DHS Daily Open Source Infrastructure Report

Daily Report Tuesday, January 16, 2007

Daily Highlights

The Nebraska Department of Agriculture has unveiled a new avian influenza surveillance program −− Avian Influenza: Testing Pays! −− for Nebraska poultry producers, providing free avian influenza tests of birds to any poultry producer who requests it. (See item 19)
·
The Associated Press reports police and sheriff's deputies rushed to check on churches early Sunday, January 14, after fires broke out at two Baptist churches and a break−in was discovered at a third in Greenville, North Carolina. (See item 38)

Information Technology and Telecommunications Sector

32. January 12, Agence France−Presse — A time−tested solution for Asia's damaged Internet cables. Workers are relying on 19th century technology to fix a very 21st century problem −− disruption of the Internet traffic that tech−savvy Asia relies on. Crewmen on boats south of Taiwan are dragging the seabed with grappling hooks at the end of long ropes to recover fiber optic cables damaged in a 7.1−magnitude earthquake that struck the region on December 26. "No electronics involved," said John Walters, general manager of Global Marine, one of the firms engaged in the repairs. "It's an old and traditional technique." Millions of people across the region, in Taiwan, China, Hong Kong, Japan, Singapore, South Korea and as far away as Australia, suffered Internet and telephone blackouts when the cables, linking Asian countries with the U.S. and beyond, were damaged. Telecom operators have diverted the traffic to allow service to return to normal but the repair work continues. "At this point none of those cables have been repaired," Walters told AFP in an interview.
Source: http://news.yahoo.com/s/afp/20070112/tc_afp/asiaquakeinternet

33. January 12, VNUNet — Cyber−crooks switch to code obfuscation. Security firm Finjan has reported that dynamic code obfuscation was increasingly used as a method to bypass traditional signature−based security systems and propagate malware during the fourth quarter of 2006. The technique works by providing each visitor to a malicious site with a different instance of obfuscated malicious code, based on random functions and parameter name changes. A conventional signature−based security solution would theoretically need millions of signatures to detect and block this particular piece of malicious code. "Hackers have begun to take advantage of new Web technologies to create complex and blended attacks," said Yuval Ben−Itzhak, chief technology officer at Finjan. "With the creation of dynamic obfuscation utilities, which enable virtually anyone to obfuscate code in an automated manner, they have dramatically escalated the threat to Web security."
Report (registration required): http://www.finjan.com/content.aspx?id=827
Source: http://www.vnunet.com/vnunet/news/2172438/cyber−crooks−switc h−code

34. January 12, VNUNet — New Java exploits brewing. Attackers have released exploit code targeting two previously patched flaws in Sun Microsystems' Java Runtime Environment (JRE) and Java Software Development Kit (SDK). The flaws could allow an attacker to remotely execute code on a Windows, Linux or Solaris system. Sun issued patches for both vulnerabilities in December. The JRE component allows JavaScript code to be executed on most operating systems, including Windows, Mac OS, Linux and Unix. The vulnerabilities affect JRE 1.3.x, 1.4.x and 1.5.x, as well as versions 1.3.x and 1.4.x of the SDK and versions 1.5.x of the Java Development Kit.
Source: http://www.vnunet.com/vnunet/news/2172403/java−exploits−brew ing

35. January 12, Tech Web — Telecom carriers face declining revenue growth in core businesses. As telecom carriers strive to become full−service providers delivering mobile broadband and Internet−related services, it's likely they will experience a rapid decline in revenue growth, a market research firm says. Year−over−year growth of total revenue from telecom services will shrink to just 1.7 percent in 2010, with actual revenues increasing to $1.5 trillion in 2010 from $1.3 trillion in 2006, Gartner said Thursday, January 11. As a result, carriers will spend more on new markets, such as media and information technology, to compensate for revenue losses in traditional telecom services.
Source: http://www.techweb.com/showArticle.jhtml;jsessionid=MQ5MFFGI4PS3AQSNDLRCKHSCJUNN2JVN?articleId=196900481

36. January 11, eWeek — Exploit released for critical PC hijack flaw. A fully working exploit for a high−risk vulnerability fixed by Microsoft two days ago has been put into limited release, prompting new "patch now" warnings from computer security experts. The exploit, which allows PC takeover attacks on Windows XP SP2, has been published to Immunity's partners program, which offers up−to−the minute information on new vulnerabilities and exploits to intrusion detection companies and larger penetrating testing firms. The company's exploit takes aim at a "critical" bug in the way Vector Markup Language is implemented in Windows. It has been successfully tested on Windows XP SP2 and Windows 2000, with default installations of Internet Explorer 6.0. "This is a fully working exploit, [it] will give you full access to do anything on the target machine," says Immunity researcher Kostya Kortchinsky. The exploit was created and confirmed in less than three hours after Microsoft's Patch Tuesday release on January 9, a fact that clearly illustrates just how much the gap has narrowed between patch release and full deployment on enterprise networks.
Source: http://www.eweek.com/article2/0,1895,2082416,00.asp