Tuesday, August 7, 2007

Daily Highlights

CNN reports rescue workers were searching for any sign of six miners thought to be trapped inside a coal mine southeast of Salt Lake City in central Utah that caved in early Monday, August 6. (See item 1)
InformationWeek reports eighteen people, including three physicians and two pharmacists, were indicted on racketeering and related charges for allegedly running an illegal online drug distribution network, named Affpower. (See item 28)
Two University of South Florida students, Ahmed Abda Sherf Mohamed, 24, and Yousef Samir Megahed, 21, were charged in Goose Creek, South Carolina, with possession of an incendiary device after police found a suspicious item in their car and detonated it over the weekend. (See item 34)
Information Technology and Telecommunications Sector

31. August 06, eWeek — Immunity unleashes automatic exploit tool. Immunity, a company already well−known for making pen testing easy, has released a new tool to make writing exploits near−automatic. Immunity released the free tool, called Debugger, at the Defcon hackers convention in Las Vegas on Friday, August 3. Debugger comes with what Immunity says is the industry's first heap analysis tool built specifically for heap creation. It also sports a large Python API for easy extensibility and has function graphing as part of its user interface. Immunity is claiming that Debugger will cut exploit development time by 50 percent. Not everybody's happy to hear that. "They've got a good development community," said Dave Marcus, security research and communications manager at McAfee's Avert Labs. "But I look at it from the other side of house: What does this mean to the computing public?" What it means is more zero days, Marcus said. "And that's certainly not a good thing. I think you'll see a spike in zero days, and contributions to the zero−day initiative, because it makes it easier to find vulnerabilities. You're making the job easier."
Source: http://www.eweek.com/article2/0,1895,2166829,00.asp

32. August 05, Associated Press — Researcher: Flaw exposes hack threat. Terrorists and other criminals could exploit a newly discovered software flaw to hijack massive computer systems used to control critical infrastructure like oil refineries, power plants and factories, a researcher said Saturday, August 4. Ganesh Devarajan, a security researcher with 3Com Corp.'s TippingPoint in Austin, TX, demonstrated the software vulnerability he uncovered to attendees at the Defcon hacker conference on computer security. The software is used to manage supervisory control and data acquisition, or SCADA, systems −− computers that regulate the functioning of such important infrastructure as oil and gas pipelines, water treatment and power transmission facilities and the giant factories used by large technology companies. The flaw could crash certain SCADA computer systems, particularly older ones, Devarajan said. The intrusion works by attacking sensors within the facilities that are linked to the Internet through unencrypted connections. Devarajan declined to identify the software company whose product he hacked in his demonstration but said his firm has notified the company of the vulnerability so it can fix the problem. Similar weaknesses likely exist in other programs, Devarajan said.
Source: http://www.nytimes.com/aponline/technology/AP−Hacking−Threat.html?_r=1&oref=slogin

33. August 03, InformationWeek — Mastermind of Estonia cyberattacks still a mystery. Months after the cyberattacks launched against the Baltic nation of Estonia brought the country to its knees, the dangers of targeted cyberattacks and the consequences of heavy economic reliance on the Web have become clear −− even if the identity of the mastermind behind the attacks remains a mystery. Estonia's emergency was a unique situation, since Internet connections can be blocked into the entire country, given how small it is and how concentrated its Web users are. It was a "predicament of success," Gadi Evron, security evangelist for network security vendor Beyond Security, said Thursday, August 2, during the Black Hat USA 2007 conference in Las Vegas. Because so much of Estonia's economy relies on the Internet, when the Internet was down, citizens couldn't perform the most basic functions, such buying milk, bread, or gas. One security researcher, Postini senior manager Adam Swidler, believes there's a good chance that authors behind the Storm worm terrorizing the Web today were behind the Estonia attacks. While Russians were involved in the cyberattacks, the attacks were not launched by Russia itself. Evron was very clear that there are no answers regarding exactly who initiated the attack and how much of it was pre−planned.
Source: http://www.informationweek.com/security/showArticle.jhtml;jsessionid=4A5ZYIBI1UXR4QSNDLRCKHSCJUNN2JVN?articleID=201202784