Pretend hackers plan to attack the digital infrastructure of the 2012 Olympics.

A series of worst-case scenarios are to be played out in March and May, just months ahead of the Games’ opening. They include a massive denial of service attack on the official website, and a virus getting onto organisers’ computers. One of the biggest fears around the Olympics is not a crashed server or power outage, but a deliberate attack by cyber criminals. During the period of the 2008 Beijing Olympics, China was subject to about 12 million online attacks per day. The UK has learned lessons from its predecessor,Read More

RSA has admitted that March’s security breach has compromised SecurID.

RSA, the makers of SecurID, has finally admitted publicly that the breach of their systems we reported on back in March has resulted in the compromising of their SecurID two-factor authentication tokens. The admission comes in the wake of cyber intrusions into the networks of three US military contractors. RSA’s Chairman Art Coviello has stated that the company is offering to replace the nearly 40-million SecurID tokens currently in use, or to provide security monitoring services. For financial institutions, RSA is offering to also provide transactions monitoring. Sources:  [1] SourcedRead More

Sony’s PlayStation Network. Finally.

As we all know, Sony was forced to close the PlayStation Network a month ago when hackers gained access to members’ personal details. Since then, the Japanese electronics giant has been working to improve its security systems. Having recently restored the PlayStation Network, the service had to be taken back offline briefly due to the sheer number of users trying to change their passwords. Limited service has now been restored in most countries, including the UK and United States. Sony is offering its users a “welcome back” package of premiumRead More

Sony’s PlayStation Network may stay offline as late as May 31st.

More than a week after Sony told the world to expect some functionality to return to the PlayStation Network, it has not happened: you can’t play your games online, make digital purchases, or download demos; the service remains completely dead. Analyst Nobuo Kurahashi told the Wallstreet Journal that he estimates Sony could be on the hook for $1.25 billion in lost business. He says, “It could take months for the security woes to settle, and how this may affect consumer confidence in Sony’s online services in [the] long run isRead More

Sony’s PlayStation Network is coming back online… region by region.

Sony executives promised users on Saturday that they would start restoring their cloud-based PlayStation Network and the related Qriocity [curiosity] services this week following what the company called an “illegal and unauthorized” intrusion last week which they have now confirmed has threatened roughly 101 million users worldwide. Sony, based in Tokyo, said that the breach may have affected the credit card information of approximately 10 million users. Services are finally starting to be restored region by region. There are some reports of service coming online in some parts of Japan,Read More

Ironic Hacking? mysql.com was pwned via SQL Injection.

In an email sent out on their full disclosure mailing list Sunday, it was revealed that a number of web sites, including mysql.com and sun.com, were compromized using, perhaps ironically, an SQL injection attack. In the blind attack, databases were stolen which contained both member and employee email addresses and account credentials, as well as tables with customer and partner information and internal network details. Encrypted passwords from the database were posted online, with some having been already cracked. MySQL is a databasing platform used by millions of web sitesRead More

The RSA SecurID has been compromized, and its users no longer feel protected.

Users of the RSA SecurID are in for a shock this week, as their trusted two-factor authentication has been compromised. In an open letter, Art Coviello, the executive chairman of RSA, made public the fact that the company has suffered a breach and data loss following an “extremely sophisticated cyber attack.” Coviello continues to say, “While at this time we are confident that the information extracted does not enable a successful direct attack on any of our RSA SecurID customers, this information could potentially be used to reduce the effectivenessRead More

Another hacker has been caught from a $10 million international bank heist in 2008.

[From net-security.org] A 27-year old Russian hacker pleaded guilty this week to stealing $10 million from a former Royal Bank of Scotland division back in 2008. Yevgeny Anikin has admitted that he was part of the international hacking ring that executed the cyber heist. According to Reuters, they hacked into the accounts of the bank’s customers, raised the maximum withdrawal limit, and organized a simultaneous withdrawal of the funds from ATMs located in Europe, the US and Asia. Anikin is not the first member of that hacking ring to beRead More

Cyber thieves are cashing in after stealing credit cards in a hack attack on the website of cosmetics firm Lush.

[From bbc.co.uk] Cyber thieves are cashing in after stealing credit cards in a hack attack on the website of cosmetics firm Lush. Many Lush customers have reported that their cards have been used fraudulently. The online shop was shut down on 21 January and its home page replaced with a message revealing the attack. Lush said anyone who placed an online order between 4 October and 20 January should contact their bank in case their card details had been compromised. Sources:  [1] Sourced By:  Roy W. Nash

Sony is suing hackers who broke the PlayStation 3 copy protection code.

Sony has launched legal action against hackers who uncovered and published a method of revealing security codes for the PlayStation 3. The hack potentially allows anyone to run any software on their machine, including pirated games. Sony’s lawsuit argues that this constitutes copyright infringement and computer fraud. One of the hackers involved in cracking Sony’s protection code, George Hotz told BBC News “We have not published any encryption or signing keys. We have not published any Sony code, or code derived from Sony’s code.” Hotz has spoken to legal councilRead More