CRIME FW: [Information_technology] Daily News 8/05/03

From: George Heuston (GeorgeH@private)
Date: Tue Aug 05 2003 - 08:02:35 PDT

  • Next message: George Heuston: "CRIME FW: [Information_technology] Daily News 8/06/03"

    -----Original Message-----
    From: InfraGard [mailto:infragard@private] 
    Sent: Tuesday, August 05, 2003 6:58 AM
    To: Information Technology
    Subject: [Information_technology] Daily News 8/05/03
    
    August 04, eSecurity Planet
    Mimail worm hits companies already on high alert. As U.S. workers got to
    the
    office Monday, August 4, and opened their e-mail, they unleashed a new
    mass-mailing worm that is fiercely spreading across the United States
    and
    Europe. Mimail is a worm that takes advantage of a vulnerability in
    Microsoft Corp.'s Windows Explorer to harvest email addresses and
    propagate
    itself. The worm arrives disguised as a message from the network
    administrator with an attached zip file. Mimail doesn't carry a
    destructive
    payload, though, so only serves to clog up email systems. Mimail was
    first
    detected this past Friday when it raised concerns around the security
    industry, which is already on high alert for an expected worm that could
    exploit a vulnerability in Windows desktop and server operating systems
    to
    cause significant slow-downs and damage across the Internet. Those fears
    even shut down Internet connections Friday afternoon at several
    government
    agencies. Source:
    http://www.esecurityplanet.com/trends/article.php/2244121
    
    August 02, CNET News
    Attack bot exploits Windows flaw. Online vandals are using a program to
    compromise Windows servers and remotely control them through Internet
    relay
    chat (IRC) networks, system administrators said Saturday, August 2.
    Several
    programs have been cobbled together to create a remote attack tool which
    can
    scan for and compromise computers vulnerable to a recently discovered
    flaw
    in Windows. The flaw is in the distributed component object model (DCOM)
    interface, a part of the OS that allows other computers to request the
    system to perform an action or service. The object, known as the remote
    procedure call (RPC) process, facilitates activities such as sharing
    files
    and allowing others to use the computer's printer. Source:
    http://news.com.com/2100-1009-5059263.html?part=dht&tag=ntop
    
    August 02, Reuters
    Hand-held devices easy to hack. Hand-held computers used to store phone
    numbers, medical and credit-card information leave users fully exposed
    to
    identity-theft and other crimes, security experts said Saturday, August
    2,
    at DefCon, a computer security conference Las Vegas, NV. Software is now
    widely available to allow people to steal passwords and other
    information
    from Palm-based computers, especially when they connect to other
    computers
    to share data, said Bryan Glancey. Mobile computers are also powerful
    enough
    to be used to launch attacks on other users. Paul Clip said people could
    use
    Palm Pilots to test for vulnerabilities in wireless networks or to steal
    anti-theft car passcodes that are transmitted by infrared radio waves
    over
    short distances. Source:
    http://www.cnn.com/2003/TECH/ptech/08/02/handheld.hacking.reut/index.htm
    l
    
    August 01, CNET News
    Microsoft.com suffers outage. A denial-of-service (DOS) attack rendered
    Microsoft's corporate Web site inaccessible for more than an hour on
    Friday,
    August 1. Microsoft spokesman Sean Sundwall said no Windows
    vulnerability
    was exploited during the DOS attack. However, the outage temporarily
    prevented some customers from reaching Microsoft's security patches. The
    U.S. Department of Homeland Security (DHS) warned earlier last week that
    an
    attack could be brewing that exploits a widespread flaw in Microsoft's
    Windows operating system. No worm code had been reported by Friday
    afternoon, but the DHS said there is evidence to show an increase in
    searches for vulnerable computers on the Internet over the past week.
    This
    reinforces the urgency to install patches on computers that use Windows
    operating systems as soon as possible, the advisory said. Source:
    http://news.com.com/2100-1002-5059056.html?part=dht&tag=ntop
    
    
    Internet Security Systems - AlertCon: 1 out of 4
    https://gtoc.iss.net/
    Last Changed 5 August 2003
    
    Security Focus ThreatCon: 2 out of 4
    www.securityfocus.com
    Last Changed 22 July 2003
    
    Current Virus and Port Attacks
    Virus: #1 Virus in USA: WORM_LOVGATE.F
    Source: http://wtc.trendmicro.com/wtc/wmap.html, Trend World Micro Virus
    Tracking Center [Infected Computers, North America, Past 24 hours, #1 in
    United States]
    
    Top 10 Target Ports: 445 (microsoft-ds), 80 (www), 137 (netbios-ns),
    1434
    (ms-sql-m), 139 (netbios-ssn), 113 (ident), 0 (---), 135 (epmap), 25
    (smtp),
    53 (domain)
    Source: http://isc.incidents.org/top10.html; Internet Storm Center
    
    _______________________________________________
    Information_technology mailing list
    Information_technology@listserv
    
    
    



    This archive was generated by hypermail 2b30 : Tue Aug 05 2003 - 08:35:05 PDT