Wednesday, April 25, 2007

Daily Highlights

The Department of Homeland Security is warning U.S. chemical plants and bomb squads to guard against a new form of terrorism: chlorine truck bombs; the Chlorine Institute recently alerted the FBI to several thefts or attempted thefts of 150−pound chlorine tanks from water treatment plants in California. (See item 4)
The Manhattan District Attorney's Office announced Friday, April 20, it has indicted 13 members of an identity theft ring that made more than $3 million worth of illegal purchases using small hand−held devices to read and record personal information stored on the credit card's magnetic strip. (See item 9)

Information Technology and Telecommunications Sector

28. April 24, Information Week — Malware spikes in 1Q as hackers increasingly infect Websites. The number of new pieces of malware spiked in the first quarter of this year, and the majority of the new threats are being embedded in malicious Websites. According to a study from Sophos, an antivirus and anti−spam company, researchers discovered 23,864 new threats in the first three months of 2007. That's more than double the number of new malware identified in the same period last year, when Sophos discovered 9,450. While the number of malware is increasing, where it's being found is changing. Historically, malware has plagued e−mail, hidden in malicious attachments. While that's still happening, more virus writers are putting their efforts into malicious Websites. Sophos noted that the percentage of infected e−mail has dropped from 1.3 percent, or one in 77 e−mails in the first three months of 2006, to one in 256, or just 0.4 percent in this year's first quarter. In the same time period, Sophos identified an average of 5,000 new infected Web pages every day. With computer users becoming more aware of how to protect against e−mail−based malware, hackers have turned to the Web as their preferred vector of attack.
Sophos study:

29. April 23, ComputerWorld — Microsoft: No patch yet for DNS Server bug. Microsoft Corp.'ssecurity team Sunday, April 22, said it is still working on a patch for a critical bug in the company's server software. The vulnerability in the Domain Name System (DNS) Server Service of Windows 2000 Server SP4, Windows Server 2003 SP1 and Windows Server 2003 SP2, has been exploited since at least April 13, Microsoft acknowledged earlier −− although the 11
company has continued to characterize those attacks as "limited." "Our teams are continuing to work on developing and testing updates...[but] we don't have any new estimates on release timelines," said Christopher Budd, program manager for the Microsoft Security Response Center (MSRC) on the group's blog. "I can say that our ongoing testing so far has not raised any issues that would make us believe we might be looking at a longer timeline."
MSRC blog:−update−on−microsoft−security−advisory−935964.aspx

30. April 23, ComputerWorld — Safari, Firefox, IE all vulnerable if QuickTime is installed, say researchers. The vulnerability that put $10,000 into the pocket of a New Yorker last Friday, April 20, during a Mac hacking contest is in Apple Inc.'s QuickTime media player, researchers said Monday, April 23. The contest, held at the CanSecWest security conference in Vancouver last week, pitted a pair of MacBook Pro notebooks, each with all currently−available security patches installed, against all comers. On Friday, Sean Comeau, one of the CanSecWest organizers, said the bug was in Safari, the Apple browser bundled with Mac OS X. But Monday, researchers at Matasano Security LLC, a New York−based consultancy, said the flaw is actually in QuickTime. "Dino's finding targets Java handling in QuickTime," said Matasano researcher Thomas Ptacek on the group's blog. "Any Java−enabled browser is a viable attack vector, if QuickTime is installed. Apple's vulnerable code ships by default on Mac OS X (obviously) and is extremely popular on Windows, where this code introduces a third−party vulnerability." Ptacek confirmed that both Safari and Mozilla Corp.'s Firefox can be exploited through the new QuickTime bug. Matasano also said it assumes that Firefox is vulnerable on Windows PCs if QuickTime's plug−in is installed.

31. April 16, Government Computer News — Solar flare puts GPS off the air. Mysteriously, on December 6, 2006, Global Positioning System (GPS) devices suddenly malfunctioned across large swaths of the planet. The cause was an intense burst of radio energy, called a solar flare, emitting from the sun’s surface. Although the event temporarily knocked out many GPS receivers, no airplanes fell from the sky, and no ships lost their way at sea. But the event nonetheless generated concern among scientists. Although they were aware that radio bursts generated by solar flares could affect GPS equipment, they were surprised that this large an event occurred during a period of relatively low solar−flare activity and that its impact was as strong as it was. “It’s more serious than we thought. We didn’t think this was going to happen until the next solar maximum, which is about 2011,” said Paul Kintner Jr., professor of electrical and computer engineering at Cornell University. “We’ve been monitoring solar flares for four years. [The Dec. 6 event] suggests that monitoring has been inaccurate. And we don’t have a good historical basis for predicting what’s going to happen, so we’re concerned.” The radio bursts don’t actually damage equipment but only interfere with transmissions between GPS satellites and receivers.

Note: Our apology for the lateness of this post. Unfortunately our Internet access broke sometime last night and did not come back up until after we left for the day. Simply stated, the delay was beyond our control.