Let this be a lesson for the youngsters. Hack into classified government emails and then post account logins and passwords for public consumption, and you might get your apartment trashed. That's what happened to Sweden's Dan Egerstad, so-called "hacker of the year."

It's widely-known that each of Facebook's nearly 50 million active users are either procrastinating millennials in their cubicles, college students, or pedophiles. Now, reports indicate a third group has joined Facebook, MySpace and social networks: the Russian mob. "Facebook and MySpace are a goldmine of data for the bad guys," MessageLabs founder and chief security analyst Mark Sunner told Australian outlet, The Age. Sunner goes on to explain that by the bad guys, he means the "shady" Russian Business Network, which is not, as of yet, a News Corp. property. Worried? Contact MessageLabs, which for a small fee, will set you up with a far more secure network, according to MessageLabs. Someone should let the Russians know about this business.

Apparently, the Great Firewall of China — the Chinese government's elaborate system for blocking websites deemed politically incorrect — is only good for censorship, not for boosting the country's network security. Earlier this month, the Financial Times reported that the Pentagon traced a June attack on U.S. Secretary of Defense Robert Gates's computer back to China's People's Liberation Army Chinese officials denied the report — and they want you to know that they're victims, too.

Estimates pegged TD Ameritrade's initial security breach to, approximately, October 2006. Well, they were wrong. Network World got ahold of emails from a security expert to Ameritrade dating back to January 9, 2006. Valleywag commenter Snarkosaurus claims to have evidence that the online stock broker was hacked as early as December 2005. Not only does this mean Ameritrade was hacked almost two years ago, but the company has known about it for an equal span of time. The reason the company offered for not notifying the 6 million or so affected accounts sooner? It didn't know how the information was getting out, so there was nothing it could have done. If you work for Ameritrade security, apparently ignorance is bliss.

Be careful what you ask for. You may get it. MediaDefender had hoped to lure file sharers using a fake site. It's certainly drawn the attention of sophisticated hackers. The antipriacy organization has been hit twice by hackers since an initial breach spilled 6,000 of the company's emails onto the Web. As Wired News reports, hackers hit the database that holds the dummy files that MediaDefender floods file-sharing networks with — a tactic meant to discourage use of those networks to download music and videos. The second managed to scoop up a recorded phone conversation in which MediaDefender assures the New York attorney general's office of its security. (Photo by aussiegall)

Is it sheer pride that prohibits companies from admitting the fallibility of their data servers? TD Ameritrade is the latest in a string of security-breach deniers. Possibly hacked as early as October 2006, Ameritrade's servers divulged users' names, addresses, email accounts and account activity. When email accounts were pumped full of spam messages, a couple users sued Ameritrade in late May — indicating that there was a breach. Ameritrade delayed issuing an official release until last Friday, conveniently timed to beat a lawsuit that sought a court ordered release.

Pfizer, the pharmaceutical company most adept at preying on male insecurities, has come down with a bad case of zombies. For the past six months, its computers have, coincidentally, been spamming the Internet with unsanctioned advertisements for its erectile-dysfunction medication, Viagra. Apparently a group of hackers has taken control of some of the corporation's PCs — called "zombies" in computer-security parlance — to hawk penny stocks and fake Rolexes alongside Pfizer's own flagship product. According to researchers at security firm Support Intelligence, who tipped off Wired News, Pfizer doesn't even realize it has an infection. Or perhaps it's just figured out a sweet new marketing campaign. (Photo by Len Peralta)

Google's blogging tool, Blogger, is suffering from a severe case of hackeritis. Hundreds of blogs were updated with short posts containing links to virus-laden downloads that either mine hard drives for personal data or turn the PC into a zombie to help propagate the attacks. Google is mum on the attack, and security experts haven't determined whether the hackers discovered a security flaw in Blogger or simply set up false blogs. It's apparently impossible to make the distinction, which should tell you something about the quality of most of the posts on Blogger.

The Australian government recently spent about $70 million to distribute Internet filter software so parents could save their children from the evils of online pornography. It took a student 30 minutes to crack the software. [Techdirt]

Richard Thompson, a blogger who tracks the Memphis, Tenn. news scene at Mediaverse Memphis, has done a follow-up interview with Drew Curtis, the founder of Fark.com. Last week, Curtis, left, fingered Darrell Phillips, to his right, a new media manager at News Corp.-owned TV station WHBQ Fox13, as an all-but-certain suspect behind attempts to hack into the site. He based his accusation on an all-but-conclusive trail of electronic evidence. Thompson, at first skeptical of the accusation, seems to be giving it more credence, as Curtis confirmed that Fark has plans underway to seek legal action. After the jump, the latest revelations.

Monster's initial, capricious response to a phishing attack targeted at users of the job site: "In fact, the information that is gathered from Monster is no different than that displayed in a phone book." Two days later, "Monster respects your privacy and understands the risk involved in making your personal information public" as it finally responds to halt the flow of user data and bad PR. [PC World]

Last week, Drew Curtis, left, the founder of Fark.com, the outrageous social-news website, accused Darrell Phillips, to his right, an employee at a News Corp.-owned Fox TV station in Memphis, Tenn., of attempting to hack into Fark.

Symantec discovered that Monster.com users were being victimized by phishing emails after hundreds of thousands of user names, e-mail addresses, home addresses and phone numbers were harvested using stolen Monster.com log-ins. When contacted by the security firm, Monster.com denied any problem: "To the best of our knowledge, this is not a hack of Monster's security, rather, legitimate customer credentials are being used to log in to the database," said Patrick Manzo, vice president of compliance and fraud prevention at Monster. [BBC News]

Local TV reporters are infamous for practicing "ambush" journalism — but as they try to take their gotcha practices to the Web, increasingly they're the ones ambushed. The first rule of hacking, after all, is "Don't get caught." And Fox newsman Darrell Phillips may have broken that rule, Drew Curtis has told Valleywag. Curtis, left, is the founder of Fark.com, a thoroughly juvenile, and entertaining, social news site where users pick the headlines. Phillips, to his right, is the new media manager at WHBQ Fox13, a News Corp.-owned TV station in Memphis, Tenn. And Curtis claims to have assembled all-but-conclusive electronic evidence that Phillips has tried to hack into Fark's servers, potentially breaking several laws.

After demonstrating how easy it is to hack into others' MySpace accounts, a hacker discovers the site has suspended his MySpace profile. I think we call that "hacked on your own petard." [NewScientistTech]

After Defcon organizers got wind of her ruse, they offered her a chance to register for a press pass and cover the conference openly. She refused — four times! — but, amazingly, still didn't understand that the jig was up. She was then lured into a conference hall and outed, on tape. Pursued by a pack of hackers and reporters with cameras of their own, she's captured in this YouTube clip fleeing the scene as she whimpers into a cell phone. "They're making fun of me and they're taking pictures!" was one pursuer's taunt. Cruel? A bit. But was Madigan planning to do anything different to the hackers she hoped to surreptitiously film?

As of press time, Google's Public Service Search page looks like a "Gmail Plus" login. It's the work of script kiddie Eric Ferraro, who played with some Javascript to alter the page.

Liberal bias aside, journalists hate telling a one-sided story, so the Red Herring needed a source sympathetic to Hewlett-Packard's phone-record-snooping chairwoman, Patricia Dunn. Someone who's done their own social engineering. Someone hardcore. And writer Brian Caulfield found one: Kevin Mitnick.

• Recognizing Paris Hilton's contributions to the field of phone hacking, famed hacker group Cult of the Dead Cow named the starlet as an honorary member of its Ninja Strike Force. [Ninja Strike Force]