Hasta La Gadget!

It’s been a bit of awhile since we’ve heard about a large online service hack, but we should’ve knocked on wood when we had the chance. Ubisoft has confirmed that some of its “online systems” were hacked, with only usernames, email addresses, and passwords stolen. The game publisher says that financial information is safe, since that info isn’t kept by Ubisoft.

Obviously, Ubisoft is recommending that all account holders change their passwords on ubi.com, as well as on other websites where they use the same password. Of course, it’s good practice to not use the same password for everything, as that could start a chain reaction if your password gets stolen on one service.

However, Ubisoft says that the passwords are encrypted on their servers, so while the hackers didn’t have the passwords themselves at the time of the breach, Ubisoft says they “could be cracked, in particular if the password chosen is weak,” which is why the company is recommending that its users change their passwords as quickly as possible.

Unfortunately, specifics about how the breach happened weren’t disclosed by Ubisoft “for security reasons,” but they said that the hack did not affect their Uplay gaming service. Currently, ubi.com is “under maintenance,” and isn’t accessible at this time because the publisher is working on solving the attack.

Ubisoft is just one of the multiple big game publishers that will be releasing games for the Xbox One and PlayStation 4 later this year. Watch Dogs seems to be one of the big games to hit the new consoles in the fall, and the publisher looks to go all-in on the next-generation of gaming.

SOURCE: Ubisoft Blog

Ubisoft hacked with usernames and passwords stolen, financial info safe is written by Craig Lloyd & originally posted on SlashGear.
© 2005 – 2013, SlashGear. All right reserved.

Microsoft has announced that it is kicking off three bounty programs this month to encourage hackers to find bugs and exploitations. Each bounty program has its own cash reward, with the highest one being $100,000, and the lowest being $11,000. All three bounty programs start on June 26, and with two of them having an

Read The Full Story

It seems you can’t go a day without hearing a new report about hackers, whether they’re of the annoying Twitter-hijacking variety or the more troublesome DDoSing type. Some, however, are more insidious, including the Iranian hackers who are actively attacking the United States’ energy industry. Now a leaked government document shows that Chinese hackers have accessed designs for some of the nation’s most advanced weapons.

The information is said to come from a report that was made for the Pentagon detailing a breach of data in which Chinese hackers gained access to the blueprints of advanced US weapons systems. According to The Washington Post, in excess of two dozen “major” systems were compromised, including ones said to be essential to the nation’s defense against missiles.

The report was created by the Defense Science Board, which is comprised of a combination of civilian and government experts. Such experts say that the Chinese government getting its hands on such sensitive data as weapons designs could have two-fold ramifications: on one side of the scale, it could fuel China’s development of such weapons, and on the other side it could weaken the US’ advantage that results from having these systems.

According to officials who are said to have knowledge of the situation, most of these breaches are parts of China’s overall cyberattacks that have been hitting companies – particularly of the media variety – for some time now. The attacks are said to be against both the US government’s various agencies, as well as its defense contractors.

While specific information on what the hackers acquired isn’t available, it is said that the missile system PAC-3, ballistic missile system Terminal High ALtitude Area Defense/THAAD, and ballistic missile defense Aegis of the US Navy were all compromised. Likewise, the F/A-18, Black Hawk heli, V-22 Osprey, and Littoral Combat Ship all had designs compromised.

SOURCE: The Washington Post

Chinese hackers steal US advanced weapons blueprints according to report is written by Brittany Hillen & originally posted on SlashGear.
© 2005 – 2012, SlashGear. All right reserved.

It has been a week to the dot since the Syrian Electronic Army has last commandeered an unsuspecting Twitter account, this time going after the United Kingdom’s ITV News media company, which owns the UK’s largest TV station. Earlier this evening, half a dozen unusual tweets were sent out via the account, with a couple of them referencing the SEA hacking collective.

The messages were deleted a short while later, followed by a confirmation from ITV News that it had, in fact, been cyberattacked, making it the latest victim in what has been a long and ever-growing list replete with other big-name companies. Until today, The Financial Times was its latest victim, and before that The Guardian, which was hit on April 29.

According to Businessweek, the six tweets included one insulting the French, saying, “Francois Hollande to double aid to rebels, including a complementary French flag with every aid package.” Included in that tweet was an image of a white flag. The tweets eventually pointed towards the SEA as being the source, with one linking to an article said to concern Twitter’s victory over the hacking group. Shortly after that one was another that read: “Just kidding. The Syrian Electronic Army was here.”

The last two tweets perhaps referred to the brief battle between the SEA and Twitter on April 23, with Twitter banning accounts as fast the Syrian Electronic Army could make them. The hackers created at least 6 Twitter accounts that day, with the social network eventually banning each of them.

As we’ve previously noted, humor fake-news website The Onion, which had also fallen victim earlier this year, posted a write up explaining the result of its investigation into the matter. As had been stated by victims before it, the Syrian Electronic Army managed to get the social media account’s credentials after sending out phishing emails to a few employees, with it usually only taking one to fall for it in order for the plan to be successful. As such, media companies are encouraged to teach their workers how to recognize phishing schemes to help prevent such an attack.

SOURCE: Businessweek

UK’s ITV News hacked by Syrian Electronic Army is written by Brittany Hillen & originally posted on SlashGear.
© 2005 – 2012, SlashGear. All right reserved.

Another day, another cyberattack by the Syrian Electronic Army. This time the hacktivist collective targeted The Financial Times, making a nuisance of itself by taking over several of the company’s Twitter accounts, as well as changing the titles of posts on The Financial Times‘ blog posts to “Hacked by the Syrian Electronic Army.” While the actions themselves are annoying, one message in particular crossed the line when it sent readers to a video of an execution.

The Syrian Electronic Army has attacked a variety of media companies, including CBS, The Guardian, E! Online, and even The Onion. Often times, the hackers take control of the company’s Twitter account(s) and use it/them to post messages, some of them coming across as nonsense, others as fake news (such as Justin Bieber coming out of the closet), and sometimes things of a more serious nature, such as the link to a video execution on YouTube posted on one of the Financial Times’ Twitter accounts.

The Financial Times confirmed the hacks to The New York Times in an email, according to the latter company. While the company didn’t specify how the hackers gained access to their system, there’s a good chance it was accomplished the same way its other breaches have been achieved, which was detailed by The Onion earlier this month.

According to a blog post published on May 10, The Onion’s attack was the result of a rather conventional phishing scheme that involved sending links to a few of the company’s employees. The links purported to be of an interesting story, but instead took the recipient to a page requesting Google Apps login information. When someone falls for the ruse, their email is then used to try to message other workers for additional login information.

When someone in possession of the company’s social media accounts takes the bait, the hackers can then log into the account, change the password, and begin wrecking havoc. A similar attack was performed on The Associated Press, with one of the hackers revealing that 50 of the company’s employees had revealed their login information. Such attacks reaffirm that companies should train their employees on how to recognize phishing attempts, as well as taking measures to reduce the amount of damage that can result if someone does provide their credentials.

SOURCE: The New York Times

Syrian Electronic Army cyberattacks The Financial Times is written by Brittany Hillen & originally posted on SlashGear.
© 2005 – 2012, SlashGear. All right reserved.