Professional Documents
Culture Documents
Weekly Stealienews (2nd Week Nov 2021)
Weekly Stealienews (2nd Week Nov 2021)
STEALIENEWS
Week -2 November 15th 2021 Issue #0211
Back-to-Back PlayStation 5
Hacks Hit on the Same Day
In a subsequent tweet, the group claimed that “Hackers may have just made
BY: STEALIEN INDONESIA it “…got all (symmetric) ps5 root keys.” some big strides towards
FlailOverflow wrote, possibly jailbreaking the
A pair of PlayStation 5 breaches shows the “They can all be obtained from PlayStation 5 over the
consoles don’t have protection from attackers software — including per-console weekend,”
taking over its most basic functions. root key, if you look hard enough!” Schneier wrote about the breaches.
Both exploits were posted on Twitter on Nov. 7
without disclosure to Sony or specifics, but they
The message is practically a dare for other “Decrypted firmware which is
would-be hackers to try to access decrypted
nonetheless signal potential security problems to firmware files for themselves.
possible through
come for the gaming giant. PS5 Kernel Exploit FailOverFlow’s keys, would
FailOverFlow, which has already earned a The second hack was also posted on Twitter potentially allow for hackers to
reputation as a prolific PlayStation jailbreaker on Nov. 7 by Google security engineer Andy
group, posted a Nov. 7 tweet which appeared to further reverse-engineer the
Nguyen, who is also known widely in hacker
contain the PS5 firmware symmetric root keys: circles as TheFlow. He was apparently able to
PS5 software and potentially
access the PlayStation 5 “Debug Settings” develop the sorts of hacks that
menu, indicating he has a PS5 kernel exploit. allowed for things like installing
Wolo, which first reported on both breaches, Linux, emulators or even
pointed out this menu is typically only
on testkit devices and allows quality assurance pirated games on past Sony
and development teams to install package files consoles.”
on the Sony PlayStation 5. Schneier added that he doesn’t think
“But it can be enabled on retail consoles by a hack-proof computer system will ever
patching some flags, located at specific be a reality.
addresses in the firmware at Runtime,” “Especially when the system is
according to Wololo’s the Guardian.
Is Securing the PS5 Even Possible?
physically in the hands of the
Both breaches put threat actors well on their hackers,” Schneier said. “The
way to installing pirated games, running Sony Playstation 5 is the latest
emulators and more, according to public- example.”
interest technologist Bruce Schneier.
Page 1
Monday November 15, 2021 STEALIENEWS Issue #0211
IT SECURITY TIPS What makes social engineering so dangerous • Do not open any emails from untrusted
is that it preys on human error, much more of sources. Sound advice under any
a wild card—and much harder to track—than circumstances.
Social engineering refers to a broad taking advantage of vulnerabilities in software
and operating systems. • If an offer seems too good to be true,
spectrum of malicious activities using
assume it is.
psychological manipulation to trick users Social Engineering bad guys try to get at users
into giving away sensitive information. through human psychology and preying on • Lock your laptop whenever you are away
Perpetrators are particularly patient, curiosity. It’s important to go into all cyber- from your workstation.
waiting in the weeds, collecting data and situations with your eyes wide open because
background information on their intended only the users and employees can counter • Make sure your antivirus/malware software
victims. these attacks. is up to date.
Then they gain the victim’s trust and Here are several tips employees can keep in • Be vigilant about cyber security.
provide seemingly harmless reasons for mind to protect themselves (and your
their victims to give up sensitive business):
information.
Page 2
Monday November 15, 2021 STEALIENEWS Issue #0211
Page 3