It doesn\u2019t get much more embarrassing for a security company than this: An update to Sophos\u2019s antivirus software for Windows detected parts of its own software as malicious code. Once detected the software then disabled and\/or deleted sections of the company's Endpoint security suite, including its ability to auto-update and thus repair itself.\n\tThe company tried to play it cool on its website:\n\t\n\t\t"Some Sophos customers have reported detections today of Shh\/Updater-B. Many of these reports involve detections of Sophos's own code, but there are a number of third-party applications which are also being identified. Sophos would like to reassure users that these are\u00a0false positives\u00a0and are not\u00a0a malware outbreak, and apologizes for any inconvenience."\n\n\tHowever, a commenter at SlashDot reported, \u201cFor many hours on the 19th, Sophos technical call centers were so busy customers were unable to even get through to wait on hold for assistance. Today thousands of enterprise customers remain crippled and unable to update their security software.\u201d\n\tSophos says an investigation is underway. OOOOOOOOOOOOOOOOOOOOOOPS.\n\tAbsurd Quote of the Week: "Huawei has not and will not jeopardize our global commercial success nor the integrity of our customers' networks for any third party or government \u2013 ever," Huawei Senior Vice President Charles Ding during a House Intelligence Committee hearing. Mr. Ding later said he knows of some water-front property in Arizona, if anyone was interested.\n\tFunny Story of the Week: How to Fake Network Security Monitoring\u00a0(InfoSec)\n\tOther Notable IT Security Stories from the Past Week:\n\t\n\t\tMicrosoft issues stopgap fix for IE 0-day flaw: (KrebsOnSecurity) Microsoft today released a stopgap fix for a critical security flaw in most versions of Internet Explorer that hackers\u00a0exploited\u00a0to break into Windows systems. The company said it expects to issue an official patch (MS12-063) for the vulnerability on Friday, Sept. 21.\n\t\n\t\tCyberwar on Iran more sophisticated than first thought, say researchers: (Guardian UK) A study of the Flame malware used in the Middle East and north Africa reveals its programmers probably had national backing.\n\t\n\t\tJapan confirms cyberattacks over island dispute: (ZDNet) At least 19 Japanese websites were hit by cyberattacks, reportedly from China, over the two countries' territorial dispute involving islands in East China Sea, according to\u00a0Japan's National Police Association.\n\t\n\t\tNew espionage campaign tied to RSA breach, GhostNet attacks: (SC Magazine) Dell SecureWorks researchers believe recent attacks targeting oil and energy companies in various countries are connected to the cyber criminals behind RSA's breach and the GhostNet espionage campaign.\n\t\n\t\tFlaw in oracle logon protocol leads to easy password cracking: (ThreatPost) There is a serious vulnerability in the authentication protocol used by some Oracle databases, a flaw that could enable remote attackers to brute-force\u00a0tokens provided by the server prior to authentication to\u00a0determine a user\u00a0passwords.\n\t\n\t\tOver 9 million PCs infected - ZeroAccess botnet uncovered: (NakedSecurity) ZeroAccess is a widespread malware threat that has plagued individuals and enterprises for years. It has evolved over time to cater to\u00a0new architectures and new versions of Windows.\n\t\n\t\tPhone numbers are enough to access user accounts on some mobile operator portals: (NetworkWorld) Attackers could impersonate legitimate mobile users on the Web portals many mobile operators use to sell content and services to their customers because of a security flaw in the sites, according to Bogdan Alecu, an independent security researcher from Romania.\n\t\n\t\tAndroid NFC hack lets\u00a0travelers\u00a0ride US subways for free: (NetworkWorld) Contactless fare cards for\u00a0the New Jersey and San Francisco transit systems can be manipulated using an Android application, enabling travelers to reset their card balance and travel for free, researchers demonstrated on Thursday during the EUSecWest security conference in Amsterdam.\n\t\n\t\tFBI says cybercriminals shift focus to bank employees: (CSOOnline) The preferred target in the financial industry is moving from the bank customer to the employee. That is according to the FBI, which issued\u00a0a warning earlier this week\u00a0that the latest trend by cybercriminals is to get employee login credentials, using spam and phishing e-mails, keystroke loggers\u00a0and Remote Access Trojans (RAT).\n\t\n\t\tCyberspying effort drops 'Mirage' on energy firms: (CNET) The Mirage malware targets individuals at organizations in the Philippines, Taiwan, Canada and elsewhere via "spear-phishing" e-mails bearing tainted PDF files.\n\t\n\t\tID theft service tied to payday loan sites: (KrebsOnSecurity) A website that sells Social Security numbers, bank account information and other sensitive data on millions of Americans appears to be getting at least some of its records from a network of hacked or complicit payday loan sites.\n\t\n\t\tPhonetic attack commands crash bank phone lines: (SC Magazine) A security researcher\u00a0demonstrated a series of attacks capable of disabling touch-tone and voice-activated phone systems and\u00a0forcing them to disclose sensitive information.\n\n\tFrom the\u00a0Damning With Faint Praise Dept.:\u00a0TrustGo Says Google Play is Fifth Safest App Market\n\tFrom the\u00a0Quis custodiet ipsos custodies Dept.:\u00a0Police in Prince George\u2019s County, MD, installed cameras to watch the cameras used to catch speeding drivers. Some people\u2013presumably people caught speeding\u2013have taken to destroying the traffic enforcement cameras.\u00a0Now they have another target as well.