Monday, June 25, 2007

Daily Highlights

The Associated Press reports an off−duty sheriff's deputy stopped an out−of−control passenger who tried to open an emergency exit during a flight from Phoenix to Seattle. (See item 12)
Information Week reports the third annual Government Forum of Incident Response and Security Teams Conference will be held June 25–29, at the Buena Vista Palace Hotel in Orlando, Florida. (See item 30)

Information Technology and Telecommunications Sector

30. June 22, Information Week — Cybercrime fighters to gather this week. Dealing with cybercrime requires companies, law enforcement, and prosecutors to communicate frequently and adjust their tactics accordingly in order to catch the criminals and put them away. Thus the need for this week's third annual Government Forum of Incident Response and Security Teams Conference, held June 25–29, at the Buena Vista Palace Hotel in Orlando, FL, where law enforcement officials at all levels will meet with more than 200 attorneys and prosecutors, including all 92 assistant U.S. attorneys. "Back when we started the conference, our focus was on information sharing at the technical level," Rob Pate, deputy director of outreach and awareness for the Department of Homeland Security's National Cyber Security Division, told Information Week. "Now we're bringing in law enforcement and prosecutors to share our information." Communication among private−sector businesses, government, and law enforcement is especially important as zero−day vulnerabilities −− those for which there is no patch −− proliferate and attackers adopt new tactics for breaking into systems. "We have to rapidly share information about what we're seeing because cybertime moves in seconds," Jerry Dixon, director of the National Cyber Security Division, told InformationWeek.

31. June 22, Computer World — Apple patches Safari beta browser a second time. Apple Inc. Friday, June 22, issued security updates to patch four vulnerabilities in Mac OS X and the Safari beta, marking the second time in eight days that the company has had to fix its newest browser, which runs on both Mac and Windows XP and Vista machines. The 2007−006 update for Mac OS X 10.3, "Panther" and 10.4 "Tiger," fixes a pair of problems in Safari −− the production−quality versions bundled with the operating system −− including a memory corruption vulnerability that could end with an attacker in control of the Mac. "Visiting a maliciously crafted Webpage may lead to an unexpected application termination or arbitrary code execution," Apple said in its alert. The second bug, and to Apple, the less serious of the two, is a cross−site scripting flaw (XSS) in Safari that could be used by phishing sites to steal usernames and passwords. Apple Friday also updated the Safari beta, first released June 11, to version 3.0.2 for both Mac and Windows. Mac Safari 3.0.2 patches another XSS bug, while the Windows edition fixes that, plus a separate vulnerability that could let an attacker disguise the browser's address bar.
Apple Security Update 2007−006:

32. June 22, Computer World — Porn sites serve up Mpack attacks. Several hundred pornography sites are surprising unwitting users with a smorgasbord of exploits via Mpack, the already notorious hacker tool kit that launched massive attacks earlier last week from a network of more than 10,000 compromised domains. Trend Micro Inc. has spotted nearly 200 porn domains −− most dealing in incestuous content −− that have either been hacked or are purposefully redirecting users to servers hosting Mpack, a professional, Russian−made collection of exploits that comes complete with a management console. Even though there are far fewer porn sites in this newly discovered infection chain than in last Monday's "Italian Job" attack −− called that because most of the 10,000+ hijacked sites were legitimate Italian domains −− they've managed to infect twice as many end users' PCs, said Trend Micro, in a posting to its malware blog. "Right now, we are not sure whether the porn sites are compromised to host the IFRAMES, are created to do so or are being paid to host the IFRAMES," acknowledged Trend Micro. The attack probably began June 17, the company said.
Trend Micro Malware Blog:−is−bad−for−you21/

33. June 21, Information Week — iPhone frenzy will tempt hackers to break Apple's security. With so many people anxiously holding their breath while simultaneously counting their pennies till Apple's iPhone ships this week, some researchers −− and probably many IT managers −− are wondering how secure this latest smart phone is going to be. Well, according to IBM's security division, Internet Security Systems, the iPhone will have one thing going for it, at the same time it has one thing going against it, making for what should be an interesting product to track. The plus side is that it should take a pretty sophisticated hacker to break into the phone's system, but the negative is that all the frenzy that has been building up around the iPhone's release means many hackers will be inspired to try.