Wednesday, May 21, 2008
Daily Report
• According to Bloomberg, a Norwegian workers strike has closed six more airports, bringing the total number to twelve and limiting access to oil drilling platforms off the coast. (See item 1)
• The Dayton Daily News reports that Georgia-based Latex Construction Co, a contractor on the 1,679-mile Rockies Express natural gas pipeline is under federal investigation amid allegations by former project inspectors that crews failed to install required equipment designed to prevent breaches that could trigger explosions on the pipeline (See item 15)
Information Technology
29. May 20, vnunet.com – (National) Mass website hacks here to stay. McAfee Security experts have warned that the recent rash of large-scale website attacks may not be a fleeting trend. A McAfee researcher believes that the attacks, which simultaneously target hundreds of thousands of web pages, could be a sign of things to come. The nature of the attacks makes them very hard to prevent, and simply removing the exploit code may not protect sites from further infection. His assessment follows several SQL injection attacks in recent months. The attackers are believed to have used automated scripts to run input-validation attacks on pages. The script embeds a small section of JavaScript on the compromised page. Users attempting to access the pages are silently routed to a third-party site run by the attacker. This page then attempts to execute a number of browser exploits in an effort to install malware. Source: http://www.vnunet.com/vnunet/news/2217001/mass-hacks-here-stay
30. May 20, Computerworld – (National) New attack trend pushes POS encryption to the fore. The relatively scant attention that retailers have paid to securing their point-of-sale systems over the past few years is making the POS setups increasingly attractive targets for cybercrooks who are looking to steal payment card data. Hoping to help merchants address that situation are a handful of vendors who have begun offering new products aimed at making POS environments a lot harder to crack. The biggest of those vendors is VeriFone Holdings Inc., which last month released a security tool designed to let merchants encrypt credit and debit card data from the moment a card is swiped at a merchant’s PIN entry device all the way to the systems of the company’s external payment processor. VeriFone’s VeriShield Protect software is based on patented technology from Semtek Innovative Solutions Corp., which makes appliances for securely decrypting data. VeriFone said that Semtek’s technology, called the Hidden Triple Data Encryption Standard, can be used to encrypt personal account numbers and the so-called Track 2 data stored on the magnetic stripe located on the back of payment cards. That information includes card numbers and their expiration dates. Source: http://www.computerworld.com/action/article.do?command=viewArticleBasic&taxonomyName=security&articleId=9086898&taxonomyId=17&intsrc=kc_top
31. May 20, IDG News Service – (National) XP SP3 hit by new networking bug. The latest service pack for Windows XP continues to cause problems for users. According to an online user forum, the latest glitch in Windows XP Service Pack 3 (SP3) is with the remote desktop access feature of Windows Home Server. Windows XP users running Windows Home Server, Microsoft’s home storage and local networking server, report that SP3 has been cutting off their access to the server from their PCs. The remote desktop access feature would ask users to add their home server’s website address in order to access it even after they already had, users reported.
Source: http://www.techworld.com/opsys/news/index.cfm?newsID=101547&pagtype=all
Communications Sector
32. May 20, OneStopClick – (International) Smartphone use by businesses ‘increases security threat.’ The increasing use of smartphones by businesses is leading to higher security threats as handset theft grows, according to a survey by Airwide Solution. Figures from the Home Office showed that 800,000 mobile phones were reported as stolen in the UK in 2006. Airwide Solutions has said that as information like bank details, PIN codes, passwords, and company and personal details are held on the smartphones, they present a significant security risk if lost. The company believes one way to combat this threat is to use software which locks and wipes data on the device if it is stolen. Source: http://www.onestopclick.com/news/Smartphone-use-by-businesses-’increases-security-threat’_18601254.html
No comments:
Post a Comment