CRIME FW: [Information_technology] Daily News 8/01/03

From: George Heuston (GeorgeH@private)
Date: Fri Aug 01 2003 - 08:01:37 PDT

  • Next message: Arthur Strutzenberg: "RE: CRIME And finally"

    -----Original Message-----
    From: InfraGard [mailto:infragard@private] 
    Sent: Friday, August 01, 2003 7:37 AM
    To: Information Technology
    Subject: [Information_technology] Daily News 8/01/03
    
    July 31, Government Computer News
    Superworm Manifesto unveiled at cybersecurity briefings. Typical worms,
    such
    as Code Red, use random scanning to propagate, wasting bandwidth and
    competing with themselves once released. The Sapphire worm, an example
    of a
    theoretical worm concept called Warhol, succeeded in infecting 90
    percent of
    vulnerable machines within about 10 minutes, but continued trying to
    spread
    randomly, drawing attention to itself and quickly running out of
    bandwidth.
    Brandon Wiley of the Foundation for Decentralised Research unveiled a
    guide
    for creating a new generation of worms this week at the Black Hat
    Briefings
    security conference in Las Vegas, NV. He also offered a way for systems
    to
    be inoculated. Wiley's superworm concept, called Curious Yellow, would
    combine the fast-spreading characteristics of a Warhol worm with an
    algorithm that would let the worms coordinate their activities to avoid
    overlap, multiple infections and competition. The result is a large,
    robust
    network of exploited machines that can be continually updated to carry
    out
    tasks, benign or malicious. Source:
    http://www.gcn.com/vol1_no1/daily-updates/22986-1.html
    
    July 30, SecurityFocus
    Panel probes the half-life of bugs. Software security holes never die,
    they
    fade from the Internet at a rate of 50% every thirty days after a patch
    is
    released, according to the results of a study released at the Black Hat
    Briefings security conference in Las Vegas, NV, Wednesday, July 30.
    Researchers at the security company Qualys found that new vulnerability
    announcements tend to kick off a kind of festival of hacking, in which
    hackers who have access to an exploit violate innumerable systems around
    the
    world, as companies and individuals slowly adopt the fix. Some bugs
    violate
    the 30-day half-life rule and start growing in prevalence about 90-days
    into
    their lifecycle because network administrators clone new systems from
    old,
    unpatched images, said Qualys CTO Gerhard Echelbeck. The researchers
    also
    found that 80% of exploits are released within 60 days of a
    vulnerability's
    announcement. Source: http://securityfocus.com/news/6568
    
    July 30, Associated Press
    French hackers break into Kentucky government computers. State
    investigators
    in Kentucky believe French hackers have been using the Transportation
    Cabinet's computers to store pirated computer files including newly
    released
    movies and video games. State auditor Ed Hatchett said he believed the
    hackers entered the system on April 2, and have been using it since.
    Because
    they also gained access to the system's administrator and user password
    files, they could be able to manipulate any state file on the infected
    network, Hatchett said. Based on the Internet addresses investigators
    were
    able to trace, they suspect the hackers were from France, said B.J.
    Bellamy,
    chief information for the auditor's office. Other Internet addresses
    they
    found were based in Canada and Croatia, he said. Transportation Cabinet
    inspector General Bobby Russell said the department had already been
    working
    to tighten its computer security system before the auditor's findings.
    Source:
    http://www.usatoday.com/tech/news/computersecurity/2003-07-30-french-hac
    k-ky
    _x.htm
    
    July 30, CNET News
    FTC warns about file trading, spyware. The Federal Trade Commission
    (FTC)
    issued a consumer warning Wednesday, July 30, about potential concerns
    surrounding file-swapping software and spyware. The agency stopped short
    of
    warning consumers not to use free file-trading software, but it said
    computer users should take care to understand and prevent a range of
    potentially unpleasant consequences for doing so. The alert cited the
    possibility that consumers might download viruses, share private or
    copyrighted files that could land them in legal trouble, or accidentally
    download mislabeled pornography. The alert is posted on the FTC Website:
    http://www.ftc.gov/bcp/conline/pubs/alerts/sharealrt.htm Source:
    http://news.com.com/2100-1029_3-5057814.html
    
    July 29, CNET News
    Lawmaker wants limits to spyware. Rep. Mary Bono (R-CA) introduced the
    Safeguard Against Privacy Invasions Act Monday, July 28. The bill would
    require companies using spyware to get permission from computer users
    before
    installing the software on their machines. Spyware is the software that
    companies secretly install to monitor people's Internet habits and
    gather
    information about them. The software itself is not illegal, and many
    companies disclose their use of spyware in licensing agreements.
    However,
    few people read the fine print of those agreements, meaning the software
    often is installed unknowingly on a person's computer. Source:
    http://news.com.com/2100-1028_3-5057094.html
    
    
    Internet Security Systems - AlertCon: 2 out of 4
    https://gtoc.iss.net/
    Last Changed 29 July 2003
    
    Security Focus ThreatCon: 2 out of 4
    www.securityfocus.com
    Last Changed 22 July 2003
    
    Current Virus and Port Attacks
    Virus: #1 Virus in USA: WORM_LOVGATE.F
    Source: http://wtc.trendmicro.com/wtc/wmap.html, Trend World Micro Virus
    Tracking Center [Infected Computers, North America, Past 24 hours, #1 in
    United States]
    
    Top 10 Target Ports: 137 (netbios-ns), 445 (microsoft-ds), 80 (www),
    1434
    (ms-sql-m), 113 (ident), 139 (netbios-ssn), 9007 (---), 0 (---), 4662
    (eDonkey2000), 25 (smtp)
    Source: http://isc.incidents.org/top10.html; Internet Storm Center
    
    _______________________________________________
    Information_technology mailing list
    Information_technology@listserv
    
    
    



    This archive was generated by hypermail 2b30 : Fri Aug 01 2003 - 08:27:33 PDT