Sony hires former U.S Department of Homeland Security official to boost defenses

By on September 6, 2011 at 9:20 PM.

Sony hires former U.S Department of Homeland Security official to boost defenses

Following a major security breach earlier this year, Sony made good on its promise to bolster its security by hiring a former official from the U.S. Department of Homeland Security to serve as its chief information security officer and senior vice president, Reuters reported on Tuesday. Philip Reitinger formerly served as the director of the U.S. National Security Center. “Certainly the network issue was a catalyst for the appointment,” a Sony spokesman told Reuters. “We are looking to bolster our network security even further.” Sony’s online PlayStation and Qriocity networks were attacked in May when a hacker group known as LulzSec gained access to personal data belonging to more than 100 million users. A string of subsequent hacks on Sony’s digital properties made headlines for the better part of two months, and Sony’s PlayStation Network was not fully restored until July. More →

8 Comments

Google+ flaw allows hackers to execute DDoS attacks using Google servers

By on August 31, 2011 at 4:15 PM.

Google+ flaw allows hackers to execute DDoS attacks using Google servers

A security expert at Italian security firm AIR Sicurezza Informatica claims to have found a security flaw in Google’s new social network that allows hackers to potentially use Google+ servers to execute DDoS attacks. Simone Quatrini explained the flaw on the IHTeam Security Blog, and he wrote a script that can perform the attack, repeatedly prompting Google’s server to send requests to the target site. DDoS attacks, or distributed denial-of-service attacks, flood a web server with requests in an effort to prevent it from functioning. Such attacks require appropriate resources and bandwidth to execute, and Google servers would obviously have more than enough of these resources to launch a significant attack. More →

15 Comments

22-year-old 'Anonymous' hacker arrested in United Kingdom

By on August 25, 2011 at 3:50 PM.

22-year-old 'Anonymous' hacker arrested in United Kingdom

A 22-year old student allegedly associated with the hacking group “Anonymous” has been arrested and charged in the United Kingdom. Peter David Gibson is charged with “conspiracy to do an unauthorized act in relation to a computer, with intent to impair the operation of any computer or prevent or hinder access to any program or data held in a computer or to impair the operation of any such program or the reliability of such data,” the Metropolitan Police said in a statement Thursday. Gibson is out on bail and is scheduled to appear in court on September 7th to stand trial. It is believed that Gibson was involved on a number of Anonymous’s DDOS attacks against large corporations; the “Anonymous Operations” branch of the hacking group most recently attacked Apple. Authorities in the United States and the United Kingdom have arrested a number of hackers believed to be associated with Anonymous and a sub-group called LulzSec. LulzSec spokesperson and hacker Jack Davis, aka Topiary, was arrested earlier this month and released on bail. More →

23 Comments

'Anonymous' hacker quits, calls group's members hypocrites and its efforts fruitless

By on August 19, 2011 at 4:40 PM.

'Anonymous' hacker quits, calls group's members hypocrites and its efforts fruitless

An alleged member of the notorious hacker collective “Anonymous” has apparently outed himself and quit. The UK-based hacker, who says his real name is Matthew, operated under the pseudonym “SparkyBlaze” during his time with Anonymous. As to his reasons for leaving the group, he points mainly to LulzSec, the AntiSec movement, and Anonymous’ leadership. “When I started with Anon I thought I was helping people but over the past few months things inside anon have changed,” the hacker said in a statement posted to the Web. “I am mostly talking about AntiSec and LulzSec. They both go against what I stand for (and what anonymous says they stand for). Antisec has released gig after gig of innocent peoples information. For what? What did they do? Does anon have the right to remove the anonymity of innocent people? They are always talking about peoples right to remain anonymous so why are they removing that right?” To the Anonymous members he leaves behind, SparyBlaze adds, “You are not helping anyone.” He continues, “Think about the long run. Some thinking now can save you some large legal bills later. And yes i will be there when you get out of court to say: I told you so. There are other ways to help people, just don’t go to anon you are not hurting the governments you are hurting yourselves in the long run.” The hacker’s full statement follows below. More →

54 Comments

LulzSec hacker Jake Davis aka 'Topiary' released on bail

By on August 1, 2011 at 2:45 PM.

LulzSec hacker Jake Davis aka 'Topiary' released on bail


District Judge Howard Riddle released 18-year old alleged LulzSec hacker Jake Davis on bail Monday morning. Davis hacked under the name “Topiary” online and served as the public face of LulzSec, often publishing press releases and status updates on the group’s Twitter account, before he was arrested on July 27th. The news debunks earlier reports that authorities had been duped into arresting an the wrong man. Authorities in the U.K. said they discovered personal information for more than 750,000 people on Davis’ computers. Davis has been charged with hacking the Sun, Times, Sony and the Serious Organized Crime agency. Davis’ lawyers are highlighting his role as a press secretary for LulzSec and have argued that Davis did not participate in the attacks directly. Davis was released on bail but cannot access the Internet from any device, including from smartphones, The Financial Times said.

More →

55 Comments

Police arrest 19-year old LulzSec hacker ‘Topiary’

By on July 27, 2011 at 2:35 PM.

Police arrest 19-year old LulzSec hacker ‘Topiary’

The Metropolitan Police Service announced on Wednesday that it has arrested a 19-year old hacker suspected to be a member of both “Anonymous Operations” and “Lulz Security,” also known as “LulzSec.” The hacker, who went by the name Topiary, served as the publicist of both hacker groups and often posted press releases and statements on Twitter. His apartment in the Shetland Islands, Scotland is currently being searched and Topiary is on his way to a police station in London. A second 17-year old person in Lincolnshire, England is also being interviewed but has not yet been arrested. The FBI began raiding apartments and arresting a number of people believed to be involved with Anonymous and LulzSec on July 19th. The hacker groups responded to the arrests and said there is “nothing – absolutely nothing – you can possibly to do make us stop.” During that time, Topiary is believed to have tweeted “Arresting people won’t stop us, FBI. We will only cease fire when you all wear shoes on your heads. That’s the only way this is ending,” from the official LulzSec Twitter account. More →

41 Comments

Apple laptops can be hacked to self-destruct; flaw to be detailed by hacker next month

By on July 26, 2011 at 6:35 PM.

Apple laptops can be hacked to self-destruct; flaw to be detailed by hacker next month

How’s this for an undocumented feature? Apple’s newer MacBook, MacBook Air and MacBook Pro notebooks have a security flaw that can allow hackers to remotely prevent the batteries from charging. Better yet, hackers can exploit the same flaw and remotely cause batteries to explode. Apple laptops’ new “smart” battery technology is intended to provide added control over power management, and it does just that. Unfortunately, it also gives hackers added control because the microcontroller chip that ships in recent Apple laptops can be accessed remotely using a default password shared by each and every notebook. Charlie Miller, the security expert who discovered the vulnerability, plans to showcase the flaw next month at the Black Hat security conference. There, Miller will show that he is able to access the battery controller remotely and cause it to refuse a charge, or even heat up until it catches fire and explodes. “These batteries just aren’t designed with the idea that people will mess with them,” Miller told Forbes last week. “What I’m showing is that it’s possible to use them to do something really bad.” Thankfully, the security expert also intends to showcase a fix for the flaw, which Apple will hopefully implement as soon as possible. More →

78 Comments

Second hacker indicted over stolen AT&T iPad data

By on July 7, 2011 at 2:30 PM.

Second hacker indicted over stolen AT&T iPad data

An Arkansas man has been indicted for carrying out a cyberattack on AT&T servers that resulted in the theft of personal data from more than 100,000 iPad users. Andrew Auernheimer has been charged by a New Jersey grand jury with one count of conspiracy to gain unauthorized access to computers and one count of identity theft, Reuters reports. Auernheimer’s codefendant Daniel Spitler entered a guilty plea after being charged with the same crimes late last month. Court documents recount several conversations Auernheimer allegedly had surrounding the AT&T breach, and the evidence appears to be damning. “If we get 1 reporters address with this somehow we instantly have a story,” he wrote to Spitler on June 6, 2010, according to the indictment. “HI I STOLE YOUR EMAIL FROM AT&&T WANT TO KNOW HOW?” Auernheimer later continued, “The more email addresses we get … the more of a freakout we can cause.” Both Auernheimer and Spitler are said to be associated with “Goatse Security,” a hacker group reportedly focused on disrupting online content and services. More →

34 Comments

Facebook hires iOS/PS3 hacker geohot [video]

By on June 28, 2011 at 1:01 AM.

Facebook hires iOS/PS3 hacker geohot [video]

George Hotz, the hacker better known as “geohot” has joined the team at Facebook. Hotz made a name for himself in the enthusiast community as an iPhone and iPad jailbreaker with his blackra1n tool, and he’s was also sued for jailbreaking the Sony PlayStation 3. Reportedly, Hotz joined Facebook in May and recently wrote on Facebook that the social network is “really an amazing place to work.” Hit the read link for a video during which GeoHot mentions his recent move. More →

28 Comments

26-year old pleads guilty to hacking AT&T iPad data

By on June 23, 2011 at 7:02 PM.

26-year old pleads guilty to hacking AT&T iPad data

Last year hackers made headlines when AT&T announced to a security breach that had allowed hackers to access the personal data from 114,000 iPad 3G users. On Thursday, 26-year old Daniel Spitler from San Francisco pleaded guilty to two crimes: conspiracy to gain unauthorized access to computers and identity theft. Spitler faces up to 10 years in prison — five years for each count, according to The Wall Street Journal. “Computer hackers are exacting an increasing toll on our society, damaging individuals and organizations to gain notoriety for themselves,” said U.S. Attorney Paul Fishman in New Jersey. “Daniel Spitler’s guilty plea is a timely reminder of the consequences of treating criminal activity as a competitive sport.” Fishman’s statements are clearly also aimed at other hackers; LulzSec and Anonymous, two hacking groups, recently announced that they have joined forces to attack the U.S. government. That’s in addition to recent hacks on Sony — which LulzSec took responsibility for — and Citigroup. Spitler will be sentenced on September 28th. More →

14 Comments

Sony’s PSN now fully restored in most markets

By on June 2, 2011 at 9:26 PM.

Sony’s PSN now fully restored in most markets

Sony announced on Wednesday that the final piece of its PlayStation Network, the PlayStation Store, is now back online after Sony’s networks were taken down due to a massive security breach. Sony also noted that it has outfitted PlayStation Plus store with new game trials, games, downloadable content, free avatars, and bigger discounts. The company’s “Welcome Back Offer,” which will provide two free games to Sony users as well as 30 days of PlayStation Plus, is in the final stages of testing and will also be available soon. More →

6 Comments

Sony PlayStation Network to be fully restored by this weekend in most regions

By on May 31, 2011 at 10:03 AM.

Sony PlayStation Network to be fully restored by this weekend in most regions

Sony on Tuesday stated that services associated with its PlayStation Network will be fully restored by the end of this week in all regions outside Japan, Hong Kong, and South Korea. Sony also said it would fully restore the Music Unlimited services tied to its Qriocity streaming music offering for the PlayStation 3, PSP and PCs. “We have been conducting additional testing and further security verification of our commerce functions in order to bring the PlayStation Network completely back online so that our fans can again enjoy the first class entertainment experience they have come to love,” said Kazuo Hirai, Sony’s Executive Deputy President, in a statement. “We appreciate the patience and support shown during this time.” Sony recently suffered a series of cyberattacks across various networks that exposed personal data belonging to over 100 million of the company’s customers. Sony is currently working with the FBI to identify the parties responsible for breaching its various digital networks. Hit the break for Sony’s full press release. More →

8 Comments

Sony cyberattacks spill over to Sony Ericsson

By on May 25, 2011 at 2:43 PM.

Sony cyberattacks spill over to Sony Ericsson

Sony continues to be targeted in a series of cyberattacks that have resulted in the theft of personal information belonging to over 100 million Sony customers. Following breaches of the company’s PlayStation Network, Sony Online Entertainment, So-net Entertainment and most recently, the Sony’s Greek website, hackers have breached a database associated with Sony Ericsson’s Canadian online shop. Personal data including names, email addresses and passwords belonging to more than 2,000 customers was compromised, but Sony said no credit card numbers were stolen. A Lebanese hacking group called Idahca claimed responsibility for the attack, and it said the information obtained has been leaked on Facebook and Twitter. It is unclear if this latest attack is tied in any way to previous attacks on Sony’s various digital properties. More →

22 Comments