Friday, June 29, 2007

Daily Highlights

The Associated Press reports the wing of a departing jetliner struck the tail of another plane on a holding pad at Chicago's O'Hare International Airport on Wednesday, June 27, during a severe thunderstorm. (See item 13)
The New York Times reports tainted Chinese toothpaste was widely distributed in the U.S., with roughly 900,000 tubes turning up in hospitals for the mentally ill, prisons, juvenile detention centers, and even some hospitals serving the general population. (See item 23)

Information Technology and Telecommunications Sector

32. June 28, CNET News — Gartner: Businesses should be wary of iPhone. Analyst Gartner claims the iPhone could "punch a hole" through corporate security systems if workers are allowed to use the phone for work purposes. IT departments should be extremely wary of allowing employees to use Apple's mobile handset because it does not contain the necessary functionality to comply with basic corporate security, analysts warned in a research note released on Thursday, June 28. The iPhone will be launched in the U.S. on Friday. Gartner lists the following reasons to steer clear of the iPhone for now: a) Lack of support from major mobile device management suites and mobile−security suites; b) Lack of support from major business mobile e−mail solution providers; c) An operating system platform that is not licensed to alternative−hardware suppliers, meaning there are limited backup options; d) Feature deficiencies that would increase support costs; e) Currently available from only one operator in the U.S.; f) An unproven device from a vendor that has never built an enterprise−class mobile device; g) The high price of the device, which starts at $500; H) A clear statement by Apple that it is focused on consumer rather than enterprise.

33. June 28, Sophos — Harry Potter worm targets USB memory drives. With just weeks remaining until the release of the last ever Harry Potter novel, and the imminent premiere of the fifth movie in the franchise, Sophos has warned of a new computer worm exploiting Potter−mania around the world. The W32/Hairy−A worm spreads by copying itself onto USB memory sticks, posing as a copy of the eagerly−anticipated novel "Harry Potter and the Deathly Hallows." Windows users who allow affected flash drives to "autorun" are automatically infected by the worm when it is attached to their PC. A file called HarryPotter−TheDeathlyHallows.doc can be found in the root directory of infected USB drives. Inside the Word document file is the simple phrase "Harry Potter is dead."
Source: y.html

34. June 27, InformationWeek — Hackers take over MySpace pages to build bots. Internet Storm Center researchers are warning users that drive−by exploits have been embedded in a few dozen legitimate MySpace pages. Johannes Ullrich, chief technology officer with the Internet Storm Center, told InformationWeek that the malicious code that's embedded in the Webpages installs the FluxBot, a dangerous new bot. Since the bot doesn't have a central command and instead relies on a complex set of ever−changing networks of proxy servers, Ullrich said it's extremely difficult to shut it down or cleanse it off an infected system. Ullrich explained that the embedded malicious code tries to exploit an old Microsoft Internet Explorer bug that was patched mid−2006. If that bug lets in the exploit, then the FluxBot is downloaded. "The IE hole is not particularly dangerous at this point, but quite a few people still got hit," he added. "I guess there are a lot of people out there with unpatched versions of Internet Explorer." Ullrich also noted that while MySpace isn't a new target for hackers, it's an increasingly popular one.

No comments: