cyberattacks

The hacking group known as LulzSec hit its latest target over the weekend: the U.S. Senate.

In an attack confirmed to the media by a Senate representative, LulzSec broke into the Senate's Web site and was able to gain access to the server's directory and file structure, the contents of which the group published on its own site.

In response, the government initiated a security review but so far has determined that network security was not compromised and that no user information was breached.

"The intruder did not gain access into the Senate computer network and … Read more

Responding to a recent report from the North Atlantic Treaty Organization condemning Anonymous, the online "hacktivist" group has issued a public response warning the global organization not to challenge it.

Claiming that the NATO report singled it out as a threat to "government and the people," Anonymous defended some of its recent actions in the name of freedom and dissent. In its message (Google cached version), it also asserted that NATO fears the group not because it's a "threat to society," but because it's a "threat to the established hierarchy."… Read more

Following recent cyberattacks against several defense contractors, in which hackers breached security using stolen SecurID keys, SecurID maker RSA is promising to replace the tokens for customers concerned about the vulnerabilty of their network data.

In an open letter to all SecurID customers, RSA Executive Chairman Art Coviello acknowledged that the likely motive behind the March theft of SecurID token information was to obtain defense secrets and related intellectual property. RSA specifically warned customers at the time that the theft could breach their security.

In late May, defense contractor Lockheed Martin revealed that it had been attacked by intruders who … Read more

The U.S. government is investigating reports from Google that hackers attempted to break into the Gmail accounts of senior government officials but at this point doesn't believe any accounts were actually breached.

"Speaking on behalf of the U.S. government, we're looking into these reports and seeking to gather the facts," Caitlin Hayden, deputy spokesperson for the National Security Council, told CNET today. "We have no reason to believe that any official U.S. government e-mail accounts were accessed."

The FBI is taking the lead on the investigation, according to Hayden, "as … Read more

AT&T plans to launch a wireless security service next year designed to protect mobile phones from cyberattacks, according to a key company executive quoted in a Reuters article.

The head of AT&T's enterprise business, John Stankey, said the company already sells security products to the business sector but hasn't yet tapped into the more difficult consumer market, where users are sometimes less willing to spend money on such protection.

Interviewed ahead of the Reuters Technology Media and Telecommunications Summit, Stankey told Reuters that subscription-based antivirus services will become as relevant in the wireless world … Read more

A group of hackers says it is planning another wave of cyberattacks against Sony in retaliation for its handling of the PlayStation Network breach.

An observer of the Internet Relay Chat channel used by the hackers told CNET today that a third major attack is planned this weekend against Sony's Web site. The people involved plan to publicize all or some of the information they are able to copy from Sony's servers, which could include customer names, credit card numbers, and addresses, according to the source. The hackers claim they currently have access to some of Sony's … Read more

Security company Barracuda Networks was itself hit by a security breach over the weekend that exposed certain information from its databases.

An unknown hacker, who apparently took credit for the break-in, launched an attack that exposed a list of Barracuda databases along with the names, phone numbers, and e-mail address of various Barracuda partners.

The attack also uncovered the e-mail addresses of different Barracuda employees along with their passwords. Though the passwords were encrypted, they were done so using a hashing algorithm called MD5, which is considered by many to be a flawed and outdated encryption method.

The attacker grabbed … Read more

The first three months of the year have so far witnessed a rise in malware and some notable cyberattacks, according to a report released today by Panda Security.

Tracking a big jump in malware (PDF), Panda Security has uncovered on average around 73,000 new types of threats being released every day. That's a 26 percent increase during this year's first quarter compared with the same period in 2010.

Among the various flavors of malware, Trojan horses have accounted for around 70 percent of all threats so far this year. That points to Trojans as a tool favored … Read more

Cybercriminals are increasingly moving from stealing just personal data to capturing trade secrets and other corporate intellectual capital that they can easily sell through the underground market, according to a new report from McAfee and the SAIC.

In today's release of a new study, "Underground Economies: Intellectual Capital and Sensitive Corporate Data Now the Latest Cybercrime Currency" (PDF), McAfee and the Science Applications International Corporate find that the theft of trade secrets, marketing plans, R&D data, and even source code is on the rise, especially as such information is often unprotected.

Based on a global … Read more