Notorious black hats that hacked thousands of Web sites in their lifetime gather gigabytes of information stolen from their victims, much of which is never published online. Phantom, one of the members of TeaMp0isoN, decided to clean up his hard drive and publish data he collected as a result of breaching sites,

 [More]

Los Angeles-based Web hosting firm DreamHost reset the FTP and shell access passwords for all of its customers January 20 after detecting unauthorized activity within a database. "One of DreamHost’s database servers was illegally accessed using an exploit that was not previously known or prevented by our layered security systems in place,"

 [More]

In an amended complaint filed today with the U.S. District Court for the Eastern District of Virginia, [Microsoft] accused Andrey N. Sabelnikov, a resident of St. Petersburg, Russia, of writing the code for and participated in the creation of the Kelihos malware. … Kelihos comprised about 41,000 infected computers worldwide and was

 [More]

[T]he proprietors of a new ZeuS Trojan variant are marketing their malware as a social network that lets customers file bug reports, suggest and vote on new features in upcoming versions, and track trouble tickets that can be worked on by the developers and fellow users alike. The ZeuS offshoot, dubbed Citadel

 [More]

A security researcher was able to locate and map more than 10,000 industrial control systems hooked up to the public internet, including water and sewage plants, and found that many could be open to easy hack attacks, due to lax security practices. Infrastructure software vendors and critical infrastructure owners have long maintained

 [More]

Hackers, possibly from abroad, executed an attack on a Northwest rail company's computers that disrupted railway signals for two days in December, according to a government memo recapping outreach with the transportation sector during the emergency. On Dec. 1, train service on the unnamed railroad "was slowed for a short while" and

 [More]

The latest malware, affecting those of us who bank online, doesn’t just take our money. It fools us into believing our account balance is just fine. It's known as the “SpyEye banking trojan," but with a powerful twist. Even if we're vigilant with checking our accounts online, we may not know there's

 [More]

A phishing and survey scam rolled into one is currently targeting Facebook users and ends up hijacking their accounts and making it difficult for users to get them back, warns a McAfee researcher. The victims are lured with messages seemingly posted by their friends claiming that they have received a "100rs free

 [More]

A new strain of cybercrime Trojan is targeting Facebook users by taking over their machines and shaking them down for cash. Carberp, like its predecessors ZeuS and SpyEye, infects machines by tricking punters into opening PDFs and Excel documents loaded with malicious code, or attacks computers in drive-by downloads. The hidden malware

 [More]

Oracle's flagship database software has a major flaw which could create some serious outages. Oddly the hole has been found by InfoWorld hacks rather than the usual suspects from the security companies. It came about because of a collection of problems within the database. Normally when bugs result in a database outage,

 [More]