Friday, January 18, 2008

Daily Report

• The Associated Press reported that seven guards have been caught sleeping at the Y-12 nuclear weapons plant in Oak Ridge since 2000. Three were fired and the rest disciplined, said a spokesman for the National Nuclear Security Administration, a Department of Energy unit that oversees the Y-12 complex. (See items 6)

• According to Reuters, a World Health Organization report states that the H5N1 bird flu virus may sometimes stick to surfaces or get kicked up in fertilizer dust to infect people. After reviewing all know cases of human infection, the WHO found that 25 percent were unexplained. Most are passed directly from bird to people, but, very rarely, one person an infect another. (See item 23)

Information Technology

30. January 17, Computer Weekly – (International) Ikea plugs website security breach. Ikea has plugged a major hole in its website security that allowed hackers and phishers to use the “contact Ikea” function on the site to access the retail giant’s email system. The security flaw gave hackers and phishers full access to the resources of its email servers, allowing them to send bulk outbound mail via Ikea’s email servers. The chief technology officer of the IT security company Tier-3, said, “Ikea’s problems were caused because the contact template on the firm’s home page was inadequately secured, allowing hackers with criminal intentions to insert alternative e-mail addresses in a contact form. This basically allowed anyone with a little technical knowledge to generate millions of phishing and/or spam messages from Ikea’s mail servers using a simple script. The potential damage to the company’s reputation and possibility of email blacklisting could be significant.”

31. January 16, Dark Reading – (National) Malware quietly reaching ‘epidemic’ levels. In separate studies released yesterday, two research firms now say that malware increased between 500 percent and 1,000 percent in 2007, and it shows no signs of slowing down. “The number of new strains of malware that appeared in 2007 increased tenfold with respect to the previous year,” said PandaLabs, Panda Security’s research arm, in a report issued yesterday. “Over the last year, PandaLabs has received an average of more than 3,000 new strains of malware every day. This represents a malware epidemic which -- although silent, with little media coverage and no widespread alerts -- is nevertheless dangerous.” The results indicate that signature-based defenses for malware are no longer effective, the research firm said. Some 72 percent of networks with more than 100 workstations -- and 23 percent of home users – are currently infected with malware, despite having operative antivirus or other signature based tools in place, Panda Labs said. Experts at AV-Test, an independent testing organization, also reported skyrocketing incidence of malware yesterday. After a detailed count, the organization said it identified nearly 5.5 million different malware files in 2007 -- more than five times as many as in 2006. And the trend is accelerating: The group already has identified more than 118,000 different malware files in the first two weeks of January. The results drove AV-Test to concur with Panda Labs’s assessment. “The figures clearly demonstrate that the signature-based approach of current anti-virus software is no longer appropriate,” the report said.

32. January 16, – (National) FBI warns of malicious email scam. The FBI has issued a warning to the public following a deluge of spam emails purporting to be from the agency. The bogus messages often include pictures of the FBI’s director, along with the organization’s official seal, letterhead and banner. “The FBI does not send out emails soliciting personal information from citizens,” said the agency. “The social engineering technique of using the FBI’s name is designed to intimidate and convince the recipient that the email is legitimate. The emails are typically a notification of a ‘lottery win’ or long-lost relative leaving an ‘inheritance.’ Other emails offer website monitoring containing malicious attachments and online auction scams. The warning comes just six months after the FBI issued a similar alert about spammers using trusted institutions to improve returns.

Communications Sector

33. January 16, – (National) Cisco warns of Unified Communications Manager heap overflow flaw. Cisco Wednesday released its first new security alert of the year: a warning that its Cisco Unified Communications Manager – formerly CallManager -- contains a heap overflow vulnerability in the Certificate Trust List that could allow a hacker to cause a denial-of-service attack or execute arbitrary code. Cisco has made available a free software fix for affected customers, and a workaround is available in its security advisory. The products that are vulnerable are: Cisco Unified CallManager 4.0, Cisco Unified CallManager 4.1 Versions prior to 4.1(3)SR5c, Cisco Unified Communications Manager 4.2 Versions prior to 4.2(3) SR3, and Cisco Unified Communications Manager 4.3 Versions prior to 4.3(1) SR1. Cisco says it is not aware of any public announcements or malicious use of the vulnerability, which was reported to Cisco from TippingPoint.