Tech News

A social media editor for the Reuters news service was charged Thursday with conspiring with the group Anonymous to hack into the Tribune Co.\'s computer system shortly after he was fired from one of the company\'s TV stations. Matthew Keys is charged with supplying hackers in December 2010 with the login credentials to the computer network of Tribune Co., which owns the Los Angeles Times, the FBI said. Keys had been fired from a Tribune-owned television station in Sacramento two months earlier during the company\'s bankruptcy. He was not working for Reuters when he allegedly conspired with Anonymous.

At the funeral of Aaron Swartz, the 26-year-old Internet freedom crusader, Swartz\'s father had a blunt message. Aaron who committed suicide last week while being prosecuted for hacking \"was killed by the government\" he declared. The elder Swartz fanned the flames of a growing debate: Did federal prosecutors go too far in pursuing Swartz on serious felony charges, and are they in part responsible for his death? Swartz, a computer prodigy, helped create Reddit but was perhaps best known as a freedom-of-information activist. In addition to campaigning against overly punitive copyright laws, he allegedly linked his laptop to the Massachusetts Institute of Technology\'s computer system to download millions of articles from JSTOR, a paid-subscription database of academic articles. (MIT was a subscriber to JSTOR, but Swartz was not an authorized user.) Federal prosecutors in Boston charged Swartz with 13 felony counts that could have sent him to prison for more than 30 years. Since Swartz\'s death he was found hanged in his home in Brooklyn, N.Y. his family, friends and allies in the information-freedom movement have put much of the blame on federal prosecutors. Swartz\'s family said in a statement on an online memorial site that his death is \"the product of a criminal justice system rife with intimidation and prosecutorial overreach.\" In particular, they charge that the U.S. Attorney\'s Office in Massachusetts contributed to Swartz\'s death by choosing to pursue \"a harsh array of charges to punish an alleged crime that had no victims.\"

Three years ago, when electric grid operators were starting to talk about the need to protect critical infrastructure from cyberattacks, few utilities had even hired a chief information security officer. Then came Stuxnet.... In 2010, that malware, widely reported to have been created by the U.S. and Israel, reportedly destroyed 1,000 centrifuges that Iran was using to enrich uranium after taking over the computerized systems that operated the centrifuges. Gen. Michael Hayden, principal at security consultancy The Chertoff Group, was director of the National Security Agency, and then the CIA, during the years leading up to the event. \"I have to be careful about this,\" he says, \"but in a time of peace, someone deployed a cyberweapon to destroy what another nation would describe as its critical infrastructure.\" In taking this step, the perpetrator not only demonstrated that control systems are vulnerable, but also legitimized this kind of activity by a nation-state, he says. The attack rattled the industry. \"Stuxnet was a game-changer because it opened people\'s eyes to the fact that a cyber event can actually result in physical damage,\" says Mark Weatherford, deputy undersecretary for cybersecurity in the National Protection Programs Directorate at the U.S. Department of Homeland Security. In another development that raised awareness of the threat of cyberwar, the U.S. government in October accused Iran of launching distributed denial-of-service (DDoS) attacks against U.S. financial institutions. In a speech intended to build support for stalled legislation known as the Cybersecurity Act that would enable greater information sharing and improved cybersecurity standards, Defense Secretary Leon Panetta warned that the nation faced the possibility of a \"cyber Pearl Harbor\" unless action was taken to better protect critical infrastructure.

Microsoft today released an emergency patch for Internet Explorer (IE) to stymie active attacks that have been exploiting a bug in the browser, finishing a job it started only Monday. \"Let\'s call it five days from advisory to patch,\" said Andrew Storms, director of security operations at nCircle Security. \"I\'d like to see anybody pull that off.\" Today\'s update, labeled MS12-063, fixes five flaws, including one revealed by a security researcher last weekend that hackers have been using to infect Windows PCs with malware. The so-called \"zero-day\" vulnerability -- meaning it was leveraged by attackers before Microsoft was aware of the bug, much less able to patch it -- surfaced six days ago. Since then, Microsoft has published an advisory (on Monday), confirmed the vulnerability and issued a \"Fixit,\" one of its automated configuration tools, to block the known exploits (Wednesday). The Fixit relied on a tactic Microsoft first deployed in January 2011, when it used a \"shim,\" or application compatibility workaround, to thwart then-circulating attacks against IE. Then, as in the recent Fixit, Microsoft utilized the Application Compatibility Toolkit, included with Windows since XP, to modify the core library of IE -- a DLL, or Dynamic-Link library, named \"Mshtml.dll,\" that contains the rendering engine -- in memory each time the browser ran.

A new Trojan horse tries to covers its tracks by crippling the victim\'s computer after stealing data, a security researcher said today. Dubbed \"Shamoon\" by most antivirus companies, the malware has been used in targeted attacks aimed at specific individuals or firms, including at least one in the energy sector. According to Israeli security company Seculert, Shamoon relies on a one-two punch, first taking control of a system connected to the Internet before spreading to other PCs on an organization\'s network. The second stage -- which kicks off after the malware has done its dirty work -- overwrites files and the Master Boot Record (MBR) of the machine. The latter makes the PC unbootable. \"They are looking for ways to cover their tracks,\" said Aviv Raff, CTO and co-founder of Seculert, in a Friday interview. Seculert and other security companies, including Moscow-based Kaspersky Lab and U.S. antivirus vendor Symantec, have not yet figured out kind of data Shamoon is looking for, then stealing. They assume that because the malware uses a second infected system to communicate with a hacker-controlled command-and-control (C&C) server, Shamoon is copying files from pillaged PCs and sending that information to its masters. Malware rarely destroys files or wipes the MBR. Most threats try to work quietly to avoid detection as long as possible. Crippling a computer only brings unwanted attention.

A group of hackers has posted to the Web today data that appears to include Comcast employee names, ages and salaries, as well as e-mails and passwords associated with AT&T VoIP service accounts. Proclaiming the kickoff of \"#WikiBoatWednesday...when all the members from @TheWikiBoat fight corruption, leak data, and bring down websites,\" the hackers released the data in two different posts to the Pastebin Web site. Several of the Twitter handles used by the group, including @AnonymousWiki, referenced the Anonymous online activist group, but the connection to the larger, decentralized collective is unclear. \"The first part is (Comcast) Employee names, ages and salaries. And the second part, is information logged from \'Facebook Quizzes,\'\" one of the Pastebin messages says. \"Quite odd that they\'d be storing your information from facebook in THEIR database hm? Anyways, I believe the format for the Facebook Quizzes is something like: Quiz-ID | User ID | Password | And some more info after that. So enjoy ;).\" And the other Pastebin message says: \"Hello everyone. In this dump for #WikiBoatWednesday, I got into an AT&T Database. The database is from a pretty old subdomain, but it has some decent information in the accounts. So I hope you guys enjoy.\" It also includes a link to a login page for AT&T VOIP service accounts. CNET has contacted Comcast for comment and will update this report when we learn more. An AT&T spokesman was trying to get comment.