Thursday, May 31, 2007

Daily Highlights

United Press International reports a new study from Congressional Research Service says terrorists are increasingly relying on criminal activity to finance their operations, as State−sponsorship is declining and terrorist groups are increasingly decentralized and more amateur. (See item 6)
·
Agence France−Presse reports China is to introduce new rules requiring food companies to take back products found to pose a health risk after poisoning of thousands of animals in the U.S., one of a series of incidents that have exposed lax controls in Beijing's food quality control system. (See item 15)
·
The International Herald Tribune reports public health officials have urged the passengers and crew of two recent trans−Atlantic flights to get checked for tuberculosis, after learning that a man with an exceptionally drug−resistant form of the disease had flown on the planes. (See item 19)

Information Technology and Telecommunications Sector

24. May 30, Government Computer News — NIST readies guidance on IT security assessments. The National Institute of Standards and Technology (NIST) has finished the third and possibly final draft of its revised guidelines for assessing the adequacy of IT security. Special Publication 800−53A, Guide for Assessing the Security Controls in Federal Information Systems, will be released for comment June 4. Comments on the current version will be accepted by the Computer Security Division of NIST’s IT Laboratory through July 31. Comments can be e−mailed to sec−cert@nist.gov. All of the FISMA−related security standards and guidelines can be found at http://csrc.nist.gov/sec−cert . Final publication of SP 800−53A is expected early next year. NIST will decide on whether additional public drafts are needed based on comments received on the present draft.
Source: http://www.gcn.com/online/vol1_no1/44383−1.html

25. May 29, US−CERT — Apple Releases a Security Update for QuickTime 7.1.6 to Address Multiple Vulnerabilities. Apple has released a Security Update for QuickTime 7.1.6 to address multiple vulnerabilities in Apple QuickTime for Java. The impacts of these vulnerabilities include arbitrary code execution and information disclosure.
US−CERT recommends users install the QuickTime 7.1.6 Security Update:
http://docs.info.apple.com/article.html?artnum=305531
Instructions for disabling Java may be found here:
http://www.us−cert.gov/reading_room/securing_browser/browser _security.html
Source: http://www.us−cert.gov/current/index.html#apple_releases_a_s ecurity_update