Tuesday, September 11, 2007

Daily Reports

· The New York Times and Reuters reported that explosions targeting several Mexican natural gas pipelines hit the state of Veracruz on Monday, September 10th. (See item 2)

· Fox News cited a Congressional report finding that the Center for Disease Control (CDC) lacks the capability to prevent a human carrier of a biological agent from entering or leaving the United States. The report followed the controversial case in which a U.S. citizen diagnosed with a form of Tuberculosis (TB) was permitted to travel to Europe. (See item 29 )

Information Technology

40. September 10, IDG News Service – Skype warns users of Windows worm. Skype users are under attack from a new worm that spreads through the peer-to-peer Internet phone application's chat feature. The attack begins when a user receives an instant message containing a link from someone in their contact list or an unknown Skype user, said a Skype spokesman. There are several versions of the chat messages, which are “cleverly written” to fool users, he wrote on the Skype heartbeat blog. The link appears to contain a JPEG photo file which, if clicked, asks the user to save or run a “.scr” file. The file is malicious software that can then access a user's PC via Skype's API (application programming interface). The malicious file has been named W32/Ramex.A. “Users whose computers are infected with this virus will send a chat message to other Skype users asking them to click on a web link that can infect” their computers, he wrote. To avoid trouble, users should not download the file. As of early today, detailed information from anti-virus vendors was scanty. Several security companies, however, have already updated their signature definitions to detect and delete the new malware. Skype is only the latest IM client to feel the heat from hackers. Both Yahoo Messenger and Microsoft’s MSN/Live Messenger have been struck this summer. Exploit code designed to hijack Windows PCs running Yahoo Messenger appeared as early as June, and Yahoo has been forced to patch the IM client several times since. Microsoft, meanwhile, has scheduled fixes for its MSN Messenger and Windows Live Messenger software for tomorrow, presumably to quash a webcam bug that was disclosed late last month.

Source: http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=009035198

41. September 10, IDG News Service – Security researcher intercepts embassy passwords from Tor. A security researcher who collected thousands of sensitive e-mails and passwords from the embassies of countries such as Russia and India blamed systems administrators on Monday for not using encryption to shield their traffic from snooping. The 21-year-old security researcher revealed on Monday he was able to capture the information by setting up his own node in a peer-to-peer network used by the embassies to make their Internet traffic anonymous. The embassies relied on a volunteer network of servers using software called Tor (The Onion Router) to hide their Internet traffic and make it anonymous. Traffic sent through a Tor node is transmitted through a randomly selected series of other Tor nodes before exiting the network for its intended destination, so as to disguise the source and destination of the traffic. But although traffic between nodes in a Tor network is encrypted by default, traffic entering and exiting the system is not, so anyone wanting to hide not only who are they are communicating with, but what they are saying, must apply an extra layer of encryption themselves. Embassies and companies neglected to do this, which left their information open for the researcher to collect.

Source: http://www.infoworld.com/article/07/09/10/Security-researcher-intercepts-embassy-passwords_1.html

42. September 10, Techworld Criminals operating malware supermarkets. According to Panda Software’s latest quarterly report the global market for criminal malware now operates like a supermarket, complete with special offers and volume discounts. The report stated that the going rate for a sophisticated but generic Trojan is between $350 and $700, while the email list with which to target victims for the program costs from $100 per million names. While Panda Software is hesitant to give out details about which sites are involved, it did say that it considered Russia, an area with poor anti-malware legislation, a prime location for the industry. Panda Software’s lab chief said: “In recent months we have witnessed the growing professionalization of digital crime." The first step for cyber-crooks was when they started looking for profits from their activity instead of just notoriety. Now they are creating a vast online malware market, where there are even specialized segments. New business models are appearing, as we speak." He also noted that cyber criminals are now offering paid services in addition to products. Report available at: http://pandalabs.pandasecurity.com/archive/PandaLabs-Quarterly-Report.aspx Source:http://www.techworld.com/security/news/index.cfm?newsid=10035&pagtype=all

43. September 07, Techworld – Spam up, PDF spam down. Spam rates were up in August, despite the fact that PDF spam appears to have peaked. Junk email reached nearly 70 percent of all messages sent last month. According to Symantec's spam report for August, unwanted email accounted for 69 percent of all mail sent, up 3-percent from July. Spam volumes are creeping up toward the levels reached last October when image spam inflated junk mail to 73 percent of all messages sent. In August, image spam had little impact, accounting for less than 10 percent of all spam, according to Symantec. Last month also saw the dramatic rise and fall of PDF spam, email messages with a PDF attached, that usually attempted to convince the recipient to purchase stocks. First spotted by Symantec in June, PDF spam accounted for 20 percent of all spam at its peak in mid-August. Spammers quickly retreated from the technique, however, bringing its end-of-the-month level to less than one percent of all spam. Symantec's take is that spammers have backed off from sending PDF spam to tweak the technique or have decided this form of spam isn't working and have gone back to the drawing board. Officials at Sophos, another security vendor, agreed that PDF spam was more trouble than it was worth for recipients - since they had to actually open an attachment to read the message - and so spammers weren't getting the desired results.

Source: http://www.techworld.com/security/news/index.cfm?newsID=10017&pagtype=samechan

Communications Sector

44. September 10, PCWorldSoftware Glitch Affects BlackBerry Service. Some Blackberry users in North America experienced problems on Friday when a software issue meant that the email service shut down, leaving the handheld device's email capabilities disabled. As a result, some BlackBerry customers did not immediately receive their emails. The problem began at around 10am Friday EDT and delays continued to be experienced into Saturday morning as the message backlogs were cleared out. This is the second time BlackBerry-maker RIM (Research in Motion) has experienced a problem in its service. In April, another glitch led to millions of BlackBerry hand-held device users in the U.S. being cut off from their wireless email service for more than 10 hours. This time the problem affected only BIS (BlackBerry Internet Service users) not BES (BlackBerry Enterprise Services users). RIM said the emails were only delayed and not lost completely. Phonecall and text-messaging services were not affected. The Canadian company has not given a reason for the interruption in the service or specified a date when it would return to normal.

Source: http://www.pcworld.com/article/id,137012-c,pdacellphonehybrids/article.html

45. September 8, Parsons Sun Need for broadband in rural areas discussed. Kansas lawmakers discussed the state’s internet infrastructure at a Summit at the University of Kansas last weekend. Some said they will try to develop a picture of the state’s Internet infrastructure in the next legislative session. One state legislator said he would like to see the state track where their residents lack affordable and reliable internet service as Kentucky and Tennessee have done. "Companies are then able to look at that map and say, 'There's an opportunity for us. I think that's the first step in providing broadband for all communities" he said, adding that internet expansion important for the economic development of rural businesses in the state. Source: http://www.parsonssun.com/news/articles/internet090807.shtml