-----Original Message----- From: NIPC Watch [mailto:nipc.watch@private] Sent: Wednesday, April 09, 2003 7:18 AM To: Information Technology Subject: [Information_technology] Daily News 4/09/03 April 08, Next Australia leaves the hack door open to cyber sabotage. Australia's critical information infrastructure is at risk because of the Federal Government's focus on physical infrastructure and terrorism, the head of Australia's Computer Emergency Response Team (AusCERT) says. AusCERT general manager Graham Ingram says that Malaysia, South Korea and Japan are spending enormous amounts of money on protecting information infrastructure - things such as government, banking, public utility, telecommunications and emergency networks. In Australia, many of these assets are in private hands. AusCERT has been contracted by the Federal Government to provide a free service to the general public and business about new threats to networked computer systems as part of the Trusted Information Sharing Network (TISN). TISN is a voluntary forum for owners of critical infrastructure to exchange information on security issues announced last November. But Kate Lundy, IT spokeswoman for Australia's Labor Party, says laws are needed to force the private sector to comply with minimum standards of protection for critical information infrastructure. Source: http://www.smh.com.au/articles/2003/04/07/1049567603965.html April 07, Associated Press Ely hospital hacker traced to former Soviet Union. A hacker who invaded the computer system at William Bee Ririe Hospital in Ely, Nevada, has been traced to the former Soviet Union, authorities said. The FBI said the hacker used the Web site of Al-Jazeera, the Arab news network, as a conduit to the hospital. Officials at the hospital said patient records are safe, but added that the cyber intruder may have accessed employee Social Security and bank information. Jim Crosley, information technology manager for the Ely hospital, detected the Ely break-in on March 20. He said the system seemed to be protected from attacks, but the FBI lab's analysis of the hospital's hard drives showed a game program, "Blaster Ball," contained a Trojan horse, a hidden code that acted as a beacon and let hackers into the hospital's system. "Two employees admitted downloading the game from the Internet and installing it at a work station," Crosley said. "The Trojan horse reported back to the hackers, and the system was compromised." Source: http://www.lasvegassun.com/sunbin/stories/nevada/2003/apr/07/040710833.h tml April 07, CNET News.com Samba flaw threatens Linux file servers. The Samba Team released a patch on Monday for the second major security flaw found in the past few weeks in the open-source group's widely used program for sharing Windows files between Unix and Linux systems. The security problem could easily let an attacker compromise any Samba server connected to the Internet. The vulnerability is already being used by online attackers to compromise vulnerable servers, the company warned in an advisory. The Samba software that runs on major Linux distributions as well as FreeBSD and Sun Microsystems' Solaris operating system were affected. Security firm Digital Defense found the vulnerability. However, in an added twist to the situation that could make the threat more serious, while Digital Defense noted that some hackers obviously knew of the method by which the vulnerability could be exploited, it also mistakenly posted its own exploit onto its Web site. A patch is available on the Samba Website: http://us1.samba.org/samba/samba.html. Source: http://news.com.com/2100-1002-995834.html April 07, Computerworld Handle corporate security as single entity, users say. Companies can improve their ability to detect and respond to both cyber and physical threats by tying their IT security to other aspects of corporate security. But the cultural and business-process changes involved in implementing such a holistic view of security can be daunting for most corporations, users said here last week at a conference organized by ASIS International, an organization of security professionals. Lew Wagner of the MD Anderson Cancer Center at the University of Texas in Houston, said coordinating IT security functions with areas such as physical protection, facilities management, human resources and legal and audit functions has helped enhance overall threat-detection and incident-response capabilities at the hospital. A holistic view of enterprise security can help plug gaps that might otherwise be missed, said James Litchko, of Litchko & Associates Inc., a security consultancy in Kensington, MD. For instance, the majority of IT-related security threats still stem from procedural and process flaws-such as failure to secure access to crucial systems, inadequate backups and lack of auditing-rather than from technology glitches, Litchko said. Source: http://www.computerworld.com/securitytopics/security/story/0 ,10801,80069,00.html Internet Security Systems - AlertCon: 2 out of 4 https://gtoc.iss.net/ Last Changed 8 April 2003 Security Focus ThreatCon: 2 out of 4 www.securityfocus.com Last Changed 8 April 2003 Current Virus and Port Attacks Virus: #1 Virus in USA: WORM_LOVGATE.F Source: http://wtc.trendmicro.com/wtc/wmap.html, Trend World Micro Virus Tracking Center [Infected Computers, North America, Past 24 hours, #1 in United States] Top 10 Target Ports: 137 (netbios-ns), 80 (www), 1434 (ms-sql-m), 25 (smtp), 113 (ident), 445 (microsoft-ds), 139 (netbios-ssn), 53 (domain), 4662 (eDonkey2000), 1214 (kazaa) Source: http://isc.incidents.org/top10.html; Internet Storm Center _______________________________________________ Information_technology mailing list Information_technology@listserv
This archive was generated by hypermail 2b30 : Wed Apr 09 2003 - 13:14:25 PDT