-----Original Message----- From: InfraGard [mailto:infragard@private] Sent: Tuesday, June 24, 2003 7:40 AM To: Information Technology Subject: [Information_technology] Daily News 6/24/03 June 23, The Register Fortnight worm exploits antique Windows vuln. Windows users are being infected by a JavaScript worm - even though protection has been available for almost three years. The Fortnight JavaScript worm exploits a vulnerability in Microsoft VM ActiveX which makes it possible for malicious code to execute simply by reading an message in an HTML aware email client. Microsoft issued protection against the vulnerability in October 2000. Despite this, users are still becoming infected to a modest extent with recently released variants of JS/Fortnight-D and JS/Fortnight-F. The worm's actions include changing registry keys and adding links to various Web sites to a victim's favourites list. Users should keep their anti-virus software updated. Source: http://theregister.co.uk/content/56/31375.html June 20, SC Infosecurity News Four men charged in major Indian cellular fraud. A U.S.-based IT professional and three Indian citizens have been arrested, charged with defrauding Hutchison Essar, an Indian telecommunications company, of around $200,000. Delhi Police arrested two of the men in the city of New Delhi, while the other two, including the U.S. citizen originally from India, were arrested in the city of Kochi at the start of June. The losses were incurred after the men conspired to activate and use 19 GSM SIM cards in the U.S., making significant volumes of calls back to India and other countries. The case highlights the delays that some cellular carriers experience before forwarding roaming call data on to other networks in other countries. While all GSM networks authenticate roaming SIM card accounts with their home network before each roamed call is connected, information on the actual value of the call is not shared in real time. Source: http://www.infosecnews.com/sgold/news/2003/06/20_04.htm June 19, Federal Computer Week Police force making network mesh. The Medford, OR, police force has opted to replace its wireless communications network with a new system based on technology originally developed for the U.S. military. Funded in large part through grants from the Department of Homeland Security, the $500,000 system is based on "mesh" networking technology that essentially uses every available client device--computer, personal digital assistant, cell phone, etc.--as a router and repeater. For Ron Norris, Medford's deputy police chief, one of the system's biggest advantages will be having all the devices on the network able to communicate with each other. Source: http://www.fcw.com/geb/articles/2003/0616/web-oregon-06-19-03.asp Internet Security Systems - AlertCon: 1 out of 4 https://gtoc.iss.net/ Last Changed 10 June 2003 Security Focus ThreatCon: 1 out of 4 www.securityfocus.com Last Changed 11 June 2003 Current Virus and Port Attacks Virus: #1 Virus in USA: WORM_LOVGATE.F Source: http://wtc.trendmicro.com/wtc/wmap.html, Trend World Micro Virus Tracking Center [Infected Computers, North America, Past 24 hours, #1 in United States] Top 10 Target Ports: 137 (netbios-ns), 80 (www), 1434 (ms-sql-m), 445 (microsoft-ds), 4662 (eDonkey2000), 6346 (gnutella-svc), 139 (netbios-ssn), 113 (ident), 2234 (directplay), 0 (---) Source: http://isc.incidents.org/top10.html; Internet Storm Center _______________________________________________ Information_technology mailing list Information_technology@listserv
This archive was generated by hypermail 2b30 : Tue Jun 24 2003 - 11:54:40 PDT