Daily Report Friday, January 19, 2007

Daily Highlights

CCN Magazine reports Sandia National Laboratories has developed a simulation program designed to track the illicit trade in radiological material well enough to predict who is building the next nuclear weapon and where they are doing it. (See item 4)
TJX Cos. officials said on Wednesday, January 17, that credit and debit card information had been stolen from its computer systems, a breach that could affect a broad swath of customers of T.J. Maxx, Marshalls, and other stores. (See item 10)
Gov Exec reports lawmakers want the Transportation Security Administration to increase inspections of general aviation planes, so that they undergo approximately the same security checks as commercial airliners. (See item 17)

Information Technology and Telecommunications Sector

33. January 18, Sophos — Panda joss.stick virus is no pandemic, reports Sophos. Sophos is urging Windows users not to panic following reports of a "five.star cyber worm" that is said to have infected "several million" computers across China. The virus has captured attention because it converts icons of infected programs into a picture of a panda burning joss.sticks. Media reports from China, including the Shanghai Daily, have quoted members of the Shanghai Information Technology Service Center as a "top level" threat, because of the threat it posed to networks belonging to government bureaus and companies. Sophos, however, has received very few reports of the malware being seen in the wild. The virus is known as Fujacks.I and Fujacks.J (also called worm.whboy in some media reports). Although the Shanghai Daily story reports that all infections have so far been on Chinese.language versions of Windows, this is not a limitation of Fujacks. The virus will run and spread on English language Windows, too. Additionally, Fujacks spreads to network shares and onto removable disk devices such as USB keys, music players and cameras. Fujacks creates a hidden AUTORUN file on removable devices, in the hope of spreading the virus automatically when an infected device is inserted into another PC.
Source: http://www.sophos.com/pressoffice/news/articles/2007/01/fuja cks.html

34. January 18, IDG News Service — European registrars gain new tool to fight spam. Under a new rule that will come into force next month, European registrars for the ".eu" domain will be able to immediately stop the transfer of ownership of a domain name if it's suspected of abuse. The rule, set to take effect February 19, will make it easier for investigations into activities such as spam, although the Website can still function, said Patrik Lindén, communications manager for the European Registry of Internet Domain Names (Eurid). Eurid is a nonprofit organization based in Diegem, Belgium, that oversees administration of the .eu domain.
Source: http://www.infoworld.com/article/07/01/18/HNeurofightspam_1. html

35. January 18, CNET News — Sun patches critical JRE security flaws. Sun Microsystems has issued a critical security patch to address vulnerabilities in Sun's Java Runtime Environment when it processes graphics interchange format, or GIF, images. The security flaws could allow an attacker to gain control of a user's system via an untrusted Java applet, which in turn could allow attackers to grant themselves permission to read and write local files or execute applications on the user's computer, according to an advisory issued by Secunia on Wednesday, January 17. Exploitation of these vulnerabilities, however, requires a user to visit a malicious Website, noted Zero Day Initiative, which reported the vulnerability with the aid an anonymous researcher.
Secunia advisory: http://secunia.com/advisories/23757/
Source: http://news.com.com/Sun+patches+critical+JRE+security+flaws/2100.1002_3.6151100.html?tag=nefd.top

36. January 18, Sophos — Owner of online dating firm arrested for sending 5.4 billion spam e.mails. Sophos has warned companies to abide by anti.spam laws following the arrest of a man suspected of sending 5.4 billion spam e.mails promoting his dating Website. Japanese authorities arrested 47.year.old Yoshimitsu Hirono, president of Tokyo.based dating Website Takumi Tsushin, along with three other suspects. Approximately 90 million spam e.mails a day are said to have been sent promoting the site over a two month period.
Source: http://www.sophos.com/pressoffice/news/articles/2007/01/jpda ting.html