Tag: Web

Game Networks Struggle Back After Holiday Attacks

Online gaming networks including Sony’s Playstation network were the victims of large-scale denial of service attacks that coincided with the Christmas holiday. As of Saturday, Microsoft’s X-Box gaming network had returned to full operation, while Sony’s Playstation Network was still struggling to restore service, 48 hours after attacks attributed to an online hacktivist group known as The Lizard Squad hobbled the gaming networks on their biggest day of the year: Christmas. “Update: PS4, PS3, and Vita network services are gradually coming back online – thanks for your patience,” Sony tweeted via its @AskPlayStation Twitter account early Saturday. The source of the denial of service attacks has not been confirmed. However, the group claiming responsibility for them has claimed that the attacks were more prank than anything else: an effort to irritate Playstation and X-box owners who received a new device on Christmas Day, only to find they couldn’t connect it to the […]

Continue Reading

The Moral of Sony? Stop Doing Attribution

The hack of Sony Pictures Entertainment, which first came to light on November 24th, devolved this week into a chaotic international “whodunnit” with conflicting reports attributing the incident to everything from the government of North Korea to the government of China to global hacktivist group Anonymous to disgruntled Sony employees. For sure: those attributing the attack to hacking crews within the military of the Democratic Peoples Republic of Korea (DPRK) had their argument bolstered by reports in the New York Times and elsewhere claiming that the U.S. government now believes that the DPRK, under the leadership of Kim Jong Un, was responsible for the devastating hack. Officials at Sony Pictures Entertainment clearly believe the connection is credible, ordering the cancellation of the release of the Sony Pictures film The Interview following threats of violence on theaters showing the film. That acceded to a key demand of the hackers, who have used the […]

Continue Reading

Top News Sites Hacked, Syrian Electronic Army Claims Responsibility

The hacktivist group the Syrian Electronic Army claimed responsibility yesterday for a series of hacks of high-profile news sites including CBC News and The New York Times. The group, which has targeted western news outlets in prior incidents, claimed responsibility for the attack, in which visitors reported seeing a pop-up message informing visitors of the compromise. Through a Twitter account group claimed to have used the domain Gigya.com, which sells identity management services to corporations. The attackers manipulated Gigya’s account at domain registrar GoDaddy. Gigya’s operations team released a statement Thursday morning saying that it identified an issue with its domain registrar at 6:45 a.m. ET. The breach “resulted in the redirect of the Gigya.com domain for a subset of users,” CBC reported. Read more via Syrian Electronic Army claims hack of news sites, including CBC – Technology & Science – CBC News.

Continue Reading

EFF Backs Detekt: Malware Detection Tool For State Surveillance

The Electronic Frontier Foundation (EFF) is having a big week. First the organization announced “Let’s Encrypt,” a new, free certificate authority (CA) with the goal of moving everyone to adopt encrypted web communications. Then, today, the group announced Detekt, a malware detection tool designed to expose evidence of state surveillance. The tool is intended to help journalists, political activists and others identify malware associated with state-sponsored spying. Developed by security researcher Claudio Guarnieri, Detekt is available on Github and at the site resistsurveillance.com. The tool was written in Python tool  and scans the memory of Windows systems (XP and 32 and 64 bit and Windows 8) for malware. Essentially, its a straight-up malware scanner that focuses on malware associated with spying, namely: DarkComet RATm XtremeRAT, BlackShades RAT, njRAT, FinFisher FinSpy, HackingTeam RCS, ShadowTech RAT and Gh0st RAT. You might also like “Hacker takes on the Worlds spy agencies.” Alas, unlike most anti malware programs (which at least claim to detect the same malware families) […]

Continue Reading

Dusting For Malware’s Bloody Prints

Malicious software is nothing new. Computer viruses and worms have been around for decades, as have most other families of malware like remote access tools (RATs) and key loggers. But all our experience with malware hasn’t made the job of knowing when our organization has been hit by it any easier. In fact, recent news stories about breaches at Home Depot, Target, Staples and other organizations makes it clear that even sophisticated and wealthy corporations can easily overlook both the initial compromise and endemic malware infections – and at great cost. That may be why phrases like “dwell time” or “time to discovery” seem to pop up again and again in discussions of breach response. There’s no longer any shame in getting “popped.” The shame is in not knowing that it happened. Greg Hoglund says he has a fix for that latter problem. His new company, Outlier Security, isn’t “next generation […]

Continue Reading
1 6 7 8 9 10 26