English
The Internet threat alert status is currently normal. At present, no major epidemics or other serious incidents have been recorded by Kaspersky Lab’s monitoring service. Internet threat level: 1
Latest posting
By rating
By popularity

Join our blog

You can contribute to our blog if you have +100 points. Comment on articles and blogposts, and other users will rate your comments. You receive points for positive ratings.

0.4
 

With the Xbox One having landed in many countries, it's time to have a closer look at the new console generation. The Xbox One is equipped with two virtualized operating systems, both running on a hypervisor: the core system for gaming and a slimmed down version of Windows 8 for the app landscape. It is also planned to make it compatible with apps originally made for Windows Phone. It will also be interesting to see the level of platform sharing with Windows 8 and therefore the compatibility for malware targeting existing Windows systems. This, however, is still something yet to be explored.

There have already been malware attacks on games consoles in the past. Like Trojans for the Nintendo DS and Sony PSP as well as proof of concept attacks against the Nintendo Wii, in which the console was used as a door opener to breach corporate networks, as shown at BlackHat in 2010. The malware, however, was seldom seen in the wild and needed a -homebrew- firmware first, in order to be able to execute pirated games v this is the way the malware was disguised and it was then spread via torrents and other file sharing networks. This meant high barriers for malware authors and the reason for the low infection rates. However, the high interconnectivity of modern consoles, like apps for Twitter, Facebook, Youtube, chat tools and video conferencing like Skype opens doors and makes them more vulnerable to attacks.

Publications|The Top 10 Security Stories of 2011

Costin Raiu
Kaspersky Lab Expert
Posted January 04, 09:08  GMT
Tags: Google, Adobe, Microsoft, Apple, RedHat, Comodo, Sony
0.2
 

As we turn the page to 2012, it makes sense to sit back and take a look at what happened during the past twelve months in the IT Security world. If we were to summarize the year in one word, I think it would probably be “explosive.” The multitude of incidents, stories, facts, new trends and intriguing actors is so big that it makes it very hard to crack into top 10 of security stories of 2011.
Follow me on Twitter
What I was aiming for with this list is to remember the stories that also indicate major trends or the emergence of major actors on the security scene. By looking at these stories, we can get an idea of what will happen in 2012.

Webcasts|Lab Matters - Inside the Sony Hack

Ryan Naraine
Kaspersky Lab Expert
Posted November 02, 10:33  GMT
Tags: Gaming Consoles, Sony
0.2
 

Tim Armstrong looks at the timeline of the Sony breach and pieces together the relevant details at each point in time. He discusses the known facts of the case and the potential future fallout.

Comment      Link

Incidents|Return of the Hack, Playstation Accounts breached again

Tim
Kaspersky Lab Expert
Posted October 13, 14:28  GMT
Tags: Sony
0.5
 

Sony has reported that it has had a number of sign-in attempts on accounts belonging to users on its various networks. In a statement on the Sony site it was revealed that “Sony Network Entertainment International LLC and Sony Online Entertainment (SOE) have detected a large amount of unauthorized sign-in attempts on PlayStation®Network (PSN), Sony Entertainment Network (SEN) and Sony Online Entertainment (SOE) services.”

Incidents|Return of the Playstation Network

Tim
Kaspersky Lab Expert
Posted May 17, 15:28  GMT
Tags: Gaming Consoles, Sony
0.4
 

Today is May 17, almost exactly a month after the massive breach of Sony’s PSN network. If you live in North America then you may be pleased to know that the Playstation network has finally come back online. Due to the enormous amount of subscribers to the service, the restart has been a bit shaky, with reports of password reset emails clogging ISP mail servers. Despite the hiccups, it seems that the service is gradually returning.

If you are a customer of the Sony service, you will need to immediately change your password as well as install a firmware update to your system. Sony has pledged a much stronger security environment to its customers and partners, and this appears to be the beginning of many changes. Sony has previously stated that they have rebuilt the entire network from scratch and moved their PSN infrastructure to a new data center in an undisclosed location. I’m not sure why this emphasis on security wasn’t a focus of the original model, but maybe Sony can prevent future mishaps. Perhaps all the additional outside scrutiny will help, but only time will tell.

Incidents|Playstation data for sale?

David Jacoby
Kaspersky Lab Expert
Posted April 29, 14:10  GMT
Tags: Gaming Consoles, Sony
0.1
 

In the past few days we have read about how the Playstation Network has been hacked, and very sensitive information such as credit card information has been stolen. We are now seeing more activity in the underground community. According to a forum post at PSX-scene rumors are spreading that the stolen information also includes the CCV2 numbers. A user on the underground forum Darkode says that the format of the stolen data would supposedly be:fname, lnam, address, zip, country, phone, email, password, dob, ccnum, CVV2, exp date

But In a statement from Sony on their playstation-blog they write that the hacker does not have access to the CCV2 code, the statement follows:

“Although we are still investigating the details of this incident, we believe that an unauthorized person has obtained the following information that you provided: name, address (city, state, zip), country, email address, birthdate, PlayStation Network/Qriocity password and login, and handle/PSN online ID. It is also possible that your profile data, including purchase history and billing address (city, state, zip), and your PlayStation Network/Qriocity password security answers may have been obtained. If you have authorized a sub-account for your dependent, the same data with respect to your dependent may have been obtained. While there is no evidence at this time that credit card data was taken, we cannot rule out the possibility. If you have provided your credit card data through PlayStation Network or Qriocity, out of an abundance of caution we are advising you that your credit card number (excluding security code) and expiration date may have been obtained.

The question is who is correct?

I would recommend everyone with a PSN account to request a new card from your bank, and if you use the same password for Facebook, MSN, email or forums that you used on the PSN I would recommend thatyou change it on those other sites.
Comment      Link