Newsletter
Join thousands of people who receive the latest breaking cybersecurity news every day.
The administrator of your personal data will be Threatpost, Inc., 500 Unicorn Park, Woburn, MA 01801. Detailed information on the processing of personal data can be found in the privacy policy. In addition, you will find them in the message confirming the subscription to the newsletter.
The administrator of your personal data will be Threatpost, Inc., 500 Unicorn Park, Woburn, MA 01801. Detailed information on the processing of personal data can be found in the privacy policy. In addition, you will find them in the message confirming the subscription to the newsletter.
Share this article:
Cyberattackers stole PS5 root keys and exploited the kernel, revealing rampant insecurity in gaming devices.
A pair of PlayStation 5 breaches shows the consoles don’t have protection from attackers taking over its most basic functions.
Both exploits were posted on Twitter on Nov. 7 without disclosure to Sony or specifics, but they nonetheless signal potential security problems to come for the gaming giant.
FailOverFlow, which has already earned a reputation as a prolific PlayStation jailbreaker group, posted a Nov. 7 tweet which appeared to contain the PS5 firmware symmetric root keys:
Another one bites the dust 😎 pic.twitter.com/Y1ty93AvaE
— fail0verflow (@fail0verflow) November 8, 2021

In a subsequent tweet, the group claimed that it “…got all (symmetric) ps5 root keys.” FlailOverflow wrote, “They can all be obtained from software — including per-console root key, if you look hard enough!”
Translation: We got all (symmetric) ps5 root keys. They can all be obtained from software – including per-console root key, if you look hard enough! https://t.co/ulbq4LOWW0
— fail0verflow (@fail0verflow) November 8, 2021

The message is practically a dare for other would-be hackers to try to access decrypted firmware files for themselves.
The second hack was also posted on Twitter on Nov. 7 by Google security engineer Andy Nguyen, who is also known widely in hacker circles as TheFlow. He was apparently able to access the PlayStation 5 “Debug Settings” menu, indicating he has a PS5 kernel exploit.
Wolo, which first reported on both breaches, pointed out this menu is typically only on testkit devices and allows quality assurance and development teams to install package files on the Sony PlayStation 5.
“But it can be enabled on retail consoles by patching some flags, located at specific addresses in the firmware at Runtime,” according to Wololo’s the Guardian.
Both breaches put threat actors well on their way to installing pirated games, running emulators and more, according to public-interest technologist Bruce Schneier.
Register now for our LIVE event!
“Hackers may have just made some big strides towards possibly jailbreaking the PlayStation 5 over the weekend,” Schneier wrote about the breaches. “Decrypted firmware ­which is possible through FailOverFlow’s keys, would potentially allow for hackers to further reverse-engineer the PS5 software and potentially develop the sorts of hacks that allowed for things like installing Linux, emulators or even pirated games on past Sony consoles.”
Schneier added that he doesn’t think a hack-proof computer system will ever be a reality.
“Especially when the system is physically in the hands of the hackers,” Schneier said. “The Sony Playstation 5 is the latest example.”
Want to win back control of the flimsy passwords standing between your network and the next cyberattack? Join Darren James, head of internal IT at Specops, and Roger Grimes, data-driven defense evangelist at KnowBe4, to find out how during a free, LIVE Threatpost event, “Password Reset: Claiming Control of Credentials to Stop Attacks,” on Wed., Nov. 17 at 2 p.m. ET. Brought to you by Specops.
Register NOW for the LIVE event!
 
 
 
 
 
Share this article:
Immutable storage and more: Sonya Duffin, data protection expert at Veritas Technologies, offers the Top 10 steps for building a multi-layer resilience profile.
Researchers warn that CVE-2021-34484 can be exploited with a patch bypass for a bug originally addressed in August by Microsoft.
Google researchers have detailed a widespread watering-hole attack that installed a backdoor on Apple devices that visited Hong Kong-based media and pro-democracy sites.
blank on
Bobby on


This site uses Akismet to reduce spam. Learn how your comment data is processed.
Join thousands of people who receive the latest breaking cybersecurity news every day.
#Ransomware volumes are up 1000%. Aamir Lakhani, cybersecurity researcher and practitioner at FortiGuard Labs , dis… https://t.co/HmAkFn3XNY
24 hours ago
Get the latest breaking news delivered daily to your inbox.
The First Stop For Security News
Infosec Insider content is written by a trusted community of Threatpost cybersecurity subject matter experts. Each contribution has a goal of bringing a unique voice to important cybersecurity topics. Content strives to be of the highest quality, objective and non-commercial.
Sponsored Content is paid for by an advertiser. Sponsored content is written and edited by members of our sponsor community. This content creates an opportunity for a sponsor to provide insight and commentary from their point-of-view directly to the Threatpost audience. The Threatpost editorial team does not participate in the writing or editing of Sponsored Content.

source