-----Original Message----- From: NIPC Watch [mailto:nipcwatch@private] Sent: Thursday, October 24, 2002 8:18 AM To: Cyber Threats Subject: [Cyber_threats] Daily News 10/24/02 October 23, GreyMagic Software - GreyMagic Security Advisory GM#012-IE: Vulnerable cached objects in Internet Explorer (IE). GreyMagic, an Israeli software firm, has published an advisory covering nine separate vulnerabilities in Internet Explorer which all involve object caching. Most of the vulnerabilities are highly critical. Object caching takes place when the attacker opens a window to a page in his own site. The URL in the window is then changed to the victim page, but the cached references stay in place, providing direct access to the new document. While the vulnerabilities are all related to object caching, each of them is a separate vulnerability which uses a unique method for exploitation. Affected users are advised by GreyMagic to either disable Active Scripting or upgrade to IE6 SP1 until a patch becomes available. Source: http://www.govtech.net/news/news.phtml?docid=2002.10.23-3030000000026720 and http://sec.greymagic.com/adv/gm012-ie/ for the original report. October 23, PCWorld.Com ? Net Attack Could Be First of Many, Experts Warn. Future attacks could succeed in bringing down the Internet and are surprisingly simple to launch, security insiders say. The distributed denial-of-service attack launched Monday against all 13 of the Internet domain name system root servers failed to bring down the Internet, but that doesn't mean that more attacks won't follow and succeed where this week's attack failed, according to experts, some of whom feel that the federal government needs to step in to secure the Net infrastructure. "Monday's attack was an example of people not targeting enterprises, but going against the Internet itself by attacking the architecture and protocols on which the Internet was built," says Ted Julian, chief strategist at Arbor Networks of Lexington, Massachusetts. Gerry Brady, chief technology officer for Guardent says that sophisticated software programs make leveraging those compromised machines a simple matter, even for novice attackers. Source: http://www.pcworld.com/news/article/0,aid,106266,00.asp Virus: #1 Virus in USA: PE_FUNLOVE.4099 Source: http://wtc.trendmicro.com/wtc/wmap.html, Trend World Micro Virus Tracking Center [Infected Computers, North America, Past 24 hours, #1 in United States] Top 10 Target Ports 137(netbios-ns); 80(http); 1433(ms-sql-s); 21(ftp); 1080(socks); 139(netbios-ssn); 25(smtp); 8080(webcache); 22(ssh); 4899(radmin) Source: http://isc.incidents.org/top10.html; Internet Storm Center _______________________________________________ Cyber_Threats mailing list Cyber_Threats@listserv http://listserv.infragard.org/mailman/listinfo/cyber_threats
This archive was generated by hypermail 2b30 : Thu Oct 24 2002 - 10:15:10 PDT