Monday, July 7, 2008

Daily Report

• A team of University of California San Diego (UCSD) scientists - with the help of resources at the San Diego Supercomputer Center (SDSC), also at UC San Diego – have isolated more than two dozen promising and novel compounds from which new “designer drugs” might be developed to combat bird flu. (See item 24)


• The American Civil Liberties Union and the Electronic Frontier Foundation filed a lawsuit yesterday in U.S. District Court for the District of Columbia, saying U.S. residents should have a right to know the extent of mobile phone tracking done by U.S. attorneys’ offices. (See item 32)


Banking and Finance Sector


11. July 2, KSNW 3 Wichita – (Kansas) BWCU customers warned of e-mail scam. Boeing Wichita Credit Union (BWCU) customers are being targeted in a phishing scam. The company’s interim CEO told KSNW they found out about the scam when their phones started ringing. “This is not a legitimate e-mail from the credit union,” said the interim CEO. The fake page looks nearly identical to the real Boeing Wichita Credit Union log in page and asks customers for their member number and PIN. That information would allow scammers to penetrate an on line bank account.

Source: http://www.ksn.com/news/local/22836464.html


Information Technology


27. July 3, MyBroadband – (National) Microsoft highlights malware problem. Cybercriminals changed tactics in the last six months of 2007, with a steep rise in malware as a tool for targeting computer users for profit, according to Microsoft’s newly-released Security Intelligence Report. The report focuses on the second half of 2007 and uses data derived from a range of tools running on approximately 450 million computers worldwide to provide an in-depth, global view of software vulnerabilities, software exploits, malicious software, and potentially unwanted software. Microsoft saw the number of Trojan downloader programs it removed from Windows machines jump by 300 percent, said Microsoft SA’s security expert. “These programs masquerade as legitimate pieces of software, but once installed, they then download malicious software such as spyware or adware onto the victim’s computer. They are typically installed via the Web.” The report showed an overall decline in new security vulnerability disclosures by 15 percent for the second half of 2007 and a decrease in total vulnerability disclosures by five percent for all of 2007. Vulnerabilities are weaknesses in software that allow an attacker to compromise the integrity, availability or confidentiality of that software. The data reveals a 300 percent increase in the number of trojan downloaders and droppers- malicious code used to install files on users’ systems - illustrating that the malware category continues to grow in popularity among attackers. The report shows a 66.7 percent increase in the number of potentially unwanted software detections - programs that may impact user privacy or security by performing actions the person may not want - between 1 July and 31 Dec, with a total of 129.5 million pieces of potentially unwanted software found on users’ systems.

Source: http://mybroadband.co.za/news/Software/4364.html


28. July 3, Register – (International) Built-in browser expiry proposed to fight botnet menace. After data analyzed security researchers from IBM’s ISS security division, Google and ETH Zurich University, revealed that 45.2 percent of all internet surfers neglect to regularly update their browser software, an IBM security researcher has suggested that browser makers could improve internet security by taking a leaf from the book of food manufactures and applying a “best before” date to browser and plug-in software. The theory is that a built-in expiry date would ensure that more users update in a timely fashion. Slackness in applying updates in a timely fashion leaves an estimated 637 million surfers vulnerable to drive-by download attacks, according to a new survey.

Source: http://www.theregister.co.uk/2008/07/03/browser_insecurity_survey/


29. July 2, Computerworld – (National) Mozilla patches 13 bugs in Firefox 2. After patching its older Firefox 2.0 yesterday to quash 13 bugs, Mozilla Corp. announced that it would end support for the browser in mid-December. Mozilla last patched Firefox 2.0 in April. Firefox 2.0.0.15 addresses 13 vulnerabilities, five of which the open-source company rated “critical,” according to advisories posted on Mozilla’s site Tuesday. Of the remaining bugs, four were labeled “high,” two as “moderate,” and two as “low.” Three of the five critical flaws could be exploited by attackers to execute malicious code, said Mozilla, while the last two, involving JavaScript and pegged by the developer as “crashes with evidence of memory corruption,” might lead to code-execution exploits. Interestingly, one of the critical vulnerabilities isn’t within the browser per se, but crops up only when one or more add-ons, dubbed “extensions” by Mozilla, are also installed. “Firefox itself does not use this feature in a vulnerable way, and users who have not installed any add-ons are not at risk,” read the advisory. “We have, however, identified popular add-ons using this feature whose users are at risk, and there are no doubt others.” Among the extensions called out by Firefox programmers in the write-up on Bugzilla, Mozilla’s bug tracking and management system, was Google Inc.’s Google Toolbar.

Source:

http://www.computerworld.com/action/article.do?command=viewArticleBasic&taxonomyName=security&articleId=9106278&taxonomyId=17&intsrc=kc_top



Communications Sector



30. July 3, Ann Arbor Business Review – (Michigan) Municipal wireless networks face setbacks, delays in many communities around Michigan. Municipal wireless highspeed Internet projects have yet to fulfill their promise in Michigan, where officials report they are coming in late or stalled in a number of communities. In Grand Rapids a proposed next-generation wireless project will not start construction until at least 2009, a company spokeswoman confirmed this week. That is four years after 10 wireless pilot “hot spots” were set up around the city. Oakland County officials shelved the Wireless Oakland program in June due to a lack of financing for its technology and business partner. Many municipal wireless projects were based on the potential for community development, both by narrowing the so-called “digital divide” between high- and low income citizens and by offering communications infrastructure that promotes a more technologically-capable community. Most communities partnered with private providers, making public assets such as towers and high buildings available for wireless fidelity, or WiFi, radios funded by the private partner. Many of those projects turned out to be too large for companies to attempt at their own cost to serve a consumer market already enjoying many alternatives, said a wireless industry analyst. The resulting pullbacks could be spooking smaller communities with similar models, she said, while networks based to some extent on built-in public service usage - police, fire, public works departments, for example - tend to be more successful. That was the model adopted in Grand Rapids.

Source:

http://www.mlive.com/businessreview/annarbor/index.ssf/2008/07/municipal_wireless_networks_fa.html


31. July 3, Pacific Magazine – (Hawaii) American Samoa-Hawaii fiber optic cable set for early 2009. A fiber optic communications cable that will link American Samoa to Hawaii be deployed and connected in the first quarter of 2009, not this November, territorial officials were told today during an informational hearing. The hearing was called by the territorial government’s Project Notification and Review System Board (PNRS) to inform the public about the proposed fiber optic project and its environmental impact. The cable currently links Hawaii and New Zealand, and will be spliced with one end brought to American Samoa. The cable would then link American Samoa and Hawaii, with a spur to neighboring Samoa.

Source: http://www.pacificmagazine.net/news/2008/07/03/american-samoa-hawaiifiber-optic-cable-set-for-early-2009


32. July 2, IDG News Service – (National) Civil liberties groups sue U.S. over mobile phone tracking. The American Civil Liberties Union and the Electronic Frontier Foundation are asking a federal court to order the U.S. Department of Justice (DOJ) to turn over records about the agency’s tracking of mobile phone users. The two civil liberties groups filed a lawsuit yesterday in U.S. District Court for the District of Columbia, saying U.S. residents should have a right to know the extent of mobile phone tracking done by U.S. attorneys’ offices. In the past year and a half, multiple news reports and court cases have revealed that some U.S. attorneys were claiming not to need probable cause of a crime in order to track people using mobile phones, the groups say in their complaint. In some cases, U.S. attorneys have bypassed court-ordered warrants, with law enforcement agents obtaining “tracking data directly from mobile carriers without any court involvement,” the complaint says. A DOJ spokesman declined to comment specifically on the lawsuit, but he seemed to dispute the reports that DOJ officials were requesting tracking information without court orders.

Source:

http://www.computerworld.com/action/article.do?command=viewArticleBasic&taxonomyName=security&articleId=9106078&taxonomyId=17&intsrc=kc_top


33. July 2, Associated Press – (International) Report: Fiber Internet growth overtakes cable. For the first time, more people around the world are signing up for fiber-optic broadband service than for cable Internet service, according to a British research firm. Fiber providers added 4.2 million customers in the first quarter, while 2.5 million customers signed up for cable modems, according to a report released Wednesday by Point Topic. The bulk of the new fiber subscribers are in China, where 2.5 million signed up, for a total of 16.7 million. The U.S. is in fourth place after Japan and Korea. Point Topic counted 303,000 new U.S. fiber customers, for a total of 2.6 million. Fiberoptic Internet connections provide faster speeds, but the cost of the buildout is daunting. In deregulated telecommunications markets like those of the U.S. and Western Europe, carriers are unsure if fiber is worth the investment because they are competing there with cheaper technologies like cable and DSL, and it’s unclear how much regulators will let them profit. Verizon Communications Inc. is the only major U.S. telecommunications company to pull fiber all the way to subscriber homes. Verizon accounts for slightly more than two-thirds of total U.S. fiber hookups. The rest of the fiber-to-the-home, or FTTH, deployments are by small phone companies and by municipalities.

Source:

http://ap.google.com/article/ALeqM5g7FQbmkZXRVknSQtfWXETR3DPd_QD91LSKIO4