CRIME FW: NIPC Daily Report, 13 December 2001

From: George Heuston (georgeh@private)
Date: Thu Dec 13 2001 - 09:45:16 PST

Next message: Kuo, Jimmy: "RE: CRIME Gokar"

Previous message: T. Kenji Sugahara: "CRIME Gokar"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

-----Original Message-----
From: NIPC Watch [mailto:nipc.watch@private] 
Sent: Thursday, December 13, 2001 5:29 AM
To: Daily/Warning Distribution
Subject: NIPC Daily Report, 13 December 2001

NIPC Daily Report 13 December 2001

NOTE:  Please understand that this is for informational purposes only 
and does not constitute any verification of the information contained in 
the report nor does this constitute endorsement by the NIPC or the FBI.

This report offers interested readers situational awareness of issues 
impacting the integrity and capability of the nation's critical 
infrastructures.  The NIPC Watch and Warning Unit will provide current 
and relevant information about actual or potential threats to the 
critical infrastructures, as necessary.

Government - President Bush yesterday announced the forming of the 
President's Council of Advisors on Science and Technology, a 20-plus 
member group of industry luminaries who will help shape policy on issues 
ranging from research?and?development funding to new broadband 
incentives.  The  President intends the panel to play a leading role in 
setting the government's hi?tech agenda in years to come.  AOL Time 
Warner Chairman Steve Case was among the first appointees.   (Mercury 
News, 12 December)

Private Sector - Microsoft will patch its Web browser to correct a flaw 
that enables attackers to silently download and execute malicious 
programs against unsuspecting users.  By design, Internet Explorer (IE) 
cautions users to scrutinize their download sources, and to be wary of 
executable file received from unrecognized senders.  Apparently, 
however, this standard IE warning is vulnerable to manipulation, 
potentially directing users to malicious Web sites, or striking them 
with backdoors and viruses.   In assessing the flaw, Chris Wysopal, 
director of research and development for AtStake, a security consulting 
firm, said that in order to fully exploit the vulnerability, "attackers 
would probably need control of a Web server so that they could control 
the information sent in the HTTP header." As a result, attacks could be 
traced to the malicious site. (Newsbytes, 12 December)

Next message: Kuo, Jimmy: "RE: CRIME Gokar"
Previous message: T. Kenji Sugahara: "CRIME Gokar"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Sun May 26 2002 - 11:37:32 PDT