-----Original Message----- From: InfraGard [mailto:infragard@private] Sent: Tuesday, August 05, 2003 6:58 AM To: Information Technology Subject: [Information_technology] Daily News 8/05/03 August 04, eSecurity Planet Mimail worm hits companies already on high alert. As U.S. workers got to the office Monday, August 4, and opened their e-mail, they unleashed a new mass-mailing worm that is fiercely spreading across the United States and Europe. Mimail is a worm that takes advantage of a vulnerability in Microsoft Corp.'s Windows Explorer to harvest email addresses and propagate itself. The worm arrives disguised as a message from the network administrator with an attached zip file. Mimail doesn't carry a destructive payload, though, so only serves to clog up email systems. Mimail was first detected this past Friday when it raised concerns around the security industry, which is already on high alert for an expected worm that could exploit a vulnerability in Windows desktop and server operating systems to cause significant slow-downs and damage across the Internet. Those fears even shut down Internet connections Friday afternoon at several government agencies. Source: http://www.esecurityplanet.com/trends/article.php/2244121 August 02, CNET News Attack bot exploits Windows flaw. Online vandals are using a program to compromise Windows servers and remotely control them through Internet relay chat (IRC) networks, system administrators said Saturday, August 2. Several programs have been cobbled together to create a remote attack tool which can scan for and compromise computers vulnerable to a recently discovered flaw in Windows. The flaw is in the distributed component object model (DCOM) interface, a part of the OS that allows other computers to request the system to perform an action or service. The object, known as the remote procedure call (RPC) process, facilitates activities such as sharing files and allowing others to use the computer's printer. Source: http://news.com.com/2100-1009-5059263.html?part=dht&tag=ntop August 02, Reuters Hand-held devices easy to hack. Hand-held computers used to store phone numbers, medical and credit-card information leave users fully exposed to identity-theft and other crimes, security experts said Saturday, August 2, at DefCon, a computer security conference Las Vegas, NV. Software is now widely available to allow people to steal passwords and other information from Palm-based computers, especially when they connect to other computers to share data, said Bryan Glancey. Mobile computers are also powerful enough to be used to launch attacks on other users. Paul Clip said people could use Palm Pilots to test for vulnerabilities in wireless networks or to steal anti-theft car passcodes that are transmitted by infrared radio waves over short distances. Source: http://www.cnn.com/2003/TECH/ptech/08/02/handheld.hacking.reut/index.htm l August 01, CNET News Microsoft.com suffers outage. A denial-of-service (DOS) attack rendered Microsoft's corporate Web site inaccessible for more than an hour on Friday, August 1. Microsoft spokesman Sean Sundwall said no Windows vulnerability was exploited during the DOS attack. However, the outage temporarily prevented some customers from reaching Microsoft's security patches. The U.S. Department of Homeland Security (DHS) warned earlier last week that an attack could be brewing that exploits a widespread flaw in Microsoft's Windows operating system. No worm code had been reported by Friday afternoon, but the DHS said there is evidence to show an increase in searches for vulnerable computers on the Internet over the past week. This reinforces the urgency to install patches on computers that use Windows operating systems as soon as possible, the advisory said. Source: http://news.com.com/2100-1002-5059056.html?part=dht&tag=ntop Internet Security Systems - AlertCon: 1 out of 4 https://gtoc.iss.net/ Last Changed 5 August 2003 Security Focus ThreatCon: 2 out of 4 www.securityfocus.com Last Changed 22 July 2003 Current Virus and Port Attacks Virus: #1 Virus in USA: WORM_LOVGATE.F Source: http://wtc.trendmicro.com/wtc/wmap.html, Trend World Micro Virus Tracking Center [Infected Computers, North America, Past 24 hours, #1 in United States] Top 10 Target Ports: 445 (microsoft-ds), 80 (www), 137 (netbios-ns), 1434 (ms-sql-m), 139 (netbios-ssn), 113 (ident), 0 (---), 135 (epmap), 25 (smtp), 53 (domain) Source: http://isc.incidents.org/top10.html; Internet Storm Center _______________________________________________ Information_technology mailing list Information_technology@listserv _______________________________________________ C.r.i.m.e.-announce mailing list C.r.i.m.e.-announce@private http://lists.whiteknighthackers.com/mailman/listinfo/c.r.i.m.e.-announce
This archive was generated by hypermail 2b30 : Tue Aug 05 2003 - 08:31:36 PDT