Ubisoft calls yesterday's story about a rootkit being found in Uplay false and blames "a coding error" for the security hole. Ubisoft denied the whole "rootkit" angle altogether. After quickly patching the Uplay software yesterday, the company issued a statement saying that a coding error was the cause of the software being able to launch any executable on a remote computer - a fact hackers demonstrated as a proof of concept this week.

Internet rights advocacy and lobbying group the Electronic Frontier Foundation (EFF) has an interesting article offering five reasons why the National Security Agency (NSA) shouldn't be trusted to run whatever cybersecurity oversight comes out if the Senate passes the Cybersecurity Act of 2012 and manages to reconcile it with the House's Cyber Intelligence Security Protection Act (CISPA).

Sen. Joe Lieberman (I-Conn.) and the co-sponsors of his Cybersecurity Act of 2012 are not pleased with the conservative lobbying group the U.S. Chamber of Commerce, and are firing back at the group for what they call "mischaracterizations" about the latest revisions to the bill. More specifically, Senator Lieberman is upset over a letter that the group sent to U.S. Senators urging them not to support the bill. The group opposes the further regulations the bill would put on U.S.

Update: The BBC is reporting that Ubisoft has rushed to patch the exploit unearthed by a Google engineer in its Uplay DRM. The company also issued instructions for Uplay users:

"We recommend that all Uplay users update their Uplay PC application without a Web browser open," Ubisoft said. "This will allow the plug-in to update correctly. An updated version of the Uplay PC installer with the patch also is available from Uplay.com."

According to hacking-alert service PwnedList over eight million users who frequent the online gaming service Gamigo have had their personal data compromised. According to the site, a security breach in March of this year led to the theft of usernames, passwords, and email addresses onto the password-cracking site Inside Pro.

Luckily Gamigo users concerned about their private information floating in the wilds of the Internet can visit the site, sign up for a free account and see if their data has been compromised.

Graphics hardware maker Nvidia acknowledged that its user forums were hacked last week by unauthorized third parties and that user details may have been compromised. In light of the security breach Nvidia has temporarily suspended all of its web-based services.

The company said that it was forced to shut down its official forums last week, after it identified what it characterized as "suspicious activity" on the site. Nvidia confirmed that hackers accessed usernames, email addresses, passwords and more.

Back in March we reported the FBI's plans to shut down the DNS servers it was running to allow those affected by the DNSChanger malware to access the Internet. Dating all the way back to 2007, DNSChanger targeted Windows or Mac systems by manipulating Domain Name Servers (DNS) and DNS routing. When a computer became infected the malware would redirect DNS requests to servers controlled by an internet crime ring, which then served up web ads to users.

In the wake of Sulake's problems with Habbo, Disney has decided to spend $4.7 million on an internet safety campaign for its popular massively-multiplayer online game for kids, Club Penguin. The announcement was made by the game's co-founder Lane Merrifield today. The internet safety campaign hopes to target more than 100 million children and parents around the world who use Club Penguin.

Normally we would ignore what's going on at Twitter (not because we don't care but because the daily machinations of the service have no bearing within these pages), but a change in policy is of particular interest - mainly in how it might relate to current and future cybersecurity bills - like CISPA, PROTECT IT, and the Cybersecurity Act of 2012. Like Google, Twitter has decided to disclose how often the U.S. government asks for information on a user or issues a DMCA takedown via what they call a new "transparency tool."

Oops! An email meant to promote Ubisoft's promising techno-thriller Watch Dogs inadvertently revealed the email addresses of thousands of fans who signed up to receive updates on the game. Publisher Ubisoft sent out an update on a fictitious character named Joseph Demarco who runs an art gallery called dotconnexion. Players were urged to sign up for dotconnexion updates on the official site, and one of those first updates went out today:

In the aftermath of a Channel 4 investigation into pedophiles targeting young users of the virtual hangout Habbo, owner Sulake has begun a soft launch of chat services in select regions. Sulake CEO Paul Fontaine announced via the company's blog that a new and improved Habbo (with more security measures in place) has launched in Finland, Spain and Brazil - with more regions being relaunched in the next few weeks.

British TV station Channel 4 ran a damning story about pedophiles in the virtual world of Habbo earlier this week that caused two major investors in the Sulake - the owner and operator of it - to walk away from the company. Now Sulake is trying to recover from the bad press, even as loyal users held silent vigils in the game in a show of support this week.

The Cybersecurity Act of 2012 (CSA) lead sponsor Sen. Joe Lieberman (I-CT) says that the bill will be dead in the water if it is not voted on before July. The Cybersecurity Act of 2012, which includes some of the language from the Cyber Intelligence Sharing and Protection Act (CISPA), could be voted on before that because it has the support of Senate Majority Leader Harry Reid (D-NV). While the Administration support's Lieberman's bill, the President said earlier this year that he would veto CISPA in its current form if it crossed his desk.

Blizzard is beefing up security ahead of the launch for the real money auction for Diablo III. In a post on the official forums over at Battle.net, Blizzard detailed some of the security changes that have taken place to ensure that people's very real money associated with their accounts will remain safe and secure.

The short explanation is that users will now have to use an authenticator before adding any funds to their balance and when sending funds to their real money auction house accounts.

Riot Games has issued a statement via its official League of Legends forums letting players in Europe know that its user database for the game has been compromised. While the company says that no payment information was compromised during the security breach, the company did not say what personal information may have been stolen. From the forum post:

According to South Korean newspaper Korea JoongAng Daily, a South Korean man has been arrested for his part in proliferating online game software that contained malware, turning the computers it was installed on into zombie machines th

Advocacy groups Fight for the Future, Democrats.com, The Liberty Coalition, and the Entertainment Consumers Association (ECA), have banded together to create a new website called Privacy Is Awesome, to fight against CISPA and the Senate version of the bill, SECURE IT Act. The site is designed to teach netizens how to defeat the bills in five easy steps:

A number of Diablo III players have claimed that they have logged into their accounts and found that they have been hacked. Players claim that their gear, characters, and gold vanished without a trace. Blizzard Entertainment says that it is taking these reports "very seriously" and is looking to what exactly is going on. Other reports have indicated that this was being caused by some sort of bug.

Senator Ron Wyden (D-Ore.) said on Monday that the Senate's cybersecurity legislation being pushed by Sens. Joe Lieberman (I-Conn.) and Susan Collins (R-Maine) is an overreaction to cyber threats and would undermine the privacy rights of American citizens.

Wyden said that both the House and Senate bills "subordinate all existing privacy rules and constitutional principles to the poorly defined interest of 'cybersecurity.'"

The Computer Emergency Response Team (CERT) in Poland says that BitTorrent’s uTP protocol is under serious attack from unknown forces in Russia, Canada, China, Australia and the USA. The group, which monitors cyber attacks around the world, says that attacks on the BitTorrent protocol are up substantially from 2011.

The attacks work by sending fake data packages that appear to be legitimate, but use IP-addresses that are forged. CERT also notes that these attacks seem to be targeting specific BitTorrent swarms that are sharing Russian movie releases.

A new update for Mario Kart 7 finally kills off a shortcut exploit found in three tracks for the game. The exploits that were being taken advantage of in multiplayer were in the Wuhu Island Loop, Wuhu Mountain Loop and GBA Bowser Castle 1 courses. Users that want to be able to play online multiplayer will need to get the latest 3DS system update, and then download the update for Mario Kart 7.

As Computer and Video Games points out, you can still play local multiplayer and single player without updating the game, but to play online you will have to install the fix.

Perfect World Entertainment's Cryptic Studios has issued a statement warning customers of its various MMO titles that it has suffered from a security breach. The security breach happened way back in December 2010, but was only recently detected because the company beefed up its security. The breach resulted in hackers obtaining user account names and encrypted passwords, some of which they apparently have managed to crack.

A dramatic story making the rounds claims that if "you don't have your computer malware free by July 9th the FBI will shut your computer down." As Techland points out, the story has roots in a small bit of reality but reporting on it has been a little bit overblown. The story originates all the way back to 2007, when malware called DNSChanger managed to infect millions of computers around the world.

According to a SiliconValley.com report, the U.S. House of Representatives will take up a revised version of the controversial Cyber Intelligence Sharing and Protection Act (CISPA) at the end of April. The revisions to the bill should address concerns about privacy, according to its sponsors, but details on what has been changed in the language are unknown at this time.

VantureBeat reports that antivirus firm F-Secure has released a free automated removal tool for the Flashback Trojan that has infected so many Mac OS X systems. The removal tool, available here, is in a zip file. Once you download and unzip it, follow the instructions to find the virus on your system.

According to Market Watch social game developer and publisher Zynga spent around $1.37 million dollars to protects its CEO and his family from a Russian stalker named Vera Svechina and other threats. In 2011 CEO Mark Pincus filed a restraining order against the former stripper and amateur filmmaker after she allegedly visited his home on two occasions and threatened his wife and family.

CISPA (the Cyber Intelligence Sharing and Protection Act) is something that opponents of SOPA, PIPA, and ACTA should be paying attention to. While the goal of the bill purports to be about "cybersecurity," the bill contains vague language that allows companies to spy on Internet users and collect and share this data with third-party companies or Government agencies. The loophole for companies is that they can simply say that violating users' privacy rights were necessary to protect against cybersecurity threats, to gain immunity from civil and criminal liabilities.

Representatives from the Federal Trade Commission (FTC) and California's Attorney General's office will address mobile app safety for children at the Digital Kids Conference on Wednesday, April 25 from 3:45 p.m. - 4:45 p.m. (Room 1, Pasadena Convention Center, 300 E. Green Street, Pasadena, CA). Federal Trade Commission Staff Attorney Kenneth H. Abbe and Travis LeBlanc, Special Assistant Attorney General for Technology for the State of California will deliver their remarks on the topic as part of conference's Digital Kids Safety Track.

Xbox Live general manager Alex Garden has issued a statement about ongoing concerns about Xbox Live account security. In the letter he says that many of the security issues have very little to do with the Xbox Live service, which has not had its security breached. The letter is in response to numerous user complaints about their accounts being hijacked or stolen, and their points being used. He acknowledges that there is little comfort in knowing that Xbox Live is secure when a user's account has been compromised.

While it isn't indicated on its official site, the CoveritLive service has apparently been hacked and some personal user data may have been compromised, according to an email sent to subscribers this evening. The Live blogging technology is used by plenty of journalists, bloggers, and web sites as an easy way to blog live events. From the letter they mailed out to users this evening: