Hasta La Gadget!

Microsoft has issued a statement confirming that some of its “high-profile” Xbox LIVE accounts that are said to belong to both former and current employees have been hacked, reports the folks over at ars technica, which was cyberattacked yesterday by the same hacking group. Known as Team Hype, the hackers are suspected to have caused a host of grief, including having possibly caused a police raid on Brian Krebs, a security reporter.

Said Microsoft to ars technica: “We are aware that a group of attackers are using several stringed social engineering techniques to compromise the accounts of a handful of high-profile Xbox LIVE accounts held by current and former Microsoft employees. We are actively working with law enforcement and other affected companies to disable this current method of attack and prevent its further use.”

In addition, Team Hype is said to use stolen Social Security numbers and credit information to take over Xbox LIVE accounts, according to Krebs, who has also linked one of the hackers with ordering DoS attacks on both his own and ars technica’s websites. The hackers made public videos of them holding account hijacking sessions, with some of those hijacked accounts then being sold to LIVE users.

Earlier today, Microsoft also confirmed that Xbox LIVE users who had used the Xbox Entertainment Award app were compromised, with the Entertainment website having displayed approximately 3,000 instances of gamertags and private information, such as addresses and names. As a result, Microsoft has temporarily pulled the app while it sorts out the issue, directing concerned customers to its Xbox Security Web page.

[via ars technica]

Microsoft confirms LIVE accounts hacked, pulls Xbox Entertainment Award app is written by Brittany Hillen & originally posted on SlashGear.
© 2005 – 2012, SlashGear. All right reserved.

Apple officially released iOS 6.1.3 unto the public today, and we knew it would patch up the infamous Evasi0n jailbreak, meaning that if you update your iPhone 5 or other newer iOS device to iOS 6.1.3, you’ll lose your jailbreak and won’t be able to go back. However, another jailbreak method has been released, and it works on iOS 6.1.3 on older iOS devices.

The jailbreak comes to us from Redsn0w, and it only applies to iOS devices running an A4 processor. It’s also a tethered-only jailbreak, meaning that you’ll have connect your iOS device to your computer each time you want to boot up your device, which can be a pain sometimes. The jailbreak isn’t compatible with any iPad, including the first-generation iPad (although iOS 6 isn’t even available for this iPad anyway).

Of course, it’s still best to remain on iOS 6.1.2 that way you don’t lose your untethered jailbreak. Plus, there could be a few jailbreak tweaks that you use that may not be compatible with iOS 6.1.3, so it’s always best to wait in that case as well. However, if you accidentally updated to the latest version that rolled out today, there’s still hope with this Redsn0w jailbreak.

This specific jailbreak tweak only works on the iPhone 4, iPhone 3GS, and the fourth-generation iPod Touch. You’ll need the Redsn0w software and the iOS 6.0 IPSW file for the jailbreak. From there, it’s just a matter of opening up Redsn0w and installing the various files necessary for the jailbreak. Again, this is a tethered jailbreak, so if you need to reboot, you’ll have to plug in your device to your computer and fire up Redsn0w to get it past the Apple boot-up logo.

[via Redmond Pie]

iOS 6.1.3 tethered jailbreak hits for older iOS devices is written by Craig Lloyd & originally posted on SlashGear.
© 2005 – 2012, SlashGear. All right reserved.

Andrew Auernheimer, or better known as his internet pseudonym “weev”, has been sentence to 41 months in federal prison for obtaining the personal data of over 100,000 AT&T iPad owners on AT&T’s website. Auernheimer exploited a security flaw in AT&T’s iPad registration system that allowed him to download contact information of these iPad owners. The court case goes back a couple years ago.

Auernheimer was found guilty back in November in a federal court in New Jersey. He was found guilty on one count of identity fraud and one count of conspiracy to access a computer without authorization. Auernheimer and a colleague worked together to exploit the security flaw, both of whom will be punished and will be ordered to pay AT&T a collective $73,000 for damages.

The case has been a controversial one, and this is just one out of many highly-criticized cases of security researchers who have been charged with computer crimes thanks to the Computer Fraud and Abuse Act. Meanwhile, activists are calling for reform of the law to distinct between criminal hacking and simple unauthorized access, which would protect security researchers whose activities are not meant to be criminal.

Obviously, Auernheimer will appeal the court’s decision, but apparently he doesn’t regret his actions regarding the AT&T security flaw, and says (in a Reddit AmA) that he was just “being nice enough to give AT&T a chance to patch” the vulnerability before the data set got leaked, but that he “won’t be as nice next time.”

[via Ars Technica]

AT&T iPad hacker sentenced to 41 months in prison is written by Craig Lloyd & originally posted on SlashGear.
© 2005 – 2012, SlashGear. All right reserved.

According to the Department of Justice, Matthew Keys, a 26-year-old journalist hailing from New Jersey has been charged with conspiring with Anonymous, the hacking collective known for trumping some big-name targets. Keys aided the hackers in accessing and altering a Los Angeles Times news article by providing login information.

The information was provided by Keys in an unnamed Internet forum, where he posted the information for Anonymous and added a qualifier to “go [expletive] some [expletive] up.” We’ll let you fill in the blanks. One of the hackers then proceeded to use the login information about a week later, accessing the media company’s website.

A news story on the Times website about Representative Steny Hoyer was altered in an unspecified manner. According to a post by the hacker on the forum with which he was associated with Keys, the altered information was live on the media company’s website for about 30 minutes. Keys responded with “nice,” according to the complaint.

Keys, who has been charged with three felonies related to information transfer, worked for the Tribune until he was fired, at which point he took up his current job with Reuters as deputy socia media editor a little over a year ago. Keys faces up to 10 years in prison, a $250,000, and three years of supervised release per felony.

[via Wall Street Journal]

Journalist charged with giving Anonymous login information is written by Brittany Hillen & originally posted on SlashGear.
© 2005 – 2012, SlashGear. All right reserved.

All-black stealth suits, fingers flying across keyboards, screams of unintelligible jargon at Matrix-style lines of code. These are the things that generally come to mind when you hear the phrase “foreign military hacking unit”—or at least the mind of anyone who’s seen a movie in the past 10 years. But as the Los Angeles Times discovered when they stumbled across the blog of a 25-year-old peon in a People’s Liberation Army hacking unit, the life of a grunt Chinese hacker isn’t quite as glamorous as it may seem. There is, however, plenty of angst to go around. More »