Tuesday, October 30, 2007

Daily Report


  • · The International Herald Tribune reports that, according to a Government Accountability Office report, more than a year after the U.S. Congress told the Energy Department to harden U.S. nuclear bomb factories and laboratories against terrorist raids, 5 of the 11 sites are certain to miss their deadlines. (See items 6)
  • · Computerworld reports that hackers amped up attacks using malicious PDF files that exploit a broad flaw in Windows. The attacks, which began Tuesday, exploit bugs in the Windows versions of Adobe Systems Inc.’s Reader and Acrobat software; Adobe patched the newest editions of those programs Monday, but has not yet updated older variants. (See item 31)

Information Technology

29. October 26, Computerworld – (National) Real reveals six new bugs in RealPlayer. For the second time in eight days, new critical vulnerabilities that could be used to hijack machines have been fingered in the RealPlayer media player. The patched editions
released October 19, for Windows, however, are not vulnerable to the half-dozen bugs, RealNetworks Inc. said. After revealing that RealPlayer included a serious flaw that had
been exploited by hackers who compromised an ad server owned by 24/7 Real Media to spread malware to visitors of legitimate, trusted Web sites, Seattle-based RealNetworks Thursday posted information about the latest vulnerabilities. All six bugs involve RealPlayer’s problems parsing file formats and could be exploited by hackers who first crafted malicious files, then duped users into either opening those rigged files when they received them as e-mail attachments or visiting an attack site that hosted such files. Among the file types: .mov, .mp3, .rm, SMIL, .swf, .ram and .pl.
Source:

http://www.computerworld.com/action/article.do?command=viewArticleBasic&taxonomy
Name=security&articleId=9044309&taxonomyId=17&intsrc=kc_top

30. October 26, Computerworld – (National) ‘We’re not scared’ of Storm, say researchers. Reports that security researchers are running scared from hackers responsible for the Storm Trojan are overblown, say some of the people who have dug into the complex malware. Earlier this week, a member of IBM’s Internet Security Systems Inc. said that Storm, a multifaceted Trojan Horse that has been used to gather a substantial army of bots (or compromised computers), strikes back using distributed denial-of-service (DDoS) attacks when it senses probes of its command-and-control network. These attacks, he said, have researchers spooked. But several researchers took issue with the characterization at Interop New York last Tuesday. They also confirmed, however, that they knew Storm had launched DDoS attacks, and as the IBM representative pointed out, the Trojan has an automated early warning system that sniffs probes made of the botnet. “Storm understands any attempt to understand it, then notifies the bot controller,” said one researcher. “It seems to recognize a threat after several different attempts to probe the bot.” The tactic is not new, but Storm has taken it to higher levels of automation, he said.
Source:

http://www.computerworld.com/action/article.do?command=viewArticleBasic&taxonomy
Name=security&articleId=9044304&taxonomyId=17&intsrc=kc_top

31. October 26, Computerworld – (National) Russian PDF attacks surge; Microsoft takes blame. On October 25, Microsoft Corp. updated a security advisory that addressed a broad flaw in Windows and said it is working around the clock to fix the bug. But it may be too late for many. Security researchers said hackers had amped up attacks using malicious PDF files that exploit the vulnerability. Helsinki, Finland-based F-Secure Corp. called the surge in spam carrying the rigged PDF documents “massive” and said the run is ongoing. The director of response at iSight Partners Inc., confirmed that the number of messages hitting mailboxes with rogue PDFs soared today. “PDF exploits are ramping up just in time for the weekend,” he said in an e-mail. The attacks, which began Tuesday, exploit bugs in the Windows versions of Adobe Systems Inc.’s Reader and Acrobat software; Adobe patched the newest editions of those programs Monday, but has not yet updated older variants. (See next article.) According to some researchers, the infamous Russian Business Network (RBN), a collective of cybercriminals, is behind the PDF assault.
Source:

http://www.computerworld.com/action/article.do?command=viewArticleBasic&taxonomy
Name=security&articleId=9044310&taxonomyId=17&intsrc=kc_top

Communications Sector

32. October 29, The New York Times News Service – (National) Apartment dwellers may get cable relief. The Federal Communications Commission, hoping to reduce the spiraling cost of cable television, is preparing to strike down thousands of contracts this week that shut out competitors by giving individual cable companies exclusive rights to provide service to an apartment building, the agency’s chairman says. The new rule could open markets across the country to competition. It would be a huge victory for Verizon Communications and AT&T, which have challenged the cable industry by offering video services. The two phone companies have lobbied aggressively for the provision. They have been supported in their fight by consumer groups, satellite television companies and small rivals to the big cable providers. Commission officials and consumer groups said the rule could significantly lower cable prices for millions of subscribers who live in apartment buildings and have had no choice in selecting a company for paid television. Government and private studies show that when a second cable company enters a market, prices can drop as much as 30 percent.
Source:
http://www.chicagotribune.com/business/chicable_monoct29,0,7719736,print.story