-----Original Message----- From: NIPC Watch [mailto:nipc.watch@private] Sent: Friday, January 10, 2003 8:33 AM To: Cyber Threats; Information Technology Subject: [Cyber_threats] Daily News 01/10/03 January 09, Federal Computer News Council offers vision for infosec standards. President Bush's private-sector infrastructure protection advisory council agreed January 8 that the federal government should encourage the development and use of open standards in the market instead of dictating specific standards. But federal officials should also use the government's significant buying power to push for interoperability in those market standards and solutions that will raise the baseline of security across all sectors. The National Infrastructure Advisory Council's report will go to the president later this month along with a revised National Strategy to Secure Cyberspace, said Richard Clarke, chairman of the President's Critical Infrastructure Protection Board. The recommendations fall in line with the approach taken by the Bush administration in its draft cybersecurity strategy, which the White House released in September 2002 for comment. Revisions proposed by Clarke's office include setting specific priorities, such as taking a closer look at the Common Criteria security product certification program. Later this month, the council plans to meet again to look at other infrastructure protection issues, including the international migration to Version 6 of the Internet Protocol and developing a systematic vulnerability assessment program for private-sector infrastructure. Source: http://www.fcw.com/fcw/articles/2003/0106/web-niac-01-09-03.asp January 09, eSecurity Planet Virus Alert: W32.Lirva.A and ExploreZip. Two major viruses have struck the Internet at the same time. ExploreZip, an Internet worm first let loose in the wild back in 1999, has reemerged with just enough changes made to allow it to slip through anti-virus software undetected. And it has the added ability to override files on the infected computer, as well as on any other computer in the same network. Once ExploreZip 9 infects a computer, it will automatically respond to any email received with a seemingly valid subject line and the user's name, along with an infected attachment. Another problematic virus is the mass-mailing worm that pays tribute to Canadian singer Avril Lavigne. The worm is going under a few different names, including Avril and Lirva (which is Avril spelled backwards). Although this virus is less destructive than ExploreZip, anti-virus software company F-Secure Corp. has rated both viruses as Level 2 Threats, the second-highest threat category. The Lirva worm got a Level 2 rating because of the speed with which it's spreading around the world. It reportedly originated, in middle Europe and has spread to Turkey, the United States and Southeast Asia in less than 48 hours. Once Lirva infects a computer, it opens the computer's Internet Explorer browser to official Avril Lavigne Web site on the 7th, 11th and 24th of the month. It then starts to display colored circles on the screen, freezing the computer. Source: http://www.esecurityplanet.com/trends/article/0,,10751_1567161,00 .html January 09, Government Computer News DOD says system pilot not affected by TriWest thefts. The December 14 theft of computer equipment containing information on more than 500,000 military members poses no threat to the Composite Health Care System II, the Defense Department's pilot computerized medical system still in development, a Defense health official said yesterday. The computers were stolen from a TriWest Healthcare Alliance office in Phoenix. TriWest provides managed health care to 1.1 million military personnel and their families in 16 states for DOD's health care service, known as the Tricare Management Activity. But Tricare is not part of CHCS II, the official said. "There is no relationship between those two (systems)," said Dr. William Winkenwerder, Jr., assistant secretary of Defense for health affairs. Furthermore, Winkenwerder said, CHCS II information is stored at "very secure sites" and that DOD had implemented steps to increase CHCS II security. CHCS II eventually will store the records of more than 8.5 million military personnel and their families, allowing doctors to retrieve medical histories on their patients. Defense has approved use of CHCS II at seven military hospitals across the country. The thefts at TriWest are still unsolved. Source: http://www.gcn.com/vol1_no1/daily-updates/20816-1.html Virus: #1 Virus in USA: PE_FUNLOVE.4099 Source: http://wtc.trendmicro.com/wtc/wmap.html, Trend World Micro Virus Tracking Center [Infected Computers, North America, Past 24 hours, #1 in United States] Top 10 Target Ports: 137 (netbios-ns), 80 (http), 1433 (ms-sql-s), 139 (netbios-ssn), 135 (???), 4662 (???), 3389 (ms-term-serv), 445 (microsoft-ds), 53 (domain), 21 (ftp) Source: http://isc.incidents.org/top10.html; Internet Storm Center _______________________________________________ Cyber_Threats mailing list Cyber_Threats@listserv http://listserv.infragard.org/mailman/listinfo/cyber_threats
This archive was generated by hypermail 2b30 : Fri Jan 10 2003 - 11:58:31 PST