Friday, April 4, 2008

Daily Report

• CNN reports Southwest Airlines tried to keep serious problems with its maintenance program hidden and pressured the Federal Aviation Administration to keep out an inspector who noticed the problems, according to two FAA inspectors who blew the whistle on the airline. (See item 12)

• According to Bloomberg, a study found that a bird flu virus that killed dogs in South Korea can spread from one dog to another, showing that the disease is capable of crossing species and causing widespread sickness in mammals. (See item 26)

Information Technology

33. April 3, Computerworld – (National) Apple patches 11 QuickTime bugs in year’s third update. Apple Inc. patched QuickTime late Wednesday to fix 11 flaws in the Mac and Windows versions of the media player. All but two of the bugs could be used by hackers to hijack users’ machines. QuickTime 7.4.5 – the third security update Apple has released for the program so far in 2008 – plugs vulnerabilities in how the player handles Java and PICT image files, parses some data objects, and uses Animation codec content, among others. Nine bugs patched Wednesday were characterized by Apple as allowing “arbitrary code execution,” a phrase the company uses to describe the most serious threats. Unlike other vendors such as Microsoft Corp. or Oracle Corp., Apple does not rank the bugs it fixes with a scoring or labeling system. Many of the vulnerabilities can be exploited if attackers are able to trick users into visiting malicious Web sites or open rigged files. Of those in the second category, Apple warned that some of the bugs could be triggered by malicious movie or PICT files. One flaw and possible attack vector was explained by Apple this way: “A memory corruption issue exists in QuickTime’s handling of movie media tracks. Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution,” the company said. Three of the vulnerabilities affect the Windows version of QuickTime only; the remaining eight exist in both the Mac and Windows editions, Apple said in the notes it released along with the patched program. Source:

34. April 2, ITPro Internet News – (National) Storm botnet still spamming through 2008. Although more than a year old, the flexibility of the Storm botnet means it is continuing to be a serious problem for end-users. The Storm botnet is alive and well, thriving across millions of computers and continuing to cause problems with spam and malware. According to a MessageLabs report, the Storm botnet was responsible for 20 per cent of all spam in the first quarter of 2008. The security vendor also intercepted more than four million emails from the Storm botnet since January, which either contained links to malware or were aimed at launching phishing attacks. The report findings indicated that the Storm botnet was being broken up, which allowed controllers to take separate parts and choose whether it wanted to send out malware or spam depending on the criminal’s business model. Source:

35. April 1, IDG News Service – (National) Laptop, complete with Vista attack code, listed on eBay. The winner of a recent hacking contest is offering the computer he broke into for sale on eBay, possibly with the Microsoft Vista attack code he used intact. In a Monday listing, the man is selling the Fujitsu U810 laptop he won last Friday during the CanSecWest PWN 2 OWN contest. His listing claims that exploit code could probably still be extracted from the machine. Although he makes no guarantees, he wrote, “My successfull [sic] exploitation of Vista SP1 remotely, is most likely still present. This laptop is a good case study for any forensics group/company/individual that wants to prove how cool they are, and a live example, not canned of what a typical incident responce sitchiation [sic] would look like.” The man was one of two hackers to claim laptops and cash prizes for penetrating systems during last week’s contest. Organizers offered Vista, Mac OS, and Linux-based laptops for the taking, along with prizes that varied from $5,000 to $20,000, depending on the difficulty of the exploit. By Friday, however, only the Linux laptop remained unbreached. Source:

Communications Sector

Nothing to Report