Mobile, Patch Management, Privacy

News briefs

March 14, 2007

»The Social Security numbers of 1.3 million Chicago voters were compromised when they were distributed to city officials.

The whereabouts of six CDs containing the personal information, which were distributed by the Chicago Board of Elections, were unknown, according to reports.

» Researchers worked around the clock to battle the mass-spammed trojan attack they dubbed the "storm worm."

Though nowhere near as damaging as MyDoom or Bagel, storm made up 17 percent of all email at its peak. Malware writers were able to evade detection by flooding the internet 5,000 variants of the code.

"By distributing so many variants simultaneously, the malware distributors overwhelm signature-based anti-virus engines, effectively guaranteeing that they will not block them," said Haggai Carmon, Commtouch's vice president of products.

»TJX Companies, the parent firm of retailers T.J. Maxx and Marshalls, was attacked by hackers in a breach that may have been going on for as long as three years before company officials detected it.

An unknown number of customers had their personal information stolen in the hacking. A number of lawsuits by consumers and banks followed the breach's disclosure.

U.S. Rep. Ed Markey, D-Mass., chairman of the House Subcommittee on Telecommunications and the Internet, called for the FTC to investigate the breach.

» Sony BMG brought to an apparent end the year-long controversy over rootkit-like digital rights management devices that were installed on CDs last year.

The entertainment giant settled a complaint with the Federal Trade Commission, agreeing to compensate affected customers up to $150 to repair computer damage that may have occurred when trying to remove the software. The company also agreed to exchange CDs with unhappy consumers.

The DRM software enabled websites to download malicious code onto affected PCs, according to Edward Felten, a Princeton University professor.

"It could be any page on the web to download code. Any webpage could install whatever software. It was about as serious as a vulnerability could be," he said.

» Microsoft released the consumer versions of its Windows Vista operating system, with execs touting the release as the most secure OS they have ever developed.

"Their message is that Vista is the most secure Windows platform ever," said Rowan Trollope, vice president of engineering at Symantec. "They said that about Windows XP as well. It kind of reminds me of the Titanic being the ‘unsinkable ship.'"

»Errata: Courion Corporation was noted incorrectly in the Reader Trust Awards section of the February issue. Our apologies.

prestitial ad