Department of Homeland Security Daily Open Source Infrastructure Report

Wednesday, May 5, 2010

Complete DHS Daily Report for May 5, 2010

Daily Report

Top Stories

 USA Today reports that the Transportation Department never conducted required safety checks on 20,000 to 30,000 companies that got special permits to move risky shipments of hazardous materials by road, rail, water and air, according to data compiled by DOT’s inspector general. (See item 25)

25. May 4, USA Today – (National) Records: Safety checks didn’t follow special hazmat permits. The U.S. Transportation Department never conducted required safety checks on 20,000 to 30,000 companies that got special permits to move risky shipments of hazardous materials by road, rail, water and air, records show. Starting this month, DOT will require all the companies to file new permit applications and undergo a “fitness review,” including assessments of their safety and security records, before the permit is issued, according to an agency plan. The special permits allow holders to move hazardous loads that normally are barred, such as mixed cargos of flammable, toxic or caustic compounds. Some companies using the permits have had serious hazardous materials accidents or safety violations, according to data compiled by DOT’s inspector general. This year, for example, a company got a special permit to haul a poisonous and flammable ammonia solution despite having 14 hazardous material spills in the last four years, including four “serious” incidents that caused evacuations, major injuries, highway closures or other significant consequences. The firm also had 11 violations of hazardous materials rules. By law, DOT must evaluate the fitness of every company given a special permit, but it has issued dozens of blanket permits over the last decade to industry trade groups. The thousands of companies using those permits were not vetted by DOT, which doesn’t even know all their identities. DOT’s failure to evaluate each permit holder is a “pernicious” practice that “can significantly impact (public) safety,” the Inspector General said last month. Source: http://www.usatoday.com/news/washington/2010-05-03-hazmat-permits_N.htm?csp=34

 GovInfoSecurity.com reports that the Treasury Department blamed a cloud computing provider for the disruption of its Web site that provides the Internet face of the Bureau of Engraving and Printing. A researcher for IT security software vendor AVG wrote in his blog that “for a short while (Monday) a couple of treas.gov websites were hacked, and were reaching out to an attack site in Ukraine.” (See item 37)

37. May 4, GovInfoSecurity.com – (National) Treasury: Cloud computing host hacked. The Treasury Department blamed a cloud computing provider for the disruption of its Web site that provides the Internet face of the Bureau of Engraving and Printing, the agency that prints U.S. currency. A blog Monday reported that the sites were hacked. As of Tuesday afternoon, the bureau’s Web site was inaccessible. On Tuesday, Treasury issued the following statement: “The Bureau of Engraving and Printing (BEP) entered the cloud computing arena last year. The hosting company used by BEP had an intrusion and as a result of that intrusion, numerous websites (BEP and non-BEP) were affected. On May 3, the Treasury Government Security Operations Center was made aware of the problem and subsequently notified BEP. BEP has four Internet address URLs all pointing to one public website. Those URLs are; BEP.gov; BEP.treas.gov; Moneyfactory.gov and Moneyfactory.com. BEP has since suspended the Web site. Through discussions with the provider, BEP is aware of the remediation steps required to restore the site and is currently working toward resolution.” Treasury did not identify the host company. The chief research officer for IT security software vendor AVG wrote in his blog that “for a short while (Monday) a couple of treas.gov websites were hacked, and were reaching out to an attack site in Ukraine.” He added: “They had been script injected with the line of code. BTW, you should not mess with the attack site. It was dead earlier (Monday), but could easily come back to life.” Source: http://www.bankinfosecurity.com/articles.php?art_id=2488

Details

Banking and Finance Sector

21. May 4, Nashua Telegraph – (New Hampshire) Securities chief quits over scheme. New Hampshire’s securities chief resigned Monday and issued a scathing indictment of the government’s handling of the legal case against Financial Resources Mortgage (FRM) that has become a Lakes Region Ponzi scheme robbing investors of up to $100 million. The director of the Bureau of Securities Regulation vowed to press the Legislature to beef up powers to prevent this kind of case from recurring. The director contends the Banking Department stonewalled his investigators by not giving them all documents relating to the FRM matter. Asked if it amounted to a cover-up, he answered, “If someone is not providing the information that is available, then in fact that is a cover-up.” Last month, federal authorities indicted FRM and its president on wire fraud charges. They allege that many of the projects that investors contributed to were bogus and that he had pooled all the money collected into a single account. A trial date is set for June 5 in US District Court in Concord. House and Senate committees will open their investigation of the FRM matter Friday. Source: http://www.nashuatelegraph.com/news/statenewengland/725230-227/securities-chief-quits-over-scheme.html?i=1


22. May 4, Oklahoman – (Oklahoma) Serial bank robber sought in Oklahoma City area crimes. The FBI is looking for a man who has robbed at least seven banks in the Oklahoma City area, the last two crimes including pistol whippings. During each of the robberies, the man wore a ski mask and was armed with a black semiautomatic pistol. But on the last two robberies, including one in Edmond two weeks ago and another in Midwest City on Saturday, the robber used his gun to hit bank employees who were complying with the man’s demands. During the past 11 months the man has robbed banks in Oklahoma City, Norman, Edmond, and Midwest City. The man is suspected of robbing Bank of the West and Bank of Oklahoma banks. A reward of up to $10,000 is offered by Bank of the West, the Oklahoma Bankers Association, and the FBI for information leading to the capture and conviction of the robber. Source: http://www.newsok.com/serial-bank-robber-sought-in-oklahoma-city-area-crimes/article/3458733?custom_click=pod_headline_crime


23. April 30, City of Berkeley, CA – (California; National) Community crime alert increase in credit card fraud. In recent months, the City of Berkeley Police Department (BPD) in California has seen a spike in identity theft and credit card fraud. These cases may be in the City of Berkeley, but personal and credit card information is usually used by a larger national and international network of criminals. After community members’ credit and bank accounts are compromised, suspects often use them at large retailers across the United States, with a high concentration in Texas, Louisiana, Michigan, and Georgia. BPD is investigating these cases and has some indications that they may be part of a larger data breach. Ultimately, BPD cannot confirm where the compromises originate. Source: http://www.ci.berkeley.ca.us/PressReleaseMain.aspx?id=53372


Information Technology


47. May 3, Krebs on Security – (International) Accused Mariposa botnet operators sought jobs at Spanish security firm. The technical director and blogger for Spanish security firm Panda Security spent much of the last year helping Spanish police with an investigation that led to the arrest of three local men suspected of operating and renting access to a massive and global network of hacked computers. Then, roughly 60 days after the hackers’ arrest, something strange happened: Two of them unexpectedly turned up at his office and asked to be hired as security researchers. He said he received a visit from them on the morning of March 22. The two men, known by the online nicknames “Netkairo” and “Ostiator,” were arrested in February by Spanish police for their alleged role in running the “Mariposa” botnet, a malware distribution platform that spread malicious software to more than 12 million Internet addresses from 190 countries. “Ostiator told me, ‘The thing is, with everything that’s been happening, we’re not earning any money at the moment,’ “ the technical director recalled. “He said, ‘We thought we could look for some kind of agreement in which both sides would benefit. We think we have knowledge [that] could be useful to Panda and thought we could have some kind of agreement with Panda.’ “ Netkairo and Ostiator have not yet been charged with any crime. The technical director asked them how they got started creating Mariposa. “Basically, they said they started it as kind of a hobby, and that they weren’t working at the time,” he said. “Suddenly, they started to earn money, a few hundred Euros a week to start, and then discovered they couldn’t stop. And the whole time, their network kept growing.” Source: http://krebsonsecurity.com/tag/luis-corrons/


48. May 3, IDG News Service – (International) Microsoft fixes bug in Producer software. Microsoft has released a new version of its Producer software, fixing a critical security problem that plagued the product for several months. Last March, Microsoft warned of a critical security bug in the product, but it did not release a new update. Instead, it said that Producer 2003 users should simply uninstall their software. On Monday, however, Microsoft posted an update, and is now recommending that “all customers using Producer 2003 upgrade to the new version,” according to a blog post from the Microsoft Security Response Center. The flaw, which has to do with the way Producer reads certain file formats, also affects Windows Movie Maker. But Microsoft issued a Movie Maker patch when it first warned of the issue in March. A similar product, Windows Live Movie Maker — which runs on Vista and Windows 7 — is not affected by the issue. Microsoft does not know of anyone exploiting the bug in online attacks, but it is worried that hackers might be able to use it to install unauthorized software on victims’ computers. Source: http://www.computerworld.com/s/article/9176280/Microsoft_fixes_bug_in_Producer_software


49. May 3, eWeek – (International) Apple iPad jailbreak hits the street. Hackers have released software to jailbreak the Apple iPad as well as the latest version of the iPhone OS. The software, dubbed Spirit, works on the iPad, the iPod Touch, and iPhones running OS versions 3.1.2, 3.1.3 and 3.2. With Spirit, users can run programs not approved by Apple. Unlike other jailbreaks, Spirit is untethered, allowing users to reboot their devices without them being plugged into their computers. “Spirit is able to do this because it doesn’t actually kick in until after the kernel is running,” said the iPhone Dev Team. The Spirit jailbreak was demonstrated on the iPad in early April, but its release was delayed until the week of April 26 when the iPad 3G was released. Source: http://securitywatch.eweek.com/apple/apple_ipad_jailbreak_hits_the_street.html


50. May 3, DarkReading – (International) New IM worm spreading fast. A smiley-faced Instant Message (IM) with a photo link posing as if it is from someone on a user’s buddy list is actually spreading a worm on Yahoo Instant Messenger: The IM ultimately delivers a worm that allows an attacker to take over the victim’s machine, and to spread the worm to people on the victim’s contact list. Researchers at BitDefender, BKIS, and Symantec May 3, each separately warned Yahoo Messenger users about the worm attack, which is rapidly growing. A researcher for BitDefender says his team has seen infection rates as high as 500 percent per hour in his home country of Romania since they first spotted it last week. He expects the worm to make inroads in the United States May 3 and May 4, with potential victims coming off of a weekend. The worm — known as Palevo by BitDefender, W32.Ymfocard.fam.Botnet by BKIS, and W32.Yimfoca by Symantec — is a new variant of an existing worm. In the Yahoo IM attack, it tricks the user into saving what appears to be a JPG or GIF file, but instead is a malicious executable. BitDefender said the worm contains a backdoor to install more malware, steal files, intercept passwords, and launch spam or other malware attacks on other systems. According to Symantec, once the worm is run, it adds itself to the Windows Firewall list, stops the Windows Update service, and configures itself such that it runs each time the system boots. The worm automatically sends itself to everyone on the victim’s contact list. Source: http://www.darkreading.com/insiderthreat/security/attacks/showArticle.jhtml?articleID=224700541


51. April 30, The Register – (International) Researchers spy on BitTorrent users in real-time. Researchers have devised a way to monitor BitTorrent users over long stretches of time, a feat that allows them to map the Internet addresses of individuals and track the content they are sending and receiving. In a paper presented the week of April 26 at the Usenix Workshop on Large-Scale Exploits and Emergent Threats, the researchers demonstrated how they used the technique to continuously spy on BitTorrent users for 103 days. They collected 148 million Internet Protocol (IP) addresses and identified 2 billion copies of downloads, many of them copyrighted. The researchers, from the French National Institute for Research in Computer Science and Control, also identified the IP addresses where much of the content originated. They discovered the the vast majority of the material on BitTorrent started with a relatively small number of individuals. “We do not claim that it is easy to stop those content providers from injecting content into BitTorrent,” they wrote. “However, it is striking that such a small number of content providers triggers billions of downloads. Therefore, it is surprising that the anti-piracy groups try to stop millions of downloaders instead of a handful of content providers.” The researchers said the information leak is built into the very core of most BitTorrent systems, including those used by ThePirateBay and IsoHunt. Source: http://www.theregister.co.uk/2010/04/30/bittorrent_continuous_spying/


Communications Sector

52. May 3, Space.com – (International) Out-of-control satellite threatens spacecraft. An adrift Intelsat satellite that stopped communicating with ground controllers last month remains out of control and has begun moving eastward along the geostationary arc, raising the threat of interference with other satellites in its path, Intelsat and other industry officials said. In what industry officials called an unprecedented event, Intelsat’s Galaxy 15 communications satellite has remained fully “on,” with its C-band telecommunications payload still functioning even as it has left its assigned orbital slot of 133 degrees west longitude 36,000 kilometers over the equator. Galaxy 15 stopped responding to ground controllers April 5. The satellite’s manufacturer, Orbital Sciences Corp. of Virginia, said an intense solar storm in early April may be to blame. The first satellite likely to face signal interference problems from the adrift Galaxy 15 is the AMC-11 C-band satellite owned by SES of Luxembourg. The chief technology officer at SES World Skies said the period of May 31 to June 1 is going to be the riskiest time for AMC-11 customers. On May 3, Intelsat blasted a powerful signal intended to force it into a complete shutdown. The chief technology officer at SES said that both SES and Intelsat are fortunate in this case because their two satellites’ customers are mainly media companies using fairly large antennas to communicate with the satellites. During the period of maximum danger for AMC-11, SES expects to be able to reroute customer signals to SES-operated teleports with still-larger antennas to maintain communications links. Intelsat’s vice president for satellite operations and engineering said the current estimate is that Galaxy 15 will lose Earth-pointing capability by late July or early August. Source: http://www.msnbc.msn.com/id/36919374/ns/technology_and_science-space/

Department of Homeland Security Daily Open Source Infrastructure Report

Tuesday, May 4, 2010

Complete DHS Daily Report for May 4, 2010

Daily Report

Top Stories

 The Associated Press reports that the Homeland Security Secretary said Monday that investigators have not ruled out any suspects, including foreign terrorist organizations, in the case of the unexploded car bomb that was parked in New York City’s Times Square on Saturday night. CNN reports that TSA is ramping up security screening at airports along the East Coast to counter “vehicle-born improvised explosive devices” as well as taking measures to prevent other kinds of terrorist acts that might occur in crowded public spaces. (See items 31, 34, and 66)

31. May 2, CNN – (National) Official: TSA ramping up East Coast security measures. The Transportation Security Administration on Sunday ramped up security screening at airports along the East Coast after an attempted car bombing a day earlier in New York’s Times Square, a Department of Homeland Security official said. The official told CNN the TSA has begun operations to counter potential car bombs, or “vehicle-born improvised explosive devices,” as well as taking measures to prevent other kinds of terrorist acts that might occur in crowded public spaces. The TSA also is coordinating with Customs and Border Protection to facilitate additional secondary passenger screening on both domestic and international flights, the official said. Officials in Washington participated in a call with top TSA officials at airports in New York, Boston and Philadelphia to talk about partnering with Customs to identify flights that might need more random screening, the official said. Source: http://news.blogs.cnn.com/2010/05/02/official-tsa-ramping-up-security-measures-at-east-coast-airports/

34. May 2, Associated Press – (New York) ‘Amateurish’ car bomb found in Times Square. Police found an “amateurish” but potentially powerful bomb that apparently began to detonate but did not explode in a smoking sport utility vehicle in Times Square, authorities said Sunday. Thousands of tourists were cleared from the streets for 10 hours while the bomb was dismantled. “We avoided what we could have been a very deadly event,” the New York City mayor said. “It certainly could have exploded and had a pretty big fire and a decent amount of explosive impact.” Investigators removed three propane tanks, fireworks, two filled 5-gallon (19-liter) gasoline containers, and two clocks with batteries, electrical wire and other components from the back of the Nissan Pathfinder, the New York City Police Commissioner said. A black metal box resembling a gun locker was also recovered and will be detonated off site, he said. The mayor called the explosive device “amateurish” and the police commissioner said the explosives were consumer-grade fireworks but could have caused huge damage on a block of Broadway theaters and restaurants teeming with tourists. Firefighters who arrived shortly after first call heard a popping sound, said the New York City Fire Commissioner. The bomb appeared to be starting to detonate but malfunctioned, a top police spokesman told The New York Times and the Wall Street Journal. Source: http://www.amny.com/urbanite-1.812039/amateurish-car-bomb-found-in-times-square-1.1891286

66. May 3, Associated Press – (New York) Napolitano: No suspects ruled out in NY bomb scare. The head of homeland security said Monday that investigators haven’t ruled out any suspects, including foreign terrorist organizations, in the case of the unexploded car bomb that was parked in New York City’s Times Square on Saturday night. “Right now, every lead has to be pursued,” the Department of Homeland Security (DHS) Secretary told NBC’s “Today” show. “I caution against premature decisions one way or another.” The Pakistani Taliban appeared to claim responsibility for the car bomb in three videos that surfaced over the weekend, but the New York police commissioner said police have no evidence to support those claims. New York’s mayor said Monday that “there is no evidence tied to international terrorism.” But the DHS Secretary called it “premature to rule in or rule out” any suspects. She praised New York street vendors who alerted police to the suspicious vehicle, telling CBS’ “Early Show” that the incident is a reminder that “everybody needs to be and is a part of the process of being watchful, of being vigilant.” There has been speculation that because the SUV was parked near the headquarters of Viacom, the attack might have been related to a controversial “South Park” episode that portrayed the Prophet Muhammad dressed in a bear costume. Viacom owns Comedy Central. “I’m not going to speculate on speculation. It is out there as one theory. There may be others,” the DHS Secretary told CNN. Source: http://www.google.com/hostednews/ap/article/ALeqM5hi02kJELPA_LJ1Ey63urWIgr_tqAD9FFBEK00


 The Associated Press reports that authorities evacuated portions of Nashville, Tennessee where a leaky levee threatened residents and businesses, including 1,500 guests at the Gaylord Opryland Resort and Convention Center. The mayor also called on residents Monday to use water only for cooking and drinking because one of the city’s two water treatment plants was flooded. (See item 69)

69. May 3, Associated Press – (Tennessee) Tenn. officials brace for more flooding, more deaths in weather that’s killed at least 19. About 1,500 guests at the Gaylord Opryland Resort and Convention Center in Nashville spent the night in a high school to escape the flooding Cumberland River, which was expected to crest Monday following weekend thunderstorms that killed at least 19 people in Tennessee, Mississippi, and Kentucky. Officials in Tennessee were preparing for more deaths and for the Cumberland River to crest more than 11 feet Monday afternoon, putting portions of Nashville in danger of the kind of damage experienced by thousands of residents whose homes were swamped by flash floods. The Cumberland River had already reached record levels since an early 1960s flood control project was put in place. Authorities evacuated the downtown area and north Nashville where a leaky levee threatened residents and businesses. The Nashville mayor called on Nashville residents Monday to use water only for cooking and drinking because one of the city’s two water treatment plants was flooded. Water flooded parking lots around the nearby Grand Ole Opry House and the Opry Mills shopping mall, but it was not immediately clear if water had made it inside the buildings. Source: http://www.foxnews.com/us/2010/05/03/tenn-officials-brace-flooding-deaths-weather-thats-killed/

Details

Banking and Finance Sector

23. May 3, CNN – (California) Geezer Bandit strikes for 8th time. The bank robber dubbed the “geezer bandit” has struck again. The elderly suspect held up a San Diego bank on April 30 bringing the total number of heists he has been accused of committing in the area to 8. While the moniker may be amusing, authorities told CNN the “geezer bandit” has carried a weapon in at least one robbery and should be considered dangerous. One of his most recent heists occurred on April 20, the FBI said. On 9:10 that morning, the “geezer bandit” entered a branch of the California Bank and Trust in Vista, California, and handed a demand note to the teller, authorities said. According to an FBI release, the note “stated it was a robbery and threatened having a weapon.” The suspect then “opened a black day planner to show the teller that he had a black short barreled revolver pointed at her. After the teller produced the money he put the cash into his day planner and walked out of the bank and out of sight,” the release said. The suspect has been described as between 60-70 years old, but there has been some suggestion that he may be wearing a mask to conceal his real age and make him appear much older than what he actually is. A $16,000 reward has been offered for information leading to his arrest and conviction. Source: http://ac360.blogs.cnn.com/2010/05/03/geezer-bandit-strikes-for-8th-time/


24. May 3, Better Business Bureau – (National) BBB warns that insurance scams are flourishing in current economy. In the midst of a tight economy and in the wake of the new national healthcare reform bill, State and Federal regulators are warning about a surge in healthcare-related scams. According to an October 2009 survey conducted by the Coalition Against Insurance Fraud, 57 percent of state fraud bureaus reported a higher incidence of health insurance fraud in 2009 compared to the previous year. The increase was largely attributed to “unauthorized entities selling fake coverage” and “the rise of medical discount plans.” Companies such as HealthcareOne/Elite Healthcare, Consolidated Workers Association, and Smart Data Solutions/American Trade Association, have all recently come under fire from state regulators for peddling worthless coverage or discount medical plans — instead of actual insurance — to thousands of consumers. Additionally, shortly after the healthcare reform bill was signed into law, the U.S. Department of Health and Human Services issued a warning to consumers to beware of health insurance offers claiming to be part of new federal regulations. For example in Missouri, the State Insurance director warned that a door-to-door salesman was claiming to be a federal agent selling insurance under the new law. Source: http://www.bbb.org/us/article/bbb-warns-that-insurance-scams-are-flourishing-in-current-economy-19245


25. May 2, Reuters – (International) Explosion damages HSBC branch in Athens, no injuries. A bomb exploded at a branch of HSBC bank in Athens on Sunday, damaging the entrance but causing no injuries, police said. “It appears a home-made bomb comprised of gas canisters and fuel caused small damage to the bank’s facade,” a police official said. Gas canister bomb attacks are common in Athens and are usually staged by leftist and anarchist groups against business and political targets. Sunday’s bombing against the U.K.-based banking group was the first since the Socialist government announced tough new austerity measures in exchange for international aid to cope with a debt crisis. Source: http://www.reuters.com/article/idUSTRE6412AY20100502


26. May 1, Bank Info Security – (National) 7 banks fail on April 30. State and federal banking regulators closed seven banks on April 30, including three banks in Puerto Rico — the first banks to fail in the U.S. commonwealth, as well as three of the largest institutions to close in 2010. Westernbank had $11.94 billion in assets; R-G Premier Bank, $5.92 billion; and Eurobank, $2.56 billion. These latest closings raise to 71 the number of failed banks and credit unions so far in 2010. The three Puerto Rican banks closed on April 30 included Eurobank, San Juan, Puerto Rico, R-G Premier Bank, and Westernbank. The three were closed by the Office of the Commissioner of Financial Institutions of the Commonwealth of Puerto Rico, which appointed the Federal Deposit Insurance Corporation (FDIC) as receiver for all three. The FDIC and Oriental Bank and Trust entered into a loss-share transaction on $1.58 billion of Eurobank’s assets. The estimated cost to the Deposit Insurance Fund (DIF) will be $743.9 million. Source: http://www.bankinfosecurity.com/articles.php?art_id=2482


27. April 30, Kansas City Star – (Missouri) BC National Banks fails. BC National Banks failed April 30 and will reopen Saturday as part of Community First Bank in Butler, Missouri, where BC National had its headquarters. The failure came after BC National unsuccessfully had sought additional capital to restore capital that had been eroded by loan losses. Owners had recently sold some branches but the bank was unable to overcome its problems. Customers can continue to use their checks and access their accounts normally, according to the Federal Deposit Insurance Corp.’s announcement. The FDIC said it transferred $54.9 million in deposits from BC National to Community First. Community First also acquired essentially all of the failed bank’s $67.2 million in assets. The FDIC agreed to share in losses the assets may suffer. BC National’s failure is expected to cost the FDIC’s deposit insurance fund $11.4 million. Source: http://economy.kansascity.com/?q=node/7046


Information Technology


61. April 29, The Register – (International) Google ‘personal’ search bug exposed user Web history. Google has restored its “personalized” search suggestions after purging the tool of a critical vulnerability that allowed attackers to steal a user’s Web history. Personalized search suggestions were disabled on March 1after a trio of security researchers — one at the University of California, Irvine and two at the French National Institute for Research in Computer Science and Control (INRIA) — sent Google a preliminary version of a paper showing how they were able to infer large portions of a user’s Web history by hijacking the user’s session ID (SID) cookie and nabbing the company’s personalized-suggestion data. Then, on March 15, the company sent a statement to the researchers saying it had added SSL decryption to Google Web History and that it had started encrypting the back-end Web History server requests used to personalize suggestions on its Maps site. Google also said it would “soon” do the same for search, and this happened more than a month later. Google tells The Register that personalized search suggestions took longer to restore because the fix was “more complex to deploy and involved a larger code change.” In a statement Google said, “We highly value our relationship with the security-research community, and we are grateful to the researchers from INRIA and University of California, Irvine who have been in contact with us since the end of February about their findings related to open, unsecured network connections and personalized suggestion technology.” Source: http://www.theregister.co.uk/2010/04/29/google_personalized_suggestions_turned_off_after_researcher_attack/


62. April 29, Infoworld – (International) The security-hole baton passes from Microsoft to Adobe. Microsoft has gained new-found respect for its security efforts while other popular software vendors are accused of making the same mistakes. In recent years, Microsoft has tightened up its security issues — while Adobe Systems has increasingly become the sloppy vendor whose products such as Acrobat and Flash increasingly pose the security holes that bedevil information technology experts. And many researchers think Apple could be next. In an interview, the co-founder and CTO of eEye Digital Security says: “A lot of security practitioners compare the Adobe of today to the Microsoft of yesterday.” Source: http://www.infoworld.com/d/security-central/the-security-hole-baton-passes-microsoft-adobe-129


63. April 28, V3.co.uk – (International) Infosec 2010: Large firms overwhelmed by security breaches. A staggering 92 percent of large organizations have suffered a security incident or data breach in the past year, as they struggle to cope with the changing threat landscape, according to the latest biennial Information Security Breaches Survey from PricewaterhouseCoopers (PwC). PwC branded the findings, released April 28 at Infosec 2010, as “surprisingly bad,” and said that companies are struggling to mitigate the increased external threat levels and the large numbers of accidental breaches from insiders. “We were not expecting the results to be as significant as that. Right now it looks quite serious in terms of the costs,” said a spokesman. “People are maintaining expenditure on security, but serious threats are rising and people are having to adapt and change to the new threat landscape.” The report found that the median number of data breaches rose from five, two years ago to 45 today, and that the average costs had risen roughly threefold. Breaches totaled around £10bn in costs, with a big increase in the cost of reputation damage. Source: http://www.v3.co.uk/v3/news/2262177/infosec-2010-large-firms


Communications Sector

64. May 3, Washington Post – (National) FCC chairman expected to leave broadband services deregulated. The chairman of the Federal Communications Commission (FCC) has indicated he wants to keep broadband services deregulated, even as a federal court decision has exposed weaknesses in the agency’s ability to be a strong watchdog over the companies that provide access to the Web. The FCC currently has “ancillary” authority over broadband providers such as Comcast, AT&T, and Verizon and must adequately justify actions against those providers. Last month, the U.S. Court of Appeals for the District of Columbia Circuit said the agency had exceeded its authority in 2008 when it applied sanctions against Comcast. The ruling cast doubt over the FCC’s ability to create a “net neutrality” rule that would force Internet service providers to treat all services and applications on the web equally. The FCC Chairman is expected to respond soon to the court ruling. Three sources at the agency said that while the chairman has not made a final decision, he has indicated in recent discussions that he is leaning toward keeping in place the current regulatory framework for broadband services, while making small changes that would bolster the FCC’s chances of overseeing some broadband policies. Source: http://www.washingtonpost.com/wp-dyn/content/article/2010/05/02/AR2010050203262.html?hpid=sec-tech