CRIME FW: [Cyber_threats] Daily News 09/17/02

• Previous message: Crispin Cowan: "Re: CRIME Suspicious PayPal Verification Email"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

 

-----Original Message-----
From: NIPC Watch
To: Cyber Threats
Sent: 9/17/02 7:27 AM
Subject: [Cyber_threats] Daily News 09/17/02

September 16, CERT/CC
CERTŪ Advisory CA-2002-27 Apache/mod_ssl Worm. The Apache/mod_ssl worm
is
self-propagating malicious code that exploits the OpenSSL vulnerability
described in VU#102795. This vulnerability was the among the topics
discussed in CA-2002-23 Multiple Vulnerabilities In OpenSSL. While this
OpenSSL server vulnerability exists on a wide variety of platforms, the
Apache/mod_ssl worm appears to work only on Linux systems running Apache
with the OpenSSL module (mod_ssl) on Intel architectures. Source:
http://www.cert.org/advisories/CA-2002-27.html

September 16, Ha'aretz Daily
Virtual soldiers in a Holy War. "Virtual al Qaeda" was the main topic of
a
seminar held in Washington about three months ago. At issue was the
appearance in cyberspace of Web sites, forums and chat rooms set up by
bin
Laden supporters, who preach his message of jihad against the West,
heretics, "the Crusaders and the Jews," and their toadies in Arab
countries
and the Muslim world. The purpose of the conference, which was attended
by
15 experts, most of them American, was to examine how the Al Qaida
organization and its supporters have changed since the September 11
attacks.
Source: http://www.ds-osac.org/edb/cyber/news/story.cfm?KEY=9026

September 13, CERT/CC
CERTŪ Advisory CA-2001-09 statistical weaknesses in TCP/IP initial
sequence
numbers (UPDATE). Attacks against TCP initial sequence number (ISN)
generation have been discussed for some time now. The reality of such
attacks led to the widespread use of pseudo-random number generators
(PRNGs)
to introduce some randomness when producing ISNs used in TCP
connections.
Previous implementation defects in PRNGs led to predictable ISNs despite
some efforts to obscure them. Source:
http://www.cert.org/advisories/CA-2001-09.html

Virus: #1 Virus in USA: PE FUNLOVE.4099
Source: http://wtc.trendmicro.com/wtc/wmap.html, Trend World Micro Virus
Tracking Center [Infected Computers, North America, Past 24 hours, #1 in
United States]

Top 10 Target Ports
80(http); 1433(ms-sql-s); 21(ftp); 139(netbios-ssn); 111(sunrpc);
25(smtp);
445(microsoft-ds); 53(domain); 6346(morpheus); 1524 (ingreslock);
Source: http://isc.incidents.org/top10.html; Internet Storm Center


_______________________________________________
Cyber_Threats mailing list
Cyber_Threats@listserv
http://listserv.infragard.org/mailman/listinfo/cyber_threats

• Next message: Andrew Plato: "CRIME NOTE: Anitian's IDS Seminar Rescheduled"
• Previous message: Crispin Cowan: "Re: CRIME Suspicious PayPal Verification Email"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Tue Sep 17 2002 - 09:23:26 PDT