Blizzard Archives

AppWizard

February 20, 2025

Russian Groups Target Signal Messenger in Spy Campaign

Multiple Russian threat groups are targeting the Signal Messenger application, focusing on individuals likely to engage in sensitive military and governmental communications during the conflict in Ukraine. Researchers from Google's Threat Intelligence Group have identified these attacks as primarily aimed at individuals of interest to Russian intelligence services. The two main cyber-espionage groups involved are UNC5792 (tracked by Ukraine's CERT as UAC-0195) and UNC4221 (UAC-0185). Their goal is to deceive victims into linking their Signal accounts to devices controlled by the attackers, granting access to incoming messages. UNC5792 uses invitations that resemble legitimate Signal group invites with malicious QR codes, while UNC4221 employs a phishing kit that mimics Ukraine's Kropyva app and includes harmful QR codes on fake sites. Other Russian and Belarusian groups, including Sandworm (APT44) and Turla, are also targeting Signal Messenger in various ways, such as stealing messages from databases or local storage. Additionally, Belarus-linked group UNC1151 uses the Robocopy tool to duplicate Signal messages for future theft. The increased activity against Signal reflects a broader interest in secure messaging apps used by individuals in espionage and intelligence roles. These apps' strong security features make them attractive to at-risk individuals and communities but also high-value targets for adversaries. Russian groups are also targeting Telegram and WhatsApp, with a recent report detailing attacks by the Russian group Star Blizzard on WhatsApp accounts of government officials and diplomats.

AppWizard

February 20, 2025

The best uniques in Avowed that you can grab early in the game

Avowed features unique weapons and armor that enhance gameplay and simplify gear upgrading. Unique items have distinctive names and special effects, providing bonus skills or elemental enhancements. They can scale in quality based on the player's gear tier, making early-game unique items valuable investments. Notable unique items include: - Beothel's Grimoire: Found at a magical merchant in Paradis, it offers a loop of spells for 450 currency. - Drawn in Winter: A one-handed axe found in ice at Watcher’s Mirror, it deals area-of-effect ice damage. - Stelgaer’s Pride: A medium armor set obtained from the Intimidating Feline Codpiece treasure map, providing stamina regeneration and damage reduction. - Steel Garrote Gauntlets: Located in Ondra’s Reach, these gauntlets enhance parry efficiency for shield users. - Last Light of Day: A flaming sword obtained during the Dawntreader quest, offering fire damage and a heal-on-kill effect. - Caeroc's Pride: A lightning pistol from Tempestuous Luandi's bounty, known for its bonus lightning damage. - The Disappointer: A weapon from a shady merchant in Paradis Hightown, which can be enhanced to turn its negative attributes into advantages.

AppWizard

February 17, 2025

‘Not every story is told in that way’: Phil Spencer says that live service games aren’t the answer to every problem, and that smaller games play an important role

Live service games are seen as a way to maximize shareholder value in the gaming industry, with EA's CEO suggesting they could have improved Dragon Age: The Veilguard's performance. A GDC survey found that about one-third of triple-A developers are working on live service titles, though some industry leaders are concerned about their prevalence in high-budget gaming. Phil Spencer, head of Xbox, expressed reservations about all games becoming service-based, emphasizing the importance of narrative and creative integrity. Xbox has acquired Activision Blizzard, which includes franchises like Overwatch 2 and Call of Duty, but is also promoting single-player experiences. Spencer highlighted the need for diverse storytelling, recalling his appreciation for games like Limbo. Some developers, including former Dragon Age team members and Hazelight's Josef Fares, oppose the push for live service elements, advocating for complete narratives. Spencer noted Xbox's ability to invest in various gaming experiences, supporting both live service and traditional games with defined narratives.

AppWizard

February 15, 2025

Weekend PC Download Deals for Feb. 14: Steam Couch Co-op Fest

Steam is hosting the Couch Co-op Fest, featuring games like Baldur's Gate 3, Teenage Mutant Ninja Turtles titles, and Vampire Survivors. Additionally, Steam is running a sale called Hits You Missed, showcasing hidden gems from the previous year at discounts. The Epic Games Store is having its Winter Sale with top-tier games at reduced prices. GOG.com is offering special deals for Valentine's Day, while Humble Bundle has a collection of classic Capcom arcade hits. Humble Choice subscribers can access games like Immortals of Aveum and Trepang2 for .99 a month, with additional discounts on the Humble Store. Various tiered offers for Destiny 2 content are available, and players can acquire games like For The King Deluxe Edition and Cat Quest 2 in higher tiers.

Winsage

February 13, 2025

Russian state threat group shifts focus to US, UK targets

A report from Microsoft reveals that the Russian state-sponsored threat group known as Seashell Blizzard has shifted its operational focus to exploiting public vulnerabilities in internet-facing systems. This subgroup, associated with the Russian Military Intelligence Unit 74455 (GRU), has been conducting operations under the "BadPilot campaign," allowing them to maintain long-term access to compromised systems since at least 2021. They have been responsible for at least three destructive cyberattacks in Ukraine since 2023 and are now targeting a broader range of industries globally, including energy, telecommunications, and government sectors. Since early 2024, they have exploited vulnerabilities in software such as ConnectWise ScreenConnect and Fortinet FortiClientEMS, indicating a "spray and pray" approach to achieve compromises at scale. The group has adapted to exploit various public vulnerabilities, including critical issues in applications like Microsoft Exchange and Zimbra Collaboration, demonstrating their capability to leverage weaknesses in essential systems. Microsoft describes Seashell Blizzard as a key component of Russia's cyber strategy, particularly in efforts to destabilize Western institutions.

Winsage

February 13, 2025

A Hacker Group Within Russia’s Notorious Sandworm Unit Is Breaching Western Networks

Microsoft has warned that the Russian hacking group Sandworm's BadPilot unit has shifted its focus from Ukraine to targets in the United States, the United Kingdom, Canada, and Australia. BadPilot operates as an "initial access operation," breaching networks to establish footholds for further exploitation. Over the past three years, their targeting has evolved from Ukraine to a broader range of English-speaking Western nations. The group has targeted various sectors, including energy, telecommunications, and international governments, using known vulnerabilities in software such as Microsoft Exchange and Fortinet's security tools. They install software for persistent access and have been linked to disruptive cyber operations, including the NotPetya malware attack. Currently, there are no indications that BadPilot plans to escalate its activities beyond espionage.

Winsage

February 13, 2025

The BadPilot campaign: Seashell Blizzard subgroup conducts multiyear global access operation

Microsoft has reported on the Russian state actor subgroup known as Seashell Blizzard, focusing on the "BadPilot campaign," which has been active since at least 2021. This campaign targets Internet-facing infrastructure to support broader operations, expanding its reach from Eastern Europe to a global scale. The subgroup has successfully infiltrated sensitive sectors like energy, telecommunications, arms manufacturing, and government entities, particularly exploiting vulnerabilities in software such as ConnectWise ScreenConnect and Fortinet FortiClient EMS since early 2024. Since the conflict in Ukraine began, there has been an increase in targeting international organizations significant to geopolitical interests, with at least three destructive cyberattacks attributed to this subgroup since 2023. The subgroup employs sophisticated cyber intrusion techniques, adapting its strategies to respond to evolving goals. Seashell Blizzard is linked to the Russian Military Intelligence Unit 74455 (GRU) and has been associated with various high-profile cyber incidents since its emergence in 2013. The subgroup's operations have evolved to include targets in the United States, Canada, and the United Kingdom, reflecting a strategic pivot to exploit vulnerabilities across different regions. The subgroup has demonstrated three primary exploitation patterns: deploying remote management and monitoring suites for persistence, using tunneling utilities to establish covert access, and modifying infrastructure to collect credentials. Organizations are advised to remain vigilant for indicators of compromise related to Seashell Blizzard's activities.

AppWizard

February 12, 2025

‘It’s nice to have options’: Blizzard thinks Avowed’s new cross-buy feature is breaking down barriers

Avowed is set to be released on February 18, 2025, and will feature a 'cross-buy' option allowing players to play on both PC and Xbox by linking their accounts after purchasing any edition on Battle.net or Xbox. This initiative aims to enhance accessibility for gamers. Some players express skepticism about the significance of this feature, noting that it may not be revolutionary and highlighting a desire for broader compatibility across platforms. Critics also mention that the cross-buy feature leverages existing infrastructure, as Microsoft owns both Xbox and Battle.net. This follows Microsoft's previous cross-platform initiative, the Play Anywhere program, which allowed players to access games on both PC and console but faced challenges for PC gamers. The new feature also provides the option to use Battle.net, which is considered more user-friendly.

Winsage

February 12, 2025

New Sandworm Attacks Use Trojanized MSFT Activators

The Russian state-sponsored threat group Sandworm has intensified its campaign against Ukrainian Windows users since late 2023, executing sophisticated malware intrusions. They have deployed counterfeit Microsoft Key Management Service (KMS) activators and fraudulent Windows updates. One recent incident involved a deceptive KMS activation tool containing the BACKORDER malware loader, which enabled the delivery of DarkCrystal RAT after disabling Windows Defender. DarkCrystal RAT allows attackers to extract sensitive information, including saved credentials, browser cookies and histories, keystrokes, FTP credentials, and system details. The rise of pirated software from untrusted sources has facilitated these attacks, posing a threat to Ukraine's national security, critical infrastructure, and private sector resilience.

AppWizard

February 12, 2025

Kotick: EA’s Riccitiello was “worst CEO” in games

Bobby Kotick, the former CEO of Activision Blizzard, referred to John Riccitiello, the former CEO of Electronic Arts, as the "worst CEO" in the gaming sector during an episode of the Grit show. Kotick mentioned that there had been multiple discussions about potential mergers between EA and Activision Blizzard, noting that EA had attempted to buy Activision Blizzard several times. He acknowledged that EA's business model was sometimes stronger than that of Activision Blizzard. Riccitiello joined EA in 1997 as president and COO, returned as CEO in 2007, and left in 2013 after poor financial results. He later became the CEO of Unity and departed in 2023 amid controversy. Riccitiello made provocative comments about developers in an interview, contributing to his polarizing reputation in the industry.