Tuesday, May 22, 2007

Daily Highlights

KDKA reports investigators are trying to determine how a small explosive device got past security at Pittsburgh International Airport and was then set off inside a magazine store. (See item 14)
The New York Times reports as many as 85,000 large residential and commercial buildings in New York City lack special valves on their water connections that could prevent hazardous substances from being pulled into the public water system. (See item 21)
The Associated Press reports a gunman suspected of killing three people and himself in Moscow, Idaho, on Sunday, May 20, had said during a court−ordered mental evaluation that if he committed suicide, he would try to take a large number of people with him. (See item 28)

Information Technology and Telecommunications Sector

32. May 21, IDG News Service — Mobile provider Alltel agrees to $27.5B buyout. Mobile phone and wireless services provider Alltel on Sunday, May 20, agreed to a $27.5 billion buyout, a deal likely to spur more such acquisitions in North America. The company, which serves 12 million mobile phone subscribers in 35 states, signed a deal to be bought by TPG Capital, and the private equity division of Goldman Sachs Group.
Source: http://www.infoworld.com/article/07/05/21/Alltel−agrees−to−b uyout_1.html

33. May 21, CNET News — Expert: IT industry has failed in desktop security. The IT industry has failed when it comes to desktop security for all major operating systems, a security specialist told delegates attending a security conference in Australia. Ivan Krstic, director of security architecture for the One Laptop per Child project, kicked off the AusCert 2007 conference Monday morning, May 21, with a keynote speech that blasted desktop computer security because it is based on a 35−year−old premise where software can run with the same privilege as a user. "The number one broken assumption of desktop security...is this very simple premise that all executing software should execute with the full permission that its user possesses," Kristic said. "There are a bunch of programs that ship with all major operating systems −− including Linux, Mac OS and Windows −− that can format your hard drive, spy on your computer, spy on you with your microphone and camera, and turn over control of your computer to third parties," said Krstic.
Source: http://news.com.com/Expert+IT+industry+has+failed+in+desktop+security/2100−1002_3−6185295.html

34. May 21, VNUNet — Bad Norton update zaps 'millions' of PCs. A faulty update to Symantec's Norton Antivirus package has disabled "millions" of PCs in China, according to local press reports. One report carried by China's official news agency put the number of affected PCs in the millions, although others said that the figure was more like thousands or tens of thousands. The affected PCs cannot be started up. PCs running Windows XP began to fail after they downloaded a virus definitions update file on Friday, May 18. The regular updates are automatically pushed out from Symantec's servers. Users explained that nothing went wrong immediately, but that the next restart showed the infamous Windows 'Blue Screen of Death' instead of the normal start−up sequence. The PCs could not be restored to operation by any normal means. Symantec's China office explained in a statement that the software had mistakenly detected a virus in some key Windows XP system files. These files were either deleted or quarantined.
Source: http://www.vnunet.com/vnunet/news/2190301/millions−pcs−zappe d−bad

35. May 21, VNUNet — OpenOffice worm targets Windows, Mac and Linux computers. A newly discovered worm targeting OpenOffice attempts to download indecent JPEG images onto compromised PCs. Badbunny−A, a macro worm for OpenOffice/StarBasic that drops scripts in other languages, infects computer users when they open an OpenOffice Draw file called badbunny.odg. A macro within the file performs different functions depending on whether the user is running Windows, MacOS or Linux. These can include executing other self−replicating JavaScript and Perl viruses.
Source: http://www.vnunet.com/vnunet/news/2190354/openoffice−worm−do wnloads−bunny

36. May 18, eWeek — Hundreds click on 'click here to get infected' ad. The fact that 409 people clicked on an ad that offers infection for those with virus−free PCs proves that people will click on just about anything. That was evidenced by the 409 people who clicked on an ad that offers infection for those with virus−free PCs. The ad, run by a person who identifies himself as security professional Didier Stevens, reads like this: "Drive−By Download. Is your PC virus−free? Get it infected here! drive−by−download.info." Stevens, who says he works for Contraste Europe, has been running his Google Adwords campaign for six months now and has received 409 hits. Stevens has done similar research in the past, such as finding out how easy it is to land on a drive−by download site when doing a Google search. Stevens says that he got the idea after picking up a small book on Google Adwords at the library and finding out how easy and cheap it is to set up an ad.
Source: http://www.eweek.com/article2/0,1895,2132447,00.asp

37. May 18, InformationWeek — Online criminal gangs battle with botnets. Two or three online criminal gangs are waging an all−out battle for control of the largest botnets, sending out waves of malware aimed at stealing zombie computers from rival gangs to build up their own army. Each online gang is trying to build up the biggest botnet because the bigger the army of infected computers they control, the more money spammers and hackers will pay to use them, explains Shane Coursen, a senior technical consultant for Kaspersky Lab. Since the gangs have their own botnets already built up, they're all trying to pilfer victimized computers from their rivals, to diminish their competitor's botnets while they build up their own. Coursen said the author of the well−known Storm Worm, also known as Zhelatin, is going head to head with the author or authors of the Warezov and Bagle worms. It's unclear whether one group is responsible for both the Warezov worm and the Bagle worm or if different groups are behind each one, he said. Regardless, they're both working to steal zombies from the Storm Worm authors.
Source: http://www.informationweek.com/showArticle.jhtml;jsessionid=XI0ZLCE4XGNGAQSNDLRCKH0CJUNN2JVN?articleID=199601992