Wednesday, July 11, 2007

Daily Highlights

NBC12 reports Ahmad Abdallah Abu Ghanam, on his way from Jacksonville, Florida, to Amman, Jordan, is facing weapons charges for packing an undeclared .380 caliber semi−automatic pistol wrapped in aluminum foil in his checked luggage. (See item 8)
The Atlanta Journal−Constitution reports thousands of employees at the nation's 450 commercial airports are now subject to the "random security screenings," which the Transportation Security Administration and airport directors support as an alternative to the required screening of all workers. (See item 10)
Information Technology and Telecommunications Sector

30. July 10, Reuters — Cisco, Microsoft, EMC form government−data alliance. Cisco Systems, Microsoft and EMC said on Tuesday, July 10, they have formed an alliance to develop technology for protecting and sharing sensitive government information. The technology, called the Secure Information Sharing Architecture or SISA, will allow government agencies to better communicate while protecting content from being lost or stolen, the companies said. Technology to protect information has historically been enforced system−by−system, the companies said. SISA will allow agencies to set up networks that enable users of different computer systems to access the same information.

31. July 10, CNET News — Critical Firefox security flaw discovered. A "highly critical" security flaw has been discovered in Firefox, which could allow a malicious attacker to gain remote control of a user's system, according to an advisory issued by Secunia. The security flaw is found in Firefox 2.0 and later versions, due to the way it registers the "firefoxurl://" URI (uniform resource identifier) handler, which allows the browser to interact with specific resources on the Web. "A new URI handler was registered on Windows systems to allow Websites to force launching Firefox if the 'firefoxurl://' URI was called, like ftp://, http://, or similar would call other applications," explained Thomas Kristensen, Secunia chief technology officer. But because of the way the URI handler was registered by Firefox, it causes any parameter to be passed from Microsoft's Internet Explorer (IE), or another application, to Firefox, when firefoxurl:// is activated. Kristensen said the security flaw actually rests with Firefox's URI handler, despite other security sites that attribute the security flaw to IE, such as researcher Thor Larholm, who discovered the flaw, and Symantec.
Secunia advisory:

32. July 09, InfoWorld — BSA offers $1 million reward for turning in software pirates. Earlier this month the Business Software Alliance (BSA) upped the ante from $200,000 to $1 million for anyone who turns in a company that is illegally circumventing software licensing agreements. BSA members include a who's who of the software and hardware industry, including Apple, Adobe, Dell, HP, Microsoft, SAP, and dozens more. The bounty for uncovering cheaters is not just a marketing ploy. The Association can, in fact, put some bite into uncovering cheaters, according to Kris Barker, CEO of Express Metrix. Express Metrix is a company that does hardware and software auditing to help companies keep in compliance with their software licenses. "Most software licensing agreements include a provision that allows a software vendor or its agent, which can be the BSA, to do an audit of end−user agreements," said Barker. The BSA increased the reward as software piracy continues to grow. According to IDC, U.S. software vendors lost $7.3 billion in 2006 as a result of piracy.
Source: tml

33. July 09, Information Week — New image spam threat uses PDF files. The PDF image spam is just one of a litany of creative attempts to fool e−mail users into downloading malware or visiting phishing sites, says Symantec in its monthly spam report. The good news is that image spam continues to subside, now averaging 14.5 percent of all spam e−mails in June, down from 27 percent and 37 percent in the months of April and March respectively, Symantec reported Monday, July 9, in its July monthly State of Spam report. At its peak in January, image spam accounted for more than half of all spam. The bad news is that this doesn't mean that image spam is going away, as Symantec is seeing an increase in new spam techniques that reference spam images in different ways. Image spammers have started an emerging trend known as PDF image spam, which Symantec has seen in two variations. The first is an e−mail with a PDF attachment that appears to be a legitimate stock newsletter. In the second variant, the PDF attached to the e−mail contains a stock spam image, similar to image spam attacks focusing on stocks.
Symantec's State of Spam report: ort_−_July_2007.pdf