-----Original Message----- From: NIPC Watch To: Daily Distribution Sent: 12/20/01 6:44 AM Subject: NIPC Watch Daily Report 20 December NOTE: Please understand that this is for informational purposes only and does not constitute any verification of the information contained in the report nor does this constitute endorsement by the NIPC of the FBI. General - The W32.Reezak.A@mm worm, sent under guise of a holiday greeting, has recently surfaced. The worm enters a computer as an e-mail message with the subject line "Happy New Year" and the attachment "Christmas.exe," which a recipient may believe is a Christmas card. The worm propagates via Microsoft Outlook and Outlook Express to everyone in the receiver's address book. The worm can disable selective keys on the infected computer's keyboard and delete all the files found in the Windows System Directory, rendering the computer inoperable. (Reuters, 19 December) (NIPC Comment: The NIPC will continue to monitor this worm, which anti-virus vendors rate a low to medium threat.) The Federal Computer Incident Response Center (FedCIRC) and the Computer Emergency Response Team/Coordination Center (CERT/CC) issued an advisory on 19 December that discusses a Microsoft Internet Explorer vulnerability in its handling of certain MIME headers in Web pages and HTML email messages. This vulnerability allows an attacker to execute arbitrary system code when the victim visits a Web page or views an HTML email message. FedCIRC/CERT Advisory FA-2001-36/CA-2001-CA is located at the following URL http://www2.fedcirc.gov/alerts/advisories_2001.html. Border Gateway Protocol (BGP), a function that translates routing tables from different vendors' equipment, has been a component of commercial routers since 1994. Although the security problems have been evident for at least two years, experts say they're seeing more router break-in kits shared on Internet Relay Chat networks frequented by hackers. Similar kits have helped hackers temporarily take down several ISPs and prominent Web sites using packet-flooding attacks. Router attacks aimed at ISPs are even more attractive to hackers, because routers control not only Web site traffic, but all Internet traffic managed by an ISP, even "pass-along" traffic from other ISPs. (InternetWeek, 17 December) The Bush Administration is moving on several fronts to press the information technology industry to supply the federal government with software that is more secure against viruses and intrusions. At least three federal purchasers; NASA, the United States Air Force, and the Transportation Department, are pressing software suppliers for more secure products. (The Independent Weekly, 18 December) Transportation - The Federal Aviation Administration lifted airspace restrictions on 19 December 2001, around 30 cities where general aviation aircraft have been prohibited since 11 September 2001. "Today's action will allow most general aviation flights to resume their pre-11 September service," said Transportation Secretary Norman Y. Mineta. (Associated Press, 19 December)
This archive was generated by hypermail 2b30 : Sun May 26 2002 - 11:37:48 PDT