Daily Report Monday, February 12, 2007

Daily Highlights

The Associated Press reports police are on the lookout for those responsible for shooting bullet holes in the Westfield water tank causing extensive damage to the tank, which supplies water to the community of Toquerville in southern Utah. (See item 18)
·
The New York Times reports New York City will soon test ways of strengthening defenses against a nuclear device or a radioactive dirty bomb attack, with an elaborate network of radiation alarms at relevant bridges, tunnels, roadways, and waterways, creating a 50−mile circle around the city. (See item 23)

Information Technology and Telecommunications Sector

27. February 09, eWeek — Cyber−security czar calls on IT industry for help. Addressing a crowded room of attendees at the ongoing RSA Security Conference on Thursday, February 8, Greg Garcia, assistant secretary for cyber−security and telecommunications at the Department of Homeland Security, said that he and his team are already hard at work creating policies that aim to better protect critical infrastructure. Over the first four months on the job, Garcia said, he has focused primarily on establishing a game plan for his office's future projects and working to establish inroads with members of the IT and communications industries to encourage private companies' contribution to those efforts. While the federal government is aggressively looking for ways to create stronger protections for the nation's IP backbone, the process will not be able to move forward quickly unless businesses and academic institutions that control the nation's largest networks are willing to pitch in, he said. The cyber−security chief said that his initial priorities revolve around work to breed cooperation between federal agencies to develop common security policies for defending networks and to help the private sector strengthen national preparedness and incident−response plans.
Source: http://www.eweek.com/article2/0,1895,2093175,00.asp

28. February 09, eWeek — Next wave in security: Protecting smart phones, PDAs. With the number of employees using smart phones and other mobile devices, corporations must start to focus their security on more than just their network perimeter, according to security analysts and specialists attending the RSA Conference. Research done by the Business Forum Management Program in 2006 found that roughly 49 percent of the 680 executives surveyed are "mobile" or "very mobile," and about 80 percent plan to increase the number of mobile devices used in the next few years. And even though a quarter of the respondents reported having critical data stored on mobile devices, 40 percent said they have no security and compliance measures in place to protect data on those devices. The next wave in security will deal with protecting items such as smart phones, said Curtis Cresta, vice president and general manager of North American Operations for F−Secure. Smart phones, he said, are easier to maintain and cost less than laptops. In other regions, such as Asia and Europe, the widespread use of business applications on mobile phones has already begun, noted Gartner analyst John Pescatore. With the increased presence of applications on cell phones, the threat of Web−based attacks becomes less theoretical, he said.
Source: http://www.eweek.com/article2/0,1895,2093092,00.asp

29. February 09, Register (UK) — Anatomy sheds new light on Storm Worm. A deluge of Trojan−laced spam that slyly tricked recipients by promising information about winter storms ravaging Northern Europe last month was even craftier than originally thought. Among the new revelations: The Storm Worm malware launched DDoS attacks on a host of Websites related to spam, antispam and just about anything else that may have piqued the perpetrators' ire, according to Joe Stewart, senior security researcher for SecureWorks. It also appears to be a close descendant of worms that spread in November and December, a connection that few if any have made until now. Stewart says Storm Worm is a variant of the Win32/Nuwar worm that spread as early as November. Unbeknownst to most at the time, Storm Worm also installed a DDoS attack tool that wreaked havoc on various Websites. Among them was spamnation.info, which is dedicated to countering the menace of spam. Other sites that were also targeted by Storm Worm included stockpatrol.com and several sites Stewart guesses were run by rival spammer gangs.
Anatomy of a worm report: http://www.secureworks.com/research/threats/view.html?threat=storm−worm
Source: http://www.theregister.co.uk/2007/02/09/storm_worm_anatomy/

30. February 08, eWeek — Highly−critical flaw discovered in Trend Micro products. A dangerous buffer−overflow flaw in Trend Micro anti−virus software products was reported by Trend Micro and confirmed by security researchers at iDefense Labs. Researchers at Secunia have also posted an advisory on this vulnerability and have deemed this to be highly critical. This flaw can be exploited in both Windows and Linux systems, and could be used to gain access to machines, cause denial−of−service activity and allow attackers total control of affected systems. Trend Micro responded to the vulnerability by pushing out a patch that a company spokesperson says fixes the issue. The vulnerability targets all scan engine and pattern file technology in Trend Micro products due to an error within UPX compressed executables.
Secunia Advisory: http://secunia.com/advisories/24087/
Source: http://www.eweek.com/article2/0,1895,2092841,00.asp

31. February 08, IDG News Service — Big set of Microsoft security patches coming Tuesday. Microsoft plans to release 12 sets of security patches Tuesday, February 13, fixing critical vulnerabilities in a number of its products, including the company's new security software. The bulk of the patches will fix flaws in the Windows operating system and Office, Microsoft said. Five of the updates will be for Windows, and two of them will be for Office. Microsoft also plans to release one less−critical update that addresses flaws in both Windows and Office.
Source: http://www.infoworld.com/article/07/02/08/HNmssecuritypatche s_1.html

32. February 08, CNET News — Spyware, data privacy bills reappear in House. In October 2004, all but one member of the U.S. House of Representatives voted for a bill that was supposed to curtail the threat of malicious PC−disrupting spyware. But the Senate ignored it. So the House once again approved spyware regulations in May 2005, which yielded precisely the same lack of a result. Hoping that the third time proves the charm, House leaders on Thursday, February 8, introduced a bill that would once again try to impose 31 pages of regulations on the software industry in an effort to define what types of activities are permissible and which ones aren't.
Source: http://news.com.com/Spyware%2C+data+privacy+bills+reappear+in+House/2100−1028_3−6157826.html?tag=nefd.top