-----Original Message----- From: information_technology-admin@private [mailto:information_technology-admin@private] On Behalf Of InfraGard Sent: Tuesday, December 09, 2003 7:12 AM To: Information Technology Subject: [Information_technology] Daily News 12/09/03 December 08, New York Times - Hackers steal from pirates, to no good end. Rogue programs known as "Trojan horses" are used by hackers to mask their identities by using unwitting people's computers as relay stations. It had been assumed that investigators could ultimately shut down a system by identifying the server computer used as the initial launching pad. But computer expert Joe Stewart has said that a program called Backdoor.Sinit uses the commandeered machines to form a peer-to-peer network like the Kazaa program used to trade music files. Each machine on the network can share resources and provide information to the others without being controlled by a central server machine. When there is no central machine, "these tactics make it impossible to shut down," he said. Rings of infected computers have been used to send spam, present online advertisements for pornographic Websites, or trick people into giving up information like credit card numbers. "Sinit appears to have been created as a money-making endeavor," Stewart said. "This Trojan is also further evidence that money, not notoriety, is now the major driving force behind the spread of malware these days." On Websites frequented by hackers, spammers and people who identify themselves as practitioners of credit card fraud, the remote-access networks, or "radmins," are offered openly. Source: http://www.nytimes.com/2003/12/08/technology/08trojan.html December 07, - Cybercops and robbers growing trickier on World Wide Web. When the World Summit on the Information Society convenes in Geneva, Switzerland, December 10 to 12, leaders will seek to build on their success in developing better cross-border guidelines to fight online crime. Investigators say organized crime rings and terror groups are using the Internet to expand their reach and exploit the Web's anonymity to stay one step ahead of the law. Internet experts are particularly concerned about the potential for "cyber terrorism" in which the Internet is used to shut down computer networks, potentially disabling vital infrastructure at banks, airports and emergency services. "It is not at all unusual for a regional conflict to have a cyber dimension, where the battles are fought by self-appointed hackers operating under their own rules of engagement," said Dorothy Denning, a cyber terrorism expert at the Naval Postgraduate School in Monterey, CA. "A rash of cyber attacks have accompanied the conflict between Israel and the Palestinians, the conflict over Kashmir, and the Kosovo conflict, among others." Denning said that for now, at least, studies indicated that anything more than irritating cyber attacks were still difficult for most extremists to mount -- although the future could hold more technically savvy terrorists. Source: http://www.abc.net.au/news/newsitems/s1005154.htm December 05, eWEEK - Oracle issues high-severity vulnerability warning. Oracle issued a high severity security alert warning Thursday, December 4, confirming that a variety of its server products could be tampered with through vulnerabilities via the OpenSSL protocol. The flaws could potentially open the door for a remote hacker to cause a denial-of-service (DoS) attack, execute arbitrary code, and gain access privileges. The notification addresses SSL vulnerabilities detailed in CERT Advisory CA-2003-26 and SSL vulnerabilities detailed in several older Common Vulnerabilities and Exposures (CVE) Candidates. Products concerned with the vulnerability include certain releases of Oracle9i Database Server, Oracle8i Database Server, Oracle9i Application Server, and Oracle HTTP Server. Additional information is available on Oracle's Website: http://otn.oracle.com/deploy/security/pdf/2003alert62.pdf Source: http://www.eweek.com/article2/0,4149,1405700,00.asp Current Alert Levels AlertCon: 1 out of 4 https://gtoc.iss.net Security Focus ThreatCon: 1 out of 4 http://analyzer.securityfocus.com/ Current Virus and Port Attacks Virus: #1 Virus in the United States: JAVA_BYTVERIFY.A Source: http://wtc.trendmicro.com/wtc/wmap.html, Trend World Micro Virus Tracking Center [Infected Computers, North America, Past 24 hours, #1 in United States] Top 10 Target Ports 135 (epmap), 1434 (ms?sql?m), 137 (netbios?ns), 139 (netbios?ssn), 445 (microsoft?ds), 80 (www), 21 (ftp), 53 (domain), 1433 (ms?sql?s), 57 (priv?term) Source: http://isc.incidents.org/top10.html; Internet Storm Center _______________________________________________ Information_technology mailing list Information_technology@listserv
This archive was generated by hypermail 2b30 : Tue Dec 09 2003 - 10:56:34 PST