Daily Report Tuesday, February 6, 2007

Daily Highlights

The National Transportation Safety Board is investigating the second runway incident in a month at Denver International Airport, when a United Airlines jet braked to a complete stop to keep from hitting a snowplow on the runway. (See item 7)
The Associated Press reports a bone.chilling Arctic cold wave with temperatures as low as 42 below zero shut down schools for thousands of youngsters Monday, February 5, sent homeless people into shelters, and disabled car batteries from the northern Plains across the Great Lakes. (See item 34)

Information Technology and Telecommunications Sector

27. February 05, IDG News Service — Microsoft: Excel vulnerable to new attack. With its February security patches now two weeks away, Microsoft is warning of another critical flaw in its Office software. This time Excel is the target. Microsoft confirmed late Friday, February 2, that its spreadsheet software is vulnerable to a new attack, and said that the problem may affect other Office software as well. The software giant is investigating reports that the flaw is being used by criminals in "very limited," attacks, according to a Microsoft security advisory. This latest flaw affects Microsoft Office 2000, Microsoft Office XP, Microsoft Office 2003, and Microsoft Office 2004 for Mac.
Microsoft Security Advisory: http://www.microsoft.com/technet/security/advisory/932553.mspx
Source: http://www.infoworld.com/article/07/02/05/HNexcelvulnerable_ 1.html

28. February 05, IDG News Service — German court bans police from spying on PCs. Germany's High Court has handed down a landmark decision banning police from installing spyware on computers of suspected criminals without their knowledge. The decision, announced Monday, February 5, is a blow to the plans of the German Interior Minister Wolfgang Schäuble to give the Federal Criminal Police Office greater power to monitor terrorists and other criminals online, and peek inside their computers. The High Court in Karlsruhe argued that searching computers is similar to searching homes, a practice in Germany that requires police to follow certain procedures. The judges also argued that hacking computers by the police is not permitted under Germany's strict phone.tapping laws and that legislation would be needed to enable covert surveillance.
Source: http://www.infoworld.com/article/07/02/05/HNbanpolicefromspy ing_1.html

29. February 05, InfoWorld — NTT DoCoMo 3G network hit by problems. NTT DoCoMo's 3G network in part of central Tokyo was hit by trouble on Saturday, February 3, resulting in problems for tens of thousands of users. Problems with a switching board at a DoCoMo facility in the capital's Shibuya district caused the disruption. Users in Shibuya and the nearby districts of Shinjuku, Okubo and Minami.Aoyama found calls and packet communications problems from 4:34 a.m. to 9:29 p.m. local time on Saturday. NTT DoCoMo estimates around 92,600 subscribers were directly hit by the problem.
Source: http://www.infoworld.com/article/07/02/05/HNdocomo3gtrouble_ 1.html

30. February 05, IDG News Service — HP to acquire Bristol Technology. Hewlett.Packard Co. (HP) plans to acquire business transactions monitoring software vendor Bristol Technology Inc. HP announced Monday, February 5, that it has signed a definitive agreement to acquire Bristol as a way to beef up its business technology optimization product offerings. The vendor didn't reveal the financial terms of the deal.
Source: http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9010229&intsrc=hm_list

31. February 02, eWeek — Super Bowl site hacked with Trojan, keylogger. Malicious code was discovered on the Website for Dolphin Stadium, the location of this year's Super Bowl, reports Websense. Websense Security Labs urged Web users to avoid that site completely until the site had been scrubbed cleaned of all destructive code. The code, hidden under the file name "w1c.exe," initiates both Trojan horse and keylogging capabilities, potentially allowing a hacker to track and record keyboard strokes in order to steal credit card, Social Security or other user information. The malicious JavaScript file was inserted into the header of the front page of the Dolphin Stadium site. Once visitors entered, it was designed to execute a script that attempts to exploit two known vulnerabilities: MS06.014 and MS07.004. By late Friday afternoon, February 2, Websense officials reported that the Dolphin Stadium site had been cleansed of the malware.
Source: http://www.eweek.com/article2/0,1895,2089951,00.asp

32. February 02, InfoWorld — Hackers target hole in BrightStor. Anti.virus firm Symantec warned Friday, February 2, that exploit code is circulating for a known security hole in Computer Associates' BrightStor ARCServe Backup software, which provides data backup and restore for a variety of operating systems including Windows, Netware, Linux, Unix, and Mac. Symantec issued an alert early Friday, after exploit code was posted to the SecurityFocus Website. The alert raised the urgency and severity of an earlier warning about the security holes in ARCServe Backup versions 9.01 through 11.5 SP1, as well as CA's Business Protection Suite software. The exploit code is designed to run on Windows XP and Windows 2000 systems.
Source: http://www.infoworld.com/article/07/02/02/HNbrightstor_1.htm l