Daily Report Wednesday, November 29, 2006

Daily Highlights

KMBC−TV reports Community America Credit Union confirmed that on Friday, November 24, a hacker managed to redirect people from the company's Website to a phony site and that 180 accounts were accessed within minutes. (See item 7)
The Associated Press reports the Modesto, California, City−County Airport was evacuated Tuesday, November 28, and flights were canceled after the city received nine bomb threats by e−mail. (See item 11)

Information Technology and Telecommunications Sector

29. November 27, Reuters — E−mail gangs bombard Britain with spam. Criminal gangs using hijacked computers are behind a surge in unwanted e−mails peddling sex, drugs and stock tips in Britain. The number of "spam" messages has tripled since June and now accounts for as many as nine out of 10 e−mails sent worldwide, according to U.S. e−mail security company Postini. Postini has detected 7 billion spam e−mails worldwide in November compared to 2.5 billion in June. Spam in Britain has risen by 50 percent in the last two months alone, according to Internet security company SurfControl. The United States, China and Poland are the top sources of spam, data from security firm Marshal suggests. About 200 illegal gangs are behind 80 percent of unwanted e−mails, according to Spamhaus, a body that tracks the problem. Experts blame the rise in spam on computer programs that hijack millions of home computers to send e−mails.
Source: http://www.eweek.com/article2/0,1895,2064450,00.asp

30. November 27, Associated Press — EU says more than half e−mails are spam. Unsolicited e−mails continue to plague Europeans and account for between 50 and 80 percent of all messages sent to mail inboxes, the European Commission said Monday, November 27. A European Union (EU) report found that only two EU nations −− the Netherlands and Finland −− were making inroads in enforcing the 2002 law to crack down on spam. Dutch authorities were able to reduce spam by 85 percent by using fines to get businesses to fall in line with the EU rule. EU officials have said they will put forward new legislation next year to make it easier to prosecute spammers.
Source: http://news.yahoo.com/s/ap/20061128/ap_on_hi_te/eu_spam

31. November 27, ZDNet Asia — Hackers ride on Web application vulnerabilities. According to Watchfire, the most vulnerable area in the enterprise information ecosystem is Web applications. The company specializes in software and services to audit the security and regulatory compliance of Websites. Danny Allan, Watchfire's director of strategic research, noted that network perimeters bore the brunt of attacks in the past. Given that networks today are adequately protected by a range of security tools, Web applications are now not only easier to target, they are also linked to backend servers and databases containing a wealth of information. However, businesses are currently not spending enough to protect their Web applications, said Allan. Citing research by Gartner, he pointed out that 90 percent of IT security spending is on network protection and only 10 percent is spent on Web applications.
Source: http://www.zdnetasia.com/news/security/0,39044215,61969925,0 0.htm