Computers components and other electronics imports may increasingly contain malicious software, according to a Congressional cyber-security expert, adding to the growing list of cyber-security threats affecting the U.S. government.

Hackers may be able to inject bad code into components imported from overseas plants, planting tools to help them launch cyber attacks on the U.S., according to Representative Jim Langevin (D., R.I.).

"Corrupting hardware and software is embedded in the supply chain," Langevin said. "We have a real challenge on our hands to better secure the supply chain."

Hacker groups that attack or steal -- some estimates say there are as many as 6000 of such groups online with about 50,000 "bad actors" around the world drifting in and out of them -- are a threat, but the goals, methods, effectiveness of these groups varies widely.

Malicious activity alert: Anonymous hack-school grads come online in 30 days

When they're angry, they hack into business and government systems to steal confidential data in order to expose information about their targets, or they simply disrupt them with denial-of-service attacks. These are the hackers with a cause, the "hacktivists" like the shadowy but well-publicized Anonymous or the short-lived Lulz Security group (which claimed to have just six members and just joined forces with Anonymous).

If this particular intelligence report is true, this would mean that we can only trust IT devices and gadgets from the USA? And this is really something serious specially for the common users.

Should we stop buying cloned computers and cloned devices?

Some foreign-made computer components are being manufactured to make it easier to launch cyber attacks on U.S. companies and consumers, a security official at the the Department of Homeland Security said.

"I am aware of instances where that has happened," said Greg Schaffer, who is the Acting Deputy Undersecretary National Protection and Programs Director at the DHS.

Schaffer did not say where specifically these components are coming from or elaborate on how they could be manufactured in such a way as to facilitate a cyber attack.

The current operating system-based security model is not adequate to stop the proliferation of stealth crimeware, concludes a recent white paper by McAfee and Intel.

Cybercriminals know how operating systems and software work and how to get around information security tools designed for those systems, according to “The New Reality of Stealth Crimeware” authored by Dave Marcus, director of security research and communications at McAfee Labs, and Thom Sawicki, senior product strategist for endpoint security software and services at Intel.

It's back with a vengeance!

TDSS boasts new DHCP server

One of the most notorious rootkits has just acquired a self-propagating mechanism that could allow it to spread to new victims, a security researcher has warned.

A new version of the TDSS rootkit, which also goes by the names Alureon and TDL4, is able to infect new machines using two separate methods, Kaspersky Lab researcher Sergey Golovanov wrote in a blog post published on Friday.