Daily Report Tuesday, December 5, 2006

Daily Highlights

Reuters reports power outages from last week's snowstorm continue to cause hardships for hundreds of thousands of people in the Midwest, with deaths from bitter cold, falls in darkened homes, and poisonous fumes from makeshift fires increasing in Illinois and Missouri. (See item 3)
The Star−Ledger reports a serious E. coli outbreak in central New Jersey has led to 11 confirmed cases and at least six suspected cases over the past two weeks; investigators have yet to determine the source of the outbreak. (See item 18)
Royal Caribbean Cruise Line reports the world's largest cruise ship, Freedom of the Seas, returned to Miami on Sunday, December 3, with more than 380 passengers and crew sickened by what was believed to be the norovirus. (See item 23)

Information Technology and Telecommunications Sector

31. December 04, Network World — Research group finds high level of IT deficiencies. IT vulnerabilities such as inadequate documentation and poor PC access controls put enterprises at risk of being noncompliant with regulatory mandates and prone to security events −− and most companies have at least a few such deficiencies present in their environments, according to research released Monday, December 4. The IT Policy Compliance Group surveyed 876 corporations and government agencies, and 69 percent said during the first half of this year they had averaged between three and 15 “compliance deficiencies” that had to be corrected. Another
20 percent said their organizations tallied more than 16 deficiencies, with 36 on average. The remaining 11 percent −− the top performers in the survey −− reported an average of only two compliance deficiencies. The report, entitled “Managing Spending in IT to Improve Compliance Results,” noted that 55 percent of these compliance deficiencies led directly to financial losses due to a security event, and 45 percent were of the type that required remediation to pass external audits or other regulatory reviews.
Source: http://www.networkworld.com/news/2006/120406−research−group−finds−high−levels−of−it−deficiencies.html

32. December 01, Federal Computer Week — China a major cyberthreat, commission warns. China is fielding information warfare units and developing anti−satellite capabilities aimed at countering U.S. military technology, according to a U.S. congressional commission. China’s cyberwarfare strategy has switched from a defensive to an offensive posture, with the goal of attacking enemy networks and denying adversaries access to information, said the U.S.−China Economic and Security Review Commission (USCC) in its annual report, released November 16. Chinese strategy focuses on U.S. systems that perform command and control or deliver precision weapons, the report states. China is enhancing its advanced command, control, communications, computers, intelligence, surveillance and reconnaissance capabilities in response to U.S. progress. China now has mobile command and control centers that use wireless and satellite communications to relay battlefield information. “It’s very clear from the doctoral writings of the [People’s Liberation Army] that they take cyberwarfare as one of the main ways they must be ready to attack the United States,” said USCC Chairman Larry Wortzel in an interview. “Their overall doctrine holds that a modern war in the 21st century involves cyberwarfare, electronic attack and warfare in space.”
Report: http://www.uscc.gov/annual_report/2006/annual_report_full_06 .pdf
Source: http://www.fcw.com/article96975−12−01−06−Web

33. December 01, Websense Security Labs — Malicious Website / Malicious Code: MySpace XSS QuickTime Worm. Websense Security Labs has confirmed the existence of a worm spreading on the MySpace network. This worm is exploiting the Javascript support within Apple's embedded QuickTime player. This is used in conjunction with a MySpace vulnerability that was announced two weeks ago on the Full−Disclosure mailing list. The vulnerabilities are being used to replace the legitimate links on the user's MySpace profile with links to a phishing site. Once a user's MySpace profile is infected (by viewing a malicious embedded QuickTime video), that profile is modified in two ways. The links in the user's page are replaced with links to a phishing site, and a copy of the malicious QuickTime video is embedded into the user's site. Any other users who visit this newly−infected profile may have their own profile infected as well. An infected profile can be identified by the presence of an empty QuickTime video or modified links in the MySpace header section, or both. Refer to source to view a screen shot.
Source: http://www.websense.com/securitylabs/alerts/alert.php?AlertI D=708