Shadow Brokers threaten to unleash more hacking tools | Technology | The Guardian

The so-called Shadow Brokers, who claimed responsibility for releasing NSA tools that were used to spread the WannaCry ransomware through the NHS and across the world, said they have a new suite of tools and vulnerabilities in newer software. The possible targets include Microsoft’s Windows 10, which was unaffected by the initial attack and is on at least 500m devices around the world.

Fuente: Shadow Brokers threaten to unleash more hacking tools | Technology | The Guardian


Digital gold: why hackers love Bitcoin | Technology | The Guardian

The WannaCry ransomware attackers demanded payment in the cryptocurrency. But its use in the ‘clean’ economy is growing, too, and could revolutionise how we use money

Fuente: Digital gold: why hackers love Bitcoin | Technology | The Guardian


Leaked NSA Malware Is Helping Hijack Computers Around the World

In mid-April, an arsenal of powerful software tools apparently designed by the NSA to infect and control Windows computers was leaked by an entity known only as the “Shadow Brokers.” Not even a whole month later, the hypothetical threat that criminals would use the tools against the general public has become real, and tens of thousands of computers worldwide are now crippled by an unknown party demanding ransom.

Fuente: Leaked NSA Malware Is Helping Hijack Computers Around the World


Microsoft responsabiliza a la Agencia de Seguridad Nacional de EE.UU. de propiciar el ciberataque masivo que afectó al menos a 150 países – El Mostrador

El gigante de la informática criticó el papel de los gobiernos y organizaciones que coleccionan vulnerabilidades informáticas que después pueden ser robadas o vendidas a delincuentes informáticos. La empresa pide que lo sucedido sea una lección para erradicar esta práctica en el mundo.

Fuente: Microsoft responsabiliza a la Agencia de Seguridad Nacional de EE.UU. de propiciar el ciberataque masivo que afectó al menos a 150 países – El Mostrador


WannaCry: por qué los expertos creen que puede haber otro ciberataque muy pronto – El Mostrador

Expertos en informática advierten que un nuevo ataque global con un brote de ransomware es “inminente” y que incluso podría ser lanzado el lunes. BBC Mundo te cuenta los detalles y cómo protegerte de estos virus.

Fuente: WannaCry: por qué los expertos creen que puede haber otro ciberataque muy pronto – El Mostrador


El ciberataque de escala mundial y “dimensión nunca antes vista” que afectó a instituciones y empresas de casi 100 países – El Mostrador

Un ciberataque “de dimensión nunca antes vista” logró este viernes bloquear el acceso a los sistemas informáticos de instituciones estatales y empresas de varios países.La policía europea, Europol, indicó que el ciberataque era de una escala “sin precedentes” y advirtió que una “compleja investigación internacional” era necesaria para “identificar a los culpables”.

Fuente: El ciberataque de escala mundial y “dimensión nunca antes vista” que afectó a instituciones y empresas de casi 100 países – El Mostrador


PlayStation Network back online, while Lizard hacker group basks in limelight | Technology | The Guardian

PlayStation Network back online, while Lizard hacker group basks in limelight | Technology | The Guardian.

The PlayStation Network, which provides the online infrastructure for Sony’s games consoles, is back online after a cyber assault on Christmas Eve. Photograph: Chesnot/Getty Images

The PlayStation Network is back online … for now.

The global gaming service used by 110m people was brought down on Christmas Eve, seemingly by a hacking group calling itself Lizard Squad. On Sunday however, Sony assured customers via its PlayStation blog that the system was now functioning.

The company also admitted for the first time that the disruption was caused by hackers who used a distributed denial of service (DDoS) attack to flood the PlayStation servers with traffic, bringing access to a halt.

“As you probably know, PlayStation Network and some other gaming services were attacked over the holidays with artificially high levels of traffic designed to disrupt connectivity and online gameplay,” read the post. “This may have prevented your access to the network and its services over the last few days.”

Microsoft’s Xbox Live infrastructure was also attacked, reportedly by the same group, which revelled in its achievement via a series of tweets throughout Christmas day. However, the Xbox online infrastructure was functioning again by Boxing Day.

Formed in mid-2013, Lizard Squad has been stepping up its media profile in the wake of the Christmas attacks. In a series of interviews, two self-declared founding members have claimed that their motivations are amusement, and to highlight the security weaknesses of the systems.

“If I was working [at Microsoft or Sony] and had a big enough budget, I could totally stop these attacks,” “Ryan Cleary” (a pseudonym borrowed from an infamous LulzSec hacker) claimed to tech news site Daily Dot. “I’d buy more bandwidth, some specific equipment, and configure it correctly. It’s just about programming skill. With an attack of this scale, it could go up to the millions. But that’s really no problem for Sony and Microsoft.”

Speaking to Sky News, “Cleary” added, “These companies make tens of millions every month from subscriber fees and that doesn’t even include purchases made by their customers.

“They should have more than enough funding to be able to protect against these attacks.”

Lizard Squad has claimed that its actions against Sony and Microsoft were more sophisticated than standard DDoS attacks, which don’t usually require hackers to gain access to the target’s online infrastructure.

“There’s plenty of people saying we’re not hackers and DDoS isn’t hacking. For attacks of this scale, you can’t really do them without either having access to insane amounts of funding or being able to gain access to the computers via hacking,” “Cleary” said to Daily Dot. “You can’t just do DDoS attacks from your home computer. It doesn’t work.”

The group has even suggested that it has access to undersea cables that facilitate internet connections between the US and Europe.

But its appetite for fame may prove to be Lizard Squad’s undoing, after security journalist Brian Krebs claims to have uncovered the possible true identities of at least two members, both of whom have conducted TV interviews in the wake of the attacks.


Xbox live and Playstation attack: Christmas ruined for millions of gamers | Technology | The Guardian

Xbox live and Playstation attack: Christmas ruined for millions of gamers | Technology | The Guardian.

Millions of gamers could not use their PlayStation 4 after an apparent cyber-attack at Christmas

 Millions of gamers could not use their PlayStation 4 after an apparent cyber-attack at Christmas. Photograph: Chesnot/Getty Images

Millions of people could not use their games consoles for a second day as disruption on the Xbox Live and Sony Playstation networks continued after an apparent cyber-attack.

A group calling itself Lizard Squad claimed responsibility for bringing down both networks on Christmas Eve, which could have affected nearly 160 million gamers.

Even an intervention by eccentric internet entrepreneur Kim Dotcom, who offered the hackers free lifetime use of his file storage service, does not appear to have ended the attack. Known as a distributed denial of service, or DDOS, the attack is overloading the systems of both services by generating fake access requests.

Such an attack can prevent people from playing games even when they have a physical copy as newer consoles often require online authentication as an anti-piracy measure.


Microsoft reconoce un fallo de seguridad en el navegador Explorer | Tecnología | EL PAÍS

Microsoft reconoce un fallo de seguridad en el navegador Explorer | Tecnología | EL PAÍS.

Madrid 28 ABR 2014 – 09:42 CET

Microsoft trata de corregir un error en su navegador Internet Explorer después de que una firma de seguridad informática revelara un fallo en el programa, asegurando que algunos hackers lo están aprovechando con algunas empresas estadounidenses.

 

La gravedad del fallo es aún mayor porque los ordenadores con el sistema operativo Windows XP ya no reciben actualizaciones, ya que a principios de mes dejó de darle soporte técnico, después de 13 años de vida. Como el sistema sigue funcionamiento, la expansión del fallo aún es mayor. Las empresas de seguridad estiman que entre el 15% y el 25% de los ordenadores del mundo aún funcionan con Windows XP.

 

Microsoft reveló el sábado sus planes para solucionar el error, que, según dijo, está presente en las versiones de Internet Explorer 6 a 11 . Esas versiones son las más populares en los ordenadores fijos, con el 55% del total, según NetMarketShare.

 

La firma de seguridad FireEye dijo que un grupo de hackers sofisticados ha estado explotando el fallo. FireEye, cuya división Mandiant ayuda a las empresas a responder a los ataques cibernéticos, se negó a nombrar a las víctimas específicas o a identificar el grupo de hackers.

 

“Es una campaña de ataques dirigidos aparentemente contra las empresas con sede en EE.UU., ligadas a la defensa y al sector financiero”, dijo el portavoz de FireEye, Vitor De Souza, por correo electrónico. “No está claro cuáles son los motivos de este grupo de ataques, aunque podría ser la recolección de datos sensibles”.

 

Microsoft explicó que la vulnerabilidad podría permitir a un atacante tomar el control completo de un sistema afectado y, a continuación, suprimir datos, instalar programas maliciosos o crear cuentas que darían a los hackers todos los datos del usuario.

El fabricante de software, en un comunicado enviado a Reuters, pidió que los usuarios de Windows XP se actualicen a las dos versiones más recientes de su sistema operativo, Windows 7 y 8. OTra solución, que no ha querido dar Microsoft, es cambiarse de navegador.