Pittsburgh InfraGard Security News

SCHUYLKILL HAVEN – About 15,000 Social Security numbers on file at Penn State Schuylkill may have been exposed when school computers were affected by malware, a university official said Wednesday.

“There’s no evidence that they were actually accessed, but they were on that computer. We err on the side of caution and notify (anyone who was affected),” Annemarie Mountz, Penn State’s assistant director of public information, said in a telephone interview Wednesday.

The local problems are unrelated to a similar, but separate, incident in December at the school’s University Park main campus, Mountz said, in which university computers were also infected with malicious software, commonly known as malware.

Mountz said she is not sure exactly who the Social Security numbers belong to, but the files were old archives and it’s unlikely current students were affected.

Everyone whose information was affected was contacted at the end of December by letter with information about the breach and tips for monitoring suspicious behavior, including checking their credit reports. There have been no complaints so far, Mountz said.

Read more: http://republicanherald.com/news/computer-breach-may-have-exposed-social-security-numbers-at-penn-state-schuylkill-1.530155

Government and private security teams are in a rush to get tooled up for possible new attacks by a computer worm that threatens to carry on disruptive activities on April 1.

The Conficker worm, also known as Downadup or Kido, first appeared last November and is estimated to have infected millions of computers worldwide.

By exploiting a vulnerability in Microsoft’s Windows operating system, the worm can infect users’ computers and spread to other computers across a network automatically, without human interaction.

Computer security experts believed that a new variant of Conficker, which surfaced this year, on April 1 could contact 500 of 50,000 randomly generated domain names to receive updated copies or other malicious commands.

Read More: http://news.xinhuanet.com/english/2009-03/31/content_11106207.htm

SAN FRANCISCO (MarketWatch) — A network security expert reaffirmed his warning about a major Internet flaw that hackers can use to attack corporate or even personal networks.

Security expert Dan Kaminsky’s renewed warning follows a major Justice Department crackdown on an alleged international ring of computer hackers accused of selling millions of credit and debit card numbers and breaking into the networks of major U.S. retailers.

Kaminsky has been credited with identifying a serious gap in Internet security that allows hackers to redirect users to fraudulent sites where they are tricked into disclosing personal information.

Read More: http://www.marketwatch.com/story/expert-warns-against-major-internet-security-flaw?dist=msr_1