Oh Look, Sony Hacked Again, Site Used For Phishing
from the count-the-hacks dept
Late on Friday, the news came out that Sony had been hacked yet again, and this time the hacked site was being used for phishing. This was totally unrelated to the PlayStation Network hacks, but involved a website for Sony Thailand. Still, given all the trouble Sony has had lately keeping its systems secure, this seems to just add another layer to the stack of questions about Sony’s technical competence.
Comments on “Oh Look, Sony Hacked Again, Site Used For Phishing”
Gotta keep their series of tubes more secure than that.
Re: Re:
Sony getting hacked is now old news, nobody cares anymore, we take for granted that they will get hacked at least once a week now. Boring. Techdirt needs to stop reporting this already.
Re: Re: Re:
(It’s cluttering up his blog).
Sony's bold new plan
Open source personal data.
Re: Sony's bold new plan
Maybe this is how we get the government to make good on their promise of “transparency”?
Oh and after “securing” their network, and all of the bad PR as it kept expanding… they fell victim to a SQL injection attack on yet another one of their sites.
Oh and it seems they had a habit of not encrypting passwords and such… best security practices are for other companies I guess.
This time the lucky site was Sony Music in Greece.
source –
http://it.slashdot.org/story/11/05/23/0237224/Sony-Music-Greece-Falls-To-Hackers
Re: Re:
This is just bad…SQL injection is very very preventable, it just shows extreme apathy.
ya know they eventually just gonna find that some Microsoft employee did this particular hack just so they can laugh at Sony’s insecurity system more
Re: Re:
“ya know they eventually just gonna find that some Microsoft employee did this particular hack just so they can laugh at Sony’s insecurity system more”
Yeah, it was obviously a conspiracy theory. The SQL injection was fired from the Grassy Node….
Re: Re: Re:
Grassy node — heh heh heh
Re: Re: Re:
Which one? MiT, or Silicon Valley?
Re: Re: Re:
WTF? There was a 2nd injector??
Re: Re: Re: Re:
Of course there was. Look at the attack that actually went through. You can see how the network traffic all of the sudden shapes back and to the left….back and to the left….back and to the left….
Re: Re: Re:2 Re:
you damn conspiracy theorists…
everyone knows it was anon using a old outdated and slow loic from the 6th floor of the data center.
just accept the ‘official’ story they want you to accept already would ya?
Re: Re: Re:3 Re:
I’m pretty sure it was Zero Cool with a bolt-action Xerox mouse…
Re: Re: Re:4 Re:
the dpi is low, no way they could have clicked attack in that kind of succession, not even a trained army IT professionals have that kind of click speed. Someone was definitely on the grassy node.
Re: Re: Re:5 Re:
look, just because you ‘think’ you may have seen a puff of ethernet near the default gateway behind the grassy node doesnt mean its evidence of anything…
Re: Re: Re:2 Re:
But wasn’t it proven that the jet of information would force the server in the direction of the ping’s origin?
Quote Scotty: “I know this ship like the back of my..(CLUNK)”
Re: Re:
Which is one reason that movie is considered apocryphal at best (and apo-crap-ful normally).
Sony Spokesperson to audience: “I can assure you that our security has been corrected. You can rest assured that your personal data is now secure.”
*Receives a note from staff. Looks at note and quietly mumbles angrily to self, briefly looks at crowd, gives a short smile, and angrily stomps away in a hurry.
Sony didn’t want to pay top dollar for Network Security, It’s really as simple as that. These aren’t problems Executives Project Managers should ever have to worry about, unless they’re being cheap with IT or have an incompetent HR staff, which also may be a result of being cheap.
Spend the money, protect your investments, make some jobs, keep hacking. Wash, rinse, repeat.
Re: Re:
No the people up on high believe that they are protected from these sorts of things.
They cut away department budgets to get a bonus, and when this happens they start screaming at the 1 guy left in the system security department.
Sadly that guy is someones nephew who knew how to make a MySpace account so he knew everything about computers.
As this did not hurt their paychecks directly, its a nonissue. Its the same thought pattern that we saw when the housing bubble popped. As long as I am getting paid, who cares how the sausage is made.
My dream is that the online Internet presents of Sony is destroyed.
That they are forced into chapter 7 and liquidated.
UGH
First thing you learn to do when securing a PHP/etc website is to block SQL injections… FIRST THING… I mean … ABSOLUTE FIRST… maybe after using a firewall, and not using plain text passwords… but it isn’t like SONY would fail at any of these 3……….
UGH… the stupidity hurts my head
I guess paybacks a bitch
Hmm not that all the data breaches are related to the PS3 hack and Geo hatz. I do think it has the possibility. Sony got information on everyone that put money into his defense fund. This likely pissed people off. Sure seems like Sony’s lost way more money and respect than if they would have just kept the Linux support for the PS3. Though I do think they should have been using actual security when it comes to storing customer data. Wonder if anything else Sony related will be hacked. Looks like the can of worms has been opened.