-----Original Message----- From: information_technology-admin@private [mailto:information_technology-admin@private] On Behalf Of InfraGard Sent: Friday, April 16, 2004 7:07 AM To: Information Technology Subject: [Information_technology] Daily News 04/16/04 April 15, The Register - NetSky-V spreads on auto-pilot. Yet another NetSky virus arrived on the scene Thursday, April 15. NetSky-V spreads using a well known Internet Explorer vulnerability, connected with the handling of XML pages. Instead of depending on users double clicking on infectious email attachments, the worm can spread automatically across vulnerable Windows boxes. Users can be infected by NetSky-V simply by reading an infected email. Most anti-virus firms rate NetSky-V as low-to-medium risk. Emails contaminated by NetSky-V come with subject lines such as 'Converting message. Please wait...' and exploit code which attempts to download a copy of the worm from an infected user's computer. The worm's payload contains code designed to spread infectious emails to addresses harvested from victim machines, which become zombie drones. From April 22-29, NetSky-V is programmed to launch a denial of service attack on file-sharing and warez websites. Source: http://www.theregister.co.uk/2004/04/15/pesky_netsky/ April 15, CNET News.com - FTC to shine light on spyware. Pressure is growing for new rules to curtail malicious programs known as spyware, once again raising a vexing problem for the Internet age: Can software risks be regulated into submission? The issue will get a high-profile hearing Monday, April 19, when the Federal Trade Commission (FTC) plans to convene a workshop on the dangers of spyware. In a common scenario, such programs might bombard victims with unwanted ads or, more rarely, allow hackers to snoop on Web surfing activities and steal confidential data such as passwords to online bank accounts. The hearing could be the first step toward federal action against spyware companies, following the path the FTC has previously taken on spam e-mail and other Internet privacy issues. It also highlights rising national concern about this ill-defined category of computer pest. The pitch of consumer complaints about spyware and adware now rivals that of the outcry against spam several years ago, and is prompting response from legislators in Congress and in a growing number of states. Source: http://news.com.com/2100-1024_3-5191822.html?tag=nefd.lede April 15, Federal Computer Week - Network Nebraska opens for business. Nebraska officials this week formally launched a statewide telecommunications initiative that links government agencies, schools and colleges. Network Nebraska, a cooperative project that includes a number of different telecommunications companies, is aimed at offering affordable broadband Internet connections to all areas of the largely rural state. It also pushes the government's reach further out to these areas. Network Nebraska is one of the first such state initiatives to use MultiProtocol Label Switching (MPLS), a technology that allows various types of network protocols such as Frame Relay, Asynchronous Transfer Mode, Ethernet and IP to be consolidated into a single infrastructure, reducing both capital and operational expenses. It also enables voice, video and data traffic to be easily integrated onto this common backbone. Officials tout the new network as a major source of savings. Source: http://fcw.com/geb/articles/2004/0412/web-nebr-04-15-04.asp 28. April 15, Federal Computer Week - Vulnerability database opens. A freely available, independent database aimed at logging all security vulnerabilities on the Internet, in development since 2002, has been formally opened for public use. The Open Source Vulnerability Database (OSVDB) collects information mainly from mailing lists that discuss vulnerabilities and from submissions from other sources. Members of the OSVDB verify and catalog all reports that come to the group. Each recognized flaw is given a unique identifier for inclusion in the database. The database currently has about 1,900 cataloged vulnerabilities, with some 2,700 submissions outstanding: ww.osvdb.org Source: http://fcw.com/fcw/articles/2004/0412/web-osvdb-04-15-04.asp April 14, Techworld.com - HP servers holed twice. Hewlett-Packard Co. (HP) has been hit by two security holes--one in its Internet Express, used with Tru64 servers, and a second in its authentication system OpenView. A number of serious vulnerabilities have been found in the Washington University FTP daemon (WU-FTPD) which forms part of HP's Internet Express, its collection of internet and administration software provided with Tru64 AlphaServer systems. The most serious of these vulnerabilities affects versions up to 2.6.2 of the software, delivered as part of Internet Express 6.2, and is caused by a boundary error in the S/KEY challenge handling procedure. It can be exploited by putting in over-long user details to create a buffer overflow. Then, a malicious program can be run on the computer. For the vulnerabilities to be exploitable, S/KEY authentication must be enabled, reducing the overall risk. HP also acknowledged a "moderately critical" vulnerability in OpenView Operations, specifically in its authentication facility, affecting versions 7.x of OpenView for HP-UX and Solaris, as well as Version 6.x of OpenView VantagePoint for the same two OSes. In this case, the vulnerability consists of the possibility of bypassing the authentication process, caused by a missing authentication check. Source: http://www.infoworld.com/article/04/04/14/HNhpholes_1.html April 13, eSecurity Planet - Maryland lawmakers pass anti-spam bill. Maryland lawmakers this week passed a bill aimed at "kingpin," or high-volume, spammers that would punish offenders, especially repeaters, with jail time, monetary fines and loss of personal property. The bill has been sent to Governor Robert L. Ehrlich Jr. for his signature. It allows state law enforcement agencies to seek criminal penalties including three to ten years in jail; fines from $5,000 to $25,000; and forfeiture of personal property. Also, the bill contains a provision which would enable authorities to get injunctions against spammers enjoining them from continuing to violate the law, effectively putting them out of business. Maryland State Delegate Neil Quinter and co-author State Senator Rob Garagiola said that local authorities might have greater motivation to go after a particular case, for example, if a local business were the victim. In fact, while the federal law focuses on consumers, Quinter and Garagiola found that businesses are equally harmed. Dealing with spam costs money and lowers productivity; it can also hurt a company's image when spammers spoof the address of a legitimate business. Source: http://www.esecurityplanet.com/trends/article.php/3339971 Internet Alert Dashboard Current Alert Levels AlertCon: 2 out of 4 https://gtoc.iss.net Security Focus ThreatCon: 2 out of 4 http://analyzer.securityfocus.com/ Current Virus and Port Attacks Virus: #1 Virus in the United States: WORM_NETSKY.P Source: http://wtc.trendmicro.com/wtc/wmap.html, Trend World Micro Virus Tracking Center [Infected Computers, North America, Past 24 hours, #1 in United States] Top 10 Target Ports 80 (www), 135 (epmap), 21 (ftp), 53 (domain), 25 (smtp), 111 (sunrpc), 57 (priv?term), 113 (ident), 23(telnet), 81 (hosts2?ns) Source: http://isc.incidents.org/top10.html; Internet Storm Center _______________________________________________ Information_technology mailing list Information_technology@listserv
This archive was generated by hypermail 2b30 : Fri Apr 16 2004 - 08:57:41 PDT