Criminal Hackers

Cyber attacks on critical infrastructure companies are on the rise, with a jump in extortion attempts and malware designed to sabotage systems, like Stuxnet, according to a new report.

While attacks are increasing, many companies aren't doing enough to protect their systems and are instead rushing to adopt new technologies--such as Smart Grid--without ensuring they adequately secure against cyber attacks, concludes "In the Dark: Crucial Industries Confront Cyberattacks."

The report, due to be released on Tuesday, was commissioned by McAfee and written by the Center for Strategic and International Studies (CSIS). It includes results from an electronic … Read more

By seizing servers and domain names and getting permission to remotely turn off malware on compromised PCs, U.S. officials have disabled a botnet that steals data from infected computers.

The legal actions are part of the "most complete and comprehensive enforcement action ever taken by U.S. authorities to disable an international botnet," according to a statement from the Department of Justice. A botnet is a group of computers that have been compromised and are being remotely controlled by attackers, typically to send spam or attack other computers.

It's the first time law enforcement in the … Read more

Albert Gonzalez, the hacker who pleaded guilty to leading one of the largest cases of credit card theft in the U.S., is asking a judge to toss out the pleas, arguing that they were part of his assignments as a paid government informant.

"I still believe that I was acting on behalf of the United States Secret Service and that I was authorized and directed to engage in the conduct I committed as part of my assignment to gather intelligence and seek out international cybercriminals," Gonzalez wrote in a 25-page petition filed March 24 with the U.… Read more

The breach at RSA that could compromise the effectiveness of the firm's two-factor authentication SecurID tokens was accomplished via phishing e-mails and an exploit for a previously unpatched Adobe Flash hole, RSA has revealed.

The attacker sent two different phishing e-mails over a two-day period last month with a subject line of "2011 Recruitment Plan" to two small groups of employees who weren't considered particularly high-profile or high-value targets, Uri Rivner, head of new technologies in consumer identity protection at RSA, wrote in a blog post. Attached to the e-mails was an Excel file that contained … Read more

The FBI is investigating how a hacker tricked a New Jersey company into issuing fraudulent digital certificates for Google, Yahoo, Microsoft, and other major Web sites, the firm's chief executive said today.

Comodo CEO Melih Abdulhayoglu told CNET this afternoon that "it is an ongoing investigation" that has drawn in both the FBI and Italian law enforcement.

Abdulhayoglu confirmed that a reseller in Italy called GlobalTrust had its network compromised by a hacker traced to Iran. That person, or multiple people, obtained fake digital certificates for nine Web sites that also included Skype and Mozilla. Those certificates, … Read more

If you use TripAdvisor you may soon be getting more spam. The travel site told customers in an e-mail today that someone had breached its network and stolen e-mail addresses for an undisclosed number of its members.

"This past weekend we discovered that an unauthorized third party had stolen part of TripAdvisor's member email list," Steve Kaufer, co-founder and chief executive, wrote in the e-mail. "We've confirmed the source of the vulnerability and shut it down. We're taking this incident very seriously and are actively pursuing the matter with law enforcement."

He did … Read more

A long-known but little-discussed vulnerability in the modern Internet's design was highlighted yesterday by a report that hackers traced to Iran spoofed the encryption procedures used to secure connections to Google, Yahoo, Microsoft, and other major Web sites.

This design, pioneered by Netscape in the early and mid-1990s, allows the creation of encrypted channels to Web sites, an important security feature typically identified by a closed lock icon in a browser. The system relies on third parties to issue so-called certificates that prove that a Web site is legitimate when making an "https://" connection.

The problem, however, … Read more

A malicious attacker that appears to be the Iranian government managed to obtain supposedly secure digital certificates that can be used to impersonate Google, Yahoo, Skype, and other major Web sites, the security company affected by the breach said today.

Comodo, a Jersey City, N.J.-based firm that issues digital certificates, said the nine certificates were fraudulently obtained, including one for Microsoft's Live.com, have already been revoked. A fraudulent certificate allows someone to impersonate the secure versions of those Web sites--the ones that are used when encrypted connections are enabled--in some circumstances.

The Internet Protocol addresses used … Read more

RSA warned its customers yesterday that its network had been breached and data had been stolen that could affect customers using its popular SecurID token authentication technology. Although details are scarce, here's what we know so far.

What happened? Someone launched an "extremely sophisticated cyberattack" on RSA in the form of an Advanced Persistent Threat and data was stolen related to the SecurID technology, the company said in a statement on its Web site. APT attacks are often used for espionage, targeting source code and other information within a company or government agency. They typically involve knowledge … Read more