Criminal Hackers

Windows systems that crashed during the latest Microsoft security update last week did so because they were infected with a rootkit program that made changes to the operating system kernel, Microsoft said late on Wednesday.

"The restarts are the result of modifications the Alureon rootkit makes to Windows Kernel binaries, which places these systems in an unstable state," Mike Reavey, director of the Microsoft Security Response Center, wrote in a blog post. "In every investigated incident, we have not found quality issues with security update MS10-015."

The patch addresses a vulnerability in the 32-bit Windows kernel … Read more

More than 74,000 PCs at nearly 2,500 organizations around the globe were compromised over the past year and a half in a botnet infestation designed to steal login credentials to bank sites, social networks, and e-mail systems, a security firm said Wednesday.

The systems were infected with the Zeus Trojan and the botnet was dubbed "Kneber" after a username that linked the infected PCs on corporate and government systems, according to NetWitness.

The Wall Street Journal reported that Merck, Cardinal Health, Paramount Pictures, and Juniper Networks were among the targets in the attack. NetWitness speculated that … Read more

Peiter Zatko--a respected hacker known as "Mudge"--has been tapped to be a program manager at DARPA, where he will be in charge of funding research designed to help give the U.S. government tools needed to protect against cyberattacks, CNET has learned.

Zatko will become a program manager in mid-March within the Strategic Technologies Office at DARPA (Defense Advanced Research Projects Agency), which is the research and development office for the Department of Defense. His focus will be cybersecurity, he said in an interview with CNET on Tuesday.

One of his main goals will be to fund … Read more

If you own a bank account or use credit cards, chances are you've heard the term "PCI compliant." But you probably don't know what it means.

The term is heard more and more frequently these days as data breaches at merchants like TJX, parent of TJMaxx, and payment processors Heartland Payment Systems and RBS WorldPay land millions of card records in the hands of hackers. Criminals are using the data to make purchases and withdraw money from accounts of unsuspecting victims who did nothing wrong; they just owned a card.

It's a huge and growing … Read more

The U.S. House of Representatives overwhelmingly approved a cybersecurity bill that calls for beefing up training, research, and coordination so the government can be better prepared to deal with cyberattacks.

The Cyber Security Research and Development Act of 2009, which passed by a vote of 422 to 5, authorizes the National Institute of Standards and Technology (NIST) to develop a cybersecurity education program that can help consumers, businesses, and government workers keep their computers secure.

It also creates cybersecurity scholarship programs for college students and research centers, and asks NIST to boost development of identity management systems used to … Read more

In attempt to hide the location of its command-and-control server, the Pushdo botnet has been instructing its infected zombie computers to send fake SSL (Secure Sockets Layer) connections to major Web sites, a botnet expert said on Monday.

The strange traffic targeting the Web sites--including sites for the CIA, FBI, PayPal, Yahoo, and Twitter, according to a list at the Shadow Server Foundation--was not enough to cause any outages or slowdowns, said Joe Stewart, director of malware research at SecureWorks.

Site owners "would just see weird connections that don't seem to make sense," he said. "… Read more

Someone defaced the Web pages of nearly 50 members of the U.S. House of Representatives with an explicit insult to President Obama after he gave his State of the Union address on Wednesday night.

The 49 House Web sites, representing both Democrats and Republicans, were managed by a company called GovTrends, The Associated Press reported on Thursday.

The hacking occurred while GovTrends was performing an update, Jeff Ventura, spokesman for the House chief administrative officer, told the AP.

Last August, 18 House sites managed by GovTrends were also defaced, according to Ventura, who added that the House is reconsidering … Read more

Critical infrastructure networks around the world are subject to repeated cyberattacks from foreign governments and other high-level adversaries that can be damaging and costly, according to a report McAfee released Thursday.

Attacks that lead to down time can cost more than $6 million per day, and more than $8 million at oil and gas companies, the report, "In the Crossfire--Critical Infrastructure in the Age of Cyberwar," found.

Meanwhile, respondents said they worry about attacks on critical infrastructure in their countries coming from the U.S. and China more than any other potential aggressors.

For the report, which was … Read more

Three U.S. oil companies were targeted in 2008 in computer attacks in which sensitive information was leaked, including in one case to a computer in China, according to a published report.

In the attacks, senior level executives received e-mails that contained embedded links that when clicked on downloaded spyware to computers, The Christian Science Monitor reported Monday. The spyware was custom-made and undetectable by antivirus software, according to the report. The publication conducted a five-month investigation into the attacks.

The companies--Marathon Oil, ExxonMobil, and ConocoPhillips--were informed by the FBI that valuable information was targeted including "bid data" … Read more