[INFOCON] - OCIPEP DAILY BRIEF - 30 September 2002
http://www.ocipep.gc.ca/DOB/DOB02-155_e.html DAILY BRIEF Number: DOB02-155 Date: 30 September 2002 NEWS Mass vaccination against smallpox a "staggering task": Dr. Cushman According to Dr. Robert Cushman, the city of Ottawa's Medical Officer of Health, a mass vaccination of Ottawa residents in the event of a smallpox outbreak would be a staggering task that would bring other health care to a standstill. Commenting on new U.S. federal guidelines for inoculating a city of one million people, Dr. Cushman described such an operation as "almost like a war situation." The city would require the operation of 20 emergency clinics, each staffed by 235 workers, and would have to look after 5,000 patients during a 16-hour day. (Source: canada.com, 29 September 2002) Click here for the source article Comment: The Canadian Smallpox Contingency Plan is currently being updated. For details of the current plan, see http://www.hc-sc.gc.ca/pphb-dgspsp/publicat/ccdr-rmtc/02vol28/28sup/acs1 .html War in Iraq could trigger cyberconflict: study Intelligence and security analysts warn that a U.S. war with Iraq could trigger a flood of hacker activity directed at U.S. networks and infrastructure. Attackers would include various Islamic hacking groups who have generally been anti-U.S. and anti-Israel, as well as American and European anti-war hackers. State-sponsored information warfare could also be launched after a ground attack on Iraq. Targets in a widespread cyberconflict would include large American companies and news media organizations, the latter for propaganda-planting and denial-of-service attacks. (Source: computerworld.com, 27 September 2002) Click here for the source article IN BRIEF Standards for disclosing software security flaws to be studied by OIS The Organization for Internet Safety (OIS), which consists of software vendors and security firms, will be pulling resources together to develop standards for disclosing software security vulnerabilities. (Source: computerworld.com, 27 September 2002) Click here for the source article Super bug will kill thousands A new book entitled "The Killers Within," predicts an antibiotic-resistant bacteria will be responsible for the deaths of more than 40,000 North Americans every year, and the numbers will escalate if the super-germs are not contained. "The bad bugs are getting stronger and they're getting stronger faster," says co-author Mark Plotkin. (Source: National Post, 28 September 2002). Click here for the source article Comment: On Sunday, 29 September 2002, CBC News reported that a hospital in British Columbia was trying to control an outbreak of an antibiotic-resistant strain of bacteria amongst newborns. Three infants had tested positive for methicillin-resistant straphylococcus (MRSA). View article for additional information: http://www.cbc.ca/stories/2002/09/29/babies_mrsa020929 Two improvement projects at Fredericton airport On 27 September 2002, Transport Canada announced the awarding of two contracts for airport improvement projects at the Greater Fredericton Airport: one for the expansion of the Air Terminal Building arrivals area, and the second for the expansion of the parking apron. (Source: Transport Canada, 27 September 2002) Click here for the source article U.S. Department of Agriculture announces new measures against E. coli contamination The U.S. Department of Agriculture's Food Safety and Inspection Service is adopting a series of new measures to further prevent Escherichia coli (E. coli) O157:H7 contamination in ground beef. The new measures are based on recent information indicating that E. coli O157:H7 is more prevalent than was previously thought. A Federal Register notice announcing these actions will be published. (Source: USDA, September 2002) Click here for the source article CYBER UPDATES See: What's New for the latest Alerts, Advisories and Information Products Threats Trend Micro reports on WORM_CIANAM.A, which is a worm that propagates via IRC, the Kazaa network and Outlook e-mail. It arrives with varying subject lines (such as "Why are you so playful??") and attachments http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=WORM_CIA NAM.A Trend Micro reports on WORM_ALCAUL.N, is a worm written in Visual Basic that propagates via Outlook e-mail. It arrives with the subject line "101 Reasons why ." and the attachment "Reasons.exe". http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=WORM_ALC AUL.N Vulnerabilities Security Tracker reports on a remotely exploitable denial-of-service vulnerability in Apache Web Server (2.0.41 and prior versions of the 2.0 series) 'mod_dav'. Follow the link for patch information. http://www.infosyssec.com/cgi-bin/link.cgi?target=http://www.infosyssec. com/infosyssec/aaa33.htm Additional vulnerabilities were reported in the following products: Drupal 4.0.0 HTML injection vulnerability. (SecurityFocus) http://online.securityfocus.com/bid/5801/discussion/
[INFOCON] - (Admin) How to unsubscribe
Dear All, Even though the unsubscribe instructions are included in the daily newsletter, some people still do not know how to do it. Below please find the instructions on how to unsubscribe: *** To unsubscribe - send an email to "[EMAIL PROTECTED]" with "unsubscribe infocon" in the body Also, please do not hassle any government agencies with unsubscribe requests (they are busy enough) if you get their news, ... through the Infocon list (all email from the infocon mailing list have '[INFOCON] -' in the subject line and hence should be easily identifiable). Thank you. Regards, WEN Wanja Eric Naef Webmaster & Principal Researcher IWS - The Information Warfare Site http://www.iwar.org.uk IWS INFOCON Mailing List @ IWS - The Information Warfare Site http://www.iwar.org.uk
[INFOCON] - News 09/30/02
opponents of a controversial bill that would allow copyright holders to use techniques critics compare to "hacking" to prevent content being pirated on peer-to-peer networks, Kevin Murphy writes. At a hearing of the House Judiciary Committee's Subcommittee on Courts, the Internet and Intellectual Property, a senior record industry executive and the bill's sponsors argued that the bill is the best way to stop P2P being used to pirate, while a public domain lobbyist said the bill was too vague and potentially dangerous. http://www.theregus.com/content/6/26458.html [5] When is hacking a crime? By Robert Lemos Special to ZDNet September 23, 2002, 4:32 AM PT Kevin Finisterre admits that he likes to hew close to the ethical line separating the "white hat" hackers from the bad guys, but little did he know that his company's actions would draw threats of a lawsuit from Hewlett-Packard. This summer, the consultant with security firm Secure Network Operations had let HP know of nearly 20 holes in its Tru64 operating system. But in late July, when HP was finishing work to patch the flaws, another employee of Finisterre's company publicly disclosed one of the vulnerabilities and showed how to exploit it--prompting the technology giant to threaten litigation under the Digital Millennium Copyright Act. Finisterre, who was not hired by HP, now says he'll think twice before voluntarily informing another company of any security holes he finds. http://zdnet.com.com/2100-1105-958920.html [6] Secret Service patrolling for unsecured wireless networks Copyright C 2002 AP Online By D. IAN HOPPER, AP Technology Writer WASHINGTON (September 29, 2002 1:56 p.m. EDT) - Secret Service agents are putting a high-tech twist on the idea of a cop walking the beat. Using a laptop computer and an antenna fashioned from a Pringles potato chip can, they are looking for security holes in wireless networks in the nation's capital. The agency best known for protecting the president and chasing down counterfeiters has started addressing what it calls one of the most overlooked threats to computer networks. "Everybody wants wireless, it's real convenient," Special Agent Wayne Peterson said. "Security has always been an afterthought." http://www.nandotimes.com/technology/story/41p-4378549c.html [I am using the free Cloudmark SpamNet (http://www.cloudmark.com/) to filter spam and it works really well (unfortunately it only supports Outlook 2000/XP). WEN] [7] Porn Spam: It's Getting Raunchier By Julia Scheeres 2:00 a.m. Sep. 30, 2002 PDT Naked women performing oral sex with guns pressed to their heads, naked women with large dogs clutching their backs, naked women in pigtails pretending to be daughters having sex with fathers. These are some of the explicit images that have started slipping into inboxes lately as spamsters try to drive traffic to a growing number of sites featuring rape, bestiality and incest pornography. http://www.wired.com/news/culture/0,1284,55420,00.html [8] Council of Europe targets child sex abuse, online racism By AGENCE FRANCE-PRESSE STRASBOURG, France (AFP) - The pan-European rights body Council of Europe on Friday passed resolutions against child sex abuse and Internet racism but said the battle to fight them will be tough because of huge financial interests. "Combating the sexual abuse of children should be made a national cause in all our member states" said rapporteur Fiorello Provera, of the liberal, democratic and reformers' group. "Zero tolerance should mean that no criminal went unpunished, there should be no geographical limits." "The trafficking and prostitution of both boys and girls have started to flourish in our European states," she warned. "The children come from Eastern Europe, from Africa, from China." http://newsobserver.com/24hour/world/story/554721p-4372464c.html [9] Maryland law targets spammers By William Glanz THE WASHINGTON TIMES Maryland consumers tired of finding their electronic mailboxes stuffed with unwanted pitches for amazing cancer cures and weary of opening advertisements that claim to be messages from old friends should get some welcome relief. A new state law that takes effect tomorrow is intended to limit unsolicited commercial e-mail, or spam, which accounted for almost half of all electronic messages last year. Despite the legislation, politicians, e-mail marketers and Internet service providers (ISP) who support reining in spammers believe that stopping the electronic junk mail
