Security News

A group of security researchers known as the Secret Club took to Twitter to report a remote code execution bug in the Source 3D game engine developed by Valve and used for building games with tens of millions of unique players. Exceptions are games built with Source 2 or those that run a modified version of the Source engine, like Titanfall.

Check Point Research has identified four vulnerabilities in the network library of Steam, the online platform from game developer Valve that is used by 25 million users to connect together at peak time to buy, play, create, and discuss PC games. An attacker could have used the security flaws to remotely crash an opponent's game client and potentially take over a gamer's computer and hijack all computers connected to a third-party game server.

Valve fixed critical bugs in its Steam gaming client, which is a platform for popular video games like Counter Strike: Global Offensive, Dota2 and Half Life. Game developer Valve has fixed critical four bugs in its popular Steam online game platform.

Critical flaws in a core networking library powering Valve's online gaming functionality could have allowed malicious actors to remotely crash games and even take control over affected third-party game servers. "An attacker could remotely crash an opponent's game client to force a win or even perform a 'nuclear rage quit' and crash the Valve game server to end the game completely," Check Point Research's Eyal Itkin noted in an analysis published today.

A malware campaign that shares no known similarities to previous attacks has been uncovered, targeting organizations in the Middle East. Dubbed "WildPressure," the campaign used a previously unknown malware that researchers named Milum, after the C++ class names inside the code.

Phishing scammers have once again targeted users of the popular Steam gaming service, it was revealed this week.

From a backdoor placed in the Webmin utility to vulnerability disclosure drama around zero-days in Valve's Steam gaming clients, Threatpost breaks down this week's top stories.

Security bod may be invited back into vuln reward program, Half-Life 3 still ain't happening Games giant Valve is attempting to make nice with the infosec bod who disclosed zero-day exploits for...

Security bod may be invited back into vuln reward program, Half-Life 3 still ain't happening Games giant Valve is attempting to make nice with the infosec bod who disclosed zero-day exploits for...

EoP bug now free for the world to see after bounty was rejected A security bod angry at Valve's handling of bug reports has released a zero-day vulnerability affecting the games giant's flagship...