Daily Report Wednesday, December 20, 2006

Daily Highlights

The Associated Press reports a flight from Raleigh.Durham International Airport to Cincinnati was canceled Tuesday, December 19, when authorities discovered a man sleeping on the jetliner before passengers boarded it. (See item 15)
The Indianapolis Star reports a norovirus has been determined to have sickened nearly 400 diners at the Castleton, Indiana, Olive Garden restaurant last week. (See item 29)
The Insurance Journal reports that despite electronic ID cards, surveillance cameras, and metal detectors, security is still difficult to achieve in high.rise office buildings. (See item 37)

Information Technology and Telecommunications Sector

33. December 19, IDG News Service — Worm may be spreading via Skype chat. Computer security analysts are studying reports of a worm that may be circulating via a feature in Skype's popular Voice over Internet Protocol service. Security vendor Websense said the worm spreads through Skype's chat feature. Users receive a message asking them to download a file called "sp.exe." The executable is a Trojan horse that can steal passwords. If a user runs the Trojan it triggers another set of code to spread itself. The first infected PCs appeared in the Asia.Pacific region, particularly in Korea, Websense reported on its blog on Tuesday, December 19. It said it was still investigating the issue.
Source: http://www.infoworld.com/article/06/12/19/HNskypeworm_1.html

34. December 19, Sophos — Windows Vista used as bait in aggressive image spam campaign. Sophos has reminded computer users of the threat posed by image spam following a new campaign which purports to offer a cut.price edition of Microsoft Windows Vista. Image spam, which uses a graphic embedded in an e.mail rather than regular text, has grown in popularity amongst spammers attempting to communicate their marketing messages to Internet users. In the latest widespread campaign seen by Sophos, image spammers are offering a bargain edition of Microsoft's new operating system, Windows Vista. The spam e.mail claims that the recipient can save $319.05 by downloading Windows Vista today. It is unclear whether acting upon the spam would furnish the computer user with a pirated edition of Windows Vista or simply steal their credit card details.
Source: http://www.sophos.com/pressoffice/news/articles/2006/12/vist aspam.html

35. December 18, IDG News Service — Malware: Quality drops but quantity rises. Over the last six months, the technical creativity of malware has fallen along with the ability to cause massive damage, such as that created by the MyDoom and Sasser worms of years past, wrote Alexander Gostev, senior virus analyst for Kaspersky Lab, in a recent report. Gostev's lab intermittently sees highly technical malware, but most is "the same unending stream of Trojans, viruses and worms," he wrote. In many cases, hackers simply take existing malware and create variants, by tweaking the older code to evade anti.virus software. At times, the process is simple trial and error. Malware writers use online scanners such as Virustotal, which check to see if their new code will be detected by anti.virus software, said Mikko Hypponen, chief research officer for F.Secure. If the code is detectable, they can make a slight modification and run it through the scanner again. Because much of the code is not new, it tends to remain effective for shorter periods of time before anti.virus companies detect it. Still, the time it takes to identify and create a signature for a new virus, which can range from a few minutes to a few hours, is often long enough for hackers to infect computers.
Source: http://www.infoworld.com/article/06/12/18/HNmalware_1.html