Daily Report Wednesday, November 1, 2006

The Associated Press reports federal authorities are investigating how a jetliner carrying more than 160 people landed on a taxiway instead of an adjacent runway at Newark's Liberty Airport on Saturday night, October 28. (See item 15)

U.S. Centers for Disease Control and Prevention and the Food and Drug
Administration are investigating a salmonella outbreak potentially linked to produce that has sickened at least 172 people in 18 states. (See item 22)

United Press International reports the FBI is investigating how a hacker, tapping into an employee's laptop, bypassed security and compromised the computer of a Pennsylvania, water filtration plant. (See item 24)

Information Technology and Telecommunications Sector

35. October 31, Security Focus — HP OpenView Storage Data Protector Backup Agent remote arbitrary command execution vulnerability. HP OpenView Storage Data Protector Backup Agent is prone to an arbitrary command execution vulnerability. Attackers can exploit this vulnerability to execute arbitrary commands in the context of the affected process. This may aid attackers in the compromise of the underlying system; other attacks are also possible. HP OpenView Storage Data Protector 5.5 and HP OpenView Storage Data Protector 5.1.

Solution: The vendor has released an advisory along with fixes to address this issue. For further information on obtaining and applying fixes:
Source: http://www.securityfocus.com/bid/19495/references

36. October 31, VNUNet — Security firm warns of Halloween malware. Web filtering and security firm Websense has warned Internet users to be aware of online scammers seeking to exploit this year's Halloween celebrations. Users may encounter one of these malicious sites when searching Google for Halloween items. Websense has described one instance of these scams as the classic "typo−attack" in which cyber−criminals create links to Webpages that host malware. The sites take advantage of commonly mistyped word searches such as "halkoween" instead of "halloween." These Websites often advertise Halloween−related details in their titles, but actually contain dangerous spyware which could log user activity on the Web.

Source: http://www.vnunet.com/vnunet/news/2167612/websense−halloween −malware

37. October 31, Reuters — Microsoft sues counterfeit software dealers. Microsoft Corp. said on Tuesday, October 31, it had started 55 legal actions around the world against dealers it accuses of selling counterfeit software online, its largest enforcement effort to date. "Today's announcement marks...the first time the company has focused its efforts worldwide to bring legal action against online dealers," the U.S.−based software company said in a statement. "Counterfeit software is defective and dangerous because counterfeiters tamper with the genuine software code, which leaves the door open to identity theft and other serious security breaches," Matt Lundy, a senior attorney at Microsoft, said in a statement. Microsoft analyzed counterfeit Windows XP programs in June this year and said it found that 34 percent of the disks could not be installed on a computer, and another 43 percent contained additional programs, or binary code, that are not part of the operating system.

Source: http://www.eweek.com/article2/0,1895,2047861,00.asp
The Department of Homeland Security produces a daily report that is available to everyone. They even provide an archive of the past ten days. Unfortunately, it is my perception that not enough of the general public and professional sector are paying attention to this report. Those that are a member of InfraGard (http://www.infragard.net/) have access to all reports ever published!

The objective
of this blog is to bring everyone's attention to this information resource. On each business day this report is generated in the format of Adobe PDF and is available to anyone with access to the Internet. InfraGard members can receive the report on a daily basis via eMail. For the general public, subscription to the full report on a daily basis can be accomplished as follows:

Send an eMail to
dhsdailyadmin@mail.dhs.osis.gov with the following subject DHS Daily Open Source Infrastructure Report and the following line in the body...subscribe. You should start receiving the reports each day quite early in the morning; earlier than from InfraGard.

To increase awareness of this valuable resource, to not only the professional security community, but also the general public, this blog will on a daily basis publish the Daily Highlights as defined by DHS and the first three issues described relative to the Information Technology and Telecommunications Sector. On a rare occasion, an editorial comment relative to report content may be made.

To obtain a complete copy of the current report or any of the reports for the past nine business days, proceed to http://www.dhs.gov/xinfoshare/publications/ and click on "Daily Open Source Infrastructure Report".