-----Original Message----- From: information_technology-admin@private [mailto:information_technology-admin@private] On Behalf Of InfraGard Sent: Wednesday, November 12, 2003 6:50 AM To: Information Technology Subject: [Information_technology] Daily News 11/12/03 November 10, Australian Associated Press - Hackers reach Australian Defense files. Hackers have reportedly accessed top-secret files inside the Australian Department of Defense. "There have been three incidents in which an external security breach has led to unauthorized access to computer systems," Senator Hill had told an inquiry into computer security in the public service. According to the minister, the Defense Department also reported 13 cases since 2000 of its own staff trying to hack into computer systems without authorization. A review of electronic security inside commonwealth agencies has reportedly uncovered a culture of theft and lax security inside the public service. The inquiry comes amid a series of thefts of computers containing classified information from a customs office at Sydney Airport and the Transport Department in Canberra. Submissions by the major departments to the Joint Committee of Public Accounts and Audit has found that more than 1600 computers have vanished since 1998. Senator Hill said three computers stolen in the past two years contained information classified as "secret", but they had been recovered and the risk to national security had been assessed as low, he told the inquiry in a memo. Source: http://www.theage.com.au/articles/2003/11/10/1068329455162.html November 07, Government Computer News - Kansas auditors crack 1,000 passwords. The Kansas Health and Environment Department has serious IT security and disaster recovery problems, the state's legislative auditor has found. The auditors said they used password-cracking software to decipher more than 1,000 of the department's passwords-including several administrative passwords-or 60 percent of the total, in three minutes. The department began fixing the security weaknesses and other problems found in its systems as soon as it learned of them, department secretary Roderick L. Bremby said in response to the report. "The department's anti-virus system was badly flawed, allowing computers to become infected with a large number of different viruses, worms and Trojan horses," said the report. "The department's firewall was poorly configured, creating several large holes in and out," the report said. Auditors found that the department lacked or failed to enforce many basic security policies, such as procedures for incident response, physical security, configuration documentation and former-user account deletion. They also found several major problems with security planning. Source: http://www.gcn.com/vol1_no1/daily-updates/24132-1.html November 06, CNET News.com - Attempted attack on Linux kernel foiled. An unknown intruder attempted to insert a Trojan horse program into the code of the next version of the Linux kernel, stored at a publicly accessible database. The public database was used only to provide the latest beta, or test version, of the Linux kernel to users of the Concurrent Versions System (CVS), a program designed to manage source code. The changes, which would have introduced a security flaw to the kernel, never became a part of the Linux code and were never a threat, said Larry McVoy, founder of software company BitMover and primary architect of the source code database BitKeeper, Thursday, November 6. An intruder apparently compromised one server earlier, and the attacker used his access to make a small change to one of the source code files, McVoy said. The change created a flaw that could have elevated a person's privileges on any Linux machine that runs a kernel compiled with the modified source code. The recent incident raises questions about the security of open-source development methods, particularly how well a development team can guarantee that any changes are not introducing intentional security flaws. While Microsoft code has had similar problems, closed development is widely considered to be harder to exploit in that way. Source: http://news.com.com/2100-7355_3-5103670.html AlertCon: 2 out of 4 https://gtoc.iss.net Security Focus ThreatCon: 2 out of 4 http://analyzer.securityfocus.com/ Current Virus and Port Attacks Virus: #1 Virus in the United States: WORM_LOVGATE.G Source: http://wtc.trendmicro.com/wtc/wmap.html, Trend World Micro Virus Tracking Center [Infected Computers, North America, Past 24 hours, #1 in United States] Top 10 Target Ports 135 (epmap), 1434 (ms?sql?m), 137 (netbios?ns), 21 (ftp), 445 (microsoft?ds), 161 (snmp), 80 (www), 139 (netbios?ssn), 1433 (ms?sql?s), 53 (domain) Source: http://isc.incidents.org/top10.html; Internet Storm Center _______________________________________________ Information_technology mailing list Information_technology@listserv
This archive was generated by hypermail 2b30 : Wed Nov 12 2003 - 08:25:47 PST