US-CERT has received reports of new Storm Worm related activity. The
latest activity is centered around messages related to the recent
earthquake in China and the upcoming Olympic Games. This Trojan is
spread via an unsolicited email message that contains a link to a
malicious website. This website contains a video that when opened may
run the executable file "beijing.exe" to infect the user's system with
malicious code.

Subject lines can change at any time, but the following subject lines
are noted as being used:
  * The most powerful quake hits China
  * Countless victims of earthquake in China
  * Death toll in China is growing
  * Recent earthquake in china took a heavy toll
  * Recent china earthquake kills million
  * China is paralyzed by new earthquake
  * Death toll in China exceeds 1000000
  * A new powerful disaster in China
  * A new deadly catastrophe in China
  * 2008 Olympic Games are under the threat
  * China's most deadly earthquake

US-CERT encourages users and administrators to take the following
preventative measures to mitgate the security risks:
  * Install anti-virus software, and keep its virus signature files
    up-to-date.
  * Do not follow unsolicited web links received in email messages.
  * Refer to the Recognizing and Avoiding Email Scams (pdf) document
    for more information on avoiding email scams.
  * Refer to the Avoiding Social Engineering and Phishing Attacks
    document for more information on social engineering attacks.

Vulnerability Summary for the Week of January 28, 2008

The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. The NVD is sponsored by the Department of Homeland Security (DHS) National Cyber Security Division (NCSD) / United States Computer Emergency Readiness Team (US-CERT). For modified or updated entries, please visit the NVD, which contains historical vulnerability information.

The vulnerabilities are based on the CVE vulnerability naming standard and are organized according to severity, determined by the Common Vulnerability Scoring System (CVSS) standard. The division of high, medium, and low severities correspond to the following scores:

• High - Vulnerabilities will be labeled High severity if they have a CVSS base score of 7.0 - 10.0

• Medium - Vulnerabilities will be labeled Medium severity if they have a CVSS base score of 4.0 - 6.9

• Low - Vulnerabilities will be labeled Low severity if they have a CVSS base score of 0.0 - 3.9

Entries may include additional information provided by organizations and efforts sponsored by US-CERT. This information may include identifying information, values, definitions, and related links. Patch information is provided when available. Please note that some of the information in the bulletins is compiled from external, open source reports and is not a direct result of US-CERT analysis.

This bulletin provides a summary of new vulnerabilities that have beenrecorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) the week of January 7, 2008.

File-sharing technology is a popular way for users to exchange, or "share," files. However, using this technology makes you susceptible to risks such as infection, attack, or exposure of personal information.

As cell phones and PDAs become more technologically advanced, attackers are finding new ways to target victims. By using text messaging or email, an attacker could lure you to a malicious site or convince you to install malicious code on your portable device.