Monday, August 20, 2007

Daily Highlights

The Houston Chronicle reports the energy industry continues to prepare for Hurricane Dean's possible entry into the Gulf of Mexico, evacuating nonessential personnel from platforms, drillships, and rigs, and waiting for further developments in the hurricane's path. (See item 3)
·
The Los Angeles Daily News reports mistakes by both a pilot and a ground traffic controller led to yet another near−collision on the northern runway at Los Angeles International Airport on Thursday, August 16. (See item 15)
·
Government Technology reports Baton Rouge, Louisiana, has announced new a emergency contact system able to notify citizens by residential, business, or cell phone, as well as e−mail, text message, or devices for the hearing and speech impaired. (See item 31)
·
Information Technology and Telecommunications Sector

32. August 17, IDG News Service — Three indicted on software piracy charges. Three Florida men were indicted Thursday, August 16, on charges related to selling millions of dollars worth of counterfeit software through several Websites, the U.S. Department of Justice (DOJ) said. Maurice A. Robberson, Thomas K. Robberson, and Alton Lee Grooms, all of Lakeland, FL, were each charged with one count of conspiracy to violate copyright and counterfeiting laws, the DOJ said late Thursday. Maurice Robberson was also charged with a substantive count of felony copyright infringement and one count of trafficking in counterfeit goods, while Thomas Robberson was charged with one substantive felony count of copyright infringement and two counts of trafficking in counterfeit goods. The men conspired to sell more than $5 million in pirated software, according to the indictment from U.S. Attorney Chuck Rosenberg for the Eastern District of Virginia. The men operated BuysUSA.com, CDSalesUSA.com, AmericanSoftWareSales.com, TheDealDepot.net, and BestValueShoppe.com from late 2002 to October 2005, and sold counterfeit software from companies such as Adobe Systems, Autodesk, and Macromedia at discount prices, the DOJ said.
Source: http://www.infoworld.com/article/07/08/17/Three−indicted−on−software−piracy_1.html

33. August 16, InformationWeek — Storm botnet puts up defenses and starts attacking back. The Storm worm authors have another trick up their sleeves. The massive botnet that the hackers have been amassing over the last several months actually is attacking computers that are trying to weed it out. The botnet is set up to launch a distributed denial−of−service (DDoS) attack against any computer that is scanning a network for vulnerabilities or malware. Ren−Isac, which is supported largely through Indiana University, recently issued a warning to about 200 member educational institutions and then put out a much broader alert, warning colleges and universities that their networks could come under heavy attack. The warning noted that researchers have seen "numerous" Storm−related DDoS attacks recently. As the new school year is about to get underway, Ren−Isac is advising security professionals that the new attack "represents a significant risk" for the educational sector. With students returning to campus in the next few weeks, schools are expected to scan the servers on their network to find vulnerabilities and malware that the students are bringing back with them. When the scanner hits an infected computer that is part of the Storm botnet, the rest of the botnet directs a DDoS attack back against the computer running the scan.
Source: http://www.informationweek.com/news/showArticle.jhtml?articl eID=201800635

34. August 16, InformationWeek — Opera uses Mozilla fuzzer tool to find 'highly severe' bug. Opera Software found and patched what it's calling a "highly severe" bug in its flagship browser, using a security tool released by its competitor, Mozilla. During the recent Black Hat security conference, the Mozilla Foundation made the JavaScript fuzzer, an open−source application testing security testing tool, available to anyone who wants to use it. Opera noted in an advisory that the flaw could allow a hacker to execute code on the victim's machine. A virtual function call on an invalid pointer, which may reference data crafted by the attacker, can be used to execute arbitrary code. Opera Software released Opera V9.23 to fix the problem.
Opera Advisory: http://www.opera.com/support/search/view/865/
Source: http://www.informationweek.com/news/showArticle.jhtml?articl eID=201800584