Slashdot is powered by your submissions, so send in your scoop

 


Forgot your password?
Close
typodupeerror
×
Security

Rackspace Restored After DDOS Takes Out DNS 49

Posted by samzenpus from the back-again dept.
An anonymous reader sends word that Rackspace has recovered from a severe distributed denial of service attack. "Over on the company's Google+ page Rackspace warned of 'intermittent periods of latency, packet loss, or connectivity failures when attempting to reach rackspace.com or subdomains within rackspace.com.' The company's status report later confirmed it had '... identified a UDP DDoS attack targeting the DNS servers in our IAD, ORD, and LON data centers [North Virigina, Chicago and London]. As a result of this issue, authoritative DNS resolution for any new request to the DNS servers began to fail in the affected data centers. In order to stabilize the issue, our teams placed the impacted DNS infrastructure behind mitigation services. This service is designed to protect our infrastructure, however, due to the nature of the event, a portion of legitimate traffic to our DNS infrastructure may be inadvertently blocked. Our teams are actively working to mitigate the attack and provide service stability.'"
PlayStation (Games)

Xbox Live and PlayStation Networks Downed By Apparent Attack 160

Posted by timothy from the no-fun-for-you dept.
mrspoonsi writes Both Xbox Live and PlayStation Network [were] down this morning, apparently due to a denial-of-service attack. The notorious hacking group Lizard Squad — which already carried out earlier attacks on Microsoft and Sony — has claimed responsibility on Twitter for these latest outages. While the group's role in all of this remains unconfirmed, it's worth noting that the group threatened last week to take down Xbox Live and PSN, according to Business Insider. And again, Lizard Squad has already proven it can successfully pull off such attacks, not to mention other malicious pranks.

Whatever the cause, the timing is obviously terrible: Plenty of people surely received one of the two consoles as Christmas presents today, while many more gamers would have happily spent the afternoon in front of the TV. In the meantime, both Sony and Microsoft have acknowledged the problem, with Sony issuing a tweet and Microsoft posting a message on its support website: "We're working to address this as quickly as we possibly can," reads its status website. "Thanks for your patience, Xbox members." In an email, a Microsoft spokesperson declined to comment further or say when the company expects to restore service. We've also asked Sony to comment and will update this post if and when it does. The Xbox Live status page says service remains "limited," and the Playstation Network is listed as offline.
Government

North Korean Defector Spills Details On the Country's Elite Hacking Force 166

Posted by timothy from the can't-hack-in-here-this-is-the-hacking-room dept.
mattydread23 writes Business Insider interviewed Jang Se-yul, a North Korean defector who trained in the country's Mirim University alongside some of the hackers who make up its elite Bureau 121 hacking squad. He explains how they train: 'They take six 90-minute classes every day, learning different coding languages and operating systems, from C to Linux. Jang says a lot of time was spent dissecting Microsoft programs, like the Windows operating system, and how to attack the overall computer IT systems of enemy countries like the U.S. or South Korea.' He also explains that these hackers are among the elite in North Korea, and even though they have unfiltered information about the outside world that their countrymen lack, most of them would never dream of leaving. (See also this story from earlier this month about the life of North Korea's elite hackers.)

Comment Re: Mobile e-mail requires a mobile data plan (Score 1) 237

by theskipper (#48664893) Attached to: The Slow Death of Voice Mail

Re: $300, it really depends on your overall blend of cell usage. I've used Ting's pay as you go service for a couple years and do the same thing the op does, turn on $3/100MB mobile data for email on my S3 when I'm traveling. They're a Sprint MVNO, so coverage is predictable by looking at the Sprint maps.

Bottom line is that if all three parts of your voice/text/data usage are low, then $25/mo is not only doable, it's actually a little high.
Security

Cyberattack On German Steel Factory Causes 'Massive Damage' 212

Posted by Soulskill from the social-engineering-is-the-bug-you-can't-fix dept.
An anonymous reader writes: In a rare case of an online security breach causing real-world destruction, a German steel factory has been severely damaged after its networks were compromised. "The attack used spear phishing and sophisticated social engineering techniques to gain access to the factory's office networks, from which access to production networks was gained. ... After the system was compromised, individual components or even entire systems started to fail frequently. Due to these failures, one of the plant's blast furnaces could not be shut down in a controlled manner, which resulted in 'massive damage to plant,' the BSI said, describing the technical skills of the attacker as 'very advanced.'" The full report (PDF) is available in German.

Comment Re:$32 million of greed. (Score 1) 170

by theskipper (#48640211) Attached to: Calculus Textbook Author James Stewart Has Died

Put it this way, before 1980, sure. But over the last 30 or so years it's been a different ballgame.

There were 100 baggers available by selling at the top of the internet bubble. Or buying MDVN 10 years ago or tucking away some AAPL in the dark days. And these opportunities aren't dying out; for example, the same scenario is playing again right now in immuno/gene therapy.

Expand that out to real estate, Forex, domain names or just about any other investment/speculative vehicle over that time and you're talking a massive # of individual opportunities that yielded multi-fold returns. Returns that could be parlayed into further opportunities.

So imo it's not unreasonable for someone to turn $1m into $30m over a 20 year span even with average discipline, intelligence and luck.
Security

Hackers Used Nasty "SMB Worm" Attack Toolkit Against Sony 177

Posted by timothy from the forewarned-is-forearmed dept.
wiredmikey writes Just hours after the FBI and President Obama called out North Korea as being responsible for the destructive cyber attack against Sony Pictures, US-CERT issued an alert describing the primary malware used by the attackers, along with indicators of compromise. While not mentioning Sony by name in its advisory, instead referring to the victim as a "major entertainment company," US-CERT said that the attackers used a Server Message Block (SMB) Worm Tool to conduct the attacks. According to the advisory, the SMB Worm Tool is equipped with five components, including a Listening Implant, Lightweight Backdoor, Proxy Tool, Destructive Hard Drive Tool, and Destructive Target Cleaning Tool. US-CERT also provided a list of the Indicators of Compromise (IOCs), which include C2 IP addresses, Snort signatures for the various components, host based Indicators, potential YARA signatures to detect malware binaries on host machines, and recommended security practices and tactical mitigations.

Comment Re:$32 million of greed. (Score 2) 170

by theskipper (#48639513) Attached to: Calculus Textbook Author James Stewart Has Died

Most likely not. Based on a cursory look at Scholastic, McGraw-Hill and John Wiley, only the latter has returned close to a 10-bagger in the last 20 years. Of course the obvious stock in the book space is Amazon at 100x+.

But the point is that there have been tons of investment opportunities that yielded extraordinary returns over that period. Being "astute" means you get rewarded for great due diligence, mixed in with good timing and some luck. It's the same for everyone who takes risk by investing, he shouldn't be pilloried for success imo.
Businesses

Staples: Breach May Have Affected 1.16 Million Customers' Cards 97

Posted by timothy from the your-name-here dept.
mpicpp writes with this excerpt from Fortune: Staples said Friday afternoon that nearly 1.16 million customer payment cards may have been affected in a data breach under investigation since October. The office-supply retailer said two months ago that it was working with law enforcement officials to look into a possible hacking of its customers' credit card data. Staples said in October that it had learned of a potential data theft at several of its U.S. stores after multiple banks noticed a pattern of payment card fraud suggesting the company computer systems had been breached. Now, Staples believes that point-of-sale systems at 115 Staples locations were infected with malware that thieves may have used to steal customers' names, payment card numbers, expiration dates and card verification codes, Staples said on Friday. At all but two of those stores, the malware would have had access to customer data for purchases made between August 10 and September 16 of this year. At the remaining two stores, the malware was active from July 20 through September 16, the company said.

Comment Re:Check your math. (Score 1) 880

by theskipper (#48598157) Attached to: Apparent Islamic Terrorism Strikes Sydney

None? Is civil disobedience a crime? By its very nature it is. So lots of Christians have committed lots of crimes over the years in the name of their religion. Over issues like civil rights, gays, school prayer, to name a few.

Now the shooting of abortion providers in the name of Christianity is of course an actual indisputable crime. Only a few, but in fairness you did express the extremist view and say none.
Advertising

Fraud Bots Cost Advertisers $6 Billion 190

Posted by samzenpus from the wanting-a-human-click dept.
Rambo Tribble writes A new report claims that almost a quarter of the "clicks" registered by digital advertisements are, in fact, from robots created by cyber crime networks to siphon off advertising dollars. The scale and sophistication of the attacks which were discovered caught the investigators by surprise. As one said, "What no one was anticipating is that the bots are extremely effective of looking like a high value consumer."
Security

New Destover Malware Signed By Stolen Sony Certificate 80

Posted by Soulskill from the everything-but-the-kitchen-sink dept.
Trailrunner7 writes: Researchers have discovered a new version of the Destover malware that was used in the recent Sony Pictures Entertainment breaches, and in an ironic twist, the sample is signed by a legitimate certificate stolen from Sony. The new sample is essentially identical to an earlier version of Destover that was not signed. Destover has been used in a variety of attacks in recent years and it's representative of the genre of malware that doesn't just compromise machines and steal data, but can destroy information as well. The attackers who have claimed credit for the attack on Sony have spent the last couple of weeks gradually releasing large amounts of information stolen in the breach, including unreleased movies, personal data of Sony employees and sensitive security information such as digital certificates and passwords. The new, signed version of Destover appears to have been compiled in July and was signed on Dec. 5, the day after Kaspersky Lab published an analysis of the known samples of the malware.

Slashdot Top Deals

If you think the system is working, ask someone who's waiting for a prompt.

Close