Tuesday, June 19, 2007

Daily Highlights

The Associated Press reports the push from Congress and the White House for huge increases in biofuels such as ethanol, is prompting the oil industry to scale back its plans for refinery expansions −− which could keep gasoline prices high, possibly for years to come. (See item 2)
The Washington Post reports the U.S. Food and Drug Administration has little control −− conducting only about 200 inspections of overseas plants −− as generic and over−the−counter drugs are imported into U.S. from India and China. (See item 23)

Banking and Finance Sector

June 18, VNUNet — Crippling malware attack strikes in Italy. Italy is suffering from a barrage of remote attacks launched from hundreds of compromised Websites, security experts have warned. Researchers at Symantec reported that attackers have injected 'iframe' tags within the HTML files on compromised sites. The tags redirect users to a site that runs MPack, a utility that attempts multiple exploits and malware installations. More than 65,000 users had been redirected to the malicious page since Friday afternoon, June 15, and more than 7,000 successful exploits had been carried out.
Source: http://www.vnunet.com/vnunet/news/2192236/massive−malware−at tack−breaks

30. June 18, Kable (UK) — Humans, not tech, are the greatest security risk. The UK's Department of Trade and Industry (DTI) has made roughly $7.9 million available for four research projects aimed at reducing the IT risk created by human error. The program, which is part of its Network Security Innovation Platform, reflects the fact that human error is by far the biggest risk to network security, the DTI said. It cited the results of a survey it conducted, involving over 1,800 people, on the use of passwords. It found that: a) Just over one third recorded their password or security information by either writing it down or storing it somewhere on their computer; b) Nearly two thirds never changed their password; c) One in five people used the same password for non−banking Websites as well as their online bank. The projects will use behavioral science in a bid to tackle the human risk element in network security.
Source: http://www.kablenet.com/kd.nsf/Frontpage/C3AEB7E8641F7CF0802572FB004DC9D4?OpenDocument

31. June 16, Information Week — In fight against botnets, warning victims is half the battle. The Feds have caught some of the alleged "bot herders" it says are spamming the world from botnets they've created. Now they'd like to warn more than 1 million computer owners whose machines have been infected, but doing so will be an inexact and tedious undertaking. The FBI has begun notifying ISPs from which the IP addresses of infected computers originated. "If they choose to, they can contact their customers," says Shawn Henry, deputy assistant director of the FBI's Cyber Division. If the FBI determines that a large company or organization is among the botnet victims, it will notify them directly, he adds. Combing through the IP addresses of zombie computers and notifying ISPs will be one of the biggest jobs the FBI has ever undertaken, says special agent Richard Kolko. Because botnets are widely distributed, the FBI considers them a growing threat to national security, the national information infrastructure, and the economy.
Source: http://www.informationweek.com/security/showArticle.jhtml;jsessionid=DDQGQAGD3WLKKQSNDLOSKH0CJUNN2JVN?articleID=199904855