-----Original Message----- From: NIPC Watch [mailto:nipc.watch@private] Sent: Tuesday, April 29, 2003 7:40 AM To: Information Technology Subject: [Information_technology] Daily News 4/29/03 April 25, Computerworld Lack of terrorist activity leads to complacency. The changing of the cybersecurity guard at the Department of Homeland Security (DHS), coupled with complacency on the part of some corporate executives, has put a higher premium on information-sharing and cooperation between the private sector and the government. Michael Hershman of Virginia-based security consulting firm Decision Strategies LLC says companies have started to slow their efforts to boost security because there has been no terrorist activity recently. "I'm afraid that they may be drawing back into complacency," he said last week at a U.S. Chamber of Commerce conference in Washington that addressed the roles and responsibilities of the government and private sector in homeland security efforts. "Corporations in America have spent billions of dollars for security, with very little cost-benefit analysis," said Hershman. Source: http://www.computerworld.com/securitytopics/security/story/0,10801,80704 ,00. html April 25, London Free Press Cyber attacks a concern? The FBI calls cyber-terrorism a "premeditated, politically motivated attack against information, computer systems, computer programs and data which results in violence against non-combatant targets by subnational groups or clandestine agents." Some fear cyber-terrorists could shut down the Internet or substantially interfere with the use of oil, gas, power grids, telecommunications and emergency services. Others, however, say these fears are overstated as many critical systems are based on secured networks not accessible through the Internet. Terrorists and computer hackers can be a dangerous combination. There are reports that after investigations regarding several hijackings, authorities were led to believe terrorists had gained access to the architectural schematics of the planes through cyber-crime. Source: http://www.ds-osac.org/view.cfm?KEY=7E44514147571E0A3A0F162820 April 25, SecurityFocus Rise of the spam zombies. Pressed by increasingly effective anti-spam efforts, senders of unsolicited commercial e-mail are using Trojan horses to turn the computers of innocent netizens into secret spam zombies. One of those programs, popped up last week. "Proxy-Guzu" arrives as a spam, and when executed by an unwitting user, the Trojan listens on a randomly-chosen port and uses its own built-in mail client to dash off a message to a Hotmail account, putting the port number and victim's IP address in the subject line. The spammer then routes as much e-mail as he or she likes through the captured computer, knowing that any efforts to trace the source of the spam will end at the victim's Internet address. "As a general rule it's legal to send someone an e-mail even if they don't want it," says Mark Rasch, a former Justice Department computer crime attorney. "But once you break into their computer and get their computer to send e-mail to someone else, then you're violating federal and state computer crime laws." Source: http://securityfocus.com/news/4217 Internet Security Systems - AlertCon: 1 out of 4 https://gtoc.iss.net/ Last Changed 8 April 2003 Security Focus - ThreatCon: 1 out of 4 www.securityfocus.com Last Changed 18 April 2003 Current Virus and Port Attacks Virus: #1 Virus in USA: WORM_LOVGATE.F Source: http://wtc.trendmicro.com/wtc/wmap.html, Trend World Micro Virus Tracking Center [Infected Computers, North America, Past 24 hours, #1 in United States] Top 10 Target Ports: 137 (netbios-ns), 80 (www), 1434 (ms-sql-m), 445 (microsoft-ds), 25 (smtp), 113 (ident), 4662 (eDonkey2000), 7088 (---), 139 (netbios-ssn), 11310 (---) Source: http://isc.incidents.org/top10.html; Internet Storm Center _______________________________________________ Information_technology mailing list Information_technology@listserv
This archive was generated by hypermail 2b30 : Tue Apr 29 2003 - 11:48:31 PDT