-----Original Message----- From: InfraGard [mailto:infragard@private] Sent: Monday, August 04, 2003 7:28 AM To: Information Technology Subject: [Information_technology] Daily News 8/04/03 August 02, U.S. Department of Homeland Security Department of Homeland Security Advisory "W32/Mimail Virus". First reported on on Friday, August 1, the W32/Mimail virus is a malicious file attachment containing a specially crafted MHTML file named 'message.html'. This file is delivered inside of a .ZIP archive file named 'message.zip'. Viewing the 'message.html' file on a vulnerable system will cause the malicious code, which is a mass-mailer, to be installed and executed. The vulnerability, which was identified in April 2003 and described in Microsoft Security Bulletin MS03-014, makes it possible for W32/Mimail to execute automatically once the .ZIP archive is opened. DHS/IAIP encourages sites to review Microsoft Security Bulletin MS03-014 and apply the Cumulative Patch for Outlook Express available on the Microsoft Website: http://www.microsoft.com/technet/treeview/default.asp?url=/technet/secur ity/ bulletin/MS03-014.asp. Source: http://www.nipc.gov/warnings/advisories/2003/W328022003.htm August 01, CNET News Government preps Net security system. An official from the Department of Homeland Security (DHS) said Thursday, July 31, that a centralized early warning system for Internet security alerts is being developed. The Global Early Warning Information System (GEWIS) is expected by October 2003 and a final version by March 2004, said Marcus Sachs, the cyber program director for the DHS. GEWIS is intended to act as a kind of central hub that monitors sensitive areas of the Internet and alerts DHS officials to suspicious activity. Sachs, speaking at the Black Hat Briefings security conference in Las Vegas, NV, offered the example of the department monitoring unusual numbers of domain name lookups and requests to authenticate VeriSign certificates as possible precursors to an electronic attack. Source: http://www.nytimes.com/cnet/CNET_2100-1009_3-5058578.html August 01, Associated Press Michigan college student accused of hacking. Ning Ma, 24, a Chinese graduate student in the United States on a student visa, was arrested and charged Thursday, July 31, with hacking into the University of Michigan network, authorities said Friday. From August to April, Ma accessed other people's e-mail accounts and grabbed usernames and passwords using software that capture keystrokes entered by another person, Attorney General Mike Cox said. Ma is also accused of sending fake e-mails from a profoessor's account to a student, canceling a student's job interview, obtaining a credit card number and bank account and PIN number of another, and getting into the private network storage areas of two professors, where exams and answer sheets were stored. Source: http://www.washingtonpost.com/wp-dyn/articles/A12994-2003Aug1.html July 31, Washington Post Senator: ICANN crucial to 'Net security. Sen. Conrad Burns (R-MT) said Thursday, July 31, at a meeting of the Senate Commerce subcommittee on Communications that the Internet Corporation for Assigned Names and Numbers (ICANN) must be more accountable to the public in order to defend against catastrophic hacker attacks on the Internet's Domain Name System (DNS). ICANN manages the DNS under an agreement with the Commerce Department, and plays a key role in ensuring the system is safe from electronic attacks. ICANN's CEO Paul Twomey told the panel that an ICANN security committee has taken steps to secure the DNS, including conducting exercises to test the resiliency of the servers in case of attack. ICANN's ability to protect those systems is limited, however, because private companies control most of the pieces that make up the domain name system. Source: http://www.washingtonpost.com/wp-dyn/articles/A10169-2003Jul31.html?refe rrer =email July 31, National Journal Homeland official outlines opportunities for tech firms. Jane Alexander, deputy director of Homeland Security Advanced Research Projects Agency (HSARPA), said the agency aims to rapidly prototype and adapt existing technologies for short-term solutions and develop revolutionary technology options. Speaking Thursday, July 31, during a conference sponsored by the Information Technology Association of America (ITAA) in Mountain View, CA, Alexander said HSARPA will ascertain departmental technology needs based on several issues that are the responsibility of multiple agencies including cyber, biological, chemical, radiological and nuclear security. The agency also must meet several "customer specific" concerns within the department, such as: protecting critical infrastructure, borders and transportation systems; and aiding the Coast Guard, Secret Service, and state and local "first responders" to emergencies. Source: http://www.govexec.com/dailyfed/0703/073103td1.htm Internet Security Systems - AlertCon: 2 out of 4 https://gtoc.iss.net/ Last Changed 29 July 2003 Security Focus ThreatCon: 2 out of 4 www.securityfocus.com Last Changed 22 July 2003 Current Virus and Port Attacks Virus: #1 Virus in USA: WORM_LOVGATE.G Source: http://wtc.trendmicro.com/wtc/wmap.html, Trend World Micro Virus Tracking Center [Infected Computers, North America, Past 24 hours, #1 in United States] Top 10 Target Ports: 445 (microsoft-ds), 80 (www), 137 (netbios-ns), 1434 (ms-sql-m), 41170 (---), 139 (netbios-ssn), 0 (---), 113 (ident), 25 (smtp), 4662 (eDonkey2000) Source: http://isc.incidents.org/top10.html; Internet Storm Center _______________________________________________ Information_technology mailing list Information_technology@listserv _______________________________________________ C.r.i.m.e.-announce mailing list C.r.i.m.e.-announce@private http://lists.whiteknighthackers.com/mailman/listinfo/c.r.i.m.e.-announce
This archive was generated by hypermail 2b30 : Mon Aug 04 2003 - 11:39:41 PDT