Tuesday, June 5, 2007

Daily Highlights

The New York Post reports New York City pipeline security remains a problem, with the 40−year−old Buckeye pipeline that pumps jet fuel, heating and diesel oil, and gasoline into the city so exposed that anyone could simply walk up and touch the pipe. (See item 2)
United Press International reports aviation security experts say the plot to blow up John F. Kennedy International Airport highlights the vulnerability of U.S. aviation system's infrastructure, which represents a vulnerable 'back door' to the nation's airports. (See item 11)

Information Technology and Telecommunications Sector

28. June 04, IDG News Service — Stealthy attack method causes concern. A new hacking method is causing concern for the lengths it goes to avoid detection by security software and researchers. The attack involves a Website that has been hacked to host malicious code, an increasingly common trap on the Internet. If a user visits one of the sites with an unpatched machine, it's possible that the computer can become automatically infected with code that can record keystrokes and steal financial data typed into forms. The new method, which uses special JavaScript coding, ensures that malicious code is only served up once to a computer that visits the rigged site, said security vendor Finjan. "These attacks represent a quantum leap for hackers in terms of their technological sophistication," according to the report. After a user visits the malicious Website, the hackers record the victim's IP address in a database. If the user goes to the site again, the malicious code will not be served, and a benign page will be served in its place.
The Finjan report can be downloaded after registration:
https://www.finjan.com/Form.aspx?id=50&Openform=true&ObjId=4 43
Source: http://www.infoworld.com/article/07/06/04/Stealthy−attack_1. html

29. June 04, Newsfactor — McAfee study finds four percent of search results malicious. "The State of Search Engine Safety," a recent study by McAfee's SiteAdvisor group, has some classic good news and bad news for Internet surfers. Using several automated techniques, the SiteAdvisor study determined that 4 percent of the query results offered by the major search engines lead to potentially dangerous Websites, and the total for sponsored links is nearly twice as high at 7 percent. The good news, however, is that the number of potentially dangerous search engine links has declined by roughly 20 percent from May 2006. The study was compiled by testing the links offered by the Internet's five largest search engines. McAfee concluded that AOL currently offers the safest search results, with Google second. Yahoo offered the highest number of potentially risky links in its search results. One of the more surprising results in the survey was the fact that it can be more dangerous to search for online music than it is for sexually explicit materials. The SiteAdvisor team found that 19.1 percent of the searches in the category of "digital music" led to risky sites, compared to just 9.4 percent for adult search terms.
Source: http://business.newsfactor.com/story.xhtml?story_id=0100010V ZY1S

30. June 04, VNUNet — Rogue security software on the rise. Experts are warning of a sharp rise in the number of malware infections caused by rogue security programs. Trend Micro has reported a fivefold year−on−year increase in the use of such programs, which claim to clean a computer system but end up infecting users. Typically a user will visit a Webpage that includes a pop up warning that their computer is infected and offering a free trial of software to clean up the computer. Suspect software includes Winfixer, SpywareQuake, ErrorSafe, ErrorGuard, SpyShield, ApyAxe, SpywareNuker and, most recently, Spyhealer, DriverCleaner and SystemDoctor. "Rogue security programs are clearly on the rise, and users must demonstrate caution and always be alert when downloading software," said George Moore, threat researcher at Trend Micro.
Source: http://www.vnunet.com/vnunet/news/2191329/rogue−security−sof tware−rise

31. June 01, Sophos — Hack Attack: 9,500 new infected Webpages every day, reports Sophos. Sophos has revealed the most prevalent malware threats causing problems for computer users around the world during May 2007. The figures compiled by Sophos' global network of monitoring stations show that infected Webpages continue to pose a threat, affecting official government Websites as well as other legitimate pages. On average this month, Sophos uncovered 9,500 new infected Webpages daily −− an increase of more than 1000 every day when compared to April. In total, 304,000 Webpages hosting malicious code were identified in May. The top ten list of Web−based malware threats in May 2007 is as follows: 1) Mal/frame; 2) JS/EnclFra; 3) Troj/Decdec; 4) Troj/Fujif; 5) Troj/lfradv; 6) VBS/Redlof; 7) Mal/ObfJS; 8) Troj/Psyme; 9) VBS/Roor; 10) VBS/Soraci.
Source: http://www.sophos.com/pressoffice/news/articles/2007/06/topt enmay07.html