Wednesday, April 23, 2008

Daily Report

• The Associated Press reports Santa Barbara County inspectors have ordered a Greka Oil & Gas Co. facility near Santa Maria, California, to stop work after finding a possibly dangerous leak. (See item 3)

• According to the Globe and Mail, two Toronto-area executives face charges of fraud and conspiracy for allegedly seeking to defraud the U.S. military of up to $11 million on a contract for night-vision goggles. (See item 10)

Information Technology

36. April 22, Age – (International) S. Korea’s presidential office hit by computer virus attack. South Korea’s presidential office said Tuesday its computer systems had been infected by a computer virus, resulting in the leak of some non-classified data. The presidential Blue House said in a statement the now-defunct secretariat of the presidential National Security Council was infected with a “worm” virus due to human negligence in mid-February, days before the new president took office. Traces of a virus were discovered in early March during security checks on computer systems received from the previous government, according to the president’s office. The virus attack caused the leak of personal and other data, the statement said, but a presidential spokesman said the data was not classified. The Blue House has taken actions to counter viruses and is considering disciplinary measures for those involved, according to the statement. Source:

37. April 22, Economic Times India – (International) Beware of hacker attacks via Orkut, Facebook. As per the 2007 Internet Security Threat Report compiled by anti-virus and security solutions major Symantec, social networking sites have become the latest target of hackers to attack home and enterprise computers. “With the web emerging as the seamless medium of communication, information and interaction, online users are prone to get infected by engaging in social networking and browsing frequented websites due to malicious online activity in the form of worms, bots, viruses and Trojans,” Symantec India managing director said. Some of the popular social networking sites on the worldwide web are Bebo, Facebook (70 million registered users worldwide), Flickr (9.6 million users), MySpace (1.1 billion users), and Orkut. Source:

38. April 21, IDG News Service – (International) Mac hack contest bug had been public for a year. The winner of last month’s PWN2OWN contest to install unauthorized software on a machine running a fully patched version the Mac OS X operating system exploited a flaw that had been publicly disclosed nearly a year before the contest. The flaw, it turns out, lay in an open-source software library called the Perl Compatible Regular Expressions (PCRE) library, which is used by many products including Apache, the PHP scripting language, and Apple’s Safari browser, which a person hacked to win the contest. In an e-mail interview, a security researcher said he found the bug, which he publicly disclosed in November 2007. PCRE developers fixed the bug months earlier while writing an incomplete fix for the issue in the May 2007 PCRE 6.7 product. Although Apple’s Safari browser uses the PCRE software library, the company did not patch its version of the library until late last week. That means that an astute hacker who had noticed the fix in PCRE 6.7 would have been given an early tip on how to hack into Apple’s computers. Discovering a software bug is the first step toward figuring out how to use that flaw in an attack, but not every flaw leads to a successful exploit. In an e-mail interview, the contest winner confirmed that the bug he had exploited was the same one that was patched in PCRE 6.7, but said that researchers at his company, Independent Security Evaluators, had found it “completely independently.” Source:

Communications Sector

39. April 20, IDG News Service – (International) Vietnam launches its first satellite. Vietnam launched its first satellite over the weekend to provide telecommunications, broadcasting, and Internet links across the country. Vinasat-1 was carried into space aboard an Ariane 5 rocket from the European spaceport in French Guiana at 7:17 p.m. local time Friday evening. “With transmission capacity equivalent to 10,000 voice, Internet and data channels, or 120 TV channels, Vinasat-1 will help Vietnam bring telecommunications, Internet and television services to all isolated, mountainous and island areas where other means of transmission is not feasible,” Vietnam’s minister of information and communication said in a televised speech shortly after the launch. The country is expecting economic gains from the telecommunications links that the satellite will support. Vinasat-1 was built by Lockheed Martin and will be positioned at 132-degrees East. It carries 12 Ku-band and 8 C-band transponders and has a design lifetime of 15 years. Its footprint will cover all of South East Asia in addition to the eastern part of China, India, Korea, Japan, Australia, and Hawaii. Five other nations in the region already have their own satellites in space: Indonesia, Malaysia, the Philippines, Singapore, and Thailand. Source: