Overwatch is packed with characters that each have their own unique skills and abilities. While the game’s easy to pick up and play, there are important tactics you should try to be mindful of. Below you’ll find a series of videos offering tips and strategies on how to best play each hero in the game.

Make sure to check back often this week and next, as we’ll be updating this feature with more videos on the rest of the game’s roster.

For more on Overwatch, check out our the news and features below:

Soldier: 76

If you’re new Overwatch or shooters in general, Soldier: 76 is one of the best offensive characters to start with. He sports a well-rounded set of abilities and can handle a variety of situations. For more on how to use this masked commando, watch the in-depth video the in-depth video above.

Genji

Genji is a powerful offensive character whose hit-and-run tactics demand patience and precision. While he’s difficult to master, he should please any player willing to understand the subtle nuances of his attacks and abilities. For more on this cyborg ninja, watch the in-depth video above.

Tracer

Tracer’s strength as an offensive character lies not in her damage output, but in her ability to distract and annoy enemies. For more on how to use Tracer, watch the in-depth video above.

D.Va

D.Va is a powerful tank that can easily lay down the pressure against opponents. Her mech suit comes equipped with twin short-range cannons capable of continuous, high-damage fire without the need to reload. She also sports a variety of useful offensive abilities that further her impact on the battlefield. For a closer look at how to use her, watch our D.Va character guide video.

Junkrat

If you like being a pest to your opponents, then Junkrat is the character for you. His wide-range of explosive weapons and abilities make him a great damage dealer for any team. For a closer look at how to use him, check out our Junkrat character guide video.

Lucio

Lucio is one of the most effective support heroes in the game, providing first-aid and ability buff support to teammates. He’s highly adaptable and is a great fit for any team. For the specifics on how to use him, check out our Lucio character guide video.

McCree

McCree is a powerful hero who’s best used against opponents at close-range. With his trusty magnum and its multitude of accompanying abilities that can instantly kill enemies, McCree is a force to be reckoned with. For a detailed look at how to use this gun slinging hero, watch our McCree character guide video.

Mercy

Mercy is a valuable support character who’s capable of using her first-aid and ability buffs to maximize the effectiveness of both tank and offensive characters. In addition, her ultimate–the ability to revive downed teammates–can quickly turn the tide of any battle. For more on Mercy’s abilities and how to play her, watch our Mercy character guide video.

Pharah

Pharah is a great offensive character to play if you want to hassle the opponent while dealing considerable damage. When used properly, her rockets and jetpack make her highly effective at hit-and-run tactics. For a full breakdown, check out our Pharah character guide video.

Reinhardt

Reinhardt is an easy-to-use tank who primarily acts as a team’s frontman. With his handy shield and giant hammer, he can be used for a variety of effective offensive strategies. For a detailed breakdown on how to utilize his abilities, check out our Reinhardt character guide video.

Roadhog

Roadhog is a hefty tank that can quickly lay down the offensive against the opposing team. As a tank, he’s great for hassling enemies, bringing them towards him with his chain hook and bombarding them with his scrap gun. For more on how to play him, check out our Roadhog character guide.

Symmetra

Symmetra can be an incredibly useful support character if played properly. With her handy teleporter and arsenal of turrets, she’s capable of easily tipping the odds in your team’s their favor. For more on how to use her abilities, watch our Symmetra character guide video.

Torbjorn

Torbjorn is an engineer class hero capable of all sorts of useful strategies with his stationary turret. Whether you want to play him defensively or offensively, Torbjorn can be an effective addition to any team. For a detailed look on how to best utilize his skills, check out our Torbjorn character guide video.

Widowmaker

Widowmaker is a powerful sniper with a plethora of abilities that support her long-range capabilities. With the ability to see through walls, plant mines, or grapple-hook her way on to a roof, she’s not a character that opposing players should take lightly. For a detailed breakdown on how to best use her, watch our Widowmaker character guide video.

Winston

Compared to other tank class characters, Winston is less of a brute and more focused on disruption tactics. His mobility allows him the ability to get the jump on his opponents when they least expect it. For more details on how to use this guerrilla scientist’s abilities and tactics, check out our Winston character guide video.

Zarya

Zarya is one of the most difficult tanks to play, utilizing an assortment of complex offensive and defensive abilities. While she may not be the robust tank to use at first, her abilities carry a wealth of nuance that’s fulfilling to master. For more on how to use her, watch our Zarya character guide video.

Coming Soon:

• Bastion
• Hanzo
• Mei
• Reaper
• Zenyatta

Depois das facilidades trazidas pelos serviços oferecidos via Internet, agora chegou a vez do mobile banking conquistar o coração dos brasileiros. Aos poucos, os smartphones revolucionam a forma como as pessoas se relacionam com o setor financeiro.

Segundo dados da Febraban, o número de transações realizadas através de dispositivos móveis no Brasil saltou de 4,7 bilhões para 11,2 bilhões entre 2014 e 2015. O volume representa um aumento brutal da ordem de 138%.

A escalada da mobilidade no setor financeiro foi intensa, ainda mais se considerarmos que esse canal registrava menos de 1% do total de operações realizadas em 2012. Atualmente, já responde por 21% dentre um total de 54 bilhões de transações realizadas nos 17 maiores bancos em atividade no País.

Grande parte (95%) das operações realizadas através do mobile banking no ano passado são classificadas como movimentação não financeira, ou seja, referem-se a serviços de consulta de saldos e extratos, por exemplo.

Apesar disso, o telefone celular se consolidou como ferramenta de relacionamento entre correntistas e seus bancos. “O cliente pede e se mostra cada vez mais interessado na utilização desse canal”, enfatiza Gustavo Fosse, diretor setorial de tecnologia e automação bancária da Febraban, projetando que o uso acentuado da mobilidade se mantenha forte pelos próximos anos.

O executivo baseia suas apostas nas estimativas do IBGE, que estima que 40% dos brasileiros possuem um smartphone atualmente. Esse percentual deve subir para 65% em 2020. “Isso mostra espaço para o serviço avançar”, resume, citando que atualmente, 33 milhões de brasileiros usam mobile banking.

Vetor digital

Considerando todos os canais eletrônicos (web, mobile e POS), o digital respondeu por 69% das transações registradas nos bancos brasileiros em 2015. O internet banking registrou 17,7 bilhões de transações no último ano, pouco abaixo das 18 bilhões verificadas em 2014. A representatividade do canal caiu de 37% para 33%, talvez influenciada pelo avanço da mobilidade.

Porém, segundo Fosse, mais pessoas têm utilizado a rede mundial de computadores para se relacionarem com instituições financeiras no Brasil. “Tivemos um crescimento de 6 milhões de contas correntes que passaram a utilizar o canal entre 2014 e 2015”, cita o executivo, apontando que, atualmente, 62 milhões de brasileiros usam internet banking.

“A tecnologia se mostra um grande indutor da bancarização no Brasil”, avalia Fosse, comentando que 89,6% dos brasileiros já se relacionam com o sistema financeiro tradicional. Para suportar os avanços dos canais eletrônicos, a indústria investe pesado em TI. No último ano, o segmento aplicou nada menos que R$ 19 bilhões em projetos de tecnologia.

Software makers like Microsoft put a lot of effort into ensuring that the operating system and application updates they deliver to your system are secure, so that hackers can’t hijack updates to get into your computer.

But it turns out that PC hardware makers are not so careful. An investigation conducted by Duo Security into the software updaters of five of the most popular PC manufacturers—HP, Dell, Acer, Lenovo, and Asus—found that all had serious security problems that would allow attackers to hijack the update process and install malicious code on victim machines.

Researchers at Duo Security’s Duo Labs found that all five vendors, known as OEMs or Original Equipment Manufacturers, shipped computers with pre-installed updaters that had at least one high-risk vulnerability that would give an attacker remote-code execution abilities—the ability to remotely run whatever malicious code they want on a system—and gain complete control of the system. The skill required to exploit the vulnerabilities was minimal, the researchers said in a report they’re releasing (.pdf) about their findings.

All of the sexy exploit mitigations, desktop firewalls, and safe browsing enhancements can’t protect you when they’re crippled with pre-installed software.

The OEM vendors all shared similar security flaws in varying degrees, such as failure to deliver updates over a secured HTTPS channel or failure to sign update files or validate them. These problems make it possible for attackers to conduct a man-in-the-middle attack to intercept update files as they’re transmitted to computers and replace them with malicious ones. The malicious files can get installed regardless of other protections a machine might have because updaters operate with the highest level of trust and privilege on machines.

“It doesn’t take much for one piece of software to negate the effectiveness of many, if not all defenses,” they write in their report. “All of the sexy exploit mitigations, desktop firewalls, and safe browsing enhancements can’t protect you when an OEM vendor cripples them with pre-installed software.”

Many of the vendors also failed to digitally sign their manifests—lists of files the updater should pull down from a server and install. Attackers can intercept unsigned manifests if they’re transmitted unsecurely; then they can either delete important update files from the manifest, preventing computer users from getting updates they need, or add malicious files to the list. The latter would be effective in cases where vendors didn’t sign their update files, allowing attackers to slip in their own unsigned files. Some manifests include inline commands that are required to execute update files, but an attacker could simply add inline commands to install and launch his malicious files. In the case of HP, the researchers found they could in fact execute any administrative-level command on a system through the inline commands in its manifest, not just commands to install update files. An attacker could add a new user account to the system, for example, that gives him ongoing access to the system.

“There are myriad ways to abuse command-injection bugs,” says Darren Kemp, a researcher with Duo Security. “Pretty much anything an administrator can do, you could do [through the inline commands in the manifest].”
The five vendors they examined are just a sampling, but the researchers noted in their report that based on what they found, it’s unlikely that other vendors are any more secure. However, they suspect that Apple’s updater might be more locked down because the company is known for taking security seriously and for not installing third-party bloatware on its machines.

“This is one of the cases where that Apple walled garden works,” says Kemp. “You get [only] Apple software … so their ability to control that tightly is in this case a befit to them.”

PC makers install update tools on computers to deliver firmware updates—firmware is the software on a computer that boots up the machine and loads the operating system—as well as driver updates and updates to so-called bloatware that comes pre-installed on machines when consumers buy them. Bloatware can be anything from 30-day trial versions of third-party software, to special utilities the OEM offers to add functionality to your machine, to adware that sends ads to your browser as you surf the web. In some cases, the updaters direct computers to the OEM’s site to download updates, but in other cases they send computers to the third-party software maker’s site to get an update.

The researchers found 12 vulnerabilities across the five vendors, and every vendor had at least one high-risk vulnerability in their updater that would allow remote-code execution. In some cases, vendors installed more than one updater on machines, for different purposes, and the security of each updater was inconsistent.

Of the five OEMs, Dell’s updaters were the most secure—although the company doesn’t sign its manifests, it sends manifests as well as the update files themselves via secured HTTPS channels to thwart simple man-in-the-middle attacks. The Dell Update also validates that the files are signed and that the certificate used to sign them is valid.

Although the researchers found problems with the latest version of another updater Dell uses for Dell Foundation Services, the company apparently discovered these vulnerabilities independently and patched them before they could report them.

Hewlett-Packard also scored fairly well. The company transmitted updates over HTTPS and also validated updates. But it failed to sign its manifests. And in the case of one downloader component, although HP included a process for verifying signatures of files, it failed to ensure that the verification was always required. An attacker could, for example, download an unsigned malicious file to a computer and prompt the user to run the file. And since HP had a redirect problem that would allow an attacker to redirect a user’s machine to a malicious URL masquerading as a legitimate HP download URL, this would have made it easy for an attacker to download malicious code and trick the user into launching it.

Lenovo was a mixed bag when it came to security. It had two updaters the researchers examined—Lenovo Solutions Center and UpdateAgent. The first was one of the best updaters the researchers examined. But the second was one of the worst. Both manifests and update files got transmitted in the clear and the updater didn’t validate the signature of files.

Acer tried to do the right thing by signing update files, but failed to specify that the updater should verify signatures, essentially making the signing useless. It also failed to sign its manifests, allowing an attacker to add malicious unsigned files to the manifests.

As bad as Acer was, however, Asus was worse. Its updater was so bad the researchers called it “remote code execution as a service”—essentially a built-in service for hackers to do remote-code execution. Asus transmits unsigned manifests over HTTP instead of HTTPS. And although the manifest file was encrypted, it was encrypted with an algorithm known to be broken, and the key to unlock the file was an MD5 hash of the words “Asus Live Update.” As a result, attackers could easily intercept and unlock the list to make changes. Asus update files weren’t signed, either, and they were also transmitted via HTTP.

Across the board, the researchers found that if the vendors had simply used HTTPS and certificate signing in a consistent and competent manner, they would have “significantly raised the bar to exploitation.”

As varied as their security stances were, the vendors also varied in how easy they made it to report security problems. While Lenovo, HP and Dell, all had direct channels for reporting security problems with their software, Acer and Asus did not, leaving Duo researchers to attempt contact to their customer support lines channels multiple times via email and phone calls before they got a response.

How the vendors responded to the researchers also varied. HP has already patched the most egregious vulnerabilities the researchers found. Lenovo addressed its problems by simply removing the vulnerable software from affected systems. Duo reported the problems to the vendors more than four months ago, but Acer and Asus still haven’t indicated when they will fix the problems or if they will.

“Asus told us they were going to patch in a month, then they backed off on that after we pointed out that their planned patch was also flawed,” says Steve Manzuik, director of security research at Duo Labs. “And that’s when our communication broke down with them.”

Go Back to Top. Skip To: Start of Article.

Quem disse que CIO não sabe empreender? Em Curitiba (PR), um grupo de líderes de TI de grandes e médias empresas da região, que participou da 10a edição do CIO Global Summit, levou a sério o desafio de exercitar a transformação digital e a inovação disruptiva, e criou não apenas uma, mas quatro oportunidades de novos negócios digitais durante o encontro regional promovido pela CIO.

De food truck conectado aos clientes por aplicativo móvel, a uma rede de máquinas de distribuição de comida ligadas ao fornecedor por meio da Internet das Coisas, os projetos foram criados pelos CIOs de Curitiba durante o workshop de inovação que fechou a agenda do dia. Usando os conceitos de Business Model Canvas, o workshop de inovação desafia os CIOs a “quebrar” os modelos tradicionais de negócio de suas próprias empresas e pensar como transformar digitalmente as companhias.

A digitalização dos negócios muda as regras em todas as verticais da economia. Para toda empresa há um “Uber” pronto para virar o jogo e cabe ao CIO agir como vetor da inovação.

“O CIO vive em uma era de ruptura e precisa reformular as plataformas da TI e fazer da transformação digital realidade para os negócios”, diz Cezar Taurion, consultor e CEO da Litteris Tecnologia. “É preciso entender as novas plataformas da TI e o novo framework, que inclui cloud computing, analytics, mobilidade e Internet das Coisas (IoT)”, garante Anderson Figueiredo, consultor e Digital Technology Future Analyst.

Nova agenda

O CIO Global Summit, realizado em Curitiba no último dia 24 de maio, foi patrocinado pelas empresas InfraTI, Prime Control e QualityWare. Ele é o primeiro da série de seis eventos regionais de 2016 que a revista CIO promove este ano pelo décimo ano consecutivo no Brasil. 

Além de Curitiba, o evento, com duração de um dia, acontece em Belo Horizonte (MG) no próximo dia 22 de junho; no Rio de Janeiro (RJ) dia 13 de julho; em Campinas (SP), no dia 10 de agosto; em Porto Alegre (RS), no dia 10 de novembro e em Recife (PE), no dia 17 de novembro, e reúne CIOs de grandes e médias empresas da região.

Para celebrar o aniversário de dez anos do CIO Global Summit, a agenda de conteúdos foi totalmente reformulada, ampliando o foco na Transformação Digital e no CIO como vetor da inovação. Discussões sobre novas tecnologias e produtos trazidas pelos patrocinadores se juntam às novas apresentações de Cezar Taurion, Anderson Figueiredo, e Silvia Bassi, publisher da CIO.

No final do dia, um workshop inédito, criado para exercitar inovação e mudança disruptiva, reúne os CIOs em grupos e os desafia a exercitar inovação e transformação digital entendendo seu mercado e seus consumidores e propondo formas de causar ruptura no modelo de negócios de uma empresa.

A participação nos eventos é feita apenas por convite e mediante qualificação. Para cadastrar-se ou saber mais sobre o evento visite o site do CIO Global Summit 2016