Wednesday, April 16, 2008

Daily Report

• According to IDG News Service, Verisign’s iDefense division has tracked more than 1,800 senior managers who have fallen victim to an e-mail scam in which they are told that they have been sued in federal court and must click on a Web link to download court documents. The installed browser plug-in software gives the criminal access to the victim’s computer. (See item 31)

• WRCTV 4 District of Columbia reports massive security efforts have been under way for Pope Benedict XVI’s arrival in Washington, D.C. (See item 35)

Information Technology

30. April 15, Register – (International) Pro-Tibet rootkit Trojan poses as cartoon. Malware writers have attempted a second Olympics related malware attack in one week. A movie file circulating on the net that poses as a cartoon ridiculing the effort of a Chinese gymnast at the games, followed by images supporting a free Tibet, has been booby-trapped with malware. While the Flash-based movie runs, a keystroke logging tool is silently installed on the victim’s Windows PC. The malware is hidden by rootkit functionality, making it harder to detect and remove. The malicious cartoon is distributed as an email attachment called “RaceForTibet.exe”. Data captured by the keystroke logger is sent to a computer in China. As usual, the threat affects Windows PCs only. Discovery of the keystroke logger with a rootkit comes a day after net security firm McAfee warned that pro-Tibet websites were being modified by attackers to host malicious software. The Fribet Trojan horse was placed on hacked websites and subsequently loaded onto the PCs through a Windows vulnerability. As previously reported, the Fribet Trojan contained sophisticated functionality that enabled it to gain access to databases accessed through compromised PCs. Source:

31. April 14, IDG News Service – (International) Criminals hack CEOs with fake subpoenas. Security researchers say that thousands have fallen victim to an e-mail scam in which senior managers are told that they have been sued in federal court and must click on a Web link to download court documents. Victims of the crime are taken to a phony Web site where they are told they need to install browser plug-in software to view the documents. That software gives the criminals access to the victim’s computer. This type of targeted e-mail attack, called “spear-phishing,” is a variation on the more common “phishing” attack. Both attacks use fake e-mail messages to try to lure victims to malicious Web sites, but with spear-phishing the attackers try to make their messages more believable by including information tailored to the victim. Verisign’s iDefense division has tracked more than 1,800 victims who clicked on the message. “This is probably one of the largest spear-phishing attacks we’ve seen to date in terms of number of victims,” said the director of iDefense’s Rapid Response Team. Verisign believes that the criminals behind this scam are the same ones who launched an attack last month that used fake e-mails that appeared to be from the Better Business Bureau. And the U.S. courts have been warning computer users for years now of an ongoing scam where victims are told that they have failed to show up for jury duty and then asked to enter sensitive information into a phishing site. Source:

Communications Sector

32. April 15, IT Pro – (National) Apple iPhone vulnerable through Safari. A security vulnerability has been discovered in the Safari browser of the most recent version of the Apple iPhone software, according to security vendor Radwares research team. A denial of service (DoS) problem occurs when an iPhone user opens a HTML page containing Javascript, which manifests the vulnerability. Users would be driven to the page by can social engineering such as spam mail or spam SMS. Once this happens, the user will experience an application DoS which will crash the Safari browser and possibly the entire iPhone. Radware said that the Safari browser was vulnerable due to a design flaw triggered by a series of memory allocation operations on the dynamic memory pool, which then triggers a bug in the garbage collector. The flaw is currently unpatched, with Radware claiming users were vulnerable until an update is issued by Apple. Source:

33. April 15, VNU Net – (National) Poor infrastructure holding back software services. Outdated network infrastructure is holding back the development of software-as-a-service (Saas), according to security vendor Check Point. Saas is one of the key growth areas of 2008, especially providing security as a service. But the outdated nature of many corporate networks is holding back the implementation of such services. “Most of the network infrastructure was built around the turn of the century and was not built with enough scalability,” said Check Point’s founder. “Many of the pipes today are not secure enough [for Saas]. The next generation of networks will be more on the Saas model, with more scalability and better reconfiguration models.” He added that companies and their partners are much more interested in providing Saas, and that network infrastructure is not the only thing that will have to change. Source:

34. April 15, Doylestown Intelligencer – (Pennsylvania) Board, Verizon talking again about FiOS service. Frustrated with regulations and fees in Buckingham Township, Pennsylvania, Verizon more or less walked away from efforts to install its fiber optic Internet service there about two years ago. Recent developments have prompted the company to return to discussions, said the acting township manger. To get the ball rolling again, Buckingham officials plan to rescind a right-of-way ordinance, a law approved in 2005 that requires utilities to pay certain permit fees in order to use township-owned rights of way. The amount of those fees was unclear. For its part, Verizon has said it will agree to bring FiOS to the whole township within six years. A “significant” part of the township will be wired within three years. None of the talks has produced a formal agreement yet, although that is expected. Franchise negotiations could begin in May. Fiber optic cable also carries the capacity for telephone and cable-TV service, in addition to broadband Internet. Source: