Search This Blog

Friday, January 15, 2010

Security Management Weekly - January 15, 2010

header

  Learn more! ->   sm professional  

January 15, 2010
 
 
Corporate Security

  1. "Kodak Sues Apple, RIM Over Patent Infringements"
  2. "Teen 'Prank' Taken Seriously as Terror Threat"
  3. "Ex-Worker Accused in Ga. Fatal Workplace Shooting"
  4. "Security Under the Microscope" Payment Card Security in Australia
  5. "UPS Facility Shooting Blamed on Workplace Feud"
Homeland Security

  1. "Possibility of Plots Prompts More Checks for Explosives at Airports"
  2. "US Said to Eye DC for Gitmo Trial"
  3. "Meet Mikey, 8: U.S. Has Him on Watch List"
  4. "Newark Airport Security Scrutinized During Congressional Tour"
  5. "Motorcycle Bomb Kills Nuclear Physicist in Tehran"
Cyber Security

  1. "Other Firms Acknowledge Being Target of Attacks"
  2. "Chinese Spy Agency Behind Google Cyber Attack, Report Claims"
  3. "Cisco Security Report: Malware, Social Media, Are Top Risks"
  4. "FIPS-Certified USB Drives Have Security Flaws" Federal Information Processing Standards
  5. "Africa Opts for Slow DNSSEC Adoption" Domain Name System Security Extensions

   

 
 
 

 


Kodak Sues Apple, RIM Over Patent Infringements
Rochester Democrat & Chronicle (NY) (01/15/10) Tobin, Tom

Eastman Kodak Company has sued both Apple Inc. and Research in Motion (RIM), which makes the Blackberry, for patent infringement. According to the complaint filed with the United States International Trade Commission, Apple's iPhone and camera-enabled BlackBerrys use image-previewing technology for which Kodak owns a patent, without permission. Kodak is also suing Apple for other uncompensated uses of protected technology for an unspecified amount. Kodak settled a similar case regarding the same technology with Samsung earlier this year. Under the terms of that settlement, Kodak will receive unspecified financial compensation as well as a licensing agreement. Additionally, Kodak has licensed digital imaging technology to approximately 30 companies, including LG, Motorola, and Nokia. In a second suit filed in federal court, Kodak is suing Apple for uncompensated use of "ask for help" technology. This patent was also contested in a suit filed by Kodak against Sun Microsystems. A jury in that case found Sun had infringed on the patent and, in a settlement, Sun agreed to pay Kodak for a license.


Teen 'Prank' Taken Seriously as Terror Threat
Staten Island Advance (01/14/10) Annese, John

A 17-year-old New York City boy has been charged with making terroristic threats for leaving a threatening note on a computer at a Apple store in Staten Island on Jan. 10. In the note, the boy, Jason Barry, wrote that the Apple store's employees and customers will die a "bloody death" on Jan. 17, when he promised to strap a "98 pound bomb loaded with C4" to his chest and detonate it in the store. Barry then signed the letter with the name of his friend's father. After writing the note, Barry left the store with a friend, but was arrested several hours later after someone discovered the message and told authorities. Barry has said that the note was a joke. Prosecutors, however, say they are not amused, and are promising that Barry will face "serious consequences" for his behavior. Barry could face a maximum of seven years in prison if he is convicted.


Ex-Worker Accused in Ga. Fatal Workplace Shooting
Associated Press (01/13/10) Brumback, Kate

Police officials have arrested former Penske Truck Rental employee Jessie James Warren in connection with a shooting that left two people dead and three injured at a Penske facility in Kennesaw, Ga., on Tuesday. Penske has not released the identity of the shooting victims, but says that four were employees and one was a customer. The police, however, say that none of the victims shot was a customer. At the time of the shooting, approximately two dozen employees were working at the Penske office. Warren worked for Penske for several years, but it is unclear why he left. He reportedly confronted an individual in the Penske parking lot before moving to the truck bay area and shooting victims along the way. He did not attempt to enter the administrative office on the building's second floor.


Security Under the Microscope
Sydney Morning Herald (Australia) (01/13/10) P. 12; Kavanagh, John

Visa plans to eliminate the need for signature-based credit or debit transactions in Australia by 2013 through the replacement of magnetic stripes with smart chips. Such chips will be embedded in all new Visa cards issued in Australia starting in January. Meanwhile, MasterCard says it is collaborating with merchants and card issuers to enhance security standards. Visa's Verified by Visa and MasterCard's SecureCode add an extra step to online transactions, in which the consumer inputs the card number and then a pop-up appears, asking for verification and providing a unique, one-time transaction code. Verified by Visa and SecureCode require the dual enrollment of cardholders and merchants. MasterCard's Joseph Vukasovic says the majority of the group's merchant customers are using SecureCode while most MasterCard-issuing financial institutions are issuing chip cards. MasterCard customers will continue to be offered a choice of signature- or PIN-based transactions, although Vukasovic warns that "PIN can be compromised, too." To encourage retailers to enroll in SecureCode, MasterCard is offering a scheme in which merchants will be exempt from liability in the event of card-not-present fraud. Starting April 1, all new Visa cards will feature automatic enrollment in Verified by Visa, while e-tailers will be required to accommodate transactions where consumers want to use the system.


UPS Facility Shooting Blamed on Workplace Feud
KTVU.com (Calif.) (01/10/10)

Three people were wounded in a double shooting at the UPS Customer Center Richmond Facility in Richmond, Calif., on Sunday. Police say the incident began around 9 a.m., when a UPS employee opened fire on a colleague in the facility's loading area, hitting him in the face and upper body. Authorities say a third employee then shot and wounded the first shooter. The first gunman was then found wounded in a nearby backyard and was arrested on charges of assault with a deadly weapon. The second shooter remains at large. Sgt. Bisa French, a public information officer with the Richmond Police Department, said that while details of the incident are still sketchy, authorities believe that the shooting may be related to a recent feud among the employees.




Possibility of Plots Prompts More Checks for Explosives at Airports
New York Times (01/15/10) Lipton, Eric

U.S. counterterrorism officials say that the government has received intelligence over the last several days that indicates that al-Qaida in the Arabian Peninsula, the group that has taken responsibility for the failed attempt to bomb Northwest Airlines Flight 253 on Christmas Day, may be planning additional attacks on the aviation system. Although the threat information is vague and does not specify a particular target or date, officials say, extra security measures are being implemented at the nation's airports. For example, devices will be installed at various locations throughout some airports--not just security checkpoints--to randomly check passengers or baggage for trace amounts of explosives. In addition, air marshals will fly more frequently on a number of unidentified flights. The number of random pat-downs of passengers will also increase. Passengers flying to the U.S. from or through 14 nations are already being subjected to mandatory pat-downs as part of security measures adopted in response to the botched Christmas Day bombing attempt.


US Said to Eye DC for Gitmo Trial
Associated Press (01/15/10) Devlin, Barrett; Apuzzo, Matt

Washington, D.C., is one of the sites being considered for a criminal trial for Riduan Isamuddin, a Guantanamo Bay detainee suspected of planning the 2002 bombing of a Bali nightclub that killed 202 people. Officials say that Isamuddin acted as Osama bin Laden's point man in Indonesia and served as the primary link between al-Qaida and Jemaah Islamiyah, the terrorist group blamed for the bombing. Isamuddin's trial would reportedly be part of a larger proposal to bring detainees to trial in Washington, D.C., and New York City. Although the existence of such a proposal has not been confirmed, anonymous government officials say authorities have already begun discussing the strict security measures needed to bring Isamuddin, who is more widely known as Hambali, and other suspects to trial before a federal judge in Washington, D.C.


Meet Mikey, 8: U.S. Has Him on Watch List
New York Times (01/14/10) Alvarez, Lizette

Over the last three years, nearly 82,000 individuals who believe that they should not be on the federal government's no-fly list or selectee list, which contains the names of people who should be singled out for additional security screening at airports, have asked the Department of Homeland Security to remove their names from the databases. Among them is Mikey Hicks, an eight-year-old New Jersey boy. Hicks' name apparently appears on the government's selectee list, which means that every time he flies somewhere with his family he is patted down by security agents. Hicks is likely on the list because DHS at some point became suspicious about someone else named Michael Hicks. However, Hicks' mother has been unable to have her son's name removed from the selectee list. The Hicks' plight has drawn the attention of Rep. William J. Pascrell Jr. (D-N.J.), who has criticized the use of databases to bar people from flights or single them out for additional security screenings. "We can't just throw a bunch of names on these lists and call it security," Pascrell said. "If we can't get an 8-year-old off the list, the whole list becomes suspect." For its part, the Transportation Security Administration has promised to improve the system by cross-checking every airline passenger's birth date, gender, and name with the names on the no-fly and selectee lists. Airlines previously only used a passenger's name when checking the lists.


Newark Airport Security Scrutinized During Congressional Tour
NorthJersey.com (01/12/10) Davis, Tom

Reps. Sheila Jackson Lee (D-Texas) and Charlie Dent (R-Pa.) toured Newark Liberty International Airport on Jan. 12 to determine what led to the Jan. 3 security breach at the facility, in which a man went underneath a security cordon into a secure area to give a woman a goodbye kiss. In her remarks at press conference given after the tour, Lee called for an audit to be performed that would identify the "security lapses that may be occurring" or have already occurred at the 10 largest airports in the U.S., including Newark Liberty. The audit, which would be performed by the federal government, would review the training and security measures that have been put in place to protect the nation. In addition, the audit would determine what needs to be done to prevent security breaches based on threat levels and air traffic at Newark Liberty and other airports. One step that could be taken in the wake of the audit is increased behavioral profiling, which would force security personnel to investigate suspicious individuals, Lee said. Other lawmakers are also calling for increased security at the nation's airports. Sen. Frank Lautenberg (D-N.J.), for example, wants Congress to pass legislation that would increase penalties for security breaches and would require working security cameras to be installed at all airport terminal checkpoints and exits.


Motorcycle Bomb Kills Nuclear Physicist in Tehran
New York Times (01/12/10) Cowell, Alan

A professor of nuclear physics at Iran's Tehran University was killed Tuesday when a bomb attached to a motorcycle exploded outside of his home in Tehran. Iranian authorities say the assassination of the professor, Massoud Ali Mohammadi, was carried out by terrorists, though they did not say who they believed to be responsible. The Iranian media, meanwhile, said the assassination of Mohammadi--who was a strong supporter of Iran's 1979 Islamic Revolution--was committed by "counterrevolutionaries and elements of arrogance," referring to the United States. No one has yet to claim responsibility for the assassination. Authorities say they are continuing their investigation into the attack, which came several days after pro-government demonstrators shot at an armored car belonging to opposition leader Mehdi Karroubi. That attack appeared to be related to growing frustration among pro-government groups that the security crackdown in Iran has not stopped opposition groups from holding protests and lashing out at Iranian leaders.




Other Firms Acknowledge Being Target of Attacks
Wall Street Journal (01/15/10) Worthen, Ben

The Sunnyvale, Calif.-based networking equipment maker Juniper Networks announced Thursday that it was targeted in the same cyberattacks that recently struck Google. Juniper refused to say whether the attack was successful. An investigation into the incident is ongoing, the company said. Meanwhile, there are indications that several other companies may have also been struck by the attacks that affected Google and Juniper. On Thursday, a spokesman for Dow Chemical said that his company had been contacted by federal officials about cyberattacks, though he refused to say whether his company had actually been attacked and if so, whether the attack was related to the same incident that took place at Google. In addition, the Los Angeles law firm Gipson Hoffman & Pancione, which is representing Cybersitter in its litigation with the Chinese government, also said that it had been affected by cyberattacks that originated in China. However, it remains unclear whether the attack on the law firm was related to the attack on Google.


Chinese Spy Agency Behind Google Cyber Attack, Report Claims
InformationWeek (01/14/10) Claburn, Thomas

The computer security company iDefense released a report on Tuesday that said that the cyberattack that was launched against Google and 33 other companies in December was the work of Chinese intelligence agencies or their proxies. To support its claim, iDefense cited two independent, anonymous sources in the defense contracting and intelligence community who said that the source IPs and the drop server used in the attack "correspond to a single foreign entity consisting either of agents of the Chinese state or proxies thereof." In addition, the report said that the attack on Google--which resulted in the theft of intellectual property--and the other companies was similar to attacks that took place at roughly 100 IT companies last July. In those attacks, cybercriminals sent a malicious PDF file as an e-mail attachment to take advantage of a vulnerability in Adobe Reader. The report noted that the attacks that took place in July and those that took place in December may have been just one attack, which means that the companies that were targeted may have been compromised for several months. Chris Wysopal, the chief technology officer at Veracode, said the attack highlights the need to scrutinize and manage software on a user system in much the same way that a machine connected to the Internet is.


Cisco Security Report: Malware, Social Media, Are Top Risks
GovInfoSecurity.com (01/12/10) Field, Tom

Cisco chief security researcher Patrick Peterson says the latest Cisco Annual Security Report found that cybercriminals are increasingly using banking Trojans to steal money. Cybercriminals also are trying to take advantage of social networking sites such as Facebook and Linked In by using them to launch attacks, Peterson says. He adds that many of these social networking attacks rely on botnets, which are being increasingly used by cybercriminals. However, Peterson also notes that cybersecurity professionals are making progress in countering cyberthreats. For example, a number of security firms partnered with infrastructure companies, DNS registrars, and registries to form the Conficker Working Group, which helped eliminate the Conficker botnet's ability to get updates and commands from the command and control. Peterson says the report also points out several cybersecurity challenges facing the government, including increased cyberattacks and figuring out how to deal with President Obama's promises of increased transparency while maintaining the security of federal networks.


FIPS-Certified USB Drives Have Security Flaws
Federal Computer Week (01/11/10) Jackson, William

The U.S. National Institutes of Standards and Technology (NIST) recently announced that it is launching a review of the certification process for cryptographic modules under the Federal Information Processing Standards (FIPS), which aims to ensure that cryptographic tools meet government performance and security standards. The announcement comes in the wake of the discovery of a vulnerability in USB flash drives, some of which had been FIPS-certified. According to researchers at Sees, who discovered the vulnerability in December, the vulnerability can be exploited by inserting a tool in the password entry program to ensure that it always sends the character string that is needed to authorize decryption of the drive's contents, regardless of whether the correct password is entered or not. This could allow unauthorized individuals to access the encrypted contents of a USB drive that has the flaw. NIST says that although the problem is likely in the software authorizing decryption rather than the FIPS-certified cryptographic module, it will consider whether changes need to be made to the NIST certification process once its review is complete.


Africa Opts for Slow DNSSEC Adoption
Computerworld Kenya (01/10/10) Wanjiku, Rebecca

Top level domain registries in Africa are choosing to slowly implement Domain Name System Security Extensions (DNSSEC), which ICANN is planning to launch on the DNS root zone in January. Experts say the decision by the African TLDs to slowly implement DNSSEC is a good one. Among those who agree with the move is Calvin Browne, a director at UniForm, the administrator of South Africa's .co.za domain name. Browne notes that a gradual implementation of DNSSEC may be a good idea because the protocol makes DNS more complex and more brittle, and because it increases the amount of traffic involved in resolving DNS. In addition, the registry managers in many African nations still need to be trained on DNSSEC before the protocol is adopted on their infrastructure. Such training will be offered at ICANN and African TLD organization meetings in March, says Kenic's Joe Kiragu. But others say that it may be easier for African registries to adopt DNSSEC, given the fact that they have fewer than 1 million registered domain names. DNSSEC also may be helpful in jumpstarting e-commerce in Africa, since it will help address the online security concerns many African consumers have.


Abstracts Copyright © 2010 Information, Inc. Bethesda, MD


  ASIS also offers a daily and a non-sponsored, special-content Professional Edition of
Security Newsbriefs. Please click to see a sample or to contact us for more information.

Unsubscribe | Change E-mail | Advertising Opportunities | Security Management Online | ASIS Online

No comments: