March 30, 2009 by Tim McDowell.

Release Date: March 30, 2009

For Immediate Release
Office of the Press Secretary
Contact: 202-282-8010

The U.S. Department of Homeland Security (DHS) announced today the release of a DHS-developed detection tool that can be used by the federal government, commercial vendors, state and local governments, and critical infrastructure owners and operators to scan their networks for the Conficker/Downadup computer worm.

The department’s United States Computer Emergency Readiness Team (US-CERT) developed the tool that assists mission-critical partners in detecting if their networks are infected. The tool has been made available to federal and state partners via the Government Forum of Incident Response and Security Teams (GFIRST) Portal, and to private sector partners through the IT and Communications sector Information Sharing and Analysis Centers (ISACs). Additional outreach to partners will continue in the coming days.

Department cyber experts briefed federal Chief Information Officers and Chief Information Security Officers today, as well as their equivalents in the private sector and state/local government via the ISACs and the National Infrastructure Protection Plan framework. 

“While tools have existed for individual users, this is the only free tool – and the most comprehensive one – available for enterprises like federal and state government and private sector networks to determine the extent to which their systems are infected by this worm,” said US-CERT Director Mischel Kwon. ”Our experts at US-CERT are working around the clock to increase our capabilities to address the cyber risk to our nation’s critical networks and systems, both from this threat and all others.”

In addition to the development of this tool, DHS is working closely with private sector and government partners to minimize any impact from the Conficker/Downadup computer worm. This worm can infect Microsoft Windows systems from thumb drives, network share drives, or directly across a corporate network if network servers are not protected by Microsoft’s MS08-067 patch.

US-CERT recommends that Windows Operating Systems users apply Microsoft security patch MS08-067 (http://www.microsoft.com/technet/security/Bulletin/MS08-067.mspx) as quickly as possible to help protect themselves from the worm. This security patch, released in October 2008, is designed to protect against a vulnerability that, if exploited, could enable an attacker to remotely take control of an infected system and install additional malicious software.

Home users can apply a simple test for the presence of a Conficker/Downadup infection on their home computers.  The presence of an infection may be detected if users are unable to connect to their security solution Web site or if they are unable to download free detection/removal tools.

If an infection is suspected, the system or computer should be removed from the network.  In the case of home users, the computer should be unplugged from the Internet. 

Instructions, support and more information on how to manually remove a Conficker/Downadup infection from a system have been published by major security vendors. Each of these vendors offers free tools that can verify the presence of a Conficker/Downadup infection and remove the worm:

Symantec:
http://www.symantec.com/business/security_response/writeup.jsp?docid=2009-011316-0247-99

Microsoft:
http://support.microsoft.com/kb/962007
http://www.microsoft.com/protect/computer/viruses/worms/conficker.mspx

Home users may also call Microsoft PC Safety hotline at 1-866-PCSAFETY, for assistance. 

McAfee:
http://www.mcafee.com/us/threat_center/default.asp

US-CERT encourages users to prevent a Conficker/Downadup infection by ensuring all systems have the MS08-067 patch, disabling AutoRun functionality (see http://www.us-cert.gov/cas/techalerts/TA09-020A.html), and maintaining up-to-date anti-virus software.

In addition, US-CERT recommends that computer users and administrators implement the following preparedness measures to protect themselves against this vulnerability, and also from future vulnerabilities:

• Keep up-to-date on security patches and fixes for your operating system. The easiest way to do this is to set your system to receive automatic updates, which will ensure you automatically receive security updates issued by Microsoft. If your system does not allow automatic updates, we recommend that you manually install the Microsoft security patch today through Microsoft Update at http://update.microsoft.com/microsoftupdate
• Install anti-virus and anti-spyware software and keep them up-to-date
• Enable a firewall which will help block attacks before they can get into your computer

To access the alerts for this vulnerability and for additional information on cyber security tips and practices, please visit www.us-cert.gov.

###

Posted in CIP, HLD | Print | No Comments »

March 30, 2009 by Tim McDowell.

On 27 March 2009 Japan announced that it has deployed two ballistic missile destroyers to intercept the rocket that North Korea is set to test sometime between 4 - 8 April. Japan and the U.S. announced earlier that they will punish North Korea if it goes through with the rocket launch test. Officials stated that it is unlikely that the rocket will cause any damage and assured the Japanese public that they will be safe. On 26 March nuclear envoys from Japan, South Korea and the U.S. met in Washington D.C. to discuss the situation.

Posted in HLD | Print | No Comments »

March 30, 2009 by Tim McDowell.

Ted Stevens Anchorage International Airport (KANC/ANC) reopened late in the afternoon on 29 March 2009. Officials had closed the airport in the evening on 27 March after ash from Mount Reboubt, which has erupted 19 times since 22 March, covered the airport’s runways. The ash poses a potential hazard to aircraft engines. Alaska Airlines has resumed flights to the airport, though the potential for further disruptions as a result of the ash remains. Travelers should verify their flight status before departing to the airport.

Posted in CIP, HLD | Print | No Comments »

March 26, 2009 by Tim McDowell.

On 25 March 2009 the U.S. Embassy in Kiev issued the following Warden Message: “Recently, private U.S. citizens resident in or visiting Kyiv have reported seven violent criminal assaults and robberies directed against foreign nationals by a gang of street criminals. These reported activities have occurred in and around the areas surrounding O’Brien’s Pub and the Hyatt Hotel in Kyiv.

“After an extensive check, the Regional Security Office of the Embassy has been unable to confirm these incidents; however, crime is a serious problem in Kyiv and as the economic situation worsens, violent criminal incidents — robberies, burglaries, and assaults — are expected to increase. As a reasonable precaution, the Embassy strongly recommends all U.S. citizens exercise an increased level of security awareness and report any criminal incident to the Embassy. …”

Posted in Warden Messages | Print | No Comments »

March 26, 2009 by Tim McDowell.

Supporters of former President Marc Ravalomanana and newly installed President Andry Rajoelina reportedly clashed during an anti-government protest in Antananarivo on 25 March 2009. Anti-riot police officers fired warning shots into the air to disperse the crowd. There were no reports of serious injuries or arrests during the incident. Approximately 15,000 opposition supporters had gathered at the capital’s Ambohijatovo Park gardens to demand that Rajoelina step down from office.

Ravalomanana’s supporters have pledged to continue staging daily demonstrations until Rajoelina resigns. Ravalomanana gave his express support to his followers to continue their civil actions through a pre-recorded video clip that was broadcast during the 25 March rally, encouraging his supporters to “save the nation.”

Posted in HLD | Print | No Comments »

March 26, 2009 by Tim McDowell.

This is a video that every American Should see

Then go ahead an get a good night’s sleep knowing that Papa Obama is watching out for us

http://www.tangle.com/view_video.php?viewkey=0861ff3eabea1ceb73e4

Posted in CIP, HLD | Print | No Comments »

March 13, 2009 by Tim McDowell.

The order was clear: Kill the guy in the Astros jersey.

But in a case of mistaken identity, Jose Perez ended up dead. The intended target — the Houston-based head of a Mexican drug cartel cell pumping millions of dollars of cocaine into the city — walked away.

Perez, 27, was just a working guy, out getting dinner late on a Friday with his wife and young children at Chilos, a seafood restaurant on the Gulf Freeway.

His murder and the assassination gone awry point to the perilous presence of Mexican organized crime and how cartel violence has seeped into the city.

Arrests came in December when police and federal agents got a break in the 2006 shooting as they charted the relationship and rivalries between at least five cartel cells operating in Houston. A rogue’s gallery of about 100 names and mug shots taken at Texas jails and morgues offers a blueprint for Mexican organized crime.

Houston has long been a major staging ground for importing illegal drugs from Mexico and shipping them to the rest of the United States, but a recent Department of Justice report notes it is one of 230 cities where cartels maintain distribution networks and supply lines.

At Chilos, the real crime boss was sitting at another table, as were two spotters. The hitman waited in the parking lot for Perez to leave the restaurant.

“I just remember that guy coming up to us and he started shooting and shooting and shooting and never stopped,” said Norma Gonzalez, Perez’s widow. He was hit twice.

“I know they will pay for what they have done, maybe in the next life,” she said of Perez’s killers. “I don’t know what is going to happen to them in this life.”

Problem ‘far-reaching’

The gangster — captured on surveillance video — blended in with other customers as they gawked at the aftermath. A few months later, he was dead too, gunned down two miles from the restaurant.

“It is here and it has been here, but people don’t want to listen,” Rick Moreno, a Houston police homicide investigator working with the Drug Enforcement Administration and FBI, said of the cartels’ presence in Houston. “It is so far-reaching>”

Washington is taking notice, even if the toll on U.S. streets is nowhere near as pervasive as in Mexico, where cartels are locked in a war against one another and with the government.

“International drug trafficking organizations pose a sustained, serious threat to the safety and security of our communities,” U.S. Attorney General Eric Holder said. “We can provide our communities the safety and the security that they deserve only by confronting these dangerous cartels head-on without reservation,” he said.

When it comes to tearing into the cartels in Houston, an investigation later code-named Operation Three Stars got quietly under way three years ago, as an undercover DEA agent stood in line at a McDonald’s in north Houston. He listened to a drug trafficker using a two-way radio to set up delivery of $750,000; the man was with his wife and kids, ordering Happy Meals while making the deal.

http://www.chron.com/disp/story.mpl/metropolitan/6299436.html

Posted in CIP, HLD | Print | No Comments »