Criminal Hackers

McAfee is looking into a problem with a service in its SaaS Endpoint Protection software that appears to be allowing computers to serve as open proxies for sending spam, the company told CNET today.

"We are aware of the issue and have both threat analytics and development teams diligently analyzing the problem and possible solutions," the company said in a statement. "We will have more information on the issue shortly."

A public relations representative said she was attempting to get more information on the matter but did not get back to CNET by the end of … Read more

Hackers in Israel and other Middle Eastern countries are in the middle of a cyberwar that has led to disruptions of the Tel Aviv Stock Exchange, several Israeli banks, and an airline. As a result, some Israeli banks have blocked or are threatening to block international access to their sites to avoid attack.

No one has claimed responsibility for the attacks Monday that crippled the Web sites of the Tel Aviv bourse Web site and El Al Airlines, as well as the marketing sites of the First International Bank of Israel (Fibi), Massad bank, and Otzar Hahayal bank, according to … Read more

Hackers released more data obtained from a breach of Stratfor, including e-mail addresses and credit card numbers, the geopolitical intelligence firm confirmed to CNET today.

In a post on Pastebin by someone using the "AntiSec" moniker, there are links to downloads of data on different sites, some of which were removed by midday today. The data dump follows the release of a list of Stratfor (Strategic Forecasting) clients on December 25 and a warning from hackers that they had more sensitive data to release, including unencrypted credit card data.

"It's time to dump the full 75,… Read more

This was an exciting/anxious year in the Internet security community, with big tech firms like Sony and RSA getting hacked, putting consumer data and corporate networks at risk, and with reports of attacks on utilities.

Scary things that go bump in the night are actually happening to computer systems that matter and it's only going to get worse. Here's what I think will happen in 2012.

Malicious Android apps will increase As a target for malicious software, Android is the Microsoft of the mobile platform. Android has more than 50 percent of the smartphone market, eclipsing all … Read more

The Department of Homeland Security and FBI today dismissed the conclusions of a report that a cyber intrusion caused a pump at an Illinois water utility to burn out. But the statement doesn't explain why an Illinois state terrorism intelligence center would say it was a hacker when it wasn't.

In the meantime, the DHS is investigating a claim by a hacker who goes by "pr0f" who claimed to have compromised a Texas water utility last week.

"After detailed analysis, DHS and the FBI have found no evidence of a cyber intrusion into the SCADA … Read more

AT&T said today that it successfully thwarted what appeared to be an attempt by someone to steal mobile customer data.

"We recently detected what could have been an organized attempt to obtain information on a number of customer accounts," AT&T spokesman Mark Siegel said in a statement. "The people in question appear to have used autoscript technology to determine whether AT&T telephone numbers were linked to online AT&T accounts."

No accounts were breached, he said, adding that less than 1 percent of AT&T's 100 million … Read more

Intruders compromised a water utility network last week and destroyed a pump, according to a state government report cited by a critical infrastructure security expert today.

It appears that hackers breached the network of a company that makes SCADA (supervisory control and data acquisition) and stole customer usernames and passwords, said Joe Weiss, managing partner of Applied Control Solutions. "There was damage--the SCADA system was powered on and off, burning out a water pump," he wrote in a brief blog post.

The report did not identify the water utility attacked or the SCADA software vendor compromised, Weiss said … Read more

Hackers broke into a database with customer information at the Steam online gaming site, accessed user forum accounts and defaced a forum site, the company said.

"Our Steam forums were defaced on the evening of Sunday, November 6. We began investigating and found that the intrusion goes beyond the Steam forums," Gabe Newell, co-founder of Steam developer Valve Corp., said in a statement posted to the Steam site.

"We learned that intruders obtained access to a Steam database in addition to the forums," he added. "This database contained information including user names, hashed and salted … Read more

The U.S. Department of Justice said today that it has uncovered a large, sophisticated Internet scam ring that netted $14 million by infecting millions of computers with malware designed to redirect their Web searches to sites that generated ad revenue.

Six people have been arrested in Estonia and a Russian is being sought on charges of wire fraud and computer intrusion, the FBI said. They are accused of infecting about 4 million computers in more than 100 countries--500,000 in the U.S. alone, including NASA--with malware called DNSChanger. The malware altered the Domain Name Server settings on the … Read more