A new campaign of the password-stealing Zeus trojan is targeting workers from government and military departments in the United States and United Kingdom, according to security researchers at Websense. The trojan is being distributed through spoofed emails claiming to come from the U.S. National Intelligence Council. The bogus messages contain subject lines such as "Report of the National Intelligence Council." The emails aim to lure users into downloading a document about the "2020 project," which actually is Zeus. — AM

The shutdown of a major Chinese website that offered hacking tools comes during a rocky time for U.S.-China cyber-relations.

Mozilla is advising users who may have downloaded two "experimental" Firefox add-ons that they contain malware.

During the second half of 2009, attackers shifted their strategy away from mass-injection campaigns and instead focused on launching targeted attacks to infect high-profile websites, Websense found in a new report.

After a relatively quiet January, administrators next week will have to deal with an unusually large security update from Microsoft, with 26 vulnerabilities in line for fixing.

The act would authorize up to $396 million over the next four years to fund cybersecurity research and $94 million over that period to provide scholarships.

Edwin Pena of Venezuela faces a maximum sentence of 25 years in prison for orchestrating a scheme to defraud VoIP providers.

An Internet Explorer vulnerability revealed at this week's Black Hat conference in Washington, D.C. prompted Microsoft to issue an advisory on the issue.

Twitter this week reset the passwords on an unknown number of accounts after discovering malicious file-sharing sites were set up to steal user login information.

Apple on Tuesday pushed out an iPhone and iPod Touch security update.