Incidents

Return of the Hack, Playstation Accounts breached again

Sony has reported that it has had a number of sign-in attempts on accounts belonging to users on its various networks. In a statement on the Sony site it was revealed that “Sony Network Entertainment International LLC and Sony Online Entertainment (SOE) have detected a large amount of unauthorized sign-in attempts on PlayStation®Network (PSN), Sony Entertainment Network (SEN) and Sony Online Entertainment (SOE) services.”

Approximately 93,000 user accounts were successfully breached, and Sony has responded by locking those accounts. Sony further explains that none of the credit card details for any of the accounts are at risk, and that “These attempts appear to include a large amount of data obtained from one or more compromised lists from other companies, sites or sources.”

What is notable in this breach is Sony’s new candid nature in notifying the public and its users more quickly. After the companies slow response last April in responding to a breach that affected more than 70 million users, Sony likely wants to avoid the public relations disaster that ensued after its various networks and user databases were consecutively exploited at least 19 more times.

Sony will be notifying affected users about their locked accounts via email, and will require them to perform a password reset. We encourage users of the Playstation network to be careful in responding to email notifications from Sony as these types of situations provide an opportunity for scammers to collect login and password data and compromise your accounts. If you’re in any way concerned that your account may have been compromised, you should log in and change your password immediately.

Return of the Hack, Playstation Accounts breached again

Your email address will not be published. Required fields are marked *

 

Reports

The leap of a Cycldek-related threat actor

The investigation described in this article started with one such file which caught our attention due to the various improvements it brought to this well-known infection vector.

Lazarus targets defense industry with ThreatNeedle

In mid-2020, we realized that Lazarus was launching attacks on the defense industry using the ThreatNeedle cluster, an advanced malware cluster of Manuscrypt (a.k.a. NukeSped). While investigating this activity, we were able to observe the complete life cycle of an attack, uncovering more technical details and links to the group’s other campaigns.

Sunburst backdoor – code overlaps with Kazuar

While looking at the Sunburst backdoor, we discovered several features that overlap with a previously identified backdoor known as Kazuar. Our observations shows that Kazuar was used together with Turla tools during multiple breaches in past years.

Subscribe to our weekly e-mails

The hottest research right in your inbox