Daily Report Wednesday, November 1, 2006

The Associated Press reports federal authorities are investigating how a jetliner carrying more than 160 people landed on a taxiway instead of an adjacent runway at Newark's Liberty Airport on Saturday night, October 28. (See item 15)

U.S. Centers for Disease Control and Prevention and the Food and Drug
Administration are investigating a salmonella outbreak potentially linked to produce that has sickened at least 172 people in 18 states. (See item 22)

United Press International reports the FBI is investigating how a hacker, tapping into an employee's laptop, bypassed security and compromised the computer of a Pennsylvania, water filtration plant. (See item 24)

Information Technology and Telecommunications Sector

35. October 31, Security Focus — HP OpenView Storage Data Protector Backup Agent remote arbitrary command execution vulnerability. HP OpenView Storage Data Protector Backup Agent is prone to an arbitrary command execution vulnerability. Attackers can exploit this vulnerability to execute arbitrary commands in the context of the affected process. This may aid attackers in the compromise of the underlying system; other attacks are also possible. HP OpenView Storage Data Protector 5.5 and HP OpenView Storage Data Protector 5.1.

Solution: The vendor has released an advisory along with fixes to address this issue. For further information on obtaining and applying fixes:
Source: http://www.securityfocus.com/bid/19495/references

36. October 31, VNUNet — Security firm warns of Halloween malware. Web filtering and security firm Websense has warned Internet users to be aware of online scammers seeking to exploit this year's Halloween celebrations. Users may encounter one of these malicious sites when searching Google for Halloween items. Websense has described one instance of these scams as the classic "typo−attack" in which cyber−criminals create links to Webpages that host malware. The sites take advantage of commonly mistyped word searches such as "halkoween" instead of "halloween." These Websites often advertise Halloween−related details in their titles, but actually contain dangerous spyware which could log user activity on the Web.

Source: http://www.vnunet.com/vnunet/news/2167612/websense−halloween −malware

37. October 31, Reuters — Microsoft sues counterfeit software dealers. Microsoft Corp. said on Tuesday, October 31, it had started 55 legal actions around the world against dealers it accuses of selling counterfeit software online, its largest enforcement effort to date. "Today's announcement marks...the first time the company has focused its efforts worldwide to bring legal action against online dealers," the U.S.−based software company said in a statement. "Counterfeit software is defective and dangerous because counterfeiters tamper with the genuine software code, which leaves the door open to identity theft and other serious security breaches," Matt Lundy, a senior attorney at Microsoft, said in a statement. Microsoft analyzed counterfeit Windows XP programs in June this year and said it found that 34 percent of the disks could not be installed on a computer, and another 43 percent contained additional programs, or binary code, that are not part of the operating system.

Source: http://www.eweek.com/article2/0,1895,2047861,00.asp
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)