Microsoft says Xbox hacking claims are ‘unlikely’

By on April 5, 2012 at 3:05 PM.

Microsoft says Xbox hacking claims are ‘unlikely’

A report emerged last week from a security researcher claiming Microsoft’s Xbox lacked important security features that might protect owners who sell used consoles from having personal information stolen. Ashley Podhradsky of Drexel University claimed to have purchased a used Xbox console and used readily available hacking tools to recover the prior owner’s credit card number and other personal information. “Microsoft does a great job of protecting their proprietary information, but they don’t do a great job of protecting the user’s data,” Podhradsky said at the time. More →

No Comments

MasterCard and Visa warn of possible massive security breach

By on March 30, 2012 at 2:30 PM.

MasterCard and Visa warn of possible massive security breach

The world’s two largest credit card processors have notified U.S. banks of a potential security breach that may affect more than 10 million cardholders, Reuters reported on Friday. MasterCard and Visa have said that the issue was the result of a third-party vendor and not their own internal systems. MasterCard said it has taken the proper steps by alerting law enforcement officials and hiring an independent data-security organization to review the possible breach. “MasterCard is concerned whenever there is any possibility that cardholders could be inconvenienced and we continue to both monitor this event and take steps to safeguard account information,” the company said in a statement. “If cardholders have any concerns about their individual accounts, they should contact their issuing financial institution.” Visa made sure to emphasize that its customers are not responsible for any potential fraudulent charges. More →

No Comments

Hackers can easily steal credit card info, other data from used Xbox consoles [update]

By on March 30, 2012 at 8:45 AM.

Hackers can easily steal credit card info, other data from used Xbox consoles [update]

Using nothing more than a few common tools, hackers can reportedly recover credit card numbers and other personal information from used Xbox 360 consoles even after they have been restored to factory settings. Researchers at Drexel University say they have successfully recovered sensitive personal data from a used Xbox console, and they claim Microsoft is doing a disservice to users by not taking precautions to secure their data. “Microsoft does a great job of protecting their proprietary information,” researcher Ashley Podhradsky told Kotaku in an interview. “But they don’t do a great job of protecting the user’s data.” In order to avoid potential data theft, Podhradsky recommends users remove the hard drives from their consoles and wipe them while connected to a PC using special software. The Drexel researcher warns that not taking this precaution could have serious consequences. “A lot of [modders and hackers] already know how to do all this,” she said. “Anyone can freely download a lot of this software, essentially pick up a discarded game console, and have someone’s identity.”

UPDATE: Microsoft contacted BGR via email with a statement regarding Kotaku’s report, which can be read below in its entirety. More →

No Comments

$35 Raspberry Pi computer to launch later this month

By on February 7, 2012 at 5:35 PM.

$35 Raspberry Pi computer to launch later this month

The low-cost Raspberry Pi Linux computer is set to become available for purchase later this month for $35. The firm behind the budget computer announced on Monday that the first batch of boards will enter manufacturing on February 20th and will be available at the end of the month. The single-board computer is equipped with a 700MHz processor, 256MB of RAM, SD card support and both HDMI and RCA outputs. Despite the low cost and small size — which is roughly equal to a credit card — the Raspberry Pi computer is powerful enough to run games such as Quake III Arena and power 1080p video, however the company intends for the device to be used in schools to teach the basics of computer science. A second Raspberry Pi model with 128MB of RAM will be released for $25 at a later date. More →

No Comments

Google Wallet doesn’t properly protect personal data, security firm says

By on December 13, 2011 at 11:05 PM.

Google Wallet doesn’t properly protect personal data, security firm says

Security firm ViaForensics recently said Google Wallet does not properly protect personal data, including credit card balance information, on a rooted Nexus S smartphone. Google Wallet is an NFC-based mobile payment system for Android that is accepted by a number of retailers in the United States. It is currently only officially available on the Nexus S and Nexus S 4G. “While Google Wallet does a decent job securing your full credit cards numbers, the amount of data that Google Wallet stores unencrypted on the device is significant,” ViaForensics said in a recent report. “Many consumers would not find it acceptable if people knew their credit card balance or limits.” Read on for more. More →

No Comments

Verizon intros GoPayment credit card reader for phones, tablets

By on August 25, 2011 at 9:20 AM.

Verizon intros GoPayment credit card reader for phones, tablets

In partnership with Intuit, Verizon Wireless introduced a mobile payment solution for small and medium businesses called GoPayment on Thursday. GoPayment will provide customers with a small credit card reader and a mobile application that allows businesses to charge credit cards using a smartphone or tablet. Here’s how it works: a business simply needs to plug the card reader into the 3.5mm audio jack of a tablet or smartphone. Cards can then be swiped and payments are processed immediately. Verizon Wireless says the credit card reader and application are supported on Android, iOS and BlackBerry. The GoPayment credit card reader is free with a GoPayment account and after a $29.97 mail-in rebate. Intuit takes a 2.7% cut of swiped transactions on free GoPayment accounts but customers who sign up for a $12.95 monthly option can pay a lower 1.7% per-transaction rate. Read on for the full press release. More →

14 Comments

'Anonymous' and 'LulzSec' release 10GB of data from 50 police departments

By on August 8, 2011 at 8:59 PM.

'Anonymous' and 'LulzSec' release 10GB of data from 50 police departments

In response to the arrests of LulzSec member Topiary and Anonymous PayPal hackers, members of the AntiSec initiative have infiltrated 50 police departments across the United States and stolen 10GB of data. According to a release put out by the group, which includes members from Anonymous and LulzSec, the data includes “private police emails, training files, snitch info and personal info on retaliation for Anonymous arrests.” It also includes social security numbers, address information, passwords, credit card numbers, training files and more. “We hope that not only will dropping this info demonstrate the inherently corrupt nature of law enforcement using their own words, as well as result in possibly humiliation, firings, and possible charges against several officers, but that it will also disrupt and sabotage their ability to communicate and terrorize communities,” a recent press release said. The data was stored on a single server and the hackers said it took less than 24 hours to infiltrate and copy the information. In a release posted on PostBin, the AntiSec movement called on other hackers to join in and “make 2011 the year of leaks and revolutions.” The group also told the government to give up and said “you are losing the cyberwar, and the attacks against the governments, militaries, and corporations of the world will continue to escalate.” More →

41 Comments

Citigroup: 360,000 credit cards compromised in recent hack

By on June 16, 2011 at 10:22 PM.

Citigroup: 360,000 credit cards compromised in recent hack

Remember Citigroup’s recent security breach? The firm originally said that 200,000 accounts — 1% of its customers — were compromised, but now Citi is going on record and saying that hackers gained access to a total of “360,083 North America Citi-branded credit cards.” Unfortunately, the company hasn’t provided any details on how the attack occurred, or who was behind it; the infamous hacking group LulzSec, which claimed responsibility for a number of recent high-profile targets including Sony, hasn’t yet mentioned any involvement. If you’re an optimist, the good news is that Citigroup says the number of active accounts affected is actually below the 360,000 figure — because of subsequent account closures — and that the hackers didn’t steal info enough to actually use the credit card numbers. 217,000 customers have already been provided with replacement cards, and California residents were hit the hardest — 80,000 of the numbers stolen were from that state. More →

11 Comments

Citigroup hacked, 200,000 accounts compromised

By on June 10, 2011 at 2:30 AM.

Citigroup hacked, 200,000 accounts compromised

On Thursday Citigroup announced that hackers had breached its systems in May and accessed personal data from 200,000 accounts — about 1% of its customers. The hackers managed to steal customer email addresses, contact information and account numbers, but Reuters reported that other information such as birth dates, Social Security Numbers and credit card expiration dates were not accessed. “We are contacting customers whose information was impacted. Citi has implemented enhanced procedures to prevent a recurrence of this type of event,” Citigroup spokesperson Sean Kevelighan, said. “For the security of these customers, we are not disclosing further details.” It is currently unclear who was responsible for the breach. More →

23 Comments

Apple acknowledges ‘Mac Defender’ malware problem, posts removal instructions

By on May 25, 2011 at 9:40 AM.

Apple acknowledges ‘Mac Defender’ malware problem, posts removal instructions

Mac users have recently been targeted by a phishing scam that falsely claimed their computers were infected with a virus. Upon being redirected to an illegitimate website, users were instructed to install “Mac Defender,” which was malware masquerading as an antivirus application. Until recently, Apple had reportedly instructed its AppleCare support reps to deny any existence of the problem and said reps should “not remove or uninstall any malware” found on a computer. On Tuesday, however, Apple finally acknowledged the issue and posted instructions on its support forums that cover how to avoid and remove the Mac Defender malware. Hit the jump for Apple’s instructions. More →

52 Comments

Sony execs: We’re still investigating privacy breach, putting new security system in place

By on May 17, 2011 at 6:39 PM.

Sony execs: We’re still investigating privacy breach, putting new security system in place

Speaking to The New York Times in an interview on Tuesday, Sony’s CEO Howard Stringer discussed the company’s recent security breach, and what his firm is doing to make sure such a large scale attack doesn’t happen again. Stringer argued that Sony reported the breach quickly, despite waiting nearly a week to notify its customers that hackers had stolen personal information, including credit card numbers. “We still have a lot of investigation to do to find out how this happened, but we’re not there yet,” Stringer explained. Sony’s corporate executive officer and executive vice president, Kazuo Hirai, said also noted that Sony is working to examine security on “every level of the company … from televisions to eBooks, and onwards.” Sony will create new security positions within the company, and the security employees with be tasked with setting up a “system to avoid this type of event again — putting a new system in place,” Hirai explained. Sony began restoring its PlayStation Network services in the United States last weekend after issuing a firmware update for the PlayStation 3. More →

5 Comments

Sony: ‘At least a few more days’ before PSN service restored

By on May 10, 2011 at 11:40 PM.

Sony: ‘At least a few more days’ before PSN service restored

On its PlayStation Network blog today, Sony gave an official statement on when the PlayStation Network will be back online. The short answer is “at least a few more days.” Sony has also promised that both Qriocity and PSN should be available by May 31, however, so it could take a bit longer, too. Both networks went down after Sony suffered a massive security breach during which hackers stole 12.3 million credit card numbers and compromised personal data from 101 million accounts. “I know you all want to know exactly when the services will be restored,” Sr. Director, Corporate Communications & Social Media Patrick Seybold wrote on Sony’s PSN blog. “At this time, I can’t give you an exact date, as it will likely be at least a few more days. We’re terribly sorry for the inconvenience and appreciate your patience as we work through this process.” More →

23 Comments

Sony’s CEO apologizes for security breach, will offer free month of PSN service

By on May 6, 2011 at 9:52 AM.

Sony’s CEO apologizes for security breach, will offer free month of PSN service

Sony’s president, chairman, and CEO, Howard Stringer, has issued letter of apology to PlayStation Network, Qriocity, and other Sony users who have been affected by the firm’s massive security breach. “Let me assure you that the resources of this company have been focused on investigating the entire nature and impact of the cyber-attack we’ve all experienced and on fixing it,” Stringer said. “We are absolutely dedicated to restoring full and safe service as soon as possible and rewarding you for your patience. We will settle for nothing less.” A total of 101 million accounts across Sony’s network were compromised and 12.3 million credit card numbers were stolen by hackers. However, Stringer said that there’s currently no evidence that those numbers have been misused and that Sony has issued a $1 million identity theft insurance policy for U.S. PSN and Qriocity customers, with other regions to follow. Hit the jump for more from Stringer’s letter, including information on Sony’s “Welcome Back” package.

More →

42 Comments