Daily Report Monday, December 18, 2006

Daily Highlights


The Associated Press reports utility crews were working nonstop through the weekend to restore service to hundreds of thousands of people still without power after a windstorm hit western Washington state on Thursday, December 14; it could be several days before everyone has power again. (See item 1)
·
The Department of Homeland Security issued on Friday, December 15, a notice of proposed rulemaking, as part of a package of new security measures to vastly strengthen the security of the nation's rail systems in the highest threat urban areas. (See item 14)
·
The Glendale, Arizona, police bomb squad was called out early Wednesday, December 13, after a number of homemade explosive devices were found inside a storage locker. (See item 43)

Information Technology and Telecommunications Sector

38. December 15, CNET News — Yahoo Messenger gets security update. Yahoo has issued a "highly critical" update for its popular instant messenger feature as it tries to combat security flaws that could allow an attacker to take over a user's system. The flaws affect versions of Yahoo Messenger 5.0 through 8.0, according to a security advisory released Friday, December 15, by Secunia. Windows users who were running versions of Yahoo Messenger before November 2 are advised to update to Yahoo Messenger 8.1.
Secunia Advisory: http://secunia.com/advisories/23401/
Source: http://news.com.com/Yahoo+Messenger+gets+security+update/2100.1002_3.6144110.html?tag=nefd.top

39. December 15, Tech Web — Sturdier botnets mean more spam in 2007. The late.2006 appearance of durable botnets was a tipping point in the back.and.forth battle against spammers, an industry analyst said Friday, December 15, who predicted that spam will continue to gain ground on defenses. Assembled by a Trojan called SpamThru, the new botnets are tougher to bring down, says Paul Wood, senior analyst with MessageLabs, a message security and filtering service. "The advent of Trojans like SpamThru makes it possible for each bot in the net to learn about the location of other bots. When a bot goes down or the command and control channel is compromised, the other bots know about it." In SpamThru's techniques, if a control server is shut down, the spammer can easily update the rest of the bots with the location of a new server as long as he controls at least one bot in the net. And if a specific bot is shut down, its spam load can be quickly shifted to another, as.yet.undiscovered, bot. "Until now, it's not been possible to regain control of a [compromised] botnet," says Wood. "This makes botnets much more resilient."
Source: http://www.techweb.com/showArticle.jhtml;jsessionid=4Z3ROB0E0ONAIQSNDLPCKHSCJUNN2JVN?articleID=196700223

40. December 14, Government Computer News — Agencies waiting on vendors for IPv6 security products. With the deadline to move their network backbone to Internet Protocol Version 6 (IPv6) still about 18 months away, agencies’ biggest concern is whether the security industry will have enough products to support them. Three agency officials who are leading efforts to move to IPv6 expressed concern over the lack of support from security vendors so far, and said federal agencies, such as the National Institute of Standards and Technology and the Defense Advanced Research Projects Agency, will have to provide seed money to move products along. “Security has not received the same focus as, say, routers,” said John McManus, Commerce Department deputy CIO and co.chairman of the IPv6 working group. “The Office of Management and Budget’s memo said the security must be at least the same, if not higher. If you can’t secure your network, you will not bring it online.”
Source: http://www.gcn.com/online/vol1_no1/42797.1.html