-----Original Message----- From: InfraGard [mailto:infragard@private] Sent: Friday, August 01, 2003 7:37 AM To: Information Technology Subject: [Information_technology] Daily News 8/01/03 July 31, Government Computer News Superworm Manifesto unveiled at cybersecurity briefings. Typical worms, such as Code Red, use random scanning to propagate, wasting bandwidth and competing with themselves once released. The Sapphire worm, an example of a theoretical worm concept called Warhol, succeeded in infecting 90 percent of vulnerable machines within about 10 minutes, but continued trying to spread randomly, drawing attention to itself and quickly running out of bandwidth. Brandon Wiley of the Foundation for Decentralised Research unveiled a guide for creating a new generation of worms this week at the Black Hat Briefings security conference in Las Vegas, NV. He also offered a way for systems to be inoculated. Wiley's superworm concept, called Curious Yellow, would combine the fast-spreading characteristics of a Warhol worm with an algorithm that would let the worms coordinate their activities to avoid overlap, multiple infections and competition. The result is a large, robust network of exploited machines that can be continually updated to carry out tasks, benign or malicious. Source: http://www.gcn.com/vol1_no1/daily-updates/22986-1.html July 30, SecurityFocus Panel probes the half-life of bugs. Software security holes never die, they fade from the Internet at a rate of 50% every thirty days after a patch is released, according to the results of a study released at the Black Hat Briefings security conference in Las Vegas, NV, Wednesday, July 30. Researchers at the security company Qualys found that new vulnerability announcements tend to kick off a kind of festival of hacking, in which hackers who have access to an exploit violate innumerable systems around the world, as companies and individuals slowly adopt the fix. Some bugs violate the 30-day half-life rule and start growing in prevalence about 90-days into their lifecycle because network administrators clone new systems from old, unpatched images, said Qualys CTO Gerhard Echelbeck. The researchers also found that 80% of exploits are released within 60 days of a vulnerability's announcement. Source: http://securityfocus.com/news/6568 July 30, Associated Press French hackers break into Kentucky government computers. State investigators in Kentucky believe French hackers have been using the Transportation Cabinet's computers to store pirated computer files including newly released movies and video games. State auditor Ed Hatchett said he believed the hackers entered the system on April 2, and have been using it since. Because they also gained access to the system's administrator and user password files, they could be able to manipulate any state file on the infected network, Hatchett said. Based on the Internet addresses investigators were able to trace, they suspect the hackers were from France, said B.J. Bellamy, chief information for the auditor's office. Other Internet addresses they found were based in Canada and Croatia, he said. Transportation Cabinet inspector General Bobby Russell said the department had already been working to tighten its computer security system before the auditor's findings. Source: http://www.usatoday.com/tech/news/computersecurity/2003-07-30-french-hac k-ky _x.htm July 30, CNET News FTC warns about file trading, spyware. The Federal Trade Commission (FTC) issued a consumer warning Wednesday, July 30, about potential concerns surrounding file-swapping software and spyware. The agency stopped short of warning consumers not to use free file-trading software, but it said computer users should take care to understand and prevent a range of potentially unpleasant consequences for doing so. The alert cited the possibility that consumers might download viruses, share private or copyrighted files that could land them in legal trouble, or accidentally download mislabeled pornography. The alert is posted on the FTC Website: http://www.ftc.gov/bcp/conline/pubs/alerts/sharealrt.htm Source: http://news.com.com/2100-1029_3-5057814.html July 29, CNET News Lawmaker wants limits to spyware. Rep. Mary Bono (R-CA) introduced the Safeguard Against Privacy Invasions Act Monday, July 28. The bill would require companies using spyware to get permission from computer users before installing the software on their machines. Spyware is the software that companies secretly install to monitor people's Internet habits and gather information about them. The software itself is not illegal, and many companies disclose their use of spyware in licensing agreements. However, few people read the fine print of those agreements, meaning the software often is installed unknowingly on a person's computer. Source: http://news.com.com/2100-1028_3-5057094.html Internet Security Systems - AlertCon: 2 out of 4 https://gtoc.iss.net/ Last Changed 29 July 2003 Security Focus ThreatCon: 2 out of 4 www.securityfocus.com Last Changed 22 July 2003 Current Virus and Port Attacks Virus: #1 Virus in USA: WORM_LOVGATE.F Source: http://wtc.trendmicro.com/wtc/wmap.html, Trend World Micro Virus Tracking Center [Infected Computers, North America, Past 24 hours, #1 in United States] Top 10 Target Ports: 137 (netbios-ns), 445 (microsoft-ds), 80 (www), 1434 (ms-sql-m), 113 (ident), 139 (netbios-ssn), 9007 (---), 0 (---), 4662 (eDonkey2000), 25 (smtp) Source: http://isc.incidents.org/top10.html; Internet Storm Center _______________________________________________ Information_technology mailing list Information_technology@listserv
This archive was generated by hypermail 2b30 : Fri Aug 01 2003 - 08:27:33 PDT