Cyberthreats: U.S. under attack every day, virtually

In the post-9/11 world, Susan Brenner, an NCR professor of law and technology at the University of Dayton, worries about terrorists using cybercrime for their own purposes. This week, Defense Secretary Robert Gates told CBS News that the United States is "under cyber-attack virtually all the time, every day" and that the Defense Department plans to more than quadruple the number of cyber experts it employs to ward off such attacks. This is not your grandma's Internet.

White House may take control of cybersecurity

The White House should take direct control of US cybersecurity - with a little help from the private sector - according to the official who has just completed a national review of net security.

Rogue spambots capable of sending 25,000 messages per hour

A recent study conducted by Marshal8e6 has determined that the insidious Xarvester and Rustock spambots are capable of disseminating over 25,000 messages per hour.

Novell to secure US Navy networks

The US Navy Cyber Defense Operations Command (NCDOC) has selected Novell's Sentinel to help secure various computer networks. The platform integrates identity data with security event management, which facilitates the efficient monitoring of resources across geographically dispersed networks.

World's largest malware network discovered

The world's largest-ever malware network has been uncovered, affecting 1.9 million corporate, government and consumer computers.

US eyes military cyber command

The Obama administration is reportedly poised to announce the creation of a new military cyber command. National Security Agency (NSA) Director Keith Alexander is currently the top candidate for the post.

Nefarious Conficker worm racks up $9.1 billion bill

Researchers at the Cyber Secure Institute estimate that the nefarious Conficker worm has racked up a staggering $9.1 billion bill.

Chinese blamed for hack into Joint Strike Fighter system

Security at the $300 billion Joint Strike Fighter project has been breached by spies, with the finger being pointed at China.

Parabon preps for cyber assault

Parabon Computation has introduced a new testing service designed to help secure government and corporate networks against cyber attacks. The company plans its first public demonstration of Blitz in Anaheim this week at the Department of Defense (DoD) Defense Information Systems Agency (DISA) Customer Partnership Conference, where it will conduct live fire denial-of-service exercises.

Verizon Business Study finds organized crime is to blame for security breaches

Verizon Business has released a report which claims that organized crime is actually responsible for the majority of increasing corporate electronic records breaches. There were 285 million security breaches last year, which was more than the total number of record breaches that had occurred in the past four years combined.

Microsoft patches 23 security flaws

On Tuesday, Microsoft issued eight security updates which are promised to fix 23 security vulnerabilities, six of which were targeted by exploit code, in its Windows Operating Systems and other Microsoft Software.

First Hacker takes credit for Amazon “glitch,” Amazon apologizes

Late yesterday a hacker, identifying himself as “Weev”, is now claiming responsibility for the “glitch” on, which caused a multitude of gay and lesbian themed books to lose their sales ranks over the Easter holiday weekend. Weev posted his “confession” on a LiveJournal discussion board on Monday morning.

Twitter hit by cross-site scripting attacks

The Twitter micro-blogging network has been hit by two cross-site scripting (XSS) attacks that spread messages from user accounts across the system without users' consent. The initial “StalkDaily” messages that appeared over the weekend are now followed by a “Mikeyy” attack that apparently can infect Twitter accounts simply by viewing another infected Twitter page.

UPDATED: Conficker.e surfaces and reveals purpose: Wants $49.95

Late Wednesday, TrendMicro observed a new version of the Downad.KK/Conficker.c worm, dubbed Conficker.e. The previous version utilized its built-in P2P functionality to download the update, which then springs to life with fake or rogue antivirus messages warning of non-existent threats, along with annoying pop-ups until you agree to pay it $49.95. Conficker's authors finally unveil their true intent: Greed.

Conficker worm activated, TrendMicro says

The third Conficker/Downadup worm, which hit computers on April 1, was almost a disappointment given the excitement that had built up in the weeks before. Those expectations were followed by a lot of nothing, but it now seems that the malware has been quietly activated and downloaded what the security firm described as yet another variant of the worm now called WORM_DOWNAD.E.

Microsoft: Spam level now at 97%

It seems that Bill Gates’ 2004 prediction that there would be no spam anymore within a couple of years was wrong. According to Microsoft’s latest Security Intelligence Report, the number of spam messages has reached a dramatic level of 97% of all emails sent. However, the report covered a variety of security concerns and had some good news as well. Discovered vulnerabilities in software, for example, is down from its 2007 highs.

UPDATED: U.S. electrical grid falls victim to cyber-spying

It's being reported that the U.S. electrical grid has been infiltrated by hackers primarily from China, Russia, but also from other countries. The software does not do anything harmful, however it is giving remote entities knowledge of how our electrical grid operates, allowing them to "navigate the U.S. electrical system and its controls", according to the Wall Street Journal. It is cyber-spying, and it has targeted a critical U.S. asset -- our electrical grid.

How to turn your iPhone into unbreakable security token

VeriSign has teamed up with Apple to provide a second-factor authentication (2FA) token generator application for the iPhone. For those interested in maximizing their online security against fraud and theft, using a second-factor code, one which changes every 30 seconds, could be the best way to go. And now with VeriSign's iPhone app, you won't need to carry around a separate token or card. The iPhone becomes a one-stop shop for online 2FA security. In this article we explain the technology, and show you how to use it. EXTRAS: SLIDESHOW, VIDEO

Conficker #3: It’s Y2K all over again, perhaps

The third variant of the Conficker worm was set to strike today, but to a general surprise, humanity still exists. Will Conficker-C, despite the dramatic warnings, be as harmless as the Y2K switch more than nine years ago?

Conficker worm believed to have originated from China

The Conficker worm has been widely discussed in recent weeks, and the $250,000 bounty has had many on the hunt for the virus's origination. Microsoft offered the $250,000 for anyone who could provide information which leads to an arrest in the Conficker case.