FW: NIPC Advisory 01-023, 5 October 2001

From: George Heuston (georgeh@private)
Date: Fri Oct 05 2001 - 15:16:13 PDT

Next message: George Heuston: "Last Call, CRIME/InfraGard--Tomorrow@Verizon@10am"

Previous message: George Heuston: "FW: NIPC Daily Report, 5 October 2001"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

-----Original Message-----
From: NIPC Watch [mailto:nipc.watch@private] 
Sent: Friday, October 05, 2001 7:49 AM
To: daily
Subject: NIPC Advisory 01-023, 5 October 2001

ADVISORY 01-023

Update to NIPC Advisory 01-003 "E-Commerce Vulnerabilities"
October 05, 2001

The National Infrastructure Protection Center (NIPC) continues to
observe hacking activity targeting the e-commerce or e-finance/banking
industry.  Over the past several months, hackers have increased their
targeting of several third-party service providers that employ weak
security practices.  This advisory re-emphasizes NIPC Advisory 01-003,
"E-Commerce Vulnerabilities," dated March 08, 2001, in view of the
continuing threat to e-commerce networks.

Hackers are targeting third party service providers because of the
access they have into a partner company and the proprietary information
contained therein.  Because the level of security can differ between a
third-party service provider and a partner company, hackers attempt to
exploit these security inconsistencies.

The most prevalent exploit being used to gain access to targeted systems
is the Unicode vulnerability found in the Microsoft Internet Information
Services (IIS) web server software.  For additional information on this
topic please refer to:

http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/
bulletin/MS00-086.asp

Patches for the Unicode exploit have been available for some time.  The
appropriate patches for Windows based systems are found in a Microsoft
scanner released at the following site:

http://support.microsoft.com/support/kb/articles/q303/2/15.asp?id=303215&sd=
tech

The NIPC strongly recommends that all systems administrators check
relevant systems and apply the updated patches, especially for systems
related to e-commerce or e-banking/financial businesses.

Computer users are advised to keep their anti-virus and systems software
current by checking their vendor's Web sites frequently for new updates,
and to check for alerts put out by the NIPC, CERT/CC, and other
cognizant organizations.

Recipients of this advisory are encouraged to report computer intrusions
to their local FBI office http://www.fbi.gov/contact/fo/fo.htm or the
NIPC, and to the other appropriate authorities.  Incidents may be
reported online at http://www.nipc.gov/incident/cirr.htm.  The NIPC
Watch and Warning Unit can be reached at (202) 323-3204, toll free 1
(888) 585-9078, or nipc.watch@private

Next message: George Heuston: "Last Call, CRIME/InfraGard--Tomorrow@Verizon@10am"
Previous message: George Heuston: "FW: NIPC Daily Report, 5 October 2001"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Sun May 26 2002 - 11:26:58 PDT