Dan Mica is stepping down as president and CEO of the Credit Union National Association effective January 2011. Mica made the announcement to the CUNA Board and executive management team today (Thursday, Aug. 27).

Websense Security Labs™ ThreatSeeker™ Network has discovered that the Daqi.com Experience Center Web site has been compromised and is serving several popular exploits. A quick investigation shows that following vulnerabilities are targeted:

• Windows Animated Cursor Remote Code Execution Vulnerability


• Microsoft Windows MDAC Vulnerability


• Microsoft Snapshot Viewer for Microsoft Access ActiveX Control Arbitrary File Download Vulnerability


• Sina DLoader Class ActiveX Control ‘DonwloadAndInstall’ Method Arbitrary File Download Vulnerability


• Xunlei Thunder DapPlayer ActiveX Control Buffer Overflow


• Ourgame GLWorld GLIEDown ActiveX Control Vulnerabilities


• RealPlayer IERPCtl ActiveX Control Buffer Overflow Vulnerability


• Storm MPS.StormPlayer.1 ActiveX Control Buffer Overflow Vulnerability

Daqi.com is a high-profile portal site in China with Alexa rank 586, loved by people who enjoy news all over the world. The specific URL that is compromised is hxxp://[removed].daqi.com/nokia/7s/index.htm

Screenshot of the site:

Screenshot of malicious payloads on the site:

The Web masters of the site are aware of the malicious files uploaded by the attackers to the compromised site, and are cleaning the malicious files.

Websense® Messaging and Websense Web Security customers are protected against this attack.

Identifying Hoaxes and Urban Legends

August 25, 2009, Alexandria, Va. – The National Credit Union Administration (NCUA) is alerting all federally insured credit unions about a fraudulent Letter to Credit Unions

Alexandria, Va., August 25, 2009 – Membership and member share accounts grew across the board during the first six months of 2009 as people continued to seek the financial security and services of credit unions according to call report data submitted by the nation’s 7,691 federally insured credit unions.

CUNA’s News Now will be on a hiatus this week and will not publish regular editions on Tuesday Aug. 25, Wednesday Aug. 26, Thursday Aug. 27, and Friday Aug. 28. However, its LiveWire tweets will continue to be posted throughout the week. Special bulletins will be posted on News Now if there are urgent developments. News Now will resume regular publication on Monday, Aug. 31.

NCUA Board Member Gigi Hyland yesterday told state regulators she would prefer to see a regulatory phase in of increased authority for credit unions to make member business loans.

The Federal Reserve Board has authority to provide grater relief to credit unions from the requirements of the 21-day rule under the new Credit CARD Act a they apply to open end credit, the Credit Union National Association has again advocated in a comment letter on the agency’s interim final rule it filed Thursday, August 20–the effective date of the interim final rule.