-----Original Message----- From: NIPC Watch [mailto:nipc.watch@private] Sent: Friday, November 09, 2001 9:10 AM To: daily Subject: NIPC Daily Report 09 November 2001 NIPC Daily Report 09 November 2001 NOTE: Please understand that this is for informational purposes only and does not constitute any verification of the information contained in the report nor does this constitute endorsement by the NIPC or the FBI. Private Sector - Microsoft has released Security Bulletin MS01-055 which relates to how cookie data in Internet Explorer can be exposed or altered through script injection. Web sites use cookies as a way to store information on a user's local system. Most often, this information is used for customizing and retaining a site's setting for a user across multiple sessions. By design each site should maintain its own cookies on a user's machine and be able to access only those cookies. A vulnerability exists due to this ability to craft a URL that can allow sites to gain unauthorized access to user's cookies and potentially modify the values contained in them. Because some web sites store sensitive information in a user's cookies, it is also possible that personal information could be exposed. Microsoft is preparing a patch for this issue, but in the meantime customers can protect their systems by disabling active scripting. When the patch is complete, Microsoft will re-release this bulletin and provide details on obtaining and using it. (Source: Microsoft Corporation, 8 November) Internet Security Systems' X?Force operation is warning PC users of a serious security problem regarding remote access to Secure Shell (SSH) applications that may allow remote attackers to execute arbitrary code on a target system without any specific knowledge of that host. X?Force says that an advanced exploitation of the vulnerability exists and is being used in?the?wild. The serious nature of this vulnerability, it adds, is compounded by the confusing nature of SSH product versions and patches. X?Force recommends that security and network administrators examine their SSH configurations to determine if patching is necessary and if SSH version 1 connection fallback is still enabled. The R&D taskforce recommends upgrading to the new SSH version 2 support, if possible. (Source: Info Security News, 9 November) International - The 43?nation Council of Europe adopted a convention on cybercrime on 8 November, the first international treaty on criminal offenses committed over the Internet. The treaty criminalizes activities such as fraud and child pornography committed on the World Wide Web and sets up global policing procedures for conducting computer searches, intercepting e?mails, and extraditing criminal suspects. The Council, a club of European democracies that aims to safeguard human rights, said the convention was adopted by its Committee of Ministers and would be open for signature by member states at a conference on cybercrime in Budapest on 23 November. It will enter into force once five states, including at least three Council of Europe member nations, have ratified it. The United States, Japan and Canada, which have observer status at the Council, were invited to adopt it. (Source: BBC, 8 November) U.S. SECTOR INFORMATION: Banking and Finance - The National Infrastructure Protection Center learned that two protest groups -- a Canadian group named "Stop the WTO" and a US group called "Electronic Disturbance Theater" -- may be planning to conduct or coordinate a distributed denial of service attack today against the New York Stock Exchange and/or the NASDAQ. The reported goal is to lower the stock index in support of protests worldwide over the World Trade Organization meeting in Qatar 9-13 November. (Source: NIPC, 8 November) A serious weakness has been discovered in the methods used by banks to protect the number that lets you get money from a cash machine. Researchers from the University of Cambridge have found that the computer systems which check that these numbers are valid are easy to defeat. They warn that unscrupulous insiders could exploit these weaknesses to raid customer accounts. The researchers have called on banks to revise their security arrangements and use more open procedures to protect customers' cash. Every time you use a cash machine a formidable array of security technology is used to protect the data being passed from the ATM to the computers holding information about your account. At the heart of this process are devices called cryptoprocessors. These black boxes scramble the information you punch into the ATM so it cannot be intercepted as it travels along the wires. (Source: BBC, 9 November) Transportation - President Bush is ready to expand the National Guard's role at airports to build confidence in the nation's air travel system before the traditionally busy holiday season, officials say. The official announcement is expected to come 9 November, at a White House ceremony honoring employers of National Guard and Reserve personnel, administration officials said, speaking on condition of anonymity. It is unclear whether Bush will ask the governors to call up more troops or will do it on his own. One official characterized Bush's plan as a "dramatic increase" in the number of troops at airports. (Source: Associated Press, 9 November)
This archive was generated by hypermail 2b30 : Sun May 26 2002 - 11:31:06 PDT