- Sony investigating Insomniac hack which reportedly leaked Wolverine files and employees’ personal data Eurogamer.net
- Leaked Insomniac Documents Could Suggest a Spider-Verse Game is in Development Insider Gaming
- Insomniac’s Upcoming WOLVERINE Game Victim Of Cyber Attack As Hackers Threaten To Ransom Game Leaks Insomniac’s Upcoming WOLVERINE Game Victim Of Cyber Attack As Hackers Threaten To Ransom Game Leaks CBM (Comic Book Movie)
- Bitcoin Ransom Threatens Spider-Man 2 Developer: Pay 50 BTC Or This Could Happen | Bitcoinist.com Bitcoinist
- Sony is investigating an alleged ransomware attack on Insomniac The Verge
Tag Archives: hack
Genshin Impact Kaveh hack explained as videos show hackers causing permanent damage to co-op players – Sportskeeda
- Genshin Impact Kaveh hack explained as videos show hackers causing permanent damage to co-op players Sportskeeda
- Genshin Impact: New “Kaveh Hack” Threatens Co-op Worlds with Permanent Object Deletion AFK Gaming
- Genshin Impact: A Kaveh Glitch is reportedly deleting in-game content permanently in Co-op GamingonPhone
- Genshin Impact exploit allows hackers to remove important objects ‘permanently’ from co-op world Sportskeeda
- Genshin Impact players believe hackers are “bricking” progress by deleting in-game exploration points Eurogamer.net
- View Full Coverage on Google News
Bitcoin, Ethereum, Dogecoin Traded Mixed Amid CRV Hack Drama: Analyst Says King Crypto ‘Screaming Up’ As – Benzinga
- Bitcoin, Ethereum, Dogecoin Traded Mixed Amid CRV Hack Drama: Analyst Says King Crypto ‘Screaming Up’ As Benzinga
- Bitcoin, Ethereum Technical Analysis: BTC, ETH Extend Declines on Saturday, as Markets React to Latest NFP Report – Market Updates Bitcoin News Bitcoin News
- Bitcoin price taps $29.3K as data shows ‘most resilient’ US jobs market Cointelegraph
- Bitcoin Clings to $29K After July Jobs Report CoinDesk
- A Look At Bitcoin, Ethereum And Dogecoin Into The Weekend As Stock Market Turns Lower – ProShares Trust U Benzinga
- View Full Coverage on Google News
Prince William Quietly Got ‘Very Large Sum’ From Murdoch Papers In Phone Hack Payout – HuffPost
- Prince William Quietly Got ‘Very Large Sum’ From Murdoch Papers In Phone Hack Payout HuffPost
- Prince Harry Dropped a Bombshell About Prince William That Should Have Everyone Questioning the Royal Family’s Close Ties to the Media Yahoo News
- Prince William SETTLED Prince Harry phone-hacking case for ‘very large sum’ in 2020 | Royal latest GBNews
- As Prince Harry battles the press, why have the other royals given up the fight? The Guardian
- Court documents reveal Prince William secretly paid a ‘large sum of money’ over phone-hacking claim Sunrise
- View Full Coverage on Google News
Oscar Sevilla revives retro puncture protection hack at Vuelta a San Juan
The pro peloton is a hotbed of futuristic technological advancement; the cutting edge of our sport with the fastest bikes, the lightest components and the most expensive accessories, all created by some of the brightest engineering minds in our sport.
Rare, then, is it that you see a rider dive into the history books and adopt a generations-old hack for puncture protection, but that’s exactly what Óscar Sevilla (Medellín-EPM) did at the Vuelta a San Juan.
In a video posted to the team’s Instagram ahead of the final stage, 46-year-old Sevilla proudly shows off his “trick”, in which he’s wrapped a few inches of electrical tape – at a cost of just a few cents – around the seat stays and fork legs of his $14,000 S-Works Tarmac SL7 race bike. The tape is positioned so precisely that it very nearly touches each tyre with the intention of ‘sweeping’ away any pieces of debris that are picked up from the road.
“This is a trick I learned here in Argentina,” Sevilla explains. “Nowadays you get a lot of thistles, little bits and pieces, and people walking around carry them on their shoes. And they cause a lot of punctures. So this nicks them off, cleans it.”
Sevilla’s hack is a makeshift replica of a small add-on accessory found on bikes from as far back as the 1940s, possibly further. Known as flint catchers, tyre sweepers, tyre wipers, and perhaps optimistically, even tyre savers, they were mounted to the brake mounting bolt and featured a small D-shaped wire that would wrap around the surface of the tyre.
Like Sevilla’s piece of tape, their purpose was to dislodge any larger pieces of debris that had attached themselves to the tyre before they could make their way around again and be pushed further into the tyre, where they would likely cause a puncture. While they went out of fashion long ago, it is still possible to buy them, with retro-connoisseurs Reneherse offering a pair for $18.00 (opens in new tab).
Interestingly, Sevilla’s bike is equipped with Roval Rapide CLX II aero wheels – as confirmed by this separate Instagram post – which are tubeless compatible. Despite this, and his apparent concerns surrounding punctures, Sevilla’s wheels are wrapped in the not-tubeless Specialized Turbo Cotton clincher tyres, which are well revered for their low rolling resistance, but not so well known for durability or puncture protection.
Specialized does make a number of tubeless-ready tyres, including the new Turbo range, so it’s unclear why Sevilla hasn’t simply taken advantage of the tech available to him. Perhaps the team didn’t have anything other than the Turbo Cotton tyres available, or perhaps Sevilla trusts his sweeper hack more than he trusts tubeless technology.
Whatever his reasoning, it seems to have worked. His teammate Miguel Angel Lopez went on to win the overall, and Sevilla himself finished safely in the bunch on the same time as the stage winner Sam Welsford.
PS5 Hack: Keys incoming for the mysterious CP Box?
Scene developer Zecoxao added some information to the “CP Box” page on the PS5 Dev Wiki today, and stated that hackers are working on extracting some of its encryption keys. Little is known (publicly) on the scene about this PS5 Development accessory, although it’s likely official PlayStation development studios know more specifically what it does.
What is the PS5 CP Box?
The CP Box is a black box with a USB C input, USB C output, ethernet and power cable, which connects to Test Kits. Its exact purpose is unknown on the scene, but there are theories.
There are two modes the CP Box can run in “Engineering Mode” and “Normal Mode”. In engineering mode the CP Box is simply plugged into power, with the USB-C Cable in the PS5. In Normal mode, the CP Box USB-C Port is plugged into a USB-C Portable Hard Drive, and the Ethernet is plugged into your router / network hub, and the USB-C Cable into the ps5. (source)
Pictures of the PS5 CP Box started appearing pretty soon in the console’s life cycle, with some pictures actually leaking before the actual console release. The internet being what it is unfortunately, a lot of the original sources are gone, but this article on TwistedVoxel has a copy of the pictures. They theorized at the time that this might have been an SSD for the console.
Early guesses also included a “Breakout Box for the PS VR”, and the scene’s current explanation is that this box could be possibly used to enable Dev mod on PS5 Test Kits, and/or maybe to check for account/hardware activation on Sony’s DevNet. From PS5 Dev wiki:
Although its unknown at the moment exactly what the CP Box is for – it is to enable dev mode on test and dev kits. possibly the ethernet connection is for checking activation online on DevNet? and the USB Hard Drive maybe for Packages? or games?
Or perhaps its related to the Communication Processor similar to that on the PSVita, maybe its just an external version of it? i dont know ;-;
The PS5 Dev Wiki mentions that these CP Boxes might not be needed for DevKits (only testkits), and that maybe the functionality is embedded in Dev Kits.
The NCC page for the DevKit makes no reference to a “CP Box” it appears to be built into it instead
I personally like this educated guess from user Farncone on Reddit:
As the “testing kit” is a normal PS5 as opposed to that V shaped development kit, and that small box has network indicators and a RJ-45 jack in it, it’s probably to facilitate a network testing scenario as the PSN for PS5 games is not enabled yet. Developers will have to test their online functions in a closed testing environment. Typically the network would have a PROD and DEV side for production/commercial fully tested games, and a development side. This looks like a box to enable the network testing in the DEV environment – and it would allow them to do this with the real PS5 testing model.
And this follow up by doctorlongghost in the same thread makes sense to me as well:
The one thing that comes to mind for this is that it could be used for throttling Internet. I’m a web developer and the main browsers all come with integrated dev tools that let you intentionally slow down your Internet so you can test your code to see how it performs on slower networks (like 3G/4G cell). So this could be for something like that. To let devs intentionally slow down or sever the network connection to the console.
Test Automation site Suite.st says they support PS5 Devkits and TestKits, for automation testing of HTML based applications (I’m thinking maybe media apps like Netflix, Disney+ et. al. might have some HTML-based pages?). On their help page for the PS5, they do mention the CP Box. So it could make sense that the box is here to test various network conditions through throttling mechanisms.
How is the CP Box relevant for PS5 Hacking?
It is unclear if the CP Box could be useful for PS5 Hacking. It is very likely that the PS5 firmware doesn’t inherently trust any accessory that gets plugged in to it, but it’s also possible that an official Sony component has a higher level of trust than other devices.
Either way, it won’t stop Reverse Engineers from trying, at least to extract as much information as possible from the box. Zecoxao has mentioned today that hackers are looking to extract some keys from the device’s firmware. He stated the keys will be published on the PS5 Dev wiki once available.
key retrieval of the CP Box firmware is currently underway. once it is successful, keys will be published on wiki
— Control_eXecute (@notzecoxao) January 28, 2023
Whatever comes out of this, stay tuned for more details!
References
- https://www.reddit.com/r/PSVR/comments/je2dfq/leak_of_ps5_dev_hardware_includes_mysterious/
- https://playstationdev.wiki/ps5devwiki/index.php/CP_Box
- https://www.psxhax.com/threads/ps5-cp-communication-processor-box-playstation-5-dev-prototype-images.9995/
- https://suite.st/docs/devices/playstation-5/
- https://twistedvoxel.com/ps5-black-dualsense-controller-testing-kit-images/
New iOS Tech Makes It Super Hard to Hack Your iCloud Login
Apple now lets you protect your Apple ID and iCloud account with hardware security keys, a physical login technology that offers maximum protection from hackers, identity thieves and snoops.
Hardware security keys are small physical devices that communicate with USB or Lightning ports or with NFC wireless data connections when you’re logging on to a device or in to an account. You must have keys in your possession to use them, so they’re effective at thwarting hackers trying to reach your account remotely. And because they won’t work on fake login sites, they can thwart phishing attacks that try to fool you into typing your password onto a counterfeit website.
Support for the keys arrived Monday with iOS 16.3 and MacOS 13.2, and on Tuesday, Apple published details on how to use security keys with iPhones, iPads and Macs. The company requires you to set up at least two keys.
The move follows hardware security key support from other tech companies, like Google, Microsoft, Twitter and Facebook parent Meta.
Apple has been working to tighten security in recent months, stung by iPhone breaches involving NSO Group’s Pegasus spyware. Apple’s Advanced Data Protection option arrived in December, giving a stronger encryption option to data stored and synced with iCloud. And in September, Apple added an iPhone Lockdown Mode that includes new guardrails on how your phone works to thwart outside attacks.
A big caveat, though: Although hardware security keys and the Advanced Data Protection program lock down your account better, they also mean Apple can’t help you recover access.
“This feature is designed for users who, often due to their public profile, face concerted threats to their online accounts, such as celebrities, journalists, and members of government,” Apple said in a statement. “This takes our two-factor authentication even further, preventing even an advanced attacker from obtaining a user’s second factor in a phishing scam.”
Industry tightens login security
The technology is part of an industrywide tightening of authentication procedures. Thousands of data breaches have shown the weaknesses of traditional passwords, and hackers now can thwart common two-factor authentication technologies like security codes sent by text message. Hardware security keys and another approach called passkeys offer peace of mind even when it comes to serious attacks like hackers gaining access to LastPass customers’ password manager files.
Hardware security keys have been around for years, but the Fast Identity Online, or FIDO, group has helped standardize the technology and integrate its use with websites and apps. One big advantage on the web is they’re linked to specific websites, for example Facebook or Twitter, so they thwart phishing attacks that try to get you to log in to fake websites. They’re the foundation for Google’s Advanced Protection Program, too, for those who want maximum security.
You need to pick the right hardware security keys for your devices. To communicate with relatively new models of both Macs and iPhones, a key that supports USB-C and NFC is a good option. Apple requires you to have two keys, but it isn’t a bad idea to have more in case you lose them. A single key can be used to authenticate to many different devices and services, like your Apple, Google and Microsoft accounts.
Yubico, the top maker of hardware security keys, announced on Tuesday two new FIDO-certified YubiKey models in its Security Key Series suited for consumers. They both support NFC, but the $29 model has a USB-C connector and the $25 model has an older style USB-A connector.
Google, Microsoft, Apple and other allies are also working to support a different FIDO authentication technology called passkeys. Passkeys are designed to replace passwords altogether, and they don’t require hardware security keys.
New iOS Login Tech Makes It Super Hard to Hack Your iCloud Account
Apple now lets you protect your Apple ID and iCloud account with hardware security keys, a significant upgrade for those who want maximum protection from hackers, identity thieves, or snoops.
Hardware security keys are small physical devices that communicate with USB or Lightning ports or with NFC wireless data connections when you’re logging on to a device or in to an account. Because you must have keys in your possession to use them, they’re effective at thwarting hackers trying to reach your account remotely. And they won’t work on fake login sites, so they can thwart phishing attacks that try to fool you into typing your password onto a counterfeit websites.
Support for the keys arrived Monday with iOS 16.3 and MacOS 13.2, and on Tuesday, Apple published details on how to use security keys with iPhones, iPads and Macs. The company requires you to set up at least two keys.
Apple has been working to tighten security in recent months, stung by iPhone breaches involving NSO Group’s Pegasus spyware. Apple’s Advanced Data Protection option arrived in December, giving a stronger encryption option to data stored and synced with iCloud. And in September, Apple added an iPhone Lockdown Mode that includes new guardrails on how your phone works to thwart outside attacks.
A big caveat, though: Although hardware security keys and the Advanced Data Protection program lock down your account better, they also mean Apple can’t help you recover access.
“This feature is designed for users who, often due to their public profile, face concerted threats to their online accounts, such as celebrities, journalists, and members of government,” Apple said in a statement. “This takes our two-factor authentication even further, preventing even an advanced attacker from obtaining a user’s second factor in a phishing scam.”
Industry tightens login security
The technology is part of an industrywide tightening of authentication procedures. Thousands of data breaches have shown the weaknesses of traditional passwords, and hackers now can thwart common two-factor authentication technologies like security codes sent by text message. Hardware security keys and another approach called passkeys offer peace of mind even to serious attacks like hackers gaining access to LastPass customers’ password manager files.
Hardware security keys have been around for years, but the Fast Identity Online, or FIDO, group has helped standardize the technology and integrate its use with websites and apps. One big advantage on the web is they’re linked to specific websites, for example Facebook or Twitter, so they thwart phishing attacks that try to get you to log in to fake websites. They’re the foundation for Google’s Advanced Protection Program, too, for those who want maximum security.
You need to pick the right hardware security keys for your devices. To communicate with relatively new models of both Macs and iPhones, a key that supports USB-C and NFC is a good option. Apple requires you to have two keys, but it isn’t a bad idea to have more in case you lose them. A single key can be used to authenticate to many different devices and services, like your Apple, Google and Microsoft accounts.
Yubico, the top maker of hardware security keys, announced on Tuesday two new FIDO-certified YubiKey models in its Security Key Series suited for consumers. They both support NFC, but the $29 model has a USB-C connector and the $25 model has an older style USB-A connector.
Google, Microsoft, Apple and other allies are also working to support a different FIDO authentication technology called passkeys. Passkeys are designed to replace passwords altogether, and they don’t require hardware security keys.
T-Mobile says investigating data breach involving 37 mln accounts
Jan 20 (Reuters) – T-Mobile (TMUS.O), the No.3 U.S. wireless carrier by subscribers, said on Thursday it was investigating a data breach involving 37 million postpaid and prepaid accounts and that it could incur significant costs related to the incident.
The company, which has more than 110 million subscribers, said it identified malicious activity on Jan. 5 and contained it within a day, adding that no sensitive data such as financial information was compromised.
However, some basic customer data — such as name, billing address, email and phone number — was obtained, and it had begun notifying impacted customers, said T-Mobile.
“Our investigation is still ongoing, but the malicious activity appears to be fully contained at this time, and there is currently no evidence that the bad actor was able to breach or compromise our systems or our network,” the company said.
The U.S. Federal Communications Commission (FCC) has opened an investigation into the data breach, the Wall Street Journal reported on Thursday, citing an FCC spokesperson.
FCC and T-Mobile did not immediately respond to Reuters’ requests for comment on the reported investigation.
“While these cybersecurity breaches may not be systemic in nature, their frequency of occurrence at T-Mobile is an alarming outlier relative to telecom peers,” said Neil Mack, senior analyst for Moody’s Investors Service.
“It could negatively impact customer behavior, cause churn to spike and potentially attract the scrutiny of the FCC and other regulators.”
Last year, T-Mobile agreed to pay $350 million and spend an additional $150 million to upgrade data security to settle litigation over a cyberattack in 2021 that compromised information belonging to an estimated 76.6 million people.
The Bellevue, Washington-based company’s shares fell 2% in after-hours trade.
Reporting by Eva Mathews and Lavanya Ahire in Bengaluru; Editing by Sriraj Kalluvila, Maju Samuel, Rashmi Aich and Savio D’Souza
Our Standards: The Thomson Reuters Trust Principles.
FTX Is Investigating a Potential Hack Amid Bankruptcy Filing
Bankrupt cryptocurrency exchange FTX is probing a potential hack and asked customers to stay off the FTX website, the company said. More than $400 million worth of crypto funds appears to be missing, according to crypto analytics firm Elliptic Enterprises Ltd.
The potential hack occurred Friday after FTX filed for bankruptcy. Ryne Miller, FTX US’s general counsel, said in a Saturday tweet that FTX and FTX US had started moving all digital assets to cold storage—crypto wallets that aren’t connected to the internet—after the bankruptcy filing.
FTX is “investigating abnormalities with wallet movements related to the consolidation of FTX balances across exchanges,” Mr. Miller said on Twitter. He called the movements unauthorized transactions and said the facts are still unclear. FTX will “share more info as soon as we have it,” he said.
A post in the exchange’s official Telegram channel called the fund flows a hack.
Approximately $473 million in crypto assets appeared to be taken from FTX without permission, according to
Tom Robinson,
co-founder of Elliptic. The tokens were quickly converted to ether, the second-largest cryptocurrency, on so-called decentralized exchanges.
Such platforms process transactions automatically, making them popular among hackers to prevent funds from being seized, he said.
—Caitlin Ostroff contributed to this article.
Write to Elaine Yu at elaine.yu@wsj.com and Vicky Ge Huang at vicky.huang@wsj.com
Copyright ©2022 Dow Jones & Company, Inc. All Rights Reserved. 87990cbe856818d5eddac44c7b1cdeb8