Attack

The average Web-based application is hit by a cyberattack once every two minutes, says a report out today by security firm Imperva.

Detailing its findings in its "Web Application Attack Report" (PDF) for July, Imperva found that Web applications are attacked around 27 times per hour. Monitoring the Internet from December 2010 through May 2011, the security firm uncovered and categorized more than 10 million individual attacks targeting both business and government sites.

Automated cyberattacks accounted for a huge number of attempted breaches. The report discovered that attack traffic was characterized by quick spikes of high volumes followed … Read more

The Web sites of the Energy Department's Pacific Northwest National Lab and Jefferson National Lab were down today in the aftermath of "sophisticated" attacks, a spokesman at one of the labs told CNET.

The Richland, Wash.-based Pacific Northwest National Lab shut down its public Web site, Internet access, and e-mail service after the attack last Friday, spokesman Greg Koller said, adding that the Jefferson National Lab in Newport News, Va., was hit with a similar attack.

"No classified information has been compromised. About 20 percent we do here is classified," Koller said. "We … Read more

Two attacks on consecutive days left Web host and domain name registry Network Solutions' customers unable to access their Web sites and servers.

A distributed denial-of-service (DDoS) attack was carried out against Network Solutions on yesterday afternoon, and again this morning, according to a post on the company's official blog by spokesman Shashi Bellamkonda.

"Our engineers worked quickly to mitigate the attacks and services are in the process of being restored," he wrote. "We continue to monitor this situation, as potential risk still exists for these attacks to recur."

Some customers complained of outages and … Read more

Carriers are freaking out because they might not be able to keep charging you exorbitant rates to send tiny little data bits over the same network all the other data goes over--i.e., texting is dead. Hurry up and die, texting. Also, how Windows Phone 7 might catch up to iPhone by 2015 (we're skeptical) and why not to tag yourself in 250 pictures of you and your ex-girlfriend. We'd have thought the answer was obvious.

Almost a week after hackers posted a trove of customer information stolen from various Sony businesses' Web sites, Sony Pictures has more details on the attack.

Today the company posted a statement saying that personally identifying information of 37,500 customers had been exposed in the breach.

"We are continuing to investigate the details of this cyberattack; however, we believe that one or more unauthorized persons may have obtained some or all of the following information that you may have provided to us in connection with certain promotions or sweepstakes: name, address, email address, telephone number, gender, date of birth, and website password and user name," the statement reads.

Sony Pictures notes that it had not requested credit card information, Social Security numbers, or driver's license numbers from those people.

Sony Pictures said it notified those affected this morning. … Read more

Users of Hotmail and Yahoo Mail have had targeted attacks aimed at them similar to the attacks Google says have been directed at U.S. officials, political activists, and journalists who use Gmail, according to Trend Micro.

Google said earlier this week that it had disrupted a targeted phishing campaign against Gmail users that appeared to originate in China. The attackers were trying to monitor e-mails and use stolen passwords to change the settings in the accounts so that e-mails would be forwarded to their own accounts, Google said.

China has denied any responsibility and claims the U.S. is … Read more

The U.S. government is investigating reports from Google that hackers attempted to break into the Gmail accounts of senior government officials but at this point doesn't believe any accounts were actually breached.

"Speaking on behalf of the U.S. government, we're looking into these reports and seeking to gather the facts," Caitlin Hayden, deputy spokesperson for the National Security Council, told CNET today. "We have no reason to believe that any official U.S. government e-mail accounts were accessed."

The FBI is taking the lead on the investigation, according to Hayden, "as … Read more

Google today said that it's "detected and disrupted" a plan to gain access to hundreds of Gmail accounts through phishing attacks.

That effort, which Google says originated in Jinan, China, targeted user account credentials so that attackers could gain access to personal information including contacts and e-mail conversations. Targets included government officials from the U.S. and "several Asian countries" as well as political activists, journalists, and military personnel, Google said.

"The goal of this effort seems to have been to monitor the contents of these users' e-mails, with the perpetrators apparently using stolen … Read more

Defense contractor L-3 Communications told employees that attackers used SecurID information stolen from RSA in March to target L-3, according to a report.

"L-3 Communications has been actively targeted with penetration attacks leveraging the compromised information," said an April 6 e-mail from an executive at L-3's Stratus Group to the group's 5,000 workers, which Wired published yesterday after receiving it from an unidentified source. The source reportedly said SecurID is used for access to an unclassified corporate network, but not classified networks.

It is unclear if the attack was successful. "Protecting our network is … Read more