CRIME [C.r.i.m.e.-announce] FW: [Information_technology] Daily News 8/04/03

From: George Heuston (GeorgeH@private)
Date: Mon Aug 04 2003 - 09:17:04 PDT

  • Next message: Michael Regan: "Re: CRIME tips for preventing identify fraud after a wallet, purse, or checkbook has been stolen?"

    -----Original Message-----
    From: InfraGard [mailto:infragard@private] 
    Sent: Monday, August 04, 2003 7:28 AM
    To: Information Technology
    Subject: [Information_technology] Daily News 8/04/03
    
    August 02, U.S. Department of Homeland Security
    Department of Homeland Security Advisory "W32/Mimail Virus". First
    reported
    on on Friday, August 1, the W32/Mimail virus is a malicious file
    attachment
    containing a specially crafted MHTML file named 'message.html'. This
    file is
    delivered inside of a .ZIP archive file named 'message.zip'. Viewing the
    'message.html' file on a vulnerable system will cause the malicious
    code,
    which is a mass-mailer, to be installed and executed. The vulnerability,
    which was identified in April 2003 and described in Microsoft Security
    Bulletin MS03-014, makes it possible for W32/Mimail to execute
    automatically
    once the .ZIP archive is opened. DHS/IAIP encourages sites to review
    Microsoft Security Bulletin MS03-014 and apply the Cumulative Patch for
    Outlook Express available on the Microsoft Website:
    http://www.microsoft.com/technet/treeview/default.asp?url=/technet/secur
    ity/
    bulletin/MS03-014.asp. Source:
    http://www.nipc.gov/warnings/advisories/2003/W328022003.htm
    
    August 01, CNET News
    Government preps Net security system. An official from the Department of
    Homeland Security (DHS) said Thursday, July 31, that a centralized early
    warning system for Internet security alerts is being developed. The
    Global
    Early Warning Information System (GEWIS) is expected by October 2003 and
    a
    final version by March 2004, said Marcus Sachs, the cyber program
    director
    for the DHS. GEWIS is intended to act as a kind of central hub that
    monitors
    sensitive areas of the Internet and alerts DHS officials to suspicious
    activity. Sachs, speaking at the Black Hat Briefings security conference
    in
    Las Vegas, NV, offered the example of the department monitoring unusual
    numbers of domain name lookups and requests to authenticate VeriSign
    certificates as possible precursors to an electronic attack. Source:
    http://www.nytimes.com/cnet/CNET_2100-1009_3-5058578.html
    
    August 01, Associated Press
    Michigan college student accused of hacking. Ning Ma, 24, a Chinese
    graduate
    student in the United States on a student visa, was arrested and charged
    Thursday, July 31, with hacking into the University of Michigan network,
    authorities said Friday. From August to April, Ma accessed other
    people's
    e-mail accounts and grabbed usernames and passwords using software that
    capture keystrokes entered by another person, Attorney General Mike Cox
    said. Ma is also accused of sending fake e-mails from a profoessor's
    account
    to a student, canceling a student's job interview, obtaining a credit
    card
    number and bank account and PIN number of another, and getting into the
    private network storage areas of two professors, where exams and answer
    sheets were stored. Source:
    http://www.washingtonpost.com/wp-dyn/articles/A12994-2003Aug1.html
    
    July 31, Washington Post
    Senator: ICANN crucial to 'Net security. Sen. Conrad Burns (R-MT) said
    Thursday, July 31, at a meeting of the Senate Commerce subcommittee on
    Communications that the Internet Corporation for Assigned Names and
    Numbers
    (ICANN) must be more accountable to the public in order to defend
    against
    catastrophic hacker attacks on the Internet's Domain Name System (DNS).
    ICANN manages the DNS under an agreement with the Commerce Department,
    and
    plays a key role in ensuring the system is safe from electronic attacks.
    ICANN's CEO Paul Twomey told the panel that an ICANN security committee
    has
    taken steps to secure the DNS, including conducting exercises to test
    the
    resiliency of the servers in case of attack. ICANN's ability to protect
    those systems is limited, however, because private companies control
    most of
    the pieces that make up the domain name system. Source:
    http://www.washingtonpost.com/wp-dyn/articles/A10169-2003Jul31.html?refe
    rrer
    =email
    
    July 31, National Journal
    Homeland official outlines opportunities for tech firms. Jane Alexander,
    deputy director of Homeland Security Advanced Research Projects Agency
    (HSARPA), said the agency aims to rapidly prototype and adapt existing
    technologies for short-term solutions and develop revolutionary
    technology
    options. Speaking Thursday, July 31, during a conference sponsored by
    the
    Information Technology Association of America (ITAA) in Mountain View,
    CA,
    Alexander said HSARPA will ascertain departmental technology needs based
    on
    several issues that are the responsibility of multiple agencies
    including
    cyber, biological, chemical, radiological and nuclear security. The
    agency
    also must meet several "customer specific" concerns within the
    department,
    such as: protecting critical infrastructure, borders and transportation
    systems; and aiding the Coast Guard, Secret Service, and state and local
    "first responders" to emergencies. Source:
    http://www.govexec.com/dailyfed/0703/073103td1.htm
    
    
    Internet Security Systems - AlertCon: 2 out of 4
    https://gtoc.iss.net/
    Last Changed 29 July 2003
    
    Security Focus ThreatCon: 2 out of 4
    www.securityfocus.com
    Last Changed 22 July 2003
    
    Current Virus and Port Attacks
    Virus: #1 Virus in USA: WORM_LOVGATE.G
    Source: http://wtc.trendmicro.com/wtc/wmap.html, Trend World Micro Virus
    Tracking Center [Infected Computers, North America, Past 24 hours, #1 in
    United States]
    
    Top 10 Target Ports: 445 (microsoft-ds), 80 (www), 137 (netbios-ns),
    1434
    (ms-sql-m), 41170 (---), 139 (netbios-ssn), 0 (---), 113 (ident), 25
    (smtp),
    4662 (eDonkey2000)
    Source: http://isc.incidents.org/top10.html; Internet Storm Center
    
    _______________________________________________
    Information_technology mailing list
    Information_technology@listserv
    _______________________________________________
    C.r.i.m.e.-announce mailing list
    C.r.i.m.e.-announce@private
    http://lists.whiteknighthackers.com/mailman/listinfo/c.r.i.m.e.-announce
    



    This archive was generated by hypermail 2b30 : Mon Aug 04 2003 - 11:39:41 PDT