CRIME NIPC Daily Report 27 November 2001

From: AARG!Anonymous (remailer@private)
Date: Tue Nov 27 2001 - 21:05:13 PST

  • Next message: Zot O'Connor: "Re: CRIME email scanner"

    NIPC Daily Report 27 November 2001
    
    NOTE:  Please understand that this is for informational purposes only
    and does not constitute any verification of the information contained in
    the report nor does this constitute endorsement by the NIPC or the FBI.
    
    Significant Changes and Assessment - There is a vulnerability in
    Microsoft Internet Explorer that allows a malicious Web site to spoof
    file extensions in the download dialog to make an executable program
    file look like a text, image, audio or other file.  The user will see a
    dialog window open, asking if the user wants to OPEN or SAVE.  Should
    the user decide to OPEN the file, the file will run without further
    prompting.  If the code is executable, no matter what the extension, the
    program will run on the users system, allowing the program full use of
    the users system.  This does not require any scripting turned on at all
    but can be called via javascript, inside an iframe, or even as a normal
    link.
    
    A second Microsoft vulnerability exists in Windows 95/98/NT/2000 with
    scripting turned on in Internet Explorer.  Any e-mail or web page with
    scripting that includes GetObject() as well as an ActiveX htmlfile can
    view any file on the users hard drive.   This includes the password
    files for the operating system, cookies file, and other files with
    personal or sensitive information contained within them.  (Source:
    Multiple Sources, 26 November)
    
    Private Sector - Search-engine spiders crawling the Web are increasingly
    stumbling upon passwords, credit card numbers, classified documents and
    even computer vulnerabilities that can be exploited by hackers.  The
    problem is not new:  Ever since search robots began indexing the Web
    years ago, Web site administrators have found pages not meant for public
    consumption exposed in search results.  A different twist on this has
    appeared with the advent of a new tool built into the Google search
    engine that finds a variety of file types in addition to traditional Web
    documents. With Google's new file-type search tool, a wide array of
    files formerly overlooked by basic search engine queries are now just a
    few clicks from the average surfer--or the novice hacker. Since Google's
    new tool launched earlier this month, Web site owners have been pulling
    down or securing sensitive pages that have turned up in Google results.
    (Source:  CNET News 26 November 2001)
    
    Microsoft Corporations's new Web services software will allow developers
    to create secure applications more easily and screen out the kind of
    unauthorized commands that are commonly used by malicious hackers,
    according to a review commissioned by the company.  A white paper
    released on 26 November and authored by Foundstone Incorporated and CORE
    Security Technologies concluded that Microsoft's .NET Framework reduces
    many major security risks.  Microsoft's .NET Framework will be used by
    developers to write applications for Web services under which software
    will be available online as a service to anyone using any device.  When
    it is released around the end of the year .NET software will
    automatically check the code and determine whether it should be allowed
    to perform the operation it is requesting, said Mike Kass, product
    manager for Microsoft's .NET Framework.  “When you load a program, it
    gathers evidence of where it came from and who wrote it.  If you are a
    system administrator you can fine-tune these permissions,” said Kass.
    “With the .NET Framework we're going to take the burden off the end
    user.”  (Source: Reuters, 26 November)
    
    International - As part of the international fight against terrorism,
    the Hong Kong government wants new laws that could classify disruptions
    to computer systems as acts of terror.  Terrorism has not been seen as a
    problem in Hong Kong, but the Security Bureau says in a paper being
    distributed to lawmakers that Hong Kong needs to pass new laws to keep
    up with UN Security Council resolutions.  The Security Bureau paper, to
    be discussed by legislators on 30 November, said new laws must define
    terrorism and address “the threat to use force or violence and action
    designed to interfere with or disrupt an electronic system.”  Financing
    terrorism is not now an offense under Hong Kong laws so legislation will
    also be required to provide for seizure of money intended for use by
    terrorists. (Source: Associated Press, 27 November)
    
    Richard Alston, reappointed as Australia's Communications and IT
    minister, has named some top brains to help recommend bidders to run a
    proposed new 129.5 million Australian dollars ($67.09 million)
    Information and Communications Technology Centre of Excellence.
    Establishment of the center was a major plank of government policies
    announced earlier this year, aimed at bolstering the information
    technology and communications industries in Australia. The aim is to
    create a world class research and training institute that can take
    Australia's ability to create and exploit information and communications
    technology to a new level, Alston said, and attract leading expatriate
    and overseas researchers.  (Source: Newsbytes, 26 November)
    
    The Korea Information Security Agency (KISA) and the Consortium of
    Computer Emergency Response Teams (CONCERT)  organized the fifth CONCERT
    Hacking Prevention Workshop under the theme of future hacking and virus
    trends, and protection strategies on 21 November with local and foreign
    security experts participating.  A hacking prevention workshop addressed
    the entire range of topics about the latest hacking and virus trends,
    and effective countermeasures.  The workshop was aimed at establishing a
    system of cooperation to prevent and contain intrusion attacks and to
    promote safe information communication networks through exchanges of
    information and technology on information security and strategies
    against intrusion attacks.  The Cyber-Terrorism Response Center of the
    National Police Agency  explained the importance of timely response to
    intrusion incidents, and intrusion prevention programs with a
    presentation on the types of crimes committed in the cyberspace and
    countermeasures available to fight cybercrime; and emergency procedures,
    legal measures, and relevant regulations that information security
    managers must follow in response to intrusion incidents involving their
    information security  systems.  (Source:  Seoul Chonja Sinmun , 23
    November)
    
    Government - NTR
    Military - NTR
    
    U.S. SECTOR INFORMATION:
    
    Transportation - Service on Amtrak trains was nearly back to normal on
    26 November after crews repaired a power outage that delayed thousands
    of passengers traveling between Boston and Washington.  The outage was
    caused by a CSX Corporation freight train that derailed and hit a power
    line pole about eight miles outside New York City early on 25 November.
    The pole carried a wire that supplied electricity to Amtrak's trains.  A
    19-mile stretch of track from New York City to New Rochelle was
    affected, and passengers traveling between Boston and New York were
    delayed at least two hours as Amtrak used diesel engines to tow electric
    trains to their destinations.  Service along one affected track was
    restored early on 26 November and a second track was expected to be back
    in service later in the day.  (Source: AP, 26 November)
    
    Gas and Oil Storage Distribution - NTR
    Telecommunications - NTR
    Electrical Power  - NTR
    Emergency Services - NTR
    Water Supply - NTR
    Banking and Finance - NTR
    Government Services - NTR
    



    This archive was generated by hypermail 2b30 : Sun May 26 2002 - 11:35:10 PDT