Monday, July 2, 2007

Daily Highlights

The New York Times reports a smuggling tunnel freshly excavated under the border with Mexico was sealed Friday, June 29, after a joint raid by United States and Mexican authorities. (See item 13)
The Associated Press reports some U.S. airports will tighten security in response to terrorist incidents in Britain; the U.S., however, is not raising its terror alert status at this time. (See item 15)
CNN reports a man who allegedly stored nearly 1,500 pounds of potassium nitrate and other chemicals in his Staten Island home and a nearby storage facility was charged with reckless endangerment Friday, June 29. (See item 42)

Information Technology and Telecommunications Sector

37. June 29, IDG News Service — Department of Homeland Security to host closed−door security forum. The Department of Homeland Security will host an invite−only conference two months from now that will bring together security experts from law enforcement, Internet service providers, and the technology industry. The Internet Security Operations and Intelligence (ISOI) workshop will be held on August 27 and 28 at the Academy for Educational Development in Washington, DC. It is expected to draw about 240 participants who will engage in a frank discussion of the latest trends in cybercrime, said Gadi Evron, a security evangelist with Beyond Security who is one of the event's planners.

38. June 29, IDG News Service — succumbs to SQL injection attack. A hacker successfully attacked a Webpage within Microsoft's UK domain on Wednesday, June 27, resulting in the display of a photograph of a child waving the flag of Saudi Arabia. It was "unfortunate" that the site was vulnerable, said Roger Halbheer, chief security advisor for Microsoft in Europe, the Middle East and Africa, on Friday. The problem has since been fixed. However, the hack highlights how large software companies with technical expertise can still prove vulnerable to hackers. The hacker, who posted his name as "rEmOtEr," exploited a programming mistake in the site by using a technique known as SQL injection to get unauthorized access to a database, Halbheer said.

39. June 28, IDG News Service — RealPlayer, Helix Player vulnerable to attack. Users are being advised to upgrade to newer versions of the RealPlayer and Helix Player multimedia products because of a critical security flaw. The flaw could allow an attacker to gain control over a user's PC using a buffer overflow vulnerability, a memory problem that can allow unauthorized code to run on a machine, according to iDefense Inc. The vulnerability was discovered last October but publicly disclosed Tuesday, June 26, on iDefense's Website. Affected versions of the software include the 10.5 "gold" RealPlayer and any 1.x version of Helix Player, according to the French Security Incident Response Team (FrSIRT). iDefense advisory: y.php?id=547

40. June 28, ComputerWorld — Web−based attack poses as greeting card, tries three exploits. A new round of greeting−card spam that draws users to visit attack sites relies on a sophisticated multipronged, multiexploit strike force to infect machines, security professionals said late Thursday, June 28. Captured samples of the unsolicited e−mail have all borne the same subject line −− "You've received a postcard from a family member!" −− and contain links to a malicious Website. "If JavaScript is disabled, then they provide you a handy link to click on to exploit yourself," said an alert posted Thursday afternoon by SANS Institute's Internet Storm Center (ISC). The greeting−card gambit tries a trio of exploits, moving on to the second if the machine is not vulnerable to the first, then on to the third if necessary. The first is an exploit against a QuickTime vulnerability; the second is an attack on the popular WinZip compression utility; and the third, dubbed "the Hail Mary" by the ISC, is an exploit for the WebViewFolderIcon vulnerability in Windows that Microsoft Corp. patched last October. The ISC said several antivirus vendors had tentatively pegged the executable file, which is offered to users whose browsers have JavaScript disabled, as a variation of the Storm Trojan horse.
ISC alert:

No comments: