attack
Latest
Harmonix sites attacked, go down for the weekend
Harmonix notified registered users of RockBand.com and DanceCentral.com that its servers will be down for the weekend due to an apparent attack from an outside source. The developer disabled passwords for all Harmonix site accounts as a precautionary measure, and will require users to reset their passwords when the sites are live again.The email sent to Harmonix site users noted that "at this time, we have not found that any of our users' information has been published or misused. None of our sites maintain any credit card information, social security numbers, or financial account numbers for any of our users."The person behind the attack on Harmonix's sites might not have been a fan of Don McLean, the "American Pie" artist featured in the final piece of weekly Rock Band DLC.[Thanks to everyone who sent this in!]
Go Daddy: yesterday's outage resolved, 'was not a hack'
According to domain registrar Go Daddy, things are back to normal after yesterday's massive outage. The company noted that service outages started at around 1PM ET, with service being "fully restored" by 7PM. Contrary to claims of an attack from hackers, the company's interim CEO Scott Wagner insists that the outage "was not a 'hack' and it was not a denial of service attack (DDoS)." Instead, Go Daddy is chalking the problem up to "a series of internal network events that corrupted router data tables," adding that the company has taken steps to avoid a repeat of the problem. According to Wagner, data was never at risk during yesterday's issue.
Apple responds to iPhone text message spoofing, reminds us how secure iMessage is
If you're a frequent texter, and the iPhone is your weapon of choice, there's a good chance you've been a wee bit concerned since yesterday's report that the device is vulnerable to a certain SMS spoofing attack. Basically, it's possible for a malicious individual to send a message and specify a reply-to number that is not their own, appearing as if they are someone else. We got in touch with an Apple representative and here's what we were told: Apple takes security very seriously. When using iMessage instead of SMS, addresses are verified which protects against these kinds of spoofing attacks. One of the limitations of SMS is that it allows messages to be sent with spoofed addresses to any phone, so we urge customers to be extremely careful if they're directed to an unknown website or address over SMS. Even if you aren't on an iPhone, we'd like to remind you to be careful when texting. There are numerous services out there that let you send a message that appears to be from anybody you like -- regardless of what model, OS or even carrier the recipient is using. All the more reason to think twice before filing that loan application over SMS.
NVIDIA Developer Zone shut down, may have been hacked
Bad news from the land of Tegra. NVIDIA has shut down its Developer Zone forums after noticing what it calls "attacks on the site by unauthorized third parties." While the nature of the attacks isn't clear, what's troubling is that these attackers "may have gained access to hashed passwords." Users are of course encouraged to change their secret codes and, with all the hackery going on lately, we might recommend you just go ahead and change them all -- just in case. [Thanks, Alfredo]
Trojan targets Mac-using activists in China
There's a new backdoor trojan exploit out there for Mac users that appears to originate in China, specifically targeted at political activists in the Uighur movement against that country. The trojan appears in email inboxes as a picture attachment which, when opened, secretly installs information gathering and remote control tools, characteristic of advanced persistent threat (or APT malware). Security experts say that the trojan was almost certainly created in China, and when you combine that fact with connections to certain required servers in that country (as well as an observation that some of the debug code in the attack is in English), it seems likely that this is a coordinated attack against this activist movement. With Mac use on the rise in the East, including high profile political activists, Macs are facing a growing malware threat in that region. There are already a few varieties of this attack in the wild, but hopefully fixes for the exploit will be available soon.
Voyager Mobile shakes off network issues, launches a few days behind schedule
It's tough being the new kid in town -- ask Voyager Mobile, an up and coming MVNO that had its launch delayed by a "malicious network attack" last week. The tenacious firm may have missed its planned May 15th launch, but managed to pull things together in time for the weekend, piggybacking unlimited talk, text and data off of Sprint's CDMA and WiMAX network for $40 a month. A basic unlimited voice plan is also available to the tune of $20, without data allowances, of course. Phones are available too, albeit without subsidies -- Samsung's Epic 4G Touch or Galaxy S II will each set you back $550, though an assortment of more affordable devices can be had from $120 and up. Tempted to jump ship? Check out the source link below and let all your MVNO dreams come true.
Voyager Mobile endures 'malicious network attack,' delays launch to the 'very near future'
Launch aborted. Wireless newbie Voyager Mobile has opted to delay its unveiling today to a "time and date in the very near future." A mysterious "malicious network attack" is to blame for the interruption, though that appears to be the extent of the explanation. The company also reinforced its commitment to bettering our planet, one $19 monthly unlimited plan at a time. [Thanks to everyone who sent this in]
VeriSign revealed to have suffered repeated security breaches in 2010
It took some digging through more than 2,000 pages of SEC documents, but Reuters revealed today that VeriSign was attacked "repeatedly" by hackers in 2010, and that some undisclosed information was stolen from the company. The key danger there is the DNS records that the company manages -- which ensure that URLs take you to the correct website -- but VeriSign says that its executives "do not believe these attacks breached the servers that support our Domain Name System network." As Reuters notes, however, the company isn't ruling anything out. Details on the attacks themselves (or the exact number and timing of them) are otherwise hard to come by, but it's reported that VeriSign's security staff did not notify top management until September of 2011 -- although they are said to have "responded" to the attacks themselves.
US government to beat back botnets with a cybersecurity code of conduct
Old Uncle Sam seems determined to crack down on botnets, but he still needs a little help figuring out how to do so. On Wednesday, the Department of Homeland Security and National Institute of Standards and Technology (NIST) published a request for information, inviting companies from internet and IT companies to contribute their ideas to a voluntary "code of conduct" for ISPs to follow when facing a botnet infestation. The move comes as an apparent response to a June "Green Paper" on cybersecurity, in which the Department of Commerce's Internet Policy Task Force called for a unified code of best practices to help ISPs navigate through particularly treacherous waters. At this point, the NIST is still open to suggestions from the public, though Ars Technica reports that it's giving special consideration to two models adopted overseas. Australia's iCode program, for example, calls for providers to reroute requests from shady-looking systems to a site devoted to malware removal. The agency is also taking a hard look at an initiative (diagrammed above) from Japan's Cyber Clean Center, which has installed so-called "honeypot" devices at various ISPs, allowing them to easily detect and source any attacks, while automatically notifying their customers via e-mail. There are, however, some lingering concerns, as the NIST would need to find funding for its forthcoming initiative, whether it comes from the public sector, corporations or some sort of public-private partnership. Plus, some are worried that anti-botnet programs may inadvertently reveal consumers' personal information, while others are openly wondering whether OS-makers should be involved, as well. The code's public comment period will end on November 4th, but you can find more information at the source link, below.
Final Fantasy XIV launches patch 1.18
Final Fantasy XIV players have been waiting for patch 1.18 to drop for quite some time, but the wait is finally over. Players can finally access the variety of updates and improvements that the newest patch has promised, including a large overhaul to the combat system that ushers in auto-attack functionality and the addition of the new Grand Companies. While the former is just the first step toward making a more thorough overhaul of the game's combat engine, the latter will give players rank 22 and up new missions to participate in while attempting to safeguard Eorzea. Other improvements include a streamlining of the enmity system complete with in-game warnings, improvements to repair functionality, and a general streamlining and adjustment of the guildleve system. All told, it's quite a large change to the existing elements of the game, something that Final Fantasy XIV players will no doubt want to devote a fair chunk of time to exploring.
Automated shoulder surfing makes it easier to steal passwords, isn't very tubular, brah (video)
Here's something mildly terrifying to chew on: researchers in Italy have developed a way to automatically harvest anything you type on your smartphone's touchscreen, using only a camera placed over your shoulder. The software, created by Federico Maggi and his team from the Politecnico di Milano, takes advantage of the magnified touchscreen keys you'll find on most iOS, Android and BlackBerry devices. Because these magnifications often pop up in predictable positions, the spying system can recognize and record them with relative ease, with the help of a camera aimed at a targeted display. And it's not like bobbing and weaving around will help evade its watchful eye, since the apparatus can instantly detect sudden movements and adjust its gaze accordingly. Researchers say their tool is capable of accurately recognizing up to 97 percent of all keystrokes and is fast enough to transmit copied passwords in "quasi real-time," which must be music to a lazy criminal's ears. Tiptoe past the break to see the beast in action and spend the rest of your life in an everlasting state of fear.
LulzSec attacks Escapist Magazine, EVE Online, and Minecraft
Hacker group LulzSec, the same group that's attacked Sony and Nintendo in the past, has tweeted that it's committed three distributed denial of service attacks against gaming companies today, bringing down EVE Online's Tranquility server, Minecraft's multiplayer services, and the Escapist Magazine's website. EVE Online's CCP has confirmed both the outage and the attack, the Escapist is unreachable at the moment, and Minecraft creator Notch says that things were down, but supposedly service has been restored. LulzSec hasn't shared a reason for the attacks just yet, but we can only guess it's, as they say, "for teh lulz." Update: The group has gone after Riot Games' League of Legends servers as well. Attempting to log in to the game gives a "server busy" message, though there's no official word from the company yet. Update: Statement from CCP after the break. EVE Online still seems to be down.
RSA offering SecurID replacements following Lockheed Martin attack
We'd already had a pretty clear indication that information obtained in the massive RSA hack back in March was used in the attack on Lockheed Martin last month, and RSA has now confirmed that itself for the first time. What's more, Executive Chairman Art Coviello has also announced that the company is willing to provide security monitoring services to those concerned, and even replace existing SecurIDs free of charge for "virtually every customer" it has. Considering that millions of the tokens are now in use, that could add up to quite the bill. Not surprisingly, however, he isn't divulging many more details about the attack itself, noting only that the attacker's "most likely motive" was to use the information to "target defense secrets and related IP, rather than financial gain."
Sony Ericsson's Canadian online store hacked, more than 2,000 customers' data taken
The hackers just won't give poor Sony a break, will they? Following the infamous PSN breach last month and an attack on the company's Greek online music service earlier this week, Sony Ericsson has now seen another intrusion that extracted personal data of more than 2,000 Canadian Eshop customers. Fortunately, the company claims that passwords taken were encrypted and no credit card details were lost, but this is still worrisome nevertheless. Right now, the Eshop service has been taken off line -- for the sake of Sir Howard and his Japanese chums, let's just hope that this will be the last Sony breach we hear about. [Thanks to everyone who sent this in]
Sony BMG Greece hacked, company's security woes continue
It's the security nightmare that just won't end, and right now there's got to be plenty of Sony executives beginning to wish someone would pinch them already. After taking quite a PR and financial beating over the PSN breach, now the Greek site of Sony BMG has been hacked and the account info of thousands of users has been posted online. According to the Sophos blog Naked Security, the attack does not appear to have been particularly sophisticated and was carried out using an automated SQL injection tool that demands more patience than skill. While the data dump reveals the usernames, real names, and email addresses of registered SonyMusic.gr customers, other fields (including passwords and telephone numbers) are either empty or contain fake data -- suggesting the hack was not entirely successful. Here's hoping Sony takes this as an opportunity to seriously baton down those security hatches.
PlayStation websites, PSN suffer outage: Anonymous claims responsibility, Sony claims 'sporadic maintenance'
Been having trouble with the PlayStation Network or any Sony website today? You're not alone. A widespread outage that started in Europe last night has now spread to North America, and none other than hacktivist group Anonymous is claiming responsibility for the attacks. As you can see above, however, Sony is singing a slightly different tune, and says simply that "sporadic maintenance" may cause PSN service to be interrupted throughout the day. Because, really, you can never do too much "sporadic" maintenance. [Thanks to everyone who sent this in]
TUAW's Daily App: Sky Combat
I can't say that I'd call a top-down arcade shooter the best fit for the iPhone's touchscreen, but in the case of Chillingo's Sky Combat, it works. You drag a finger around the screen, guiding an auto-firing chopper through quite a few different maps of various forces, attacking and defending from rockets and constantly grabbing upgrades and score. The graphics are 2D, but it looks great, with plenty of fiery explosions to go along with the realistic vehicles. With a full campaign of ten missions, a single mission mode, an endless mode, three difficulty levels to play with and full Crystal and OpenFeint integration, Sky Combat is packed to the gills with extra features. There's a 1.1 update on the way, and there are a total of four different control schemes, so however you want to play it, you can. It's an excellent game, a more than respectable scrolling shooter for the iPhone and a bargain at just US$0.99. Chillingo has made a reputation for providing great games like this, and I got to see a few more of their upcoming titles at GDC this week. Stay tuned for a preview of those, as well as an interview with the company's executives.
China Telecom re-routes 15% of the world's Internet traffic for a full 18 minutes, hopes no one noticed
On April 8 of this year there was an approximately eighteen minute long period of time where China Telecom advertised erroneous network traffic routes, causing foreign Internet traffic to travel through Chinese servers. According to a congressional panel, about fifteen percent of the world's Internet traffic was diverted -- including that of the US government and military, and a number of commercial websites. As always seems to be the case when we're talking about The People's Republic, there are few things that can be said for certain, while a ton of questions linger: was this really just a mistake, or was someone flexing their muscles? Could this have been a diversion "intended to conceal one targeted attack," as Arbor Networks Chief Security Officer Danny McPherson suggested? We don't know, but this is the country that brought us both iorgane and buses that drive over cars, so we suppose anything's possible.
Heroic Strike changes in Cataclysm
The announced warrior and druid rage normalization changes in Cataclysm have brought with them a ton of questions and speculation on how numerous abilities are going to function. One of the largest changes is the removal of "on next swing" attacks. This means the old and trusted Heroic Strike is going to be undergoing a major revmap. Ghostcrawler has provided clarification: Ghostcrawler To clarify on Heroic Strike, it costs a third of your rage bar when you hit the button, but you can't hit it unless you have 10 rage and it will only ever take a max of 30 (since that's essentially a third of your full bar). The intent is that when you don't have a lot of rage, it's not an attractive button. When you are gaining too much rage, then you want to start pushing it. We debated whether or not to push this story before we talked about all of the warrior changes in Cataclysm. In the end we decided players might not focus on anything but the rage changes if we announced them at the same time. However, some of this will make a little more sense with the additional context of the warrior changes. For example, we have a plan to keep tank damage and threat high and we have other systems to let you convert excess rage into damage. source
iPhone hacked at Pwn2Own contest
An iPhone got hacked in just 20 seconds at this week's Pwn2Own hacking contest at CanSecWest 2010, reports Ryan Naraine for ZDnet. Hackers Vincenzo Iozzo and Ralf Philipp Weinmann demoed an exploit that allowed them to send a target iPhone to a web site that they'd set up online, and then copied off the entire SMS database on the iPhone (including deleted text messages) to their own server. The browser crashed during the hijack, but the hackers say that with a little tweaking, it would even be possible to nab the information without the user ever knowing that an attack had occurred. Halvar Flake also assisted with the hack, and he said that while Apple does have some protection in place for running malicious code on the iPhone, but it's not enough: "The way they implement code-signing is too lenient." You can see more technical information about the hack over on his blog. The hackers aren't sharing exactly how they did the exploit -- as specified by the contest rules, knowledge of the hack is becoming property of the contest's sponsor, the Tipping Point Zero Day Initiative, who will pass on a report to Apple and only release details once the hole has been fixed. Safari and Internet Explorer 8 both got owned at the same conference, though details about those hacks are both forthcoming -- Tipping Point was offering up US$100,000 in prizes for exploits on these various programs, and it looks like the prize money has been well-earned.
