-----Original Message----- From: InfraGard [mailto:infragard@private] Sent: Monday, June 23, 2003 7:11 AM To: Information Technology Subject: [Information_technology] Daily News 6/23/03 June 19, eWEEK Security researchers uncover mystery malware. Security experts finally have a handle on mystery malware that was generating loads of suspicious IP traffic over the last few weeks. Researchers at Internet Security Systems Inc. (ISS) say the culprit is a distributed network mapping tool that also acts as a listening agent. Dubbed Stumbler, the agent is not considered malicious right now because it contains no payload, but it has the potential to generate enough IP traffic to hamper network performance. What has experts most concerned is the ease with which Stumber could be reprogrammed to make it more damaging. "It could easily become a worm," said Dan Ingevaldson of ISS. "Remove it if you find it. And you should be concerned about how it got there because someone had to put it there intentionally." Stumbler first appeared around May 16 and began randomly scanning Internet-connected machines. The scanning was slow at first but began to pick up speed in recent days as more machines have become infected. Source: http://www.eweek.com/article2/0,3959,1132253,00.asp June 19, CNET News E-mail scam makes Best Buy scramble. Best Buy moved Thursday to limit damage from an e-mail that tells a recipient that an order made on BestBuy.com used the person's credit-card information. The recipient of the e-mail is asked to follow a link to a look-alike Web site in an attempt to persuade them to give up their credit-card information. The Minneapolis-based electronics and consumer-goods chain consulted with both the Federal Trade Commission's identity-theft group and federal and state law enforcement to try and track down those responsible for the e-mail message that apparently started circulating Wednesday. Different Web sites were being used to host the ploy, indicating that a single perpetrator is trying to stay ahead of the Internet service providers or that a copycat has started using the message. Both sites had been taken down by their hosting providers as of Thursday morning . Source: http://news.com.com/2100-1002_3-1019192.html June 19, SecurityFocus Guess settles with FTC over cybersecurity gaffe. The Federal Trade Commission (FTC) announced Wednesday that Guess Inc. has agreed to overhaul its information security practices to settle a rare FTC action kindled by a young programmer who discovered a security hole on the fashion retailer's e-commerce site last year. Jeremiah Jacks discovered that Guess.com was open to an "SQL injection attack," permitting anyone able to construct a properly-crafted URL to pull down every name, credit card number and expiration date in the site's customer database. The episode prompted an FTC investigation into alleged deceptive trade practices by Guess, based on language in the company's privacy policy that assured visitors, "All of your personal information including your credit card information and sign-in password are stored in an unreadable, encrypted format at all times." Under the settlement Guess is prohibited from misrepresenting the extent to which it protects the security of customers' personal information and must establish and maintain a comprehensive information security program. Source: http://securityfocus.com/news/5968 Internet Security Systems - AlertCon: 1 out of 4 https://gtoc.iss.net/ Last Changed 10 June 2003 Security Focus ThreatCon: 1 out of 4 www.securityfocus.com Last Changed 11 June 2003 Current Virus and Port Attacks Virus: #1 Virus in USA: WORM_KLEZ.H Source: http://wtc.trendmicro.com/wtc/wmap.html, Trend World Micro Virus Tracking Center [Infected Computers, North America, Past 24 hours, #1 in United States] Top 10 Target Ports: 137 (netbios-ns), 80 (www), 1434 (ms-sql-m), 4662 (eDonkey2000), 445 (microsoft-ds), 139 (netbios-ssn), 6346 (gnutella-svc), 0 (---), 113 (ident), 25 (smtp) Source: http://isc.incidents.org/top10.html; Internet Storm Center _______________________________________________ Information_technology mailing list Information_technology@listserv
This archive was generated by hypermail 2b30 : Mon Jun 23 2003 - 10:33:33 PDT