Statement from FBI notes similarities between Sony Pictures hack and other intrusions by North Korea
[Updated with comments from President Barack Obama] North Korea is responsible for the attack on Sony Pictures, the Federal Bureau of Investigation (FBI) has now announced. The statement about the agency's investigation into the intrusion of the movie studio's computer network, and subsequent leaks, comes at the same time as messages supposedly coming from the hackers wanting Sony to do more than halt the release of "The Interview" movie.
Six movie studios, including Sony, provided $500,000 per year for the MPAA's campaign against Google
In the past weeks, quite a lot has been revealed about Sony's role in ongoing anti-piracy efforts due to the leak of emails as part of the fallout of the North Korean-based GOP attack on the studio. In a post on Thursday on the Google Public Policy Blog, Kent Walker, Google SVP and general counsel, outlined even more leaks that describe a combined and carefully planned effort by Sony and five other studios that began this year to provide funding and legal support for the MPAA's efforts to court State Attorney Generals and target Google directly.
Newly-discovered bug introduced in 2002, affects most unpatched devices
Researchers from Check Point Software Technologies released information on Thursday about an exploit they are calling "Misfortune Cookie." This bug was introduced into "RomPager" software, which is commonly embedded into residential gateway devices such as routers, beginning in 2002. A conservatively-estimated 12 million un-patched devices, connected to the Internet in 189 countries, are at risk.
Team America prevented from being replacement for The Interview in cinemas
The fallout from the Sony Pictures hack continues, and is now affecting more than just The Interview. Theaters planning to screen Team America: World Police instead of the James Franco movie have been stopped from doing so, while a number of celebrities have all denounced Sony Pictures' decision to withdraw The Interview from distribution, and the White House has refused to comment on the hack investigation.
Requires physical access, but works on OS X, Windows, Linux
A new USB microcontroller -- roughly the size of a small thumb drive -- has been demonstrated as a proof-of-concept device that leverages a serious and unfixable vulnerability in USB easily take over and install malware on any unlocked computer. Though it requires physical access or tricking the user into inserting the controller into a USB port, the device has worrying implications for any computer left unattended for more than a minute -- the time it takes for the device to gain admin access, change network settings, install a backdoor and remove any obvious sign of intrusion.
Personal data, files of ICANN CZDS users accessed by hackers
The Internet Corporation for Assigned Names and Numbers (ICANN), the organization which allocates IP addresses and oversees the use of domain names, has been the latest high-profile victim of hacking. The non-profit confirmed its systems were accessed by unauthorized individuals earlier this month, following a "spear phishing" attack in late November.
FBI, diplomats had previously denied direct North Korean involvement
US government officials now believe North Korea is, in fact, behind the attack of Sony Pictures Entertainment's computer system and subsequent data leaks, according to reports. The government is also said to be preparing to make an official statement about its findings, which may arrive as soon as tomorrow, though apparently there is still some internal debate as to what kind of response to make to the insular country. Previously, the FBI had said it had "no evidence" of a direct North Korean connection, though the country was suspected from the outset.
Spreads through networks, can re-infect if a single file is overlooked
Earlier this month the official blog of security firm KnowBe4 revealed information about a new strain of Ransomware. On top of the usual encryption of files on a computer and demanding payment in Bitcoin currency to regain access, VirRansom can replicate itself like a virus, infecting any and all files on a computer before spreading through a network.
Stars pull out of promotional activities over threats to audience
[Updated with Sony canceling the film's release] People intrigued by Sony Pictures movie The Interview may reconsider watching it in the cinemas at release, as a message appears to directly threaten its viewers. A posting claimed to be from the Guardians of Peace, the group supposedly behind the hacking of Sony's corporate network, appears to suggest some form of major incident will take place at premieres.
Managing privileged operations on Linux servers key for protecting e-commerce servers
In a blog post today, AlertLogic Chief Security Evangelist Stephen Coty outlined ways to identify and protect against a Linux server exploit he has dubbed "Grinch." Citing a 2013 report from W3Tech stating that approximately 65 percent of all web servers utilize a Unix or Linux-based operating system, he said that the danger is that Grinch can be used to "steal Christmas." At the crux of this exploit is a way to access administrative permissions through JournalID, which could allow remote execution of commands on any Linux-based server.
Insecure URLs from Delta revealed boarding passes from other airlines, other passengers
Dani Grant, the founder of the security research group Hackers of NY, has reported a serious flaw in the way that Delta and potentially other airlines handle online boarding passes, often displayed on smartphone screens to gain entry to flights. Grand discovered that if she shared the URL to her Delta online boarding pass, anybody could download and potentially redeem it. Even more disturbingly, when she changed with the last digit of the seemingly random numbers in the URL, she could view someone else's online boarding pass, which might even be on an entirely different airline.
Christmas comes early as white hats totally pwn script-kiddie newbs
Since August, a hacker group calling itself the Lizard Squad -- self-described as a handful of 'guys with too much free time on their hands' -- have been entertaining themselves by spoiling other people's fun. Primarily, they've been doing this by attacking online video game services and knocking them offline. An opposing "white hat" group of network security researchers have now exposed members of the Lizard Squad group, leading to the arrest of three members, some of whom had also been involved in bomb threats and other domestic terrorism.
Apple, most big tech companies support Microsoft in Irish email case
This week saw the submission of ten amicus curae briefs filed from a combined 87 individuals, businesses, and associations in support of Microsoft's challenge to a US search warrant for an email stored on a data center in Ireland to the court. The fight between the US government and the Windows maker centers around US law's reach into a customer's private records when the records are actually stored in another country.
Ad giant has until February to make changes to its data-collection methods
Google doesn't properly inform users in regards to the extent of data collection and collation from all of Google's various products, a Dutch agency says about the search and advertising giant, and is threatening the company with a €15 million ($18.7 million US) fine if it doesn't change its notification to users of everything from its data collection methods to the fact that it owns YouTube by next February. The agency, known as the CBP, says Google's collation of user data is a violation of Dutch law.
Request to stop reporting details of Sony Pictures leaks sent to news outlets
Sony Pictures has requested the media not to report the contents of leaks stemming from a major intrusion at the company last month. The movie studio has written to a number of sites and organizations, telling them that the gigabytes of confidential employee, financial, and other corporate data must be deleted, and to cease publishing details gleaned from the information.
Hacking teams release data, targets attack against Swedish authorities
The shutdown of The Pirate Bay by Swedish authorities has allegedly incurred the wrath of people claiming to be part of the Anonymous hacktivist group. At the same time, the takedown of the site does not appear to have deterred pirates, with one report claiming the takedown may have in fact increased traffic rather than reducing it.
'Christmas dump' incoming with more 'interesting' Sony Pictures data
Months before the hacker intrusion on Sony Pictures' network, analyst firm PricewaterhouseCoopers (PWC) performed an analysis on the company's security, and found it lacking. More than 100 devices were found to be unmonitored by corporate security following an incomplete transition from a private security firm to an in-house team. As a result, any Sony response to network intrusion would be, in the words of the auditors, "slow, fragmented, and incomplete, if it would even happen at all." However, corrective actions proposed by PWC seemingly went undone, which left the doors to the company open, sometimes literally, facilitating the attack.
Scope and scale of attack unknown; FBI briefing gives response guidelines
The US Federal Bureau of Investigation (FBI) has warned businesses, energy firms, and educational institutions all the way to the middle school level to be aware of an organized hacking effort by elements in Iran. While the FBI does not explicitly state that the Iranian government is behind the attacks, the efforts are originating from within Iran and some security experts believe that it is a state-sponsored attack.
Windows 7 TLS, SSL implementation fix breaks driver installations
This week's Microsoft "Patch Tuesday," the regular scheduled day for updates and bug fixes from the Redmond giant, hit a few snags. While one problematic patch to Exchange 2013 has already been retracted and re-issued, a second patch -- this one addressing SSL and TLS authentication -- has rendered many Windows Update drivers, including video card drivers from Nvidia and AMD, uninstallable on Windows 7.
Leaked information reveals potential legal tactics and meetings with Google execs
A disturbing new email leak sent to Sony Pictures CEO Michael Lynton in 2012 has revealed a secret meeting between officials from the Department of Homeland Security and representatives from Google that was focused on methods by which the various groups could hobble or block sites known for hosting pirated materials. Meetings also occurred between the MPAA and an unnamed national law-firm across 2013 to discuss methods to force ISPs to block sites hosting or aggregating pirated content.
Un-jailbroken iOS devices safe from attack; Android, Windows smartphones at most risk
Beginning in Russia and spreading quickly to other countries, a new variation on the formerly-dormant Red October malware has been detected by security firms such as Blue Coat and Kaspersky this week. The new version -- which is notably targeting smartphones of diplomats, military leaders and business executives -- contains a level of sophistication in the function and code that suggests a rogue state, which would have the resources to assemble the talent, is backing the attack.
App replaced by 'Amazon Shopping' app with no links to app store
As a result of a revised developer's agreement, Google has made the original Amazon Android app undiscoverable in Google Play. Amazon has replaced the removed app with a new "Amazon Shopping" app, which notably removes access to the retailer's app store through a Google Play-sanctioned app, leaving users forced to "sideload" a separate app from another source in order to facilitate downloads and purchases from Amazon's app store.
Employs DDoS attacks, enlists Amazon Web Services to block distribution
In a surprising twist to the ongoing saga of an attack on Sony Pictures' internal computer system by unidentified hackers (likely to be from North Korea), the studio is starting to fight back by leveraging Amazon Web Services to carry out distributed denial of service (DDoS) attacks on identified servers that contain files stolen from Sony over the last month. Taking a page from its own playbook, the media conglomerate is flooding suspect servers with dummy files, a sequel of sorts to anti-piracy attacks carried out by the firm in conjunction with Media Defender seven years ago.
Pending law enforcement forces move, Google shutdown makes law irrelevant
The Google Europe Blog this week released an update on the status of Google News in Spain. Richard Gingras, Head of Google News, informed readers that Google News will be shut off for them next week, before a new law takes effect in January. Gingras writes this law requires publishers to charge search providers a licensing fee for any content visible on the search website (including headlines), "whether they want to or not."
Malware gave 'unauthorized person' access to plaintext information for at least 39 days
In a statement, electronic payment gateway provider Charge Anywhere announced that it had discovered "malware that had not been previously detected by any anti-virus program" in their system. The discovery was made after an unnamed party requested the company investigate some unauthorized transactions that appeared to be made legitimately.
Leading theories of state sponsored attack put forth by Sony, others in doubt
The assistant director of the Federal Bureau of Investigation's cyber division, Joe Demarest, has declared that the government of North Korea, at least, doesn't appear to be the instigator of the Sony Pictures attack. Speaking at a cybersecurity conference, the chief said that despite the attack package being compiled in Korean "there is no attribution to North Korea at this point."
Multiple sites taken down as Swedish police seize Pirate Bay servers
Notorious piracy website The Pirate Bay was taken offline yesterday, as part of a raid by Swedish authorities. The server raid in Stockholm, which took place yesterday morning, is said to be performed as part of a large operation to protect intellectual property, with several servers and other computers seized for further examination by the police.
Users directed to URL to restore missing files
Apple has released iOS 8.1.2 for iPhone, iPad, and iPod touch owners. The firmware is a minor update, dealing mainly with a glitch which removed ringtones bought through the iTunes Store. People wanting to get those files back are being pointed to a special URL, which in turn redirects visitors to a new page at the Store.
Blackphone PrivatOS Spaces update will help separate work, personal data
The security-minded smartphone from Geeksphone and Silent Circle will soon have its own privacy-focused app store. A future update for Blackphone has also been announced, with a change to the Android fork PrivatOS providing a way to separate the different types of data stored on the device, keeping them segregated for increased app security.
Continued data leaks, attacks threatened if movie release halted
Hackers behind the Sony Pictures intrusion have made a more public demand for the company to stop the release of an upcoming film. The demand from the "Guardians of Peace" is accompanied by another large release of internal data, with information about aliases used by celebrities, as well as more contact information for the stars and their assistants.
Real hunts for new plaintiffs in 10-year-old case
Judge Gonzales Rogers has ruled against an Apple request to dismiss the 10-year-long lawsuit by audio software maker Real, but has not denied that the case may soon be without a valid plaintiff. Following the dropout of the first of two women named in the original case, more evidence was presented in court today that the remaining plaintiff, Marianna Rosen, is also not qualified by virtue of not having directly bought an iPod in the relevant time window with her own funds.
iCloud attacks likely key subject of discussion
Apple CEO Tim Cook met with Lu Wei -- the chairman of China's State Internet Information Office -- during the latter's recent trip to the US, reports say. Lu is also said to have met with Facebook CEO Mark Zuckerberg, and Amazon CEO Jeff Bezos. It's unclear what Lu discussed with the executives.
Series of attacks mirrors similar incidents by same group in August
Sony has suffered its second major hacking incident in recent weeks, with its PlayStation console users being the target this time. The company's PlayStation Network services were knocked offline late last night before returning to normal earlier this morning, in an attack which coincides with the 20th anniversary of Sony's original game console release.
Alleged 'Guardians of Peace' leader sent email demanding Sony 'behave wisely'
The Sony Pictures hack attack has taken a dark turn. A mass email in broken English went out to employees whose data was stolen by the so-called "Guardians of Peace," demanding that recipients return the email, or "not only you but your family will be in danger." In the email, the attackers are demanding that employees "make your company behave wisely" in order to stop future incidents by the hack group.
Class-action suit by banks will be bellwether for future hack responsibility suits
The judge overseeing the suit filed by banks against Target regarding the "Black Friday" data breach from 2013 has allowed the suit to continue, despite protestations by the retailer. Judge Paul A. Magnuson of the Minnesota district court has ruled that Target failed to respond to warnings that an attack was imminent, and the failure to observe these warnings meant that the company played a "key role" in allowing the data theft.
Personal data belonging to Sylvester Stallone, Rebel Wilson leaked in hack
The Sony Pictures data breach may be bigger than originally believed, as reports claim a lot more people than the 6,000 employees have been affected. Personal data including Social Security numbers for more than 47,000 current and former employees were apparently involved in the leak, including information relating to famous celebrities such as Sylvester Stallone and Rebel Wilson.
Secure Data Act attempts to ban the inclusion of vulnerabilities for surveillance, search
A new Senate bill was introduced on December 4 that aims to halt one channel of government intrusion into electronic devices and software. Privacy and technology supporter Sen. Ron Wyden (D-OR) unveiled the Secure Data Act, which he drafted to cut off recent attempts by government officials to change laws and render new private encryption and device trends obsolete in the name of government access.
Explains why DRM was formerly required by record companies, more
Day three of the Real vs. Apple trial over allegations that Apple deliberately blocked rival stores' DRM music files on the iPod (a potential antitrust violation) continued today with testimony from Eddy Cue, Apple's SVP of Internet software and services and the executive in charge of the iTunes Store. Cue was on the stand for hours, going through an explanation of why the original iTunes Store had to have digital rights management in the first place, how Apple developed its FairPlay wrapper, and why it chose not to license FairPlay to others.
Apple, Samsung, HTC among identified parties
Taiwan's National Communications Commission has found 12 cellphone makers to be violating the country's Personal Information Protection Act, according to the Wall Street Journal. PIPA covers the "collection, processing and use of personal information"; the NCC has yet to say exactly how the companies broke regulations, but does explain that it discovered the issue while investigating charges that Chinese firm Xiaomi was collecting and transmitting user data without permission.
Anti-North Korea comedy "The Interview" scheduled to be released December 25
Despite previously calling a movie soon to be released by Sony Pictures an "act of war," North Korea has denied any involvement in the seemingly-ongoing studio hack. An anonymous diplomat from the country has refuted state involvement in the data theft, and claims that North Korea has "publicly declared that it would follow international norms banning hacking and piracy."
Bugfix updates add Firefox import, improves WebGL on Retina displays
On Wednesday, Apple released minor updates to Safari for the current and two most recent OS X versions. Mountain Lion (OS X 10.8.5) users will see an update to Safari v6.2.1, Mavericks (10.9.x) users will see Safari 7.1.1 available for update, and Yosemite users (10.10) will get Safari 8.0.1. The releases share a variety of bug and security fixes, and add the ability to import usernames and passwords from Firefox.
High accuracy of scripted bots prompts change in Captcha system
Google is updating the reCaptcha human authentication system, by effectively removing the Captcha element for the majority of users. Dubbed the "No Captcha reCaptcha," the new API will attempt to monitor the user's interaction with the captcha to see if they are genuine or a script, with most valid users able to simply click a tick box without seeing a Captcha at all.
Update to Android Lollipop may fix lock screen bug
An update for Android Lollipop is believed to be on the way, after a new factory image for Nexus devices was released for download. Version 5.01 of the mobile operating system has been pushed to AOSP along with factory images for the Wi-Fi Nexus 9, Nexus 10, and 2013 Nexus 7, a step usually followed by an over-the-air update for other devices.
Security concern based on apparently false newspaper article
A member of the center-left Fair Russia party and State Duma lawmaker is proposing a bill that would recommend that all Russian parliament members stop using iPhones and iPads to protect themselves from foreign eavesdropping, based primarily on what appears to be a false report that the Russian military has done the same. The Defense Ministry has since denied the report from the newspaper Izvestia, but the bill has again opened the question of whether foreign-made smartphones and tablets are secure.
FBI gives guidance to major US corporations, including who to notify during attack
While not specifically naming any names, the FBI has warned that a major cyberattack has taken place against US businesses in the last two weeks. The advisory, likely given in the wake of the enormous Sony breach, gives some details about the tools used in the assault, and provides advice to the businesses on how to respond to the package, which includes informing the FBI.
Fury, Annie, other leaked films shared over 1M times collectively
A number of Sony movies have been leaked following the Sony Pictures hack last week, according to reports. At least five movies are circulating on file-sharing sites, and while unreleased films including Mr Turner and Annie are being pirated before a theatrical release, the recent Fury is claimed to be receiving a considerable amount of attention, despite still being shown in cinemas.
'Your friend in the digital age' allegedly aids piracy by ignoring infringement
A pair of music publishers have launched a suit against Internet service provider Cox Communications. BMG Rights Management and Round Hill Music accuse the provider of failing to penalize serial rights infringers, with warnings by watchdog Rightscorp (well known for its false positives) going ignored. The pair claims that Cox's refusal to deliver the messages serves to dilute the entire anti-piracy effort agreed to by the ISPs, and hurts both the ISP industry and music-producing business in the process.
All Writs Act compels 'reasonable' unlock assistance, gives idea of future circumvention
In the face of increasing security measures on consumer devices, the US Department of Justice appears to be returning to old school tactics to get at data in devices. A judge in New York ordered an unnamed smartphone manufacturer to provide technical assistance in unlocking a device, something prosecutors argued under the All Writs Act of 1789. While the All Writs Act has been used in the past in technological situations, it could be the de facto means of law enforcement data requests in the future.
Company achieves revenue growth after breach fallout, full impact still unknown
Home improvement retailer Home Depot is still locked into a battle over the security breach it reported in September that put 56 million credit cards at risk. However, the fight is no longer against cyber criminals, but rather consumers affected by the breach and government agencies. To date, the retailer is involved in "at least 44 civil lawsuits" in the US and Canada.
USWW looks to unionize guards at Cupertino campus
With the backing of activist Reverent Jesse Jackson, United Service Workers West is hoping to unionize the security guards working at Apple's Cupertino headquarters, and in the short term is urging the company to use a different security contractor, says the San Jose Mercury News. USWW is ultimately aiming to unionize guards across Silicon Valley, but is beginning with Apple in the belief that it could set a standard for other tech companies. While the union would likely stand to benefit from dues, it notes that service workers in the Bay Area are often just scraping by financially, since the cost of living has been inflated by the salaries of high-tech workers.