Security News
Sony Interactive Entertainment has notified current and former employees and their family members about a cybersecurity breach that exposed personal information.According to the data breach notification, the compromise happened on May 28, three days before Sony learned from Progress Software about the flaw, but it was discovered in early June.
The pitfalls of neglecting security ownership at the design stageIn this Help Net Security interview, Nima Baiati, Executive Director and GM, Commercial Cybersecurity Solutions at Lenovo, discusses the disconnect between development and security teams and how companies need to prioritize security and why utilizing a multi-layered strategy is the best way to secure above and below the OS. The hidden costs of neglecting cybersecurity for small businessesIn this Help Net Security interview, Raffaele Mautone, CEO of Judy Security, talks about the cybersecurity problems that small businesses face and the need for prioritization to save businesses from potential fines and damage to their brand reputation. Network Flight Simulator: Open-source adversary simulation toolNetwork Flight Simulator is a lightweight utility that generates malicious network traffic and helps security teams evaluate security controls and network visibility.
Sony says that it is investigating allegations of a cyberattack this week as different hackers have stepped up to claim responsibility for the purported hack. "We have successfully all of Sony systems," read a note posted on RansomedVC's onion leak site.
Vc, a relatively new ransomware / cyber extortion group, claims to have hacked Sony and made off with valuable data. "We have successfully compromissed all of sony systems. We wont ransom them! we will sell the data. due to sony not wanting to pay. DATA IS FOR SALE," the group wrote on their leak site on Sunday.
The United States has taken legal action to seize and return over $154 million purportedly stolen from Sony Life Insurance Company Ltd, a SONY subsidiary, by an employee in a textbook business email compromise attack. "According to the government's complaint, Rei Ishii, an employee of Sony Life Insurance Company Ltd. in Tokyo, allegedly diverted the $154 million when the company attempted to transfer funds between its financial accounts," the Justice Dept said today.
Retired Microsoft engineer, Dave Plummer, offered a blast from the past last week with a look back at the infamous Sony Windows "Rootkit" scandal. In his latest video, Tempest obsessive and author Plummer confessed to having once been the owner of Windows components such as Calculator and CD Autorun.
I just don't think it's possible to create a hack-proof computer system, especially when the system is physically in the hands of the hackers. Hackers may have just made some big strides towards possibly jailbreaking the PlayStation 5 over the weekend, with the hacking group Fail0verflow claiming to have managed to obtain PS5 root keys allowing them to decrypt the console's firmware.
These bots grab some of the limited stock of the PS5 and Xbox on eBay and Amazon and then resell them at huge markups, says PerimeterX. Scalper bots, or sneaker bots, have been chewing up supplies of the Sony PS5 and Xbox consoles amid a shortage of both units, leaving indvidual buyers in a lurch. In a report published Thursday, bot fighter PerimeterX described the damage that automated bots are causing to consumers and retailers alike.
Bug bounty hunting is, at heart, a competitive market, and winner-takes-all is the easiest way for a vendor to avoid the problem of two researchers covertly colluding for extra money. Most bug bounty programs have a rule under which a reasonable timeframe is agreed for fixing the bug.
Sony this week announced the launch of a public PlayStation bug bounty program in partnership with hacker-sourced vulnerability hunting platform HackerOne. Previously, the company ran a private bug bounty with some researchers only, but says that it has come to realize that the research community plays an important role in improving security, and that the newly launched program builds on that realization.