Welcome back Monkeynauts,


It's Monday, so that means I'm going to tell you to download my App, from the Apple App Store, before launching into the top stories the Pips found interesting last week. Let's take a look, shall we?



Let's start this week with something that might hit close to home for several of you, including your favorite Monkey twitter aggregate: Blizzard's Battle.net Hacked - Recommends All Users Change Passwords. This was the most retweeted article I saw on Friday, followed directly by Ars Technica's more in depth breakdown; Hackers collect significant account details from Blizzard servers. The fact that the hack exposed not only the passwords, but the personal security questions and answers, is the bit that I'm paying close attention to. Now, for those of you who haven't logged in to your Night Elf Mohawk in the past year, this might not be that dramatic of a breach for you. In any case, Blizzard is recommending that everyone with an account on Battle.net log in and change their passwords. Unlike a great deal of other high profile breaches of late - Blizzard was quick to respond and got information out to the public in a very timely manner, so lots of credit there.


If I wasn't already paranoid enough about my various passwords and security questions, I absolutely was after reading the full aftermath of Mat Honan's epic hack: How Apple and Amazon Security Flaws Led to My Epic Hacking. In a beautifully efficient and brutal attack, Mat's attackers took over his google accounts, deleted all of his gmail, wiped the data on his iPhone, iPad, and Macbook, and then took over his Gizmodo twitter. Granted, my monkey accounts are not nearly as valued as a Wired and Gizmodo writer, but the moment I finished reading this article I made sure to turn on Google's Two Step Verification. The main take away from this very detailed and startling moment by moment account of a hack? Better passwords wouldn't have helped Mat at all. In fact, the attacker actually gained access into the first account by knowing only two pieces of information - Mat's billing address, and the last four digits of one of his credit card numbers. With this data, Mat's attackers bluffed their way into Apple and Amazon's services, and then were able to get access to every piece of digital data he owned. If you're like me, you'll find yourself setting up backups and security questions this week to avoid the catastrophe following the rare chance that you're next on this list.


Using Amazon as the pivot point, apparently some shipping labels got mixed up in the last few weeks: Man Orders TV Through Amazon, Gets Assault Rifle. Now, really anywhere you fall on the gun rights debate - I think we can all agree that watching the latest season of Game of Thrones on an Sig Sauer rifle instead of the 39" flat screen you ordered is a bit difficult. The article is pretty hilarious, but as shocking as it must be to open a package expecting a television and seeing a gun- opening a package expecting a gun and finding anything other than a gun must involve a cold sweat moment like nothing else. Also, I know Amazon really does have everything, but semi-automatic assault rifles? I think the last thing I bought from them was a thumb drive and a sci-fi novel, so maybe I'm not their target audience.


Back to Wired again for a moment, the always excellent Kim Zetter has a follow up article on the new evolution of the Flame and Stuxnet malware: Flame and Stuxnet Cousin Targets Lebanese Bank Customers, Carries Mysterious Payload. Generally, I could just put a link to Wired's excellent Threat Level page, and be done with it, as they do a fantastic job week after week, but this requires special mention. This article, about this newly uncovered spyware named Gauss looks to be targeting banks in and around the Middle East. The mystery here is that the payload of the malware is encrypted, and as of yet remains uncracked. We'll be hearing more on this one once the encryption is broken and as more evidence of its appearance starts to show up.


Last two links this week:

How to Hack NASA's Curiosity Mars Rover | News & Opinion | PCMag.com

WikiLeaks.org is crippled under a massive DDoS. Is the TrapWire leak to blame? | Naked Security


Usually I end with something lighthearted and funny, but I really can't beat getting an assault rifle in the mail from Amazon, so we'll call it a day here. Have you found an interesting, funny, or thought provoking article that you'd like to share?  Send it my way, and we'll see if anyone is making mention of it on my App as well.