Wednesday, June 27, 2007

Daily Highlights

IDG News reports that using a credit card at a gas station could pose more of a risk for data theft than shopping online, since point−of−sale terminals have emerged as a weak link in the security chain. (See item 6)
The Christian Science Monitor reports the American aviation system may be in danger with repair and maintenance systems increasingly being outsourced to foreign and non−Federal Aviation Administration−certified repair stations. (See item 10)
The Orlando Sentinel reports Central Florida's Lynx bus system is spending nearly $1 million from the Department of Homeland Security to train its drivers and staff on how to spot terrorists and other criminals. (See item 16)

Information Technology and Telecommunications Sector

30. June 26, eWeek — Analyst: WinSafari hole still open. The vulnerabilities Errata Security found in Apple's Safari beta for Windows −− within hours of the browser's June 11 launch −− are still open, CTO Dave Maynor said in a blog on Monday, June 25. The Safari bugs are proof positive of Maynor's assertion that client−side vulnerabilities are easy as pie to find in Apple code, he said. "I basically just ran the OSX version of Safari through a fuzzer, and it crashed in a few seconds," he wrote in the June 25 post. Errata made test results public back on April 23 in this blog post after finding one particular exploit. The reason Apple hasn't jumped on fixing it, Maynor charges, is that the press has ignored this exploit.

31. June 26, Sophos — Duo found guilty of operating spam business. Experts at IT security and control firm Sophos have welcomed news that two men have been found guilty for their part in an international spam gang which bombarded innocent Internet users with graphic pornographic images. A federal jury has convicted James R. Schaffer, of Paradise Valley, AZ, and Jeffrey A. Kilbride, of Venice, CA, on charges including conspiracy, money laundering, fraud and transportation of obscene materials. Spam sent by Schaffer and Kilbride is said to have resulted in America Online receiving more than 600,000 complaints from users between 30 January and 9 June 2004.
Source: −spammers.html

32. June 26, Sophos — Shockwave as Trojan horse uses animated disguise. Experts at Sophos have discovered a Trojan horse that disguises its malicious intent by playing a humorous animation. The Troj/Agent−FWO Trojan horse plays the popular "Yes & No" Shockwave video created by the Italian animator Bruno Bozzetto, but only after embedding itself on users' computers and downloading further malicious code from the Internet. "Yes & No," which was published on the Internet by Bozzetto in 2001, is a humorous video about how obeying the rules of the road does not always make sense. Hundreds of thousands of people are believed to have watched the online animation. According to Sophos experts, the Trojan horse is playing the animation as a smokescreen as it silently infects Windows computers.
Source: o.html

33. June 25, ComputerWorld — Hackers use 'construction kit' to unleash Trojan variants. Multiple hacker groups are using a "construction kit" supplied by the author of a Trojan horse program discovered last October to develop and unleash more dangerous variants of the original malware. Already such variants have stolen sensitive information belonging to at least 10,000 individuals and sent the data to rogue servers in China, Russia and the United States, according to Don Jackson, a security researcher at SecureWorks Inc. The Prg Trojan, as it has been dubbed by SecureWorks, is a variant of another Trojan called wnspoem that was unearthed in October. Like its predecessor, the Prg Trojan and its variants, are designed to sniff sensitive data from Windows internal memory buffers before the data is encrypted and sent to SSL−protected Websites. What makes the threat from the Prg Trojan especially potent is the availability of a construction tool kit that allows hackers to develop and release new versions of the code faster than antivirus vendors can devise solutions, Jackson said. The toolkit allows hackers to recompile and pack the malicious code in countless subtly different ways so as to evade detection by antivirus engines typically looking for specific signatures to identify and block threats, Jackson said.