pretty competitive. So here’s it shakes up.
There’s going to be three plans for Max: Max Ad-Lite, Max Ad Free and Max Ultimate Ad Free.
Max Ad-Lite will be priced at $9.99. That’s going to get you two concurrent streams, 1080p resolution, no offline downloads and 5.1 surround sound quality. And of course, it is ad-supported.
Max Ad-Free will be priced at $15.99 per month, and will give you basically everything that Max Ad-Lite does, without the ads, and giving you offline downloads. You’re limited to 30 offline downloads, however.
Then there’s Max Ultimate Ad-Free. This one will cost you $19.99 per month, and offer up to four concurrent streams, up to 4K HDR resolution, Dolby Atmos sound quality and up to 100 offline downloads.
All in all, pricing is pretty similar to HBO MAX’s current setup
Surprisingly, the pricing here is actually very similar to what HBO MAX’s plans are currently. With the ad-supported tier being $9.99 and ad-free being $15.99 per month.
Warner Bros Discovery is branching out its ad-free tiers into two different tiers. And I think these pricing tiers are just fine. Not everyone wants nor needs 4K and Dolby Atmos. So including that in their Ultimate plan is fine. At least Max isn’t going to be charging you $15 per month for 480p resolution like Netflix was until recently. The lowest that Max will go is 1080p, which for everyone, is perfectly fine.
None of us like price increases, but this isn’t really an increase. It’s really the addition of a new tier. Not to mention the fact that you are getting all of the Discovery content baked into Max as well. So you’re getting a much larger library for the same price.
One fixed vulnerability is being actively exploited by a ransomware gang and many others were fixed in this month’s Patch Tuesday updates.
It’s Patch Tuesday again. Microsoft and other vendors have released their monthly updates. Among a total of 97 patched vulnerabilities there is one actively exploited zero-day.
Microsoft classifies a vulnerability as a zero-day if it is publicly disclosed or actively exploited with no official fix available. The Common Vulnerabilities and Exposures (CVE) database lists publicly disclosed computer security flaws. The actively exploited zero day is listed as CVE-2023-28252.
CVE-2023-28252 is an elevation of privilege (EoP) vulnerability in the Windows Common Log File System (CLFS) driver. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges, which is the highest level of privilege on Windows systems. This is the type of vulnerability that we can expect to see chained with other vulnerabilities. Once an attacker has access, EoP vulnerabilities allow them to exploit that access to the fullest.
CISA has already added the CVE-2023-28252 Windows zero-day to its catalog of Known Exploited Vulnerabilities, which means federal (FCEB) agencies have until May 2, 2023 to patch against it.
Given the reach and simplicity of exploitation, this vulnerability is bound to be very popular among cybercriminals, and so it should be patched as soon as possible. CLFS is present in all Windows versions and so is the vulnerability. Exploitation does not require any user interaction and the vulnerability is already in use by at least one ransomware gang.
Another vulnerability to keep an eye on is CVE-2023-28231, a DHCP Server Service remote code execution (RCE) vulnerability. It is rated as critical with a CVSS score of 8.8 out of 10. Even though the attacker would need access to the network to successfully exploit this vulnerability, Microsoft has it listed as “Exploitation more likely.”
Another one that Microsoft deems more likely to be exploited is CVE-2023-21554, an RCE vulnerability in Microsoft Message Queuing (MSMQ) with a CVSS score of 9.8 out of 10. To exploit this vulnerability, an attacker would need to send a specially crafted malicious MSMQ packet to a MSMQ server. This could result in remote code execution on the server side.
A few others we can expect to see, especially in the form of email attachments, are several RCE vulnerabilities in Microsoft Office, Word, and Publisher [2]. All these vulnerabilities require the user to open a malicious file. So this is something we can typically expect to see a lot in phishing campaigns.
Other vendors
Other vendors have synchronized their periodic updates with Microsoft. Here are few major ones that you may find in your environment.
Adobe has released security updates for several products:
Apple released emergency updates for two known-to-be-exploited vulnerabilities.
Cisco released security updates for multiple products.
Malwarebytes removes all remnants of ransomware and prevents you from getting reinfected. Want to learn more about how we can help protect your business? Get a free trial below.
The Samsung Galaxy S23 is one of the best compact smartphones in the market at the moment. Well, ‘compact’ is a relative term in the world of smartphones, but it is smaller than most flagship-grade phones out there. In this article, we’ll pit it against its predecessor. We’ll compare the Samsung Galaxy S23 vs Samsung Galaxy S22. You may find this useful if you plan on upgrading, or are trying to decide whether to get last year’s model, or a new one.
Now, these two phones are quite similar in many ways, but the Galaxy S23 does have several advantages you may be interested in. Samsung did improve some main aspects of the phone this time around. We’ll first list their specifications, and will then compare them across a number of categories. Those categories include design, display, performance, battery, cameras, and audio.
These two devices do look very similar. The main differentiating factor can be found on the back. The Galaxy S22 has a dedicated camera island, which has all three camera sensors in it. That camera island connects to the frame on the side. The Galaxy S23, on the other hand, has three cameras sticking out of its backplate, without a special camera island or anything of the sort. Other than that, the two phones are very similar.
They both combine a metal frame with a glass back, and have rounded corners with rounded display corners. The bezels are very thin on both phones, while both devices also have a display camera hole that is centered. The physical buttons are located on the right-hand side in both cases. The protection on the back is different, though. The Galaxy S23 includes a newer Gorilla Glass Victus 2, while the Galaxy S22 features Gorilla Glass Victus+.
In terms of size, there’s not much difference either. The Galaxy S23 is 0.3mm taller, and 0.3mm wider, but you won’t notice that, as the difference is so minimal. They’re also about the same weight, at 168 grams. Well, the regular Galaxy S22 model is 1 gram lighter, while the mmWave variant weighs 168 grams as the Galaxy S23. That’s really not a difference at all, they feel very similar in the hand, and that goes for the weight too. Both phones do feel quite premium, and they’re quite slippery. If you’re looking for a compact, premium-feeling handset, they’re both ready for the part.
Samsung Galaxy S23 vs Samsung Galaxy S22: Display
Both of these phones include a 6.1-inch fullHD+ (2340 x 1080) Dynamic AMOLED 2X display. That display offers a 120Hz refresh rate on both phones, and the same goes for HDR10+ support. We’re also looking at the same display aspect ratio of 19.5:9 here, and also the same pixel density, of course. Both of those panels are flat, but they are not identical, though. The Galaxy S23 does have two advantages.
The Galaxy S23’s display does get considerably brighter. It goes up to 1,750 nits of peak brightness, while the Galaxy S22’s display can reach 1,300 nits maximum. This can be achieved through adaptive brightness only, though, you can’t go that high via the manual slider. Another advantage that the Galaxy S23 has is display protection. It comes with the Gorilla Glass Victus 2, compared to the Gorilla Glass Victus+ on the Galaxy S22. That’s not exactly a big difference, though.
Both of these displays look great. They’re vivid, sharp, and offer good viewing angles. The touch response is also good, we had no issues with either device. That brightness difference could be a major advantage for some of you, though. If you do spend a lot of time outside, in direct sunlight, you will notice the difference. The Galaxy S22’s panel is plenty bright in general, though.
Samsung Galaxy S23 vs Samsung Galaxy S22: Performance
The Galaxy S23 is the more powerful phone of the two, of course. It’s a generation newer, but it does not only come with a better SoC, but also with newer and faster RAM and storage units, which is not always the case from one generation to the next. The Galaxy S23 includes the Snapdragon 8 Gen 2 for Galaxy SoC worldwide, along with LPDDR5X RAM and UFS 4.0 flash storage (except the 128GB base model, which has UFS 3.1 storage). The Galaxy S22 is fueled by the Snapdragon 8 Gen 1 in the US and most markets, while the Exynos 2200 fuels it in Europe. The Galaxy S22 also includes LPDDR5 RAM and UFS 3.1 flash storage.
Now, the Snapdragon 8 Gen 2 for Galaxy is a considerably better SoC than its predecessor. Not only is it more powerful, but it’s way better when it comes to power consumption. It also doesn’t heat up as much. Newer and faster RAM and storage will also help with future-proofing. So, if you do have a choice, getting the Galaxy S23 may be a better idea from a performance standpoint. That’s not the only reason for it, but it is one of the main reasons.
Having said that, both phones do perform well. With the exception of the Exynos 2200 variant of the Galaxy S22, which does tend to stutter more often. The Galaxy S22 with the Snapdragon 8 Gen 1 can easily keep up with the Galaxy S23 at this point. That is to be expected, as it’s Samsung’s flagship for last year. They both can handle pretty much any game out there, but the Galaxy S23 will provide better performance with the most demanding titles. Slightly better, but still. The Galaxy S23 is definitely the better performer of the two, but that is to be expected.
Samsung Galaxy S23 vs Samsung Galaxy S22: Battery
There is a 3,700mAh battery inside the Galaxy S22, while the Galaxy S23 includes a 3,900mAh unit. That may not seem like a big difference, but when you take the SoC, RAM and storage into account, it does make a difference. The Galaxy S23 actually offers considerably better battery life than its predecessor. The Snapdragon 8 Gen 2 for Galaxy is better with power consumption, and new RAM and storage do help as well.
The difference can be quite big actually. The Galaxy S23 should be able to go up to 6 hours of screen-on time if you’re not really pushing the device over the edge. Well, 5.5-6 hours of screen-on time. It will all depend on your usage, though. The Galaxy S22, on the flip side, couldn’t really go over the 4.5-hour mark for us, even landing lower than that at times. Your mileage may vary considerably, of course, but for us, the Galaxy S23 provided a lot better battery life, though still not the level of its bigger siblings, not even close.
When the charging is concerned, they’re basically identical. They both support 25W wired, 15W wireless, and 4.5W reverse wireless charging. Neither phone includes a charger in the box. The Galaxy S22 will charge slightly faster due to the fact it has a smaller battery, but the difference is not that big. It would be nice to see faster charging here, considering that the battery life is not outstanding on either phone, but… there you have it.
Samsung Galaxy S23 vs Samsung Galaxy S22: Cameras
As far as camera hardware is concerned, these two phones are quite similar. They both include a 50-megapixel main camera, a 12-megapixel ultrawide unit (120-degree FoV), and a 10-megapixel telephoto camera (3x optical zoom). The performance is not identical, however. We did notice some improvements with the Galaxy S23 over the Galaxy S22. First of all, the shutter is faster, and that is something you will notice straight away if you’ve used the Galaxy S22.
The pictures are, in some cases, better optimized. That goes for HDR shots, and shots where there’s not a lot of light in the scene. Both phones tend to brighten up low light shots quite a bit and pull plenty of detail from the shadows. Images from both devices are more than sharp enough, and are generally very pleasant. They’re not too saturated, but tend to look a bit processed for effect. That’s what most people prefer either way.
The telephoto and ultrawide cameras do a good job on both phones. Not to the level of some other flagship-grade phones, but still, chances are most people will be happy with the performance. You’re getting a 3x optical zoom on both phones. The video recording is good, but nothing to write home about, that goes for both devices, as there are better phones for shooting videos out there, like the Galaxy S23 Ultra, for example.
Audio
There are stereo speakers included on both of these phones. They are tuned by AKG, and considering the size of both devices, they’re not bad. They sound really good, and are detailed enough. The sound is well-balanced, even though it cannot compete with the loudness of some larger phones, but that is to be expected. The output is loud enough, though. The Galaxy S23 does seem to have an edge in more than one way, though (details, bass and sound stage). It’s worth noting that the difference is minimal, though.
What you will not find on either phone is a 3.5mm headphone jack. You can connect your headphones via the Type-C port, which is included on both phones. If you opt for a wireless connection, Bluetooth 5.3 is supported on the Galaxy S23, while Bluetooth 5.2 support is included with the Galaxy S22.
