Security Bytes: Ameritrade puts 200,000 clients at risk

In other news, Symantec wins another case against software pirates; a Windows service pack causes trouble; and new Bagle worm emerges.

Ameritrade loses backup tape with client data
Omaha-based online investment brokerage Ameritrade Inc. announced yesterday it lost or accidentally destroyed a backup tape holding unencrypted account information for 200,000 current and former clients. A company spokeswoman said a package of accounting backup tapes was damaged in transit in late February; three of four missing tapes have since been found. The unrecovered tape contained account data for clients from 2001 to 2003. Ameritrade customers began receiving notices of the incident last week. Though the vast majority of impacted clients were Californians who under state law are required to be notified of the potential breach, the brokerage firm said it decided to contact tall 200,000. The company declined to name the shipping company involved in the loss or theft. Earlier this year Bank of America was forced to announce an unencrypted backup tape holding customer data was stolen or lost while being shipped through commercial airlines.

Symantec wins $3.1 million in software piracy case
Enterprise security provider Symantec yesterday announced a $3.1 million default U.S. District Court judgment against a counterfeiter named Sam Jain for trademark infringement. Sam Jain, operating under names like Greatbizdeals.com and Buysmarter.com, was accused of using pop-up ads advertising Symantec software about to expire. Some of those ads redirected consumers to a Web site where Jain sold his own software. Jain also spammed e-mail mailboxes advertising counterfeit Symantec software at deeply discounted prices, including the popular Norton line. Jain fled the country to avoid being served court papers, Symantec said in a prepared statement. Last year Cupertino, Calif.-based Symantec won a similar case, receiving a $3 million judgment from a Maryland company selling counterfeit software.

Server 2003 SP1 breaks apps
Microsoft's latest service pack for its 2003 Server breaks some of the software giant's own applications -- in addition to more than a dozen from other companies. Service pack 1 creates problems in some server-based applications, such as Microsoft Baseline Security Analyzer 1.2.1, Trend Micro's ServerProtect and NetIQ's AppManager 5.0.1 and 6.0. Click here for a complete list of more than 100 applications that passed and failed Microsoft's testing. This isn't the first time a service pack has broken the functionality of other applications, according to a report from TechWeb, Windows XP SP2, initially broke more than 50 applications.

New Bagle updating botnets
An active seeding attempt has prompted Russia-based Kaspersky Labs to warn of a new Bagle variant that may be attempting to update Bagle-infected botnets. Email-Worm.Win32.Bagle-BN [as identified by Kaspersky] travels by e-mail as a .zip file attachment that contains an executable file called 19_04_2005.exe. Kaspersky says that when the executable is launched, the worm creates a text file in the Windows temporary directory. The file name begins with a tilde (~) and ends with a .txt extension; the rest of the name consists of randomly generated characters. Bagle-BN uses the default text editor on the infected machine (usually notepad) to open this file -- the user will see the word "Sorry" displayed on screen. The worm modifies the registry to ensure that it is launched each time the machine is rebooted and will prevent antivirus and firewall products from operating.

RealPlayer Enterprise gets patched
RealNetworks Inc. recommends applying a patch for security vulnerabilities that could allow an attacker to run arbitrary or malicious code. RealPlayer Enterprise versions 1.1, 1.2, 1.5, 1.6 and 1.7 -- both standalone and as configured by the RealPlayer Enterprise Manager -- are vulnerable.

Dig deeper on Identity Theft and Data Security Breaches

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchConsumerization

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly

Close