Cyber Attack Linked to Company of Former Russian Spies

The recent cyber attack on the U.S. military's classified computer network has been traced to a front company run by several former Russian KGB or Federal Security Service spies, FOX News has learned.

The attack led the Pentagon to ban the use of external hardware devices, such as flash drives, because that's how the "worm" got into the classified military network.

FOX News has learned the intrusion was discovered by the U.S. military in Afghanistan -- and that the attack came through the local Internet service provider that the Afghans (under U.S. supervision) contracted out to a front company run by former Russian spies.

The U.S. military relies on this Internet service provider. Homeland Security Secretary Michael Chertoff on Wednesday warned the Russians had already used cyber warfare in Georgia.

Read more from FoxNews.com.

Hacker Accesses Local Dental Records

A computer hacker in Gainesville, Fla., has gained access to the personal information of more than 300,000 dental patients across the country, including thousands in Omaha and Council Bluffs.

Retired widow Jean Petersen, 84, of Council Bluffs, has never been to Florida or visited the University of Florida College of Dentistry.

But Peterson recently received a letter from the school that said a computer containing personal information of University of Florida dental patients had been illegally accessed by an intruder. Among the information on the computer was Petersen's Social Security number.

Read more from KETV.com.

Hackers Hijacked Large E-Bill Payment Site

It appears hackers were able to hijack the company's Web sites by stealing the user name and password needed to make account changes at the Web site of Network Solutions, CheckFree's domain registrar. Susan Wade, a spokeswoman for the Herndon, Va., based registrar, said that at around 12:30 a.m. Dec. 2, someone logged in using the company's credentials and changed the address of CheckFree's authoritative domain name system (DNS) servers to point CheckFree site visitors to the Internet address in the Ukraine. DNS servers serve as a kind of phone book for Internet traffic, translating human-friendly Web site names into numeric Internet addresses that are easier for computers to handle.

Read more from WashingtonPost.com

Gmail Security Flaw Proof of Concept

To understand how this exploit works let me first explain how I would carry it out (if I were a blackhat). Then we can move on and explain the exploit in detail. Let’s use a current example and assume that I was trying to steal MakeUseOf.com and I already knew it was registered by GoDaddy. Let’s also assume that I knew the owner’s Gmail address. I would want to create a filter like the one in the image above, where all email sent from GoDaddy Support was automatically deleted and forwarded to my email address.

Read more from GeekCondition.com

Once Thought Safe, WPA Wi-Fi Encryption Is Cracked

Security researchers say they've developed a way to partially crack the Wi-Fi Protected Access (WPA) encryption standard used to protect data on many wireless networks.

The attack, described as the first practical attack on WPA, will be discussed at the PacSec conference in Tokyo next week. There, researcher Erik Tews will show how he was able to crack WPA encryption, in order to read data being sent from a router to a laptop computer. The attack could also be used to send bogus information to a client connected to the router.

Read more from PCWorld