-----Original Message----- From: NIPC Watch To: Daily/Warning Distribution Sent: 2/13/02 6:08 AM Subject: NIPC Daily Report for 13 February 2002 NIPC Daily Report 13 February 2002 The NIPC Watch and Warning Unit compiles this report to inform recipients of issues impacting the integrity and capability of the nation's critical infrastructures. NIPC Alert reports potential vulnerabilities within SNMP. The National Infrastructure Protection Center (NIPC) issued Alert 02-001 "Potential For Multi-Sector Internet Outages." The NIPC is aware of potential vulnerabilities existing within the Simple Network Management Protocol (SNMP) and along with Carnegie Mellon University's Computer Emergency Response Team/Coordination Center (CERT/CC) is working with other government agencies, network security experts, and industry representatives to define and mitigate these vulnerabilities. For additional information visit the CERT/CC homepage at http://www.cedrt.org <http://www.cedrt.org> . Deadlier Klez worm on the prowl. A new variant of the Klez worm has had moderate success in infecting Windows archive files. This variant, carried by e-mail and known as Klez.e, overwrites files with random content on the sixth day of odd-numbered months. The worm attempts to circumvent antivirus programs and can spread automatically on Windows systems that use an unpatched version of Microsoft's Internet Explorer. Kaspersky Labs is working on an antivirus tool. (ZDNet, 11 Feb) Microsoft patch leaves IE users exposed to attacks. A bundle of software fixes designed to close security holes in Microsoft's Web browser leaves Internet Explorer users open to several known vulnerabilities. Tests performed by Newsbytes and independent security researchers show that the 11 February patch only partially closes two vulnerabilities and does not address the flaw in Internet Explorer version 6 that could allow remote attackers the ability to execute programs on a client system. (Newsbytes, 12 Feb) Federal Trade Commission launches "spam" e-mail crackdown. Federal regulators kicked off a crackdown on those who produce and disseminate junk e-mail known as ``spam''. This coincided with the announcement that the FTC had settled charges against seven people accused of running an e-mail pyramid scheme. (Reuters, 12 Feb) IBM Memory Keys in mystery virus infection. A computer virus has infected IBM's 32MB Memory Key, prompting the firm to issue a utility that cleans up the infection. The Memory Key is a removable storage device that plugs into the USB port. Computer Buyer News reports that Memory Keys with a manufacturing date prior to December 21 2001 or a serial numbers below 2320000 may be infected with the virus. (The Register, 12 Feb)
This archive was generated by hypermail 2b30 : Sun May 26 2002 - 11:38:56 PDT