ReadWriteWeb

U.S. investigators will be holding a press conference this afternoon to announce criminal charges related to the alleged theft of email addresses and other personal information from 120,000 iPad users. The theft occurred back in June of this year, when hackers compromised AT&T's servers with an automated script. At the time, a group calling itself Goatse Security claimed responsibility for the breach, saying it was motivated to show iPad users their data was not as secure as they thought.

More sources are now claiming the Chinese government is behind the recent cyberattacks against Google and 33 other Silicon Valley companies, reports security firm Verisign iDefense. The attacks, revealed yesterday via a posting on Google's official blog, were hacking attempts on the technology infrastructure of Google and other major corporations in sectors that included finance, technology, media and chemical, said Dave Girouard, president of Google Enterprise.

Although Google's politely-worded blog post doesn't come out and directly blame the Chinese government for these attacks, many have suspected that is the case, including, apparently, Secretary of State Hillary Clinton. Now even more sources are coming out to confirm the Chinese government's involvement. According to Verisign, their sources within the defense-contracting and intelligence-consulting communities also believe "agents of the Chinese state or proxies thereof" are to blame for these recent attacks.

Yesterday's phishing attack in which several thousand Hotmail username and password combinations were leaked to the web now appears to be just the beginning of a massive phishing attack affecting users of multiple webmail services including Gmail, Yahoo, AOL, Comcast, and Earthlink. The original list was posted anonymously on pastebin.com, a site generally used by developers sharing code snippets. Again, that site recently saw the addition 20,000 more login details from other webmail service providers, indicating what may the largest scale phishing attack to date.

Yesterday, Twitter, Facebook, LiveJournal, and Google's Blogger were targeted by a person or persons unknown, in a denial-of-service attack (DDOS) that attempted to silence the voice of one individual. The target in question was a Georgian blogger who goes by the name of "Cyxymu" online, according to recent reports from CNET. While Google withstood the attack, the other services suffered. LiveJournal and Twitter went down completely and Facebook struggled throughout the day.

As we now roll into day two of the "great social media outage of 2009," you may be surprised to learn that it's not over yet. Although Facebook and LJ have recovered, Twitter is still having issues. Not only was the site down once again early this morning, Twitter developers using the API are complaining that the company is sending mixed messages by reporting that they're "back up" - when in reality many Twitter applications are still unusable.

Before everyone panics, let's get one thing clear: the new Twitter worm is only a proof-of-concept devised by computer security researchers at Secure Science - it is not out in the wild. That said, its very existence should raise some questions about the state of security at Twitter - something that's more important than ever given how rapidly the service is becoming mainstream. This latest security concern involves an attack, similar to the clickjacking incident from last month, that takes advantage of a web programming error on Twitter's support site. The result of the attack would force users to post unwanted messages to their Twitter stream. If those messages were combined with malicious code, "this could even be used to take control of a victim's computer," says Lance James, chief scientist of Secure Science.