Information-leak site infected with Blackhole exploit kit Information leak site Cryptome.org was infected with the Blackhole exploit kit earlier this month, according to documents posted on the site. The site posts a wide range of leaked documents and open source intelligence. It had its entire contents modified to install the Blackhole exploit kit. The site was attacked before, in 2010, after it published documents critical of Wikileaks and its founder, Julian Assange. Valves says hackers likely stole user data: Valve told users of Steam, the online game distribution platform, hackers have likely downloaded encrypted credit card transaction data during an intrusion last year. In November, the company said hackers gained unauthorized access to Steam’s user database but that there was no evidence to suggest a leak of encrypted credit card details. However, Friday the company sent an email to users saying, “Recently we learned that it is probable that the intruders obtained a copy of a backup file with information about Steam transactions between 2004 and 2008.” The backup file contained Steam user names, email addresses, encrypted credit card details and encrypted billing addresses, but no account passwords. Safety flaw found in public encryption keys: Nearly four in every thousand public encryption keys used for online services such as banking, email and shopping, offer no security for users. Researchers in the U.S. and Europe discovered that a flaw in the process for generating random prime numbers – a critical component of the public key encryption – resulted in thousands of public keys sharing common prime numbers. SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe Information stealers and pay-per-install are fastest growing malware threats: According to a report by the security firm FireEye that the fastest growing malware categories in the second half of 2011 were PPI (Pay-Per-Installs) and information stealers that target user credentials enabling the theft of key intellectual property and sensitive data. PPIs charge a fee to download or distribute other malware programs. They differ from normal downloaders/droppers because PPI malware author gets paid for every successful install of another malware program. Of the top four malware categories, information stealers and backdoors present the greatest threat to enterprises. Related content opinion Why Bitcoins are Just as Viable as Any Other Currency The true value of any currency is a reflection of how much people believe it's worth, according to CIO blogger Constantine von Hoffman. But it's wise to remember just how fast beliefs can change. By Constantine von Hoffman Apr 15, 2013 4 mins Government Technology Industry opinion No Surprise: Docs Show Obama Administration Lying About Drones President Obama has repeatedly said drones would only be used against members of al Qaida and allied groups. However, leaked intelligence documents show the administration has been using them to settle political and tribal feuds for at least four yea By Constantine von Hoffman Apr 10, 2013 3 mins Regulation Government opinion How Big Data Can Quickly Become Big Garbage The bigger the data the bigger the chance of mistakes or inaccuracies. In that vein, a large database used by retailers to screen people accused of stealing from employers is identifying innocent people and could result in major lawsuits, according t By Constantine von Hoffman Apr 04, 2013 2 mins Big Data opinion Why Crazy Trumps Logic on the Internet The earth is flat. Vaccines cause autism. 9/11 was a government conspiracy. These are just a few of the many ideas that continue to find adherents online despite overwhelming proof that they're not based on fact. CIO.com blogger Constantine von By Constantine von Hoffman Apr 02, 2013 3 mins Government Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe