UK businesses shockingly unaware of how to handle security threats
Many decide to make no changes after detecting a breach
Cyber-crime
9 Apr 2024 | 23
nice write up
Just a couple of things.
"As a side note, Google’s web cache shows that Sony’s servers were up to date, so this whole theory may be bunk."
Not true, the Google cache only shows one server (Auth). Which was updated soon after the IRC chat happened. What wasn't updated were the other ones (Shop,account,content,patches, etc) and these have never been cached by Google. An Nmap revealed they were running apache 2.2.11 on all the core servers except the Auth obviously.
Sony would appear to have been watching the right channels for information about weaknesses, but they didn't do more than a token gesture towards keeping patched and up-to-date servers.
With regards to Rebug and SP-INT (Developer network) Sony have said that they weren't that concerned as it was an intentional bug on the developer network and until Rebug appeared there were no problems with the system of trust alone.
If this hack hadn't happened I'm quite sure Sony would have kept on coasting with the servers never getting more than a token patch on Auth and SP-INT cleansed every few months.
Biting the hand that feeds IT
