Daily Report Tuesday, December 26, 2006

Daily Highlights

The Department of Homeland Security on Friday, December 22, made available for public review an aggressive and comprehensive set of proposed regulations that will improve security at high.risk chemical facilities nationwide. (See item 6)
·
The Port Authority of New York and New Jersey, in an analysis based on work by Lawrence Livermore National Laboratory and the Rensselaer Polytechnic Institute, has revised an earlier assessment of the PATH system and now states that the tunnels are structurally more vulnerable than first thought. (See item 18)
·
The Savannah Morning News reports the Savannah.Chatham Metropolitan Police Bomb Squad seized several canisters containing explosive.making materials, including German military grenades, igniters, fuses, and consumer fireworks, from Skidaway Mobile Estates in Georgia. (See item 44)

Information Technology and Telecommunications Sector

38. December 22, eWeek — Vista exploit surfaces on Russian hacker site. Proof.of.concept exploit code for a privilege escalation vulnerability affecting all versions of Windows .. including Vista .. has been posted on a Russian hacker forum, forcing Microsoft to activate its emergency response process. Mike Reavey, operations manager of the Microsoft Security Response Center (MSRC), confirmed that the company is "closely monitoring" the public posting, which first appeared on a Russian language forum on December 15. It affects "csrss.exe," which is the main executable for the Microsoft Client/Server Runtime Server. According to an alert cross.posted to security mailing lists, the vulnerability is caused by a memory corruption when certain strings are sent through the MessageBox API. "The PoC reportedly allows for local elevation of privilege on Windows 2000 SP4, Windows Server 2003 SP1, Windows XP SP1, Windows XP SP2 and Windows Vista operating systems," Reavey said in an entry posted late Thursday, December 21, on the MSRC blog.
MSRC blog: http://blogs.technet.com/msrc/archive/2006/12/22/new.report.of.a.windows.vulnerability.aspx
Source: http://www.eweek.com/article2/0,1895,2076062,00.asp

39. December 22, Sophos — CafePress Website struck by distributed denial.of.service attack. Sophos has reminded companies of Internet attacks after popular Website CafePress.com told its members that it is currently the victim of a distributed denial.of.service (DDoS) assault. CafePress.com is a Website that allows Internet users to set up their own online store to easily sell customized merchandise such as t.shirts, mugs and coasters. CafePress.com handles the Website hosting, order fulfillment and payment processing on behalf of the store owner. DDoS attacks are used by Internet hackers to disrupt Websites, flooding them with traffic from zombie computers and making them inaccessible for the general public. Sophos experts speculate that the hackers may have deliberately targeted CafePress.com in the run.up to the holidays, as it is a prime shopping period.
Source: http://www.sophos.com/pressoffice/news/articles/2006/12/cafe press.html

40. December 22, TechWeb — Sale of voting machine firm with Venezuelan links will avoid U.S. probe. Voting machine provider Smartmatic Corp. and its Venezuelan owners will avoid a full U.S. national security investigation by putting the firm's Sequoia Voting Systems Inc. U.S. subsidiary up for sale. Attention has been focused on the firm because of reports it has had business connections with the government of Venezuelan President Hugo Chavez, who frequently attacks U.S. policy. In an announcement Friday, December 22, Smartmatic said it has withdrawn from a review process that was scheduled to be carried out by the U.S. Committee on Foreign Investment in the United States (CFIUS), which reviews foreign investments and acquisitions to determine whether they hold national security threats. The CFIUS investigation was examining whether Smartmatic and Sequoia had or continue to have any connection to the Chavez government.
Source: http://www.techweb.com/showArticle.jhtml;jsessionid=YIRI02RIVH0LCQSNDLRCKHSCJUNN2JVN?articleID=196701695