CRIME NIPC Daily Report 6 Jun 02

From: George Heuston (GeorgeH@private)
Date: Thu Jun 06 2002 - 08:29:42 PDT

  • Next message: john.a.scheeland@private: "CRIME"

    State CIOs advise on homeland security plan. On 23 May, Steve Cooper, 
    senior director of information integration and the Homeland Security 
    Office's chief information officer, asked representatives from the 
    National Association of State Chief Information Officers (NASCIO) to 
    form a working group to advise him on the resources states have to offer
    
    to address cybersecurity issues. The move is significant, said state 
    officials, because it shows that federal officials understand that 
    states will bear the burden of implementing recommendations of a 
    national security plan. A draft of the national strategy will likely be 
    delivered to President Bush by early July. (Federal Computer Week, 3
    June)
    
    Commission issues terror advisories to nuclear plants yet reassures 
    public. In the past week, the NRC issued a new order requiring all 
    closed nuclear plants that have nuclear waste contained in storage pools
    
    to implement extra security measures "for the current threat 
    environment." Spent-fuel storage pools are considered among the more 
    vulnerable targets at nuclear plants. They are typically located outside
    
    the reinforced domes that protect reactors. According to the NRC, the 
    security upgrades ordered at decommissioned plants with storage pools 
    will include; increased patrols, augmented security forces and 
    capabilities, additional security posts, installation of additional 
    physical barriers, vehicle checks initiated from a distance further away
    
    from the plant and more restrictive site access controls for personnel. 
    Since September 2001, the NRC has suspended drills intended to test 
    security at nuclear plants. Ironically, the agency has cited increased 
    activity associated with plant security as the reason it has not had 
    time to resume the drills. (Power Engineering, 1 June)
    
    Unruly passenger forces plane landing at Boston. An international flight
    
    made an unscheduled landing on 5 June at Boston's Logan International 
    Airport because of an unruly passenger, who was taken into custody by 
    the FBI, Massachusetts State Police said. Police said the plane was 
    headed from Cancun, Mexico, to Rome, Italy, before it landed at Logan at
    
    9:10 a.m. (1310 GMT). Boston radio station WBZ said fighter jets 
    escorted the flight to the airport and that the man was tied up when the
    
    FBI removed him from the plane. It said the flight was chartered. 
    (Reuters, 5 June)
    
    Top ten viruses and hoaxes reported to Sophos in May 2002. Sophos has 
    released the ten most frequently occurring viruses and hoaxes. The 
    infamous Klez-G virus accounts for 52% of all occurrences, with Elkern-C
    
    at 23%. This is the third month in a row that a variant of the Klez worm
    
    dominated the virus chart. It's trickier to spot since it randomly 
    generates new subject lines, text, and attachment names each time it 
    propagates. (PR Newswire, 4 June)
    
    Logan officials seek federal OK for baggage security system. Officials 
    of the Massachusetts Port Authority, which operates Logan Airport, are 
    seeking federal approval for a new baggage-screening program. The 
    program, which needs the authorization of the federal Transportation 
    Security Administration, includes expanding airport baggage rooms to 
    house van-sized explosives detection systems that cost as much as $1.5 
    million each. Logan likely would use a combination of systems, including
    
    CAT scan technology, to identify explosives by density. (Associated 
    Press, 5 June)
    
    Multiple vulnerabilities in Yahoo! Messenger. There are multiple 
    vulnerabilities in Yahoo! Messenger version 5,0,0,1064, and previous 
    versions, for Microsoft Windows. Attackers that exploit these 
    vulnerabilities may be able to execute arbitrary code and be given the 
    same privileges as the victim user. The CERT/CC have not seen active 
    scanning for these vulnerabilities, nor have they received any reports 
    of these vulnerabilities being exploited, however, users are advised to 
    upgrade to version 5,0,0,1065 or a later version. (CERT Advisory Note 
    CA-2002-16, http://www.cert.org/advisories/CA-2002-16.html.)
    



    This archive was generated by hypermail 2b30 : Thu Jun 06 2002 - 09:43:15 PDT