-----Original Message----- From: InfraGard [mailto:infragard@private] Sent: Friday, August 22, 2003 7:01 AM To: Information Technology Subject: [Information_technology] Daily News 8/22/03 August 21, Government Computer News Hackers compromise Navy purchase cards. Hackers recently broke into a Navy system and gained access to 13,000 Navy purchase cards, according to Department of Defense (DoD) officials who are investigating the incident. The DoD Purchase Card Program Management Office has issued a release stating that the Navy has cancelled all of its purchase card accounts-about 22,000-to minimize the number of unauthorized purchases, and is working closely with the issuing company, Citibank. "Emergency purchases are being handled on a case-by-case basis to fully support Navy requirements," according to the statement. A DoD team is working to determine how hackers gained access to the system and what needs to be done to fix the breach. A Defense Criminal Investigative team is also pursuing the investigation. Source: http://gcn.com/vol1_no1/daily-updates/23217-1.html August 21, eWEEK Oracle XDB flaws open door for hackers. The XDB (XML Database) in Oracle Corp.'s Oracle9i Database Release 2 has a set of potential buffer overflows that a smart attacker could exploit to cause a denial-of-service (DoS) attack or to capture an active user session on Oracle9iM. To exploit the weaknesses, an authenticated database user is required, or the FTP and HTTP servers must be enabled in the XML database. The vulnerabilities are "highly susceptible" to an insider attack that originates on a corporate intranet if users ignore best practices for secure database configuration. To minimize risk, Oracle recommends disabling the FTP and HTTP servers in the XML database. Those are both installed and enabled by default and can't be turned on or off individually. A patch is available on the Oracle Website: http://metalink.oracle.com/ Source: http://www.eweek.com/article2/0,3959,1227332,00.asp August 21, Government Computer News Patch management on the way for Veterans Affairs. The Veterans Affairs (VA) Department expects to roll out an aggressive patch management system over the next year, the department's head of cyber and information security said Wednesday, August 21 at a conference in Washington DC. The need became apparent during the current waves of worms swamping the Internet, Bruce Brody said. Although the anti-virus structure protected VA systems from the MSBlaster worm that exploits a remote procedure call vulnerability in Microsoft Windows operating systems, many VA systems were not patched to correct the underlying problem. The Good Samaritan variant that exploits and apparently patches that vulnerability penetrated VA defenses this week. Source: http://www.gcn.com/vol1_no1/daily-updates/23206-1.html Internet Security Systems AlertCon: 2 out of 4 https://gtoc.iss.net/ Last Changed 18 August 2003 Security Focus ThreatCon: 3 out of 4 www.securityfocus.com Last Changed 19 August 2003 Current Virus and Port Attacks Virus: #1 Virus in USA: WORM_SOBIG.F Source: http://wtc.trendmicro.com/wtc/wmap.html, Trend World Micro Virus Tracking Center [Infected Computers, North America, Past 24 hours, #1 in United States] Top 10 Target Ports: 135 (epmap), 445 (microsoft-ds), 137 (netbios-ns), 1434 (ms-sql-m), 80 (www), 1433 (ms-sql-s), 443 (https), 34816 (---), 139 (netbios-ssn), 17300 (Kuang2TheVirus) Source: http://isc.incidents.org/top10.html; Internet Storm Center _______________________________________________ Information_technology mailing list Information_technology@listserv
This archive was generated by hypermail 2b30 : Fri Aug 22 2003 - 10:47:36 PDT