ICYMI: Sony passwords, government malware and the return of Poodle
ICYMI: Sony passwords, government malware and the return of Poodle

Weak passwords revealed by Sony Pictures hackers

Experts blamed a lack of user education for Sony Pictures employees' weak passwords, after hackers from the Guardians of Peace (GOP) posted more of the firm's confidential details online.

It comes after Sony Pictures was hit by a blackmailing hacker attack last week, which shut down its IT systems, hijacked Twitter accounts and stole confidential documents and passwords. Weak passwords included terms such as ‘s0ny123'and ‘password'.

NSA, GCHQ or both behind Stuxnet-like malware?

At the end of last month, Symantec discovered a new piece of customisable malware - named Regin - reminiscent of the Stuxnet worm - which has been stealing data from governments, telcos, energy companies and SMEs since 2008.

Experts from Fox-IT later claimed in an interview with SCMagazineUK.com that it believed NSA or GCHQ were behind the malware, a view reinforced shortly afterwards by The Intercept. Fox-IT and other anti-virus vendors have, however, been attacked for not disclosing their knowledge of the malware earlier.

Chinese cyber-espionage suspected, 77 arrested in Kenya

A fire last Sunday exposed illegal activity and suspicion of a large scale Chinese cyber-espionage scheme targeting Kenya's communication systems as well as its banking data and ATM machines, leading to 77 arrests, with IT security experts and government officials from both countries stepping into the investigations.

Seventy seven confirmed Chinese nationals have been arrested thus far, held under charges that include unlawful operation of radio equipment and living in the country without documentation. However, a police statement confirmed that the group appeared to be manufacturing ATM cards and might also be involved in internet fraud and money laundering. On Thursday, technical experts were called in to determine if cyber-espionage was a factor. 

Poodle bug still hitting 10% of the world's websites

Poodle, first discovered two month ago by Google researchers, is a flaw in the ageing SSL 3.0 protocol used to encrypt traffic between websites and users. This allowed attackers to decode ‘secure' communications such as online banking transactions or webmail.

But just when web admins thought it was safe, a new variant has been found that hits the more modern TLS (Transaction Layer Security) protocol used by “some of the most popular websites in the world”, according to an 8 December blog by Ivan Ristic at Qualys. Ristic says that, according to the latest Qualys SSL Pulse scan, around 10 percent of servers are vulnerable to the Poodle attack against TLS - mainly because of the popularity of F5 load balancers which are impacted. 

Sony woes continue: Lizard Squad launches DDoS attack on PlayStation Network

Hactivism group Lizard Squad claimed to have hacked Sony's PlayStation Network, with the firm still reeling from one of the biggest data breaches in recent history.

The PlayStation Network was down for two hours early on the Monday morning, according to Sony, which says that there were no signs of data loss. Gamers trying to access the store at around 2 am GMT on Monday morning saw the message: “Page Not Found! It's not you. It's the internet's fault”. Access was restored in the early hours of the morning.

Lizard Squad has also been linked to numerous high-profile DDoS attacks on gaming platforms including Microsoft's Xbox Live and Call of Duty of late – as well as a hoax bomb threat against a Sony executive back in August.

Other stories you should read this week...

Hackers 'could launch cyber-attacks on driver-less cars to cause chaos on London's roads (Evening Standard)

Bypassing AV the easy way (Nettitude)

Taiwan a canary in the coalmine of cyber-warfare (The Sydney Morning Herald)

A breakdown and analysis of the December 2014, 2014 Sony hack (Risk Based Security)

Indicators of attack vs indicators of compromise (CrowdStrike)