CRIME FW: NIPC Watch Daily Report 20 December

From: George Heuston (GeorgeH@private)
Date: Thu Dec 20 2001 - 08:31:26 PST

  • Next message: Raan Young: "Re: CRIME FW: NIPC Watch Daily Report 20 December"

    -----Original Message-----
    From: NIPC Watch
    To: Daily Distribution
    Sent: 12/20/01 6:44 AM
    Subject: NIPC Watch Daily Report 20 December
    NOTE: Please understand that this is for informational purposes only and
    does not constitute any verification of the information contained in the
    report nor does this constitute endorsement by the NIPC of the FBI.
    General -  The W32.Reezak.A@mm worm, sent under guise of a holiday 
    greeting, has recently surfaced.  The worm enters a computer as an 
    e-mail message with the subject line "Happy New Year" and the attachment
    "Christmas.exe," which a recipient may believe is a Christmas card.  The
    worm propagates via Microsoft Outlook and Outlook Express to everyone in
    the receiver's address book.  The worm can disable selective keys on the
    infected computer's keyboard and delete all the files found in the 
    Windows System Directory, rendering the computer inoperable.  (Reuters, 
    19 December) (NIPC Comment: The NIPC will continue to monitor this worm,
    which anti-virus vendors rate a low to medium threat.)
      The Federal Computer Incident Response Center (FedCIRC) and the 
    Computer Emergency Response Team/Coordination Center (CERT/CC) issued an
    advisory on 19 December that discusses a Microsoft Internet Explorer 
    vulnerability in its handling of certain MIME headers in Web pages and 
    HTML email messages.  This vulnerability allows an attacker to execute 
    arbitrary system code when the victim visits a Web page or views an HTML
    email message.  FedCIRC/CERT Advisory FA-2001-36/CA-2001-CA is located 
    at the following URL
      Border Gateway Protocol (BGP), a function that translates routing 
    tables from different vendors' equipment, has been a component of 
    commercial routers since 1994.  Although the security problems have been
    evident for at least two years, experts say they're seeing more router 
    break-in kits shared on Internet Relay Chat networks frequented by 
    hackers.  Similar kits have helped hackers temporarily take down several
    ISPs and prominent Web sites using packet-flooding attacks.  Router 
    attacks aimed at ISPs are even more attractive to hackers, because 
    routers control not only Web site traffic, but all Internet traffic 
    managed by an ISP, even "pass-along" traffic from other ISPs. 
    (InternetWeek, 17 December)
      The Bush Administration is moving on several fronts to press the 
    information technology industry to supply the federal government with 
    software that is more secure against viruses and intrusions.  At least 
    three federal purchasers; NASA, the United States Air Force, and the 
    Transportation Department, are pressing software suppliers for more 
    secure products.  (The Independent Weekly, 18 December)
    Transportation -  The Federal Aviation Administration lifted airspace 
    restrictions on 19 December 2001, around 30 cities where general 
    aviation aircraft have been prohibited since 11 September 2001. 
    "Today's action will allow most general aviation flights to resume their
    pre-11 September service," said Transportation Secretary Norman Y. 
    Mineta. (Associated Press, 19 December)

    This archive was generated by hypermail 2b30 : Sun May 26 2002 - 11:37:48 PDT