September 2006

During a congressional hearing Chief Executive Mark Hurd pleaded ignorance of all the investigative methods that could be considered illegal but admitted that he knew of, and partly authorized, “leaking” false information to CNet News.com reporter Dawn Kawamoto.

CNET News.com
Computer Business Review

{ 0 comments }

SecurityFocus Article
Robert Lemos
2006-09-22

Hewlett-Packard’s CEO Mark Hurd announced on Friday that he would replace the board’s chair Patricia Dunn immediately and apologized for the extent of the spying that took place in the chairwoman’s investigation of media leak on the board of directors

On behalf of HP I extend my sincere apologies to those journalists who were investigated and everyone who was impacted. HP has a distinguished history of conducting business with uncompromising integrity. We believe that these were isolated instances of impropriety and not indicative of how we conduct business at HP

Hurd denied any knowledge of the improprieties of the investigation.

The Washington Post Article
Ellen Nakashima and Yuki Noguchi
September 21, 2006

Hewlett-Packard Co. chief executive Mark V. Hurd approved an elaborate “sting” operation on a reporter in February in an attempt to plug leaks to the media, according to an e-mail message sent by HP Chairman Patricia C. Dunn.

The document, one of more than two dozen e-mails obtained by The Washington Post, for the first time links Hurd to an internal investigation of media leaks that has led to criminal probes and will be the subject of a congressional hearing next week.

{ 0 comments }

2006 marks the fourth consecutive year that the IAPP-HP Privacy Innovation Award has recognized organizations that have made strong and unique contributions to the privacy industry.

HP Chair Resigns Amid Probe Fallout
Sep 22nd
By JORDAN ROBERTSON AP Business Writer

Hewlett-Packard Co. shoved Chairwoman Patricia Dunn off its board Friday, severing its ties to a leader whose efforts to plug a media leak morphed into a spying scandal that has spawned criminal and congressional investigations.

The irony…

{ 0 comments }

Extensive Spying Found At HP
Feb. Report Sent to 4 Senior Executives
By Ellen Nakashima and Yuki Noguchi
Washington Post Staff Writers
Wednesday, September 20, 2006

The Hewlett-Packard Co. spying effort that has sparked criminal investigations was wide-ranging and included physical surveillance, photographs and spyware sent via e-mail, and it also targeted wives and other relatives of HP board members and reporters, according to a consultant’s report prepared for the company.

Article

Apparently, investigators sent an email that contained an attached file to a reporter for Cnet.com that if opened would install a KeyLogger.

The mind boogles.

eweek: Malicious Keyloggers Run Rampant on Net
Wikipedia: Keystroke logging

{ 0 comments }

A software pirate was sentenced to 87 months in prison and ordered to pay restitution of more than $5.4 million.

Department Of Justice Press Release
FRIDAY, SEPTEMBER 8, 2006
The forfeiture involves a wide array of assets, including homes, numerous cars, and a boat, which Peterson had purchased with the profits from his illegal enterprise.

Until it’s shut down by law enforcement agencies, Peterson operated the www.ibackups.net website which illegally sold copies of software products that were under copyright.

Apprantly Peterson delivered the product over the Internet or by mail, often including a serial number that allowed the purchaser to activate and use the product. ie: cracks/warez (software illegally modified)

The illegal sales caused a loss of nearly $20 million for the owners of the copyrighted products.

Bill Pytlovany Winpatrol has written an article “Who is behind StopBadware.Org?”

He was asked by a company called IAC Interactive to review WinPatrol’s PLUS descriptions of programs associated with their MyWebSearch toolbar.

Snips from the article which you can find in its entirety here

The biggest surprise was when I checked out the management at IAC InterActive Corp.

If the Berkman Center sounds familiar it’s because they led the initiative behind StopBadware.org.
Last month StopBadware.org declared one of IAC’s programs called Zinky to be Badware ( Click here.) Now they say “Zwinky is not badware, although it does engage in behaviors that users should be aware of”. ( Click here for more info ) You decide for yourself if this is a conflict of interest.

• Adds toolbar to numerous programs

• Bundled software automatically runs on startup

• Redirects invalid web addresses

During the Zwinky installation there is a small pre-checked box that says “Never see search error pages again - make MyWebSearch your default search provider!” The previous installation page describes MyWebSearch as providing “relevant search results in response to incorrectly formatted browser address requests.”

Beware of the “small pre-checked box”

{ 0 comments }

Microsoft TechNet
Updated: September 7, 2006

On 12 September 2006 Microsoft is planning to release:

Security Updates

• Two Microsoft Security Bulletins affecting Microsoft Windows. The highest Maximum Severity rating for these is Important. These updates will be detectable using the Microsoft Baseline Security Analyzer. Some of these updates will require a restart.

• One Microsoft Security Bulletin affecting Microsoft Office. The highest Maximum Severity rating for these is Critical. These updates will be detectable using the Microsoft Baseline Security Analyzer. These updates may require a restart.

Microsoft Windows Malicious Software Removal Tool

• Microsoft will release an updated version of the Microsoft Windows Malicious Software Removal Tool on Windows Update, Microsoft Update, Windows Server Update Services and the Download Center.

Note that this tool will NOT be distributed using Software Update Services (SUS).

Non-security High Priority updates on MU, WU, WSUS and SUS

• Microsoft will release Two NON-SECURITY High-Priority Updates for Windows on Windows Update (WU) and Software Update Services (SUS).

• Microsoft will release three NON-SECURITY High-Priority Updates on Microsoft Update (MU) and Windows Server Update Services (WSUS).

Although we do not anticipate any changes, the number of bulletins, products affected, restart information and severities are subject to change until released.

© 2006 Microsoft Corporation. All rights reserved.

Bleeping Computer found another fake antispyware program named VirusBurst.

Which has been added to the Rogue/Suspect Anti-Spyware Products & Web Sites List

Bleeping Computer Blog:

This latest incarnation currently uses the C:\Windows\System32\eowygj.dll file to infect you. Once loaded it will download VirusBurst and install the software without permission while displaying fake security alerts….

One of the things I find most amusing about these programs are that they detect the file that is used to download and install it as a Trojan

Information on how to remove it

Or go to one of the security forums listed in the right side panel to receive assistance.