Tag Archives: hack

Tech

2014 cyberattack to cost Sony $35M in IT repairs

Leave a comment

Boosted by iPhone 6 image sensor demand, Sony said its earnings won’t be greatly affected by the cyberattack

Sony has put an estimate to the damage caused by the massive cyberattack against Sony Pictures Entertainment last year — $35 million.

While Sony said in an earnings report that the hack would cost $15 million “in investigation and remediation costs” for the quarter to Dec. 31, senior general manager Kazuhiko Takeda said Wednesday that the figure would be $35 million for the full fiscal year through March 31.

“The figure primarily covers costs such as those associated with restoring our financial and IT systems,” a spokesman at Sony’s Tokyo headquarters said later via email.

The U.S. Federal Bureau of Investigation held North Korea responsible for the attack, which came ahead of the planned release by Sony of a comedy movie about a plot to assassinate the country’s leader Kim Jong Un.

While the numbers for Sony’s Pictures segment are provisional, the company said Wednesday the damages weighed on the operating profit for the segment, which will be ¥54 billion (US$460 million) for the year ending March 31, up from ¥51.6 billion a year earlier.

“Sony believes that the impact of the cyberattack on its consolidated results for the fiscal year ending March 31, 2015 will not be material,” it said in the earnings report and updated forecasts for the year.

Sony’s other results were a mixed bag. The blockbuster sales of Apple’s iPhone 6 boosted demand for Sony’s image sensors, which power the phone’s camera system. That, combined with demand for PlayStation 4 consoles, encouraged Sony to reduce the net loss it predicts for the year to March 31 to ¥170 billion from the ¥230 it predicted in October. But that’s still worse than the ¥128 billion loss it posted for its previous fiscal year, when it incurred huge costs from exiting its Vaio PC business.

Sony said this week it would ramp up CMOS image sensor production capacity to about 80,000 wafers per month from the current 60,000 to meet smartphone demand.

Even though fourth-quarter sales of its Xperia smartphones rose year on year, Sony said it would cut 2,100 jobs in its struggling mobile communications segment, which will post a net loss of ¥215 billion for its fiscal year to March 31.

“In overall electronics excluding mobile, results are improving due partially to the impact of restructuring,” Chief Financial Officer Kenichiro Yoshida told an investor briefing.

MCTS Training, MCITP Trainnig

Best Microsoft MCTS Certification, Microsoft MCITP Training at certkingdom.com

Microsoft

Windows XP hack resurrects patches for retired OS

Leave a comment

But security researcher who tried the hack isn’t sure the fixes will actually keep exploits at bay

A simple hack of Windows XP tricks Microsoft’s update service into delivering patches intended for a close cousin of the aged OS, potentially extending support for some components until 2019, a security researcher confirmed today.

What’s unclear is whether those patches actually protect a Windows XP PC against cyber criminals’ exploits.

The hack, which has circulated since last week — first on a German-language discussion forum, then elsewhere as word spread — fools Microsoft’s Windows Update service into believing that the PC is actually running a close relation of XP, called “Windows Embedded POSReady 2009.”

Unlike Windows XP, which was retired from security support April 8 and no longer receives patches, Embedded POSReady 2009 is due patches until April 9, 2019.

As its name implies, POSReady 2009 is used as the OS for devices such as cash registers — aka point-of-sale systems — and ATMs. Because it’s based on Windows XP Service Pack 3 (SP3), the last supported version of the 13-year-old OS, its security patches are a superset of those that would have been shipped to XP users if support was still in place. Many of POSReady 2009’s patches are similar, if not identical, to those still offered to enterprises and governments that have paid Microsoft for post-retirement XP support.

Jerome Segura, a senior security researcher at Malwarebytes, an anti-malware software vendor, tried out the hack and came away impressed.

“The system is stable, no crashes, no blue screens,” Segura said in an interview, talking about the Windows XP virtual machine whose updates he resurrected with the hack. “I saw no warnings or error messages when I applied patches for .Net and Internet Explorer 8.”

The Internet Explorer 8 (IE8) update Segura applied appeared to be the same one Microsoft released May 13 for other versions of Windows, including POSReady 2009, but did not deliver to Windows XP.

But although he has run the hacked XP for several days now without any noticeable problems, he wasn’t willing to give the trick a passing grade.

“[POSReady 2009] is not Windows XP, so we don’t know if its patches fully protect XP customers,” Segura said. “From an exploit point of view, when those vulnerabilities are exploited in the wild, will this patch protect PCs or will they be infected? That would be the ultimate proof.”

Microsoft, not surprisingly, took a dim view of the hack.

“We recently became aware of a hack that purportedly aims to provide security updates to Windows XP customers,” a company spokesperson said in an email. “The security updates that could be installed are intended for Windows Embedded and Windows Server 2003 customers and do not fully protect Windows XP customers. Windows XP customers also run a significant risk of functionality issues with their machines if they install these updates, as they are not tested against Windows XP.”

 

Best Microsoft MCTS Training – Microsoft MCITP Training at Certkingdom.com