Friday, May 28, 2010

Complete DHS Daily Report for May 28, 2010

Daily Report

Top Stories

• A national consumer group said the U.S. Food and Drug Administration should set minimum sanitary and safety standards for pallets used to transport food, after tests revealed the presence of bacteria and virulent pathogens that cause food poisoning, reports “We believe it is essential to ensure that pathogens are not introduced at any step along the food transport system, from farm to fork,” the executive director of the National Consumers League (NCL) said in a statement. (See item 16)

16. May 26, Associated Press – (Indiana) Lawsuit: Contractor approved bad gun parts. A former employee of an Indiana defense contractor has filed a whistleblower lawsuit claiming the company ordered him to approve parts for machine guns used by troops that did not meet quality standards, and that he was fired for complaining about it. In a lawsuit filed in U.S. District Court in Evansville in February 2009 and unsealed in March, an employee accused Dugger-based Northside Machine Company of fraud and wrongful termination. He is seeking reinstatement with back pay and unspecified damages. In a court filing Wednesday, the company contends that it never told the man to falsify test results, and that he never complained to management before he was fired. It asked a judge to dismiss his lawsuit. Northside Machine supplies trigger assemblies and other components to defense contractor FN Manufacturing for use in its M240 and M249 machine guns, which are widely used by the military. FN Manufacturing is not accused of wrongdoing. According to a 2006 report by the Center for Naval Analyses, a federally funded research group that studies military matters, 30 percent of troops surveyed reported that the M249 had stopped firing during combat, a higher percentage than with any other weapon included in the report. Problems with the light machine gun and other weapons were reported during the July 2008 battle in Wanat, Afghanistan, in which nine U.S. troops died and 27 were wounded. Source:

• According to The Associated Press, a former employee of an Indiana defense contractor has filed a whistleblower lawsuit claiming the company ordered him to approve parts for machine guns used by troops that did not meet quality standards (with the problems resulting in injuries and deaths), and that he was fired for complaining about it. (See item 27)

27. May 27, – (National) Wooden pallets could be poisoning our food, consumer group’s test show. A national consumer group said the U.S. Food and Drug Administration should set minimum sanitary and safety standards for pallets used to transport food, after tests revealed the presence of bacteria that cause food poisoning. “We believe it is essential to ensure that pathogens are not introduced at any step along the food transport system, from farm to fork,” the executive director of the National Consumers League (NCL) said in a statement. The recommendations follow recent tests conducted by the NCL on pallets to determine whether they may be carriers of pathogens. The NCL tested pallets for a number of food-borne pathogens, including E. coli and Listeria, and found 10 percent of the wooden pallets tested positive for E. coli (though not the most virulent strain, E. coli O157:H7). In addition to the presence of E. coli, 2.9 percent of the wood pallets tested positive for Listeria. Half of these, when further tested, contained Listeria monocytogenes, one of the most virulent pathogens. This strain is linked to a 20 to 30 percent rate of clinical infection resulting in death, and causes approximately 2,500 illnesses and 500 deaths in the United States every year. Listeriosis is also more likely to cause death than any other food-borne bacterial pathogen. “With approximately two billion pallets currently in circulation in the United States, the presence of dangerous pathogens on even a small percentage of those pallets presents a potential threat to the safety of the food supply,” the NCL executive director wrote to the FDA. Although both types of pallets tested positive for pathogens, wooden pallets contained far more for a number of reasons. Unlike plastic, wooden pallets absorb water, harbor bacteria and are difficult to fully clean, making it easier for them to contaminate food. The NCL’s test also revealed wood pallets are more likely to be stored outside and exposed to weather, rodents, bird droppings and insects. Splinters on wooden pallets can also damage packaging, creating an opening for pathogens. In a just-issued report prepared for the FDA, Eastern Research Group, Inc. highlights the use of “good quality pallets” as a preventive measure. The agency has said it will use the report to inform the development of new rules to increase the safety of food during transport. Source:


Banking and Finance Sector

18. May 27, Windsor Beacon – (Colorado) Payday loan collection calls just another elaborate scam. If anyone has received a call recently from a debt collecting agency telling them to either set up a payment plan or face arrest, the Windsor (Colorado) Police Department asks them to pause. “First of all, private businesses can’t issue arrest warrants,” said a Windsor police corporal. This phone call, which was recently received by a Windsor resident, is a new twist on a familiar scam, according to police officials. The scam was made more frightening, the officer said, because the caller had a lot of this resident’s personal information from a payday loan application she’d previously filled out. “The caller was abrupt and rude, and basically they frightened [a resident] into doing what they said,” the officer said. The resident made only one payment before she was convinced to call the Windsor police, who investigated. Source:

19. May 26, WLWT 5 Cincinnati – (Ohio) High-tech credit cards vulnerable to thieves. New no-swipe technology makes using credit cards faster and easier than ever before, but that convenience makes credit cards an easy target for thieves. Companies are now embedding small computer chips into cards in which radio frequencies read the data right off the card. The technology goes by several names including Pay Pass, Express Pay and Tap N Go. But clever thieves can also read that frequency and swipe information. “What you may not know is someone may be looking to glean that off of your card and use it,” said a professor at Webster University and owner of PitViper Industries. Some banks are looking at security options as they add the chip to their banking cards. “The thieves will have a very difficult time compromising the card. That’s some of the technology that is embedded in the card,” a spokesman of Fifth Third Bank Community Relations said. Experts predict that the magnetic strip will be gone from all credit cards, replaced by the chips, within three to five years. Source:

20. May 26, Orlando Sentinel – (Florida) Winter Park police think skimming devices used at Bank of America ATMs. Winter Park, Florida police are investigating the use of skimming devices they think were used to steal credit and debit card information from Bank of America customers. None of the people who lost money had lost or misplaced their cards, but their accounts were accessed in late April, police said. Suspects were seen on surveillance video driving a black or blue Mercury Grand Marquis. Source:

For another story, see item 46 below in the Information Technology Sector

Information Technology

46. May 27, Softpedia – (International) Romanian authorities shut down ATM-skimmer manufacturing operation. The Romanian organized crime police has dismantled a major cybercriminal ring that specialized in manufacturing and selling ATM skimmers. Law enforcement officials descended at more than 40 locations in several cities and detained 20 suspects. Prosecutors from the Romanian Directorate for Investigating Organized Crime and Terrorism (DIICOT) are investigating multiple individuals under the suspicion of being members of an organized crime group, unauthorized access to a computer system, possessing card-cloning equipment, access-device fraud, and distributing fake electronic-payment devices. According to DIICOT, the criminal group operated out of Romania’s Dolj county, particularly the city of Craiova, where the ATM skimmers were assembled. However, some of the electronic components used for the devices were manufactured in Bucharest. The devices were either sold to other fraudsters or used by ring members in Italy, Germany, Sweden, or Romania. Teams of Romanian Police special forces raided 38 locations in Craiova, six in Bucharest and three in a neighboring county earlier today, taking a total number of 20 suspects back for questioning. Amongst them are the brother of a local magistrate and the son of a Ministry of Interior official. Source:

47. May 27, IDG News Service – (International) Europe warns Google, Microsoft, others about search-data retention. Google, Microsoft, and Yahoo are retaining detailed search engine data for too long and not making it sufficiently anonymous later, in violation of European law, the European Union’s data-protection advisory body has warned. The three companies received letters May 26 from the Article 29 Data Protection Working Party, which oversees data-protection issues in the E.U. Since 2008 the working party has pressured search companies to retain highly detailed search records for no longer than six months. Google, Yahoo, and Microsoft all agreed to modify how long they store the detailed data, which varied up to 18 months. The data collected by search engines can include a host of details, including the search terms, the date and time of the search, the searcher’s IP (Internet Protocol) address and the brand of browser, operating system and language used. Google keeps the full data for nine months and then obscures the last octet of the IP address. The working party wrote to Google stating that that policy does not protect the “identifiability of data subjects.” Also, Google retains cookies — data files used to track how a person moves around a Web site — for 18 months, which would also allow for the correlation of search queries, the working party said. In a news release, the working party singled out Google, saying that that company’s 95 percent market share in some European countries means it “has a significant role in European citizens’ daily lives.” Source:

48. May 26, The Register – (International) Cisco bugs surrender control of building’s critical systems. Cisco Systems has warned of serious vulnerabilities in a device that connects a building’s ventilation, lighting, security, and energy supply systems so they can be controlled by IT workers remotely. The networking giant May 26 urged users of the Cisco Network Building Mediator products to patch the vulnerabilities, which among other things allow adversaries to obtain administrative passwords. No authentication is required to read the system configuration files, making it possible for outsiders to take control of a building’s most critical control systems. “Successful exploitation of any of these vulnerabilities could result in a malicious user taking complete control over an affected device,” a Cisco advisory stated. The notice also warned that the vulnerabilities are present in the legacy products from Richards-Zeta, the Cisco-acquired company that originally designed the system. The bugs were discovered during internal testing. Another flaw makes it possible for low-level employees to gain full control of the device by accessing default administrative accounts. Other bugs allowed malicious insiders to intercept traffic as it travels between an administrator and the building mediator and to escalate limited privileges. Source:

49. May 26, IDG News Service – (National) U.S. need to fight online terrorism recruiting, expert says. The U.S. government lacks a plan to counter terrorist recruiting efforts online, even though such efforts by jihad groups are growing, one terrorism expert told U.S. lawmakers. The U.S. government does not make an effort to engage with people who may be open to terrorist recruiting efforts and dissuade them from joining, a professor in the School of Foreign Service at Georgetown University told lawmakers May 26. The U.K. government has a program that works with local communities to identify possible targets for terrorism recruiting, said the professor, a former scholar in residence at the U.S. Central Intelligence Agency. Instead of on-the-ground programs working with potential targets of terrorism recruiting, U.S. agencies have, in some cases, tried to control terrorism communications on the Internet. “We shouldn’t be censoring the Internet,” he said. “I think the problem is we default toward these very intrusive approaches.” Internet service providers should have protection from lawsuits if they take down terrorism-related Web sites, said a former counterterrorism official with the CIA and the U.S. Federal Bureau of Investigation. Source:

50. May 26, The New New Internet – (International) Self-published authors warned about phishing attack., a book-marketing site, has issued a warning on recent phishing attacks that have hit self-published authors. According to the BookWhirl management, this scam includes fraudsters sending e-mails that appear to be from an official e-mail. These e-mails embody fake names and contact information that only uses the’s name to extract personal information for monetary gain. Recipients of these fraudulent e-mails have been advised to verify the e-mail address and contact information of all e-mails received, even if the e-mail appears to be from an official or familiar source. BookWhirl management has emphasized that only e-mail addresses with the domain name of “” and the contact details stated on their Web site are considered authentic. Source:

51. May 26, ComputerWorld – (International) Amid backlash, Facebook unveils simpler privacy controls. Amid mounting criticism that Facebook lacks adequate privacy controls, the CEO May 26 worked hard during the unveiling of new, simplified privacy controls to drive home the point that the company cares about protecting the personal information of its users. The CEO acknowledged during a press conference this afternoon that executives at the phenomenally successful social networking firm have made mistakes and have communicated badly with users about their privacy concerns. He also said that Facebook heard the loud user complaints about the site’s complicated and frustrating privacy controls, and noted that tools have been built to correct those issues. The criticism that the social networking firm is playing fast and loose with user information mounted significantly in recent weeks after Facebook unveiled a bevy of tools that allow user information to be shared with other Web sites. One of the new settings rolled out May 26 is a single control that limits who can see the content posted by a Facebook user. Source:

52. May 26, DarkReading – (International) Researchers find new ways to eavesdrop via mobile devices. Cell phones and other handheld devices could become a great way to listen in on spoken conversations, researchers at George Mason University said this week. In a paper, two researchers describe several new plays on the concept of “microphone hijacking,” which has been used for years. The idea is to put spyware on mobile devices — including laptops, cell phones, and PDAs — that can use their built-in microphones to eavesdrop on nearby conversations. In the past, this eavesdropping has usually been done via the victim’s own cell phone or other device. But the two describe a way to bug nearby devices belonging to nearby users to achieve similar results. Under the researchers’ concept, called a “roving bugnet,” the eavesdropper would use a piece of malware called a “bugbot” to listen in on in-person interactions via a nearby smartphone or laptop. Such attacks would be more likely to target specific people (such as an executive or a spouse) than as a broad attack, the researchers said. Source:

53. May 26, DarkReading – (International) Anti-Clickjacking defenses ‘busted’ in top Web sites. Turns out the most common defense against clickjacking and other Web framing attacks is easily broken: Researchers were able to bypass frame-busting methods used by all of the Alexa Top 500 Web sites. The new research from Stanford University and Carnegie Mellon University’s Silicon Valley campus found that frame-busting, a popular technique that basically stops a Web site from operating when it’s loaded inside a “frame,” does not prevent clickjacking. Clickjacking attacks use malicious iFrames inserted into a Web page to hijack a user’s Web session. “There are so many different ways to do frame-busting, and that’s a problem with it,” said one of the lead researchers in the project and assistant research professor at CMU-Silicon Valley. The researcher said he had suspected that frame-busting was weak since it was mainly an “ad-hoc” solution. “But we didn’t know the magnitude of the problem,” he said. “We had trouble finding any sites that were secure against all the attacks we identified.” One of the Stanford researchers, said the toughest frame-busting method of all was Twitter’s, which had some back-up checks in case its frame-busting defense was to fail. Source:

54. May 26, TrendLabs – (International) Windows WMI abused for malware operations. TrendLabs recently handled a client case last March wherein two peculiar malware leveraged a Windows service — Windows Management Instrumentation (WMI) — to execute their malicious routines. WMI lets users access and retrieve information about their OSs. It is particularly useful for administrators, especially in enterprise environments, as it manages applications found on systems connected to a network using any one of various coding languages. It can be considered a database that contains information on anything and everything related to a system’s OS and its users. As WMI contains a huge chunk of data, cybercriminals find it a very likely target for their malicious creations. They can, for instance, introduce specialized pragma to the service to make affected systems do their malicious bidding. Source:

Communications Sector

55. May 27, Darien Times – (Connecticut) Darien Police phones fail for the third time in 2010. The routine phone system at the Darien, Connecticut Police Department failed for the third time this year on Tuesday. While 911 capability remained intact, the police’s main phone system was rendered useless due to a technology glitch, according to the police chief. “Last year, the town’s IT department installed a new voice-over-Internet phone system so that all of the town agencies were using the same system,” The Darien Times was told Wednesday. “For some unknown reason we have had a couple of failures with the system,” the chief said. “They did identify one problem previously and fixed it, and it did not appear that yesterday’s failure was of the same variety.” Source:

For another story, see item 52 above in the Information Technology Sector

Department of Homeland Security Daily Open Source Infrastructure Report

Thursday, May 27, 2010

Complete DHS Daily Report for May 27, 2010

Daily Report

Top Stories

 The Wall Street Journal reports that public health officials are battling a host of new infectious threats to the nation’s blood supply on May 24, but new screening tests are hard to develop and can take years to win government approval. (See item 43)

43. May 24, Wall Street Journal – (National) New threats to U.S. blood supply. Public health officials are battling a host of new infectious threats to the nation’s blood supply. Blood centers, which have long tested for risks like hepatitis C and AIDS, have added a number of new tests on donated blood in recent years, including checks for West Nile virus and Chagas, a tropical parasitic disease. But new screening tests are hard to develop and can take years to win government approval. Currently, for instance, there’s no way to screen for newer threats like babesiosis, a parasitic infection that has been linked to 10 U.S. deaths through blood transfusions since 2006. And a dangerous virus known as Chikungunya has spread to the U.S. and Europe from Africa in the last several years. Blood supply officials are urging the U.S. government to adopt so-called pathogen-reduction technology that can kill a wide range of contaminants in blood after it has been donated. One method already in use in about a dozen countries in Europe, Asia and elsewhere destroys most pathogens with a combination of chemicals and ultraviolet light. The Food and Drug Administration declined to approve the technology several years ago, citing possible side effects. But the agency is continuing to evaluate it. Source:

 AT&T’s new digital home phone service failed across the country on May 25, illustrating continuing reliability issues with Internet-based phone service, according to the Associate Press. (See item 56 below in the Communications Sector)


Banking and Finance Sector

14. May 26, The New New Internet – (Minnesota; North Dakota) Hackers target small businesses. The Better Business Bureau of Minnesota and North Dakota, and the Minnesota Cyber Crime Task Force are urging all small businesses with outdated or lacking online security software to be aware of foreign hackers stealing credit card information and then selling it on the Web. Businesses targeted by these cyber intrusions could be liable for any losses involving stolen credit card data, which could potentially bankrupt smaller enterprises. All small businesses that process, store or transmit credit card information are advised to bring up to date their security software and become PCI compliant immediately. The Payment Card Industry Data Security Standard is a set of requirements designed to ensure that all companies that deal with credit card information maintain a secure environment. Although the PCI is not law, it was created by major credit card brands that can, at their discretion, fine merchants that do not comply with the standards in case of a data breach. Source:

15. May 26, SC Magazine – (International) American Express may have failed to encrypt data. American Express may be in hot water after a computer engineer discovered a portion of the card brand’s Web site, which claims to be secure, sending private information in the clear. The engineer wrote in a blog post May 25 that he received a promotional e-mail from American Express encouraging him to sign up for the Daily Wish service, through which cardholders can receive hefty discounts on a limited amount of merchandise, such as computers and camcorders. If users click on the “Sign up for Daily Wish” button, they are prompted to enter personal information, such as name, card number, security code, expiration date and billing zip code, into a pop-up box. The box includes a “this page is secure” notification link, but upon further review, the engineer found this not to be the case. The domain for the sign-up box was not using https, he said. He used the open-source packet analyser Wireshark to confirm that the (fake) information he entered into the form was delivered in clear text back to American Express’ server. The card company, in a tweet posted May 25, said it was aware of the issue and was investigating. Source:

16. May 26, BBC – (International) German bank ‘blown up by robbers. Suspected robbers in Germany appear to have miscalculated the quantity of explosives needed to blow their way into a rural bank. The building housing the bank in the northern village of Malliss was largely destroyed by an overnight explosion. The bank’s cash machine survived intact and the suspected thieves are not thought to have made away with any money, Germany’s Welt Online reported. No one was injured, though the blast damaged nearby cars and buildings. Investigators were working on the assumption that robbers had placed their explosives, possibly made from petrol or acetylene, at the entrance to the bank, German broadcaster NDR said. The presence of a delivery van near the site of the explosion indicated that the suspected thieves may have intended to drive off with the cash dispenser, local media reported. Source:

17. May 25, Montgomery County Courier – (International) Russian Mafia funds recovered in eBay scam. Montgomery County (Texas) Sheriff’s Office (MCSO) detectives, and the district attorney’s office recovered $11,200 in an eBay scam from a bank account suspected of belonging to the Russian Mafia, officials said. The complainant in the case had ordered a tractor on eBay in February, with March 5 as the expected delivery date, according to a MCSO press release. When the equipment never arrived, the complainant contacted eBay, who informed the complainant that the transaction was fraudulent. A MCSO detective learned the transaction was part of a much larger multimillion dollar scam, with the proceeds of the transaction linked to an account that had recently been seized in a criminal investigation involving the Russian Mafia, the release stated. All documentation regarding the account was linked to stolen passports, the release stated, making it next to impossible to locate the thieves. Source:

18. May 25, Triangle Business Journal – (National) RBC Bank, Wachovia, SunTrust on Weiss list of vulnerable banks. Raleigh, North Carolina-based RBC Bank is one of 20 large U.S. banks and 11 Triangle, North Carolina-based banks considered vulnerable by Weiss Ratings, a Florida-based company that evaluates the financial strength of insurers, banks and savings and loans. A new Weiss report gives RBC Bank, the U.S. banking arm of the Royal Bank of Canada, a “D-” The bank, with $27.5 billion in assets, has been dealing with a loan portfolio weighed down by depressed real estate in Florida. Three other huge players in the Triangle banking market also are on the Weiss list of weakest banks. Atlanta-based SunTrust Banks joins RBC Bank in receiving a D- rating. Weiss gave D ratings to Bank of America, the country’s largest commercial bank but No. 5 in the Triangle, and Triangle-market leader Wachovia, a Charlotte-based bank now owned by San Francisco-based Wells Fargo & Co. All told, Weiss said, 2,259 U.S. banks and savings and loans, controlling $5.8 trillion, or 43.8 percent of the industry’s total assets, are vulnerable. Those banks are given grades ranging from D+ to D-. Source:

19. May 25, WPTV 5 West Palm Beach – (National) Gas stations protect customers from ‘skimming’. Criminals have found an easy way to make money — breaking into gas pumps and installing tiny card-skimming machines that can read credit cards. It has become such a worldwide problem, that as of this summer, credit card companies are requiring all gas station owners to purchase and install new technology to curtail the crime. “The penalties are stiff,” said a West Palm Beach, Florida Exxon owner. “If we do not upgrade, we will not get to take credit cards and that’s 90 percent of our business.” The cost is roughly $4,000 per pump. Add that to requirements for station generators and hurricane-proof pumps, and the Exxon owner fears the few little guys in the gas station business may be driven out of business. All stations are required to have the new technology by June 30. There is one exception, because of an equipment shortage, Exxon and Mobil stores, have been given an extension until December. Source:

20. May 25, KMGH 7 Denver – (Colorado) FBI: ‘Bad Hatter Bandit’ hits another bank. A woman dubbed the “Bad Hatter Bandit” for her floppy sun hats robbed a south Denver bank May 25, the FBI said. The woman is believed to be responsible for two other bank robberies in the Denver metro area, a FBI spokesman said. She was wearing a red floppy hat, a flowered pink tank top and khaki shorts when she entered the Bank of the West, 2050 S. Downing St., at about 2:08 p.m. She handed a note to a teller demanding money and implying she had a weapon, police said. The FBI Rocky Mountain Safe Streets Task Force has nicknamed the bank robber the Bad Hatter Bandit “for obvious reasons.” Source:

Information Technology

50. May 26, SC Magazine – (International) Spam and viruses see minor rises, as 9 out of 10 spam e-mails have a hyperlink or URL contained in the message. In the May 2010 Symantec MessageLabs Intelligence Report, analysis has revealed that nine out of 10 spam e-mails now contain a URL link in the message and in May, 5 percent of all domains found in spam URLs belonged to genuine Web sites. Of the most frequently used domain names contained in spam URLs, the top four belong to well-known Web sites used for social networking, blogging and file sharing and host other forms of user-generated content. The report also found that there was a minor increase by 0.3 percent of spam in e-mail traffic, while analysis of Web security activity showed that 12.4 percent of all Web-based malware intercepted was new in May, an increase of 1.5 percent since April. MessageLabs Intelligence also identified an average of 1,770 new Web sites per day harbouring malware and other potentially unwanted programs such as spyware and adware, an increase of 5.6 percent since April. Source:

51. May 25, The Register – (Nebraska) Second man jailed over Scientology DDoS attacks. A second U.S. man has been jailed over controversial denial of service attacks against the Church of Scientology two years ago. The 20-year-old suspect, of Grand Island, Nebraska, was jailed for a year and ordered to pay $20,000 in compensation to the Hubbardists at a sentencing hearing May 24, The Associated Press reports. The suspect had earlier pleaded guilty to taking part in attacks protesting Internet censorship by the church and organized under the loose banner of Anonymous. As part of an earlier plea bargaining agreement, he admitted using custom software from a message board run by Anonymous to throw useless traffic at Church of Scientology Web sites. Some sites became intermittently unavailable in January 2008 as a result of the efforts of the suspect and many others. The attacks began after the church demanded the takedown of videos featuring an actor and member of the church at an awards event. Source:

52. May 25, IDG News Service – (Massachusetts) ISP sues Google over Wi-Fi sniffing. Galaxy Internet Services, an ISP for homes and businesses in Massachusetts, has filed a class-action lawsuit against Google over the search company’s admitted blunder that it sniffed and stored data from Wi-Fi networks. Through its legal representative, Carp Law Offices, Galaxy said May 25 that Google violated U.S. federal and Massachusetts privacy laws when it captured residential and business Web activity data. Google declined to comment about the lawsuit. Earlier this month, Google disclosed that its Street View cars, which take photos for services like Google Maps, had since 2006 mistakenly collected “payload data” from Wi-Fi networks they drove by that weren’t password-protected. Galaxy filed its lawsuit on its behalf and on behalf of its customers and anyone else similarly affected in Massachusetts, and is seeking class certification. Galaxy is also requesting that Google be forbidden from destroying the Wi-Fi data it collected and that it be required to pay damages as determined by a jury, along with attorneys’ fees. Source:

53. May 25, DarkReading – (International) Default database passwords still in use. The rampant use of default passwords within live database environments continues to plague the security of enterprise data, researchers said. “It’s a problem that has been around for a long, long time,” said the manager of Team SHATTER, Application Security Inc.’s research arm. “A lot of default passwords out there get installed when you deploy a database, you install an add-on to it, or even if you install a third-party application that uses the database.” As he puts it, the problem of default passwords lingering in the wild has built up during the years as a result of cumulative errors by both vendors and database administrators. In the past, the majority of vendors had no compunction about pushing out installers that automatically created default accounts to expedite the deployment of new databases, add-ons, or applications on top of the database. Users did nothing to clean up these default accounts once installation was complete. The manager said the situation on the vendor front has improved considerably in recent years, but default passwords continue to be a problem for a number of reasons. To date, AppSec’s team has collected more than 1,000 well-known default user name and password combinations used by different vendors within databases across the IT spectrum. Organizations should do a thorough check of their database accounts to ensure they are not using any of the combos on the list. Source:

54. May 25, CNET News – (International) Web hoster Media Temple shut down by attack. Media Temple, Web hosting provider for Adobe, ABC, Sony, NBC, Time, Volkswagen, and Starbucks, was hit with a sophisticated distributed denial-of-service (DDoS) attack May 25. The outage began about 3:50 p.m. Pacific Daylight Time (PDT), when Media Temple’s domain name servers were deluged by a flood of traffic coming from outside the U.S., and lasted a total of about two-and-a-half hours, according to a tech support representative at the Los Angeles-based company. “Due to the sophistication of the attack, our normal DDoS firewall prevention techniques didn’t block the attack adequately, as the traffic appears to be legitimate,” the company reported at around 5:40 p.m. PDT. The company said it had initially blocked all traffic from Asia, South America, and Mexico to reduce strain on the network, but later removed the blocks. As of 6:10 p.m. PDT the network was reported stable. “Overall, network health is normalizing, however more work must be done to mitigate the effects of this incident and prevent future occurrences,” the company said, adding that it would provide an update at 10 p.m. PDT. Source:

55. May 25, Nextgov – (International) DHS official stresses cybersecurity is industry’s responsibility. Contractors that fail to live up to security requirements in federal technology contracts should be held accountable, even if the vulnerabilities originated in products or capabilities provided by suppliers, a top Homeland Security Department (DHS) official said May 25. In most business situations, “if we have a contractual arrangement and you fail [to meet the requirements], I have legal recourse,” said the director of global cybersecurity management at DHS. “Why wouldn’t the same be true when the supply chain [is involved]? I’m buying a product from you, and you represent that it’s a product with the following characteristics. If you fail, I have a right to sue you.” The director spoke at the SecureAmericas conference in Arlington, Virginia, an event hosted by the cybersecurity provider International Information Systems Security Certification Consortium. He noted a number of examples where failures in the supply chain led to serious security implications, including a wave of hard drives infected with viruses that infiltrated the U.S. market from Asia in 2007 and a recent case in which thumb drives were shipped preinstalled with malicious software, eventually leading to the Defense Department imposing a temporary ban on the storage devices. Source:

Communications Sector

56. May 26, Associated Press – (National) AT&T digital network outage silences landlines. AT&T’s new digital home phone service failed across the country Tuesday, illustrating continuing reliability issues with Internet-based phone service. Customers of AT&T Inc.’s U-Verse Voice said their landline phones have had no dialtones since the morning. Reached by cell phone, the customers said those who call them get a message that the line has been disconnected. Support personnel are telling customers that a server crash brought down U-Verse Voice in AT&T’s entire 22-state local-phone service area. AT&T spokeswoman said the outage started at about 10:30 a.m., and service was restored to most subscribers at 2:45 p.m. She said the extent of the outage was unknown. Source:

57. May 25, Forbes – (National) Cisco aims new gear at smart grids. For more than a year, information technology giants have been talking up their readiness to power the much hyped “smart grid,” a digitally enabled upgrade to electric utilities that promises to make the world’s power supply far more flexible and efficient. On Tuesday, Cisco is finally replacing some of that hot air with hardware. The networking giant plans to release two pieces of equipment — a router and a network switch — aimed at helping utilities create better communication systems designed not only to help automate electrical substations, but someday connect “smart meters” in homes and variable sources of power like solar and wind. “The idea is that data can be interpreted and used to make the flow of electrons more productive, to make everything more efficient around the grid,” said a newly appointed chief technology officer for Smart Grid. Source:

58. May 25, Bloomberg – (International) Satellite-killing junk risks $250 billion market, TV world cup. Trash in space may bring commerce and communications on Earth to a halt unless policy makers and executives take steps to prevent satellite collisions with orbiting junk, according to a Pentagon report. Potential crashes between satellites and debris — refuse from old rockets, abandoned satellites and missile shrapnel — are threatening the $250 billion space-services market providing financial communication, global-positioning navigation, international phone connections, Google-Earth pictures, television signals and weather forecasts, the report said. Space is “increasingly congested and contested,” said the U.S. Defense Department’s interim U.S. Space Posture Review, which was sent to Congress in March and not publicly released. Scientists are warning that space collisions could set off an uncontrolled chain reaction that might make some orbits unusable for commercial or military satellites because they are too littered with debris. The February 2009 crash between a defunct Russian Cosmos satellite and an Iridium Communications Inc. satellite left 1,500 pieces of junk, each whizzing around the earth at 7.8 kilometers (4.8 miles) a second and each capable of destroying more satellites. Source:

59. May 24, ComputerWorld – (International) Owner: us cable service unhurt by rogue satellite. The owner of a satellite that transmits programming to all U.S. cable systems says it avoided interference from another, out-of-control satellite that was drifting into its path. SES World Skies says programming transmitted by its AMC 11 satellite was not affected by the Galaxy 15 satellite, which is drifting out of control thousands of miles above the Earth and had threatened to wander into AMC 11’s orbit. Galaxy 15 was expected to move into the second satellite’s orbit around May 23. SES had been weighing whether to move AMC 11 in its orbit, along with other protective measures it declined to specify. Various U.S. cable companies contacted Monday by the Associated Press, including comcast, Time Warner and cablevision Systems Corp., said they had had not experienced any disruption or outages. Source:

60. May 24, IDG News Service – (National) Democrats to launch effort to rewrite Telecom Act. Four leading Democratic lawmakers will begin a process of rewriting the 14-year-old law that is the regulatory framework for the U.S. telecommunications and broadband industries, with the group ready to hear proposals starting in June, they said Monday. The four lawmakers, all chairmen of committees or subcommittees that have jurisdiction over telecommunications and the Internet, said they will invite interested parties to participate in a series of “bipartisan, issue-focused” meetings on a rewrite of the Telecommunications Act of 1996, with the meetings starting in June. The Telecom Act was an update of the 1934 Communications Act. Source: