The Sony Pictures hack takes a new uglier twist. We get some details on the type of data leaked & speculate if it was possibly an inside job. Also, researchers claim Iran has completely owned critical systems in 15 different nations.
Plus we celebrate episode 100 & feature a fun Kickstarter of the week!
Direct Download:
MP3 Audio | OGG Audio | Video | HD Video | Torrent | YouTube
RSS Feeds:
MP3 Feed | OGG Feed | iTunes Feed | Video Feed | Torrent Feed
Become a supporter on Patreon:
Show Notes:
Sony Pictures hack gets uglier; North Korea won’t deny responsibility [Update] | Ars Technica
More evidence has emerged that makes the Sony Pictures hack look similar to a suspected attack on South Korean companies over a year ago. And a spokesperson for the North Korean government, rather than denying his country’s involvement, is playing coy as the damage to Sony appears to be growing daily.
When contacted by the BBC, a spokesperson for North Korea’s mission to the United Nations said, “The hostile forces are relating everything to [North Korea]. I kindly advise you to just wait and see.”
The attackers also posted archive files online containing least 25 gigabytes of data from Sony’s network.
In an email to Ars that included a link to an archive of some of the stolen Sony Pictures data, an individual claiming to be “the boss” of the attackers known as GOP claimed that “tens of TB” of files had been exfiltrated, and would be shared as soon as possible.] Some of those files included Excel spreadsheets and screen grabs from mainframe terminal sessions including employee payroll and medical data.
An archive of files seen by Ars —approximately a gigabyte of sales data , the most recent of which dates to April of this year, and stretches back over 5 years. The files, which have metadata indicating they were produced using a Sony Pictures Entertainment corporate license of Microsoft Office, include corporate PowerPoint templates, image files of contracts for television deals (including local affiliate contracts for “Dr. Oz” and “Seinfeld” reruns) sent by fax machine, and a file from a salesman’s computer called “Passwords.doc.”
The document, last edited by a woman whose LinkedIn account indicates she was a Sony Pictures ad sales assistant in 2011, includes her bosses’ American Express card number and online account information, Lotus Notes usernames and passwords (one of them is “password,” the other is “s0ny123”), Sony network login and password, and their fax numbers. One of those bosses is the current Vice President of Syndication Sales for Sony Pictures Television.
In a phone conversation with Ars, the co-founder and Chief Operating Officer of analytics firm Security Scorecard, said that evidence suggested to him that there was at least some insider involvement in the attack. “From a psychological perspective, this attack is invoking emotions that may apply to employees of Sony as well. It may likely have been someone internal leaking the information because they knew how to get to it, rather than it being an outside attacker.”
Critical networks in US, 15 other nations, completely owned, possibly by Iran | Ars Technica
For more than two years, pro-Iranian hackers have penetrated some of the world’s most sensitive computer networks, including those operated by a US-based airline, auto maker, natural gas producer, defense contractor, and military installation, security researchers said.
In many cases, “Operation Cleaver,” as the sustained hacking campaign is being dubbed, has attained the highest levels of system access of targets located in 16 countries total, according to a report published Tuesday by security firm Cylance. Compromised systems in the ongoing attacks include Active Directory domain controllers that store employee login credentials, servers running Microsoft Windows and Linux, routers, switches, and virtual private networks. With more than 50 victims that include airports, hospitals, telecommunications providers, chemical companies, and governments, the Iranian-backed hackers are reported to have extraordinary control over much of the world’s critical infrastructure.
Tuesday’s 86-page report relies on circumstantial evidence to arrive at the conclusion that the 20 or more hackers participating in Operation Cleaver are backed by Iran’s government.
Many of the custom-configured hacking tools they use issue warnings when their external IP addresses trace back to the Middle Eastern country. The infrastructure supporting the vast campaign is too sprawling to be the work of a lone individual or small group; it could only have been sponsored by a nation state.
In all, 50 targets in 16 countries are known to have been compromised. The tally includes 10 victims in the US, four in Israel, and five in Pakistan.
Roku still tops as sales of streaming-media players rise – CNET
During the first three quarters of 2014, 10 percent of US households with a broadband connection bought at least one streaming-media player, market researcher Parks Associates said Tuesday.
Roku’s lineup of set-top boxes and streaming sticks was still the most popular so far this year despite a strong dip, securing 29 percent of sales in the first nine months. Google’s Chromecast stick leaped onto the scene, snagging the No. 2 spot with 20 percent share and stealing Apple TV’s previous slot. The Apple TV box fell to third place with 17 percent share. Amazon’s Fire TV box and stick, also new on the scene, came in fourth place with 10 percent share.
Roku, which has been the dominant force since 2012, saw its market share slip from 46 percent last year to 29 percent in the first nine months of 2014. Apple TV also slipped from 26 percent last year to 17 percent so far this year. They both lost share as Google’s Chromecast and Amazon’s Fire TV have come on strong.
KICKSTATER OF THE WEEK: HANSNAP “Use Your Smartphone Better!” by Justis Earle — Kickstarter
Handsfree video and photography with your smartphone. Use all your phone features better in every situation ~ Capture your Imagination!