Defense contractor Lockheed Martin issued a statement over the weekend saying that it was the target of a "significant and tenacious" attack against its computer systems on May 21. The company claims that the attack was detected "almost immediately" and that thanks to "aggressive action" by its information security team, no customer, program, or employee data was compromised.

The company's statement followed an earlier Reuters report that two defence contractors had been hacked. The report claimed that the hacks were enabled by the creation of duplicate RSA SecurID tokens.

SecurID tokens produce a sequence of unpredictable numbers, with the exact sequence determined by a seed value. Both the seeds and the algorithms used to generate the numbers are supposed to be secret—however, RSA was hacked earlier this year leading to speculation that the seeds may have been compromised.

RSA, a subsidiary of information management firm EMC, has never publicly disclosed what information was actually taken in the attack; the company claims only that systems using the tokens used in tandem with passwords will remain secure.

Lockheed Martin's statement did not provide any specific information about the attack, nor did it confirm that the RSA attack may have been a factor. If the Lockheed Martin attack was indeed a result of the RSA attack, this would be a strong indication that the RSA hack was very damaging indeed, to the extent of nullifying the additional security protection that the tokens are supposed to provide.

The Department of Defense issued a statement saying that the impact of the attack was "minimal" and that it did not expect "any adverse effect" as a result.

Read the comments on this post

Move over Mac Defender—there's a new malware variant in town, and it doesn't require the administrator password for installation. Security research firm Intego issued a new warning to Mac users on Wednesday, heavily cautioning users that a new variant on Mac Defender, called Mac Guard, is making the rounds via SEO poisoning online.

Intego initially warned users about a fake antivirus program called MAC Defender (it has since gone through several name and capitalization changes) earlier this month. The Mac-like app posed as an antivirus program and asked users for their credit card numbers in order to purge viruses on their machines or protect them from new ones. Although Intego initially gave Mac Defender a low risk rating because of its admin password requirement, it soon became apparent that Mac Defender was indeed beginning to make the rounds among the Mac-using community. We spoke with a number of third-party support reps, as well as several Apple Store Geniuses, who vouched for an apparent increase in Mac Defender malware reports.

Apple has decided to publicly acknowledge the Mac Defender malware that seems to be creeping onto Mac users' computers. The company posted an online support document Tuesday evening that outlines how to identify and get rid of the program, which attempts to trick users into handing over their credit card information. The company also promised to issue a software update soon that will specifically hunt out and remove Mac Defender and its variants.

"A recent phishing scam has targeted Mac users by redirecting them from legitimate websites to fake websites which tell them that their computer is infected with a virus," Apple wrote in its support document. "In the coming days, Apple will deliver a Mac OS X software update that will automatically find and remove Mac Defender malware and its known variants. The update will also help protect users by providing an explicit warning if they download this malware."

The much-welcome acknowledgement from Apple comes less than a week after it came out that real users were beginning to see this malware in the wild a little more often than usual. When we investigated the issue, we were told by several Apple Store Geniuses that they had also seen a spike—one Genius at a large Apple Store said he had seen malware reports in his store go from approximately 0.2 to percent to 5.8 percent in a matter of weeks, with the large majority of those being Mac Defender or its variants, often known as Mac Security or Mac Protector. (Smaller, third-party support folks were somewhat split on whether there had been a spike in malware reports.)

At the time, one of the more controversial aspects of Apple's reaction was that there was none—Apple had instructed its AppleCare and retail staff not to even acknowledge Mac Defender's existence, and not to remove it from users' infected computers.

Now, however, the company has apparently had a change of heart. In the support doc, Apple says to trash the app immediately if you haven't installed it yet, but if you have, there's a series of steps to follow in order to get rid of it. And, of course, there's also the lazy route: if you have Mac Defender installed but haven't given it your credit card information yet, you could just wait for Apple to issue its software update and have it removed automatically.

Read the comments on this post

With Anonymous Denial of Service attacks and then the twin hacks of PlayStation Network and Sony Online Entertainment, Sony's online infrastructure has been taking a battering over the last few weeks—and it's not over yet. Another successful hack against the company is being reported by security firm F-Secure. A Web server used to host Sony's Thai site has been broken into, and is now being used to host a phishing site that targets customers of an Italian credit card company.

Unlike the PSN and SOE break-ins, this hack is not likely to have any serious consequences; it should be restricted to a relatively unimportant Web server that has no access to sensitive customer information. Still, it shows that Sony's online troubles aren't over yet—and that the entire company needs to take online security more seriously.

Read the comments on this post

Malware on the Mac: is it mostly hype or a real problem faced by real people? If you ask John Gruber, the answer might be the former—there are lots of proof-of-concept scenarios and virtually none that manifest themselves beyond a slow news day. If you ask Ed Bott, however, the answer would be the latter—he recently interviewed an AppleCare employee who claimed that the recent release of fake antivirus app "MAC Defender" has caused a spike in malware reports among Mac users.

The truth is hard to tease out. Partly because Mac OS X still makes up a comparatively small percentage of the global OS market share, and partly because Apple itself is a secretive company, it's not easy to find out whether malware on the Mac is indeed becoming more common, or it's simply being reported on more often.

Still, we tried to do exactly that. Ars spoke with 14 different Mac support specialists—including several Apple Store Geniuses—in order to get a handle on whether things have changed when it comes to dealing with malware. Their experiences are all over the map, but the general consensus does seem to lean towards a low amount of malware problems—until you get to the Geniuses.

Senator Jay Rockefeller (D-WV) has introduced a new "Do Not Track" bill to Congress that aims to hold companies accountable for collecting information on consumers after they've expressed a desire to opt out. Called the Do-Not-Track Online Act of 2011 (PDF), the bill would create a "universal legal obligation" for companies to honor users' opt-out requests on the Internet and mobile devices, and would give the Federal Trade Commission the power to take action against companies that don't comply.

"Recent reports of privacy invasions have made it imperative that we do more to put consumers in the driver’s seat when it comes to their personal information," Rockefeller said in a statement. "I believe consumers have a right to decide whether their information can be collected and used online. This bill offers a simple, straightforward way for people to stop companies from tracking their movements online."

Security firm Intego announced Monday that a fake antivirus program for Mac OS X has been discovered in the wild. While the threat potential remains low, inexperienced users could be fooled into paying to remove fake viruses "detected" by the software, and in the process, could end up giving credit card information to scammers.

The fake antivirus software calls itself "MAC Defender," perhaps the first hint that it should not be trusted (Apple makes "Macs," not "MACs"). Those behind the malware used SEO poisoning to make links to the software show up at the top of search results in Google and other search engines. Clicking the links that show up in search results brings up a fake Windows screen that tells the user a virus has been "detected," another clue that something is fishy. JavaScript code then automatically downloads a zipped installer for MAC Defender.

If the "Open 'safe' files after downloading" option is turned on in Safari, the installer will be unzipped and run. Since the installer requires a user password, it won't install without user interaction. However, inexperienced users may be fooled into thinking the software is legitimate.

Intego notes that the application is well designed and doesn't have misspellings or other errors common to such malware on Windows. The software will periodically display Growl alerts that various fake malware has been detected, and also periodically opens porn websites in the default browser, perhaps leading a user to believe the detected malware "threats" are real. Users are then directed to an insecure website to pay for a license and "clean" the malware infections. However, the buying the license merely stops the fake alerts from popping up, but your money and credit card info is now in the hands of hackers.

While MAC Defender wouldn't likely fool an experienced user, Intego notes that its appearance in the wild is yet another opportunity to detail some useful security precautions. Don't let your browser automatically open downloads. If your browser asks if you want to run an installer even though you didn't try to download one, click "cancel." And never give your password to run installers you aren't 100 percent sure about.

Read the comments on this post

Turn any corner in the complex metropolis that is Internet policy and you'll hear about the "cybersecurity" crisis in two nanoseconds. As a consequence, the public is treated to a regular diet of draconian fare coming from Sixty Minutes and Fresh Air about the "growing cyberwar threat."

Former National Security Adviser Richard A. Clarke suggests a thought exercise in his hit book Cyber War: imagine you are the assistant to the president for Homeland Security. The National Security Agency has just sent a critical alert to your BlackBerry: "Large scale movement of several different zero day malware programs moving on Internet in US, affecting critical infrastructure."