Daily Report Monday, January 22, 2007

Daily Highlights

USA TODAY reports a number of community banks and credit unions are joining insurers and a few major banks like Citibank in offering customers free identity theft recovery service. (See item 9)
The Associated Press reports the pilot of a Continental Airlines flight bound for Puerto Vallarta, Mexico, became ill after takeoff and was later pronounced dead after the plane made an emergency landing at McAllen.Miller International Airport Saturday, January 20. (See item 12)

Information Technology and Telecommunications Sector

31. January 19, VNUNet — Nokia cleared in exploding phone case. A man thought to have been the victim of an exploding mobile phone has left investigators baffled after engineers examined the device and gave it the all clear. Luis Picaso, 59, is in a critical condition with 50 percent second. and third.degree burns to his upper body, back, right arm and right leg after being found in his hotel room in Vallejo, CA. The cause of the fire was assumed to be his mobile phone, which was still in his pocket where the fire started. But engineers from Nokia have flown to California to examine the 2125i handset and gave it the all clear and were even able to switch it on. While there have been instances of mobile phones overheating and catching fire, the usual culprit is third.party batteries with faulty power management controllers.
Source: http://www.vnunet.com/vnunet/news/2173035/nokia.cleared.expl oding.phone

32. January 19, Sophos — Trojan spam storm hits inboxes, races to top of malware charts. Sophos is warning of a widespread spam campaign that poses as a breaking news report, but is really an attempt to lure innocent computer users into being infected by a Trojan horse and attacked by hackers. The distribution has been so widespread that since midnight GMT the Trojan has accounted for over two thirds of all malware reports seen at Sophos' global network of monitoring stations, accounting for an infection rate of 1 in 200 of all e.mails being sent across the et. Subject lines used in the malicious e.mails include, but may not limited to, the following: 1) 230 dead as storm batters Europe; 2) British Muslims Genocide; 3) Naked teens attack home director; 4) A killer at 11, he's free at 21 and kill again!; 5) U.S. Secretary of State Condoleezza Rice has kicked German Chancellor Angela Merkel. Attached to the e.mails are files with names such as Full Clip.exe, Full Story.exe, Full Video.exe, Read More.exe, Video.exe which contain malicious code. Sophos products detect the malicious Trojans it has seen so far as Troj/DwnLdr.FYD and Troj/Small.DOR (also known as Small.DAM).
Source: http://www.sophos.com/pressoffice/news/articles/2007/01/malw arestorm.html

33. January 19, VNUNet — Data centers face looming power crisis in London. Companies in the city of London are facing a looming power crisis, as some report being unable to get enough power for in.house data centers. Power is an increasing problem for data center managers, both as a running cost and increasingly because of the overall power requirements of high.end data centers. "Some banks in the city cannot physically get any more power in their data centers," said Chris Armes, director of Solaris revenue product engineering software at Sun Microsystems. "That is how big a power problem we have looming."
Source: http://www.vnunet.com/vnunet/news/2172968/city.faces.looming .power.crisis

34. January 18, eWeek — Survey: Half of SMBs have faith in the security of VoIP. Only half of small and midsize business users feel they can trust the security behind IP telephony, according to a survey released Thursday, January 18, by the Computing Technology Industry Association (CompTIA) and IDC. User sensitivity to any disruption of service in voice communication and knowledge that IP telephony relies on the same systems they know are vulnerable to viruses, worms and Trojan horses make it hard for any more than 50 percent of those surveyed to say they could rely on the technology, up from 48 percent a year earlier, researchers said. "People are much more sensitized to disruptions in voice communications than they are with data communications," said John Venator, president and chief executive officer, CompTIA, which commissioned the study. Conversely, 82 percent of the 350 respondents said they trust the security of traditional telephone systems, 72 percent trust Ethernet data networks and 60 percent wireless local area networks, according to CompTIA.
Source: http://www.eweek.com/article2/0,1895,2085417,00.asp

35. January 18, eWeek — Microsoft patches buggy Excel patch. Microsoft has re.released an update issued in its January 2007 patch batch to correct a glitch in the way Excel 2000 processes information. The company announced that the "targeted re.release" was necessary to correct the bug, which occurs in the way Excel 2000 processes the phonetic information embedded in files created using Excel in the Korean, Chinese or Japanese executable mode. The patch was shipped January 9 as part of the MS07.002 bulletin that provided fixes for a total of five Microsoft Excel vulnerabilities.
Microsoft Security Bulletin MS07.002:
http://www.microsoft.com/technet/security/Bulletin/MS07.002. mspx
Source: http://www.eweek.com/article2/0,1895,2085354,00.asp

January 18, CNET News — Mashups: The future of the Web? Alan Taylor is living in the Wild West of Web development, and he has the scars to prove it. In his spare time, Taylor builds mashups .. Web applications that combine content from more than one source and have caught on as Web providers from Amazon.com to Microsoft make their data programmatically available to outsiders. But while he is breaking new ground on the Internet, he is also pushing legal and business boundaries. His Amazon Light application .. a stripped.down site for buying and renting goods through Amazon .. attracted two cease.and.desist orders a couple of years back, one from Amazon and another from Google. Taylor, who holds a day job as a senior Web developer at Boston.com, survived the legal threats without much trouble, but his experience points to the relative immaturity of mashups, which advocates believe represent the Web's cutting edge. Large software vendors catering to corporate software developers or independent software vendors have spent years establishing a suite of Web services standards and infrastructure software while advocating a modular design, called a service.oriented architecture. Mashups, by contrast, tend to focus on speed and simplicity, wiring together different Websites using quick and lightweight methods.
Source: http://news.com.com/At+Mashup+Camp%2C+geeks+plot+future+of+Web/2100.1012_3.6151162.html?tag=nefd.top