Hackers interfered with two U.S. satellites on four separate occasions in the last few years, according to a draft of a report from the U.S.-China Economic and Security Review Commission obtained by Bloomberg BusinessWeek on Thursday. The attacks are believed to have been orchestrated from China.

First of all, we feel it necessary to clarify some of the confusion surrounding the files and their names related to this incident. To get a full understanding of the situation you only need to know that we’re talking about just two malicious programs here (at a minimum) - the main module and a keylogger. All that has been mentioned in last 24 hours about connections between Duqu and Stuxnet is related mostly to the first one - the main module.

Hackers who infiltrated the Nasdaq’s computer systems last year installed malicious software that allowed them to spy on the directors of publicly held companies, according to two people familiar with an investigation into the matter. The new details showed the cyber attack was more serious than previously thought, as Nasdaq OMX Group had said in February that there was no evidence the hackers accessed customer information.

With virus researchers scrambling to decode a new piece of malware that is based on the code of the Stuxnet worm, an analyst at McAfee is speculating that the new worm, Duqu, may have been created to target certificate authorities. Writing on McAfee’s research blog, Guilherme Venere and Peter Szor say that an analysis of the Duqu code by McAfee experts suggests that the worm was created “for espionage and targeted attacks against sites such as Certificate Authorities (CAs).” The McAfee analysis, if accurate, is the first to explicitly mention the type of organization that the Duqu worm targeted, and would suggest that those behind the worm intended to use it as a precursor to subsequent, targeted attacks.

It was only a matter of time: What might be the first stage of the next Stuxnet attack has been spotted in the wild — and there are multiple versions of the second-generation malware in circulation, including ones that target industrial-control system vendors and certificate authorities (CAs). Researchers at Symantec say newly discovered malware, dubbed “Duqu,” shares much of the code from Stuxnet and shows that the authors had access to the source code of Stuxnet. That suggests the malware might have been developed by the same attackers who devised Stuxnet.

Verizon Wireless, the largest cellular carrier in the U.S., had decided to track customer usage and location, and sell it. To make sure everyone is included, they’ve already enrolled their entire customer base into the new program. If you want privacy, you have to opt-in to it instead of expecting it automatically. Information is a hot commodity. There isn’t a business in operation today that doesn’t know this, and Verizon Wireless is no exception. Customers have already accepted that Verizon devices come pre-loaded with software that many don’t use, in order to offset cost.

This spring, the US government contemplated using IT-based measures in the fight against the regime of former Libyan leader Muammar Gaddafi. A report in the New York Times cites an inside source who wishes to remain anonymous, who claims that the government eventually decided against employing cyber-warfare. The reason for the decision was that overcoming the Libyan firewall to weaken air defences would have set an unfortunate precedent for other countries, in particular Russia and China. The report says that it is also doubtful whether US president Barack Obama would legally have been able to order a virtual attack without informing the Senate and Congress.

A German electronics engineer has been sentenced at the Old Bailey to three years in prison for committing various offences including skimming fraud. The 26-year-old assisted organised criminal networks by adding skimming components to PIN Entry Devices (PEDs) that had been stolen from retailers across Europe. Once returned to the retail outlet, the compromised PEDs harvested magnetic stripe and PIN data that the criminals could conveniently retrieve via Bluetooth from within a radius of 100 meters of the device – without ever having to go back into the shop. The criminals brought the stolen devices to the UK for modification.

Sony is in the spotlight again, and once more the reason is security related. According to the consumer electronics company, its Sony Entertainment Network (SEN), PlayStation Network (PSN), and Sony Online Entertainment (SOE) services were all targeted in an attack that impacted 93,000 user accounts. “These attempts appear to include a large amount of data obtained from one or more compromised lists from other companies, sites or other sources,” commented Sony’s CISO, Philip Reitinger.

In a recent New Yorker story, Joshua Davis wrote a story on Bitcoin, the crypto-currency that has ignited the imaginations of the technorati and led to a rush of media coverage. But this is no usual magazine feature. Not only does Davis, a marvelous writer whose work I’ve long admired, offer a primer on Bitcoin—what it is, how it works, why it’s important—he sets off on a journey to find its mysterious, secrecy-obsessed inventor, who goes by the name Satoshi Nakamoto. I think the man he found at the end of his search is the wrong guy. And by transparently sharing my own process for tracking Bitcoin’s elusive inventor, I will show how a stream of stunning coincidences can end up pointing to not one, but three potential candidates.

Researchers at Ruhr University in Bochum have succeeded in copying the key from one make of RFID card. As well as having the obvious benefit of convenience, RFID cards, which are used for access control and billing, are supposed to be very secure. But a copied card would offer attackers plenty of scope for abuse.

Germany’s justice minister has called for an investigation after authorities in at least four German states acknowledged using computer spyware to conduct surveillance on citizens. Authorities in the state of Bavaria admitted on Monday that a piece of spyware discovered on a citizen’s computer by the local Chaos Computer Club hacker group was designed for use by authorities to spy on suspects. Under German law, authorities can use spyware to monitor criminals, but its use is supposed to be limited to the interception of internet telephony.

Two separate hacker groups whose activities are already known to authorities were behind the serious breach of RSA Security earlier this year and were likely working at the behest of a government, according to new statements from the company’s president. RSA President Tom Heiser, speaking at the RSA conference in London this week, said that the two unidentified hacker groups had not previously been known to work together and that they possessed inside information about the company’s computer naming conventions that helped their activity blend in with legitimate users on the network, according to IDG news service.

Could your ethnicity, gender, breathing and heart rate provide clues to criminal intent? The Department of Homeland Security apparently thinks so. The agency is already testing a program on select members of the public to determine if algorithms using these factors could indicate mal-intent, according to an internal document obtained by the Electronic Privacy Information Center and passed to CNET. The system, dubbed FAST – or Future Attribute Screening Technology – was just an idea in 2007 and is now already in operation, according to the June 2010 document. FAST collected or retained information on unspecified members of the public in at least one field test conducted in an undisclosed location in the Northeast. A limited trial was also conducted with DHS employees.

A computer virus has infected the cockpits of America’s Predator and Reaper drones, logging pilots’ every keystroke as they remotely fly missions over Afghanistan and other war zones. The virus, first detected nearly two weeks ago by the military’s Host-Based Security System, has not prevented pilots at Creech Air Force Base in Nevada from flying their missions overseas. Nor have there been any confirmed incidents of classified information being lost or sent to an outside source. But the virus has resisted multiple efforts to remove it from Creech’s computers, network security specialists say. And the infection underscores the ongoing security risks in what has become the US military’s most important weapons system. “We keep wiping it off, and it keeps coming back,” says a source familiar with the network infection, one of three that told Danger Room about the virus. “We think it’s benign. But we just don’t know.”