Return-Path: <sentto-279987-1372-993532871-fc=all.net@returns.onelist.com> Delivered-To: fc@all.net Received: from 204.181.12.215 by localhost with POP3 (fetchmail-5.1.0) for fc@localhost (single-drop); Mon, 25 Jun 2001 22:22:07 -0700 (PDT) Received: (qmail 27561 invoked by uid 510); 26 Jun 2001 04:22:51 -0000 Received: from ml.egroups.com (208.50.144.77) by 204.181.12.215 with SMTP; 26 Jun 2001 04:22:51 -0000 X-eGroups-Return: sentto-279987-1372-993532871-fc=all.net@returns.onelist.com Received: from [10.1.4.55] by ml.egroups.com with NNFMP; 26 Jun 2001 05:21:11 -0000 X-Sender: fc@big.all.net X-Apparently-To: iwar@onelist.com Received: (EGP: mail-7_1_3); 26 Jun 2001 05:21:11 -0000 Received: (qmail 14376 invoked from network); 26 Jun 2001 05:21:10 -0000 Received: from unknown (10.1.10.142) by l9.egroups.com with QMQP; 26 Jun 2001 05:21:10 -0000 Received: from unknown (HELO big.all.net) (65.0.156.78) by mta3 with SMTP; 26 Jun 2001 05:21:10 -0000 Received: (from fc@localhost) by big.all.net (8.9.3/8.7.3) id WAA01547 for iwar@onelist.com; Mon, 25 Jun 2001 22:21:09 -0700 Message-Id: <200106260521.WAA01547@big.all.net> To: iwar@onelist.com (Information Warfare Mailing List) Organization: I'm not allowed to say X-Mailer: don't even ask X-Mailer: ELM [version 2.5 PL1] From: Fred Cohen <fc@all.net> Mailing-List: list iwar@yahoogroups.com; contact iwar-owner@yahoogroups.com Delivered-To: mailing list iwar@yahoogroups.com Precedence: bulk List-Unsubscribe: <mailto:iwar-unsubscribe@yahoogroups.com> Date: Mon, 25 Jun 2001 22:21:09 -0700 (PDT) Reply-To: iwar@yahoogroups.com Subject: [iwar] news Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Feds warn of rogue code A government Internet watchdog warned companies this past weekend of a new malicious program that spreads to previously compromised PCs and seemingly prepares the infected machines to launch a denial-of-service attack, sources said Monday. The program, known as W32-Leaves.worm, places additional code on the compromised machines and synchronizes the PCs'internal clocks with the one at the U.S. Naval Observatory, said Vincent Gullotto, director of the antivirus research team at security company Network Associates. "That may indicate that (the worm) is preparing to do something," he said, but he added that Network Associates has had only three reports of the infection in the past 48 hours. "The government was primarily worried that it could be a denial-of-service attack. Based on their numbers, we decided to give it a medium risk." http://news.cnet.com/news/0-1003-200-6374839.html http://www.newsbytes.com/news/01/167244.html http://www.nipc.gov/warnings/advisories/2001/01-014.htm Bank confirms crackers break into website The National Australia Bank has confirmed that online vandals broke into and defaced one of the company's Web servers last week. An NAB spokesperson said today the bank detected crackers breaking into and replacing a website's index page on Saturday with a statement denouncing the United States Government and a wellknown website cracker. The defacement appears to be the work of the sadmind worm, which spreads between Solaris systems using a year-old exploit and seeks out systems running Microsoft's Internet Information Service (IIS) servers. The worm uses an eight-month-old security loophole to deface the IIS Web server's index page. http://it.mycareer.com.au/breaking/2001/06/25/FFX87XS4DOC.html Newly Discovered Bug 'Skims' Credit Card Data Circuitry recently discovered on a merchant machine allowed information to be stolen when the retailer or restaurant legitimately processed a credit card. A maker of credit card clearing systems has discovered an electronic bug that, when implanted in a merchant's machine, could allow thieves to secretly "skim" or steal credit card data and use telephone lines to retrieve it. Phoenix, Arizona- based Hypercom, with applications installed on more than 4 million card payment terminals worldwide, issued a warning after discovering the skimming circuitry on card-billing machines in Hong Kong. While major credit card companies downplayed the danger, Hypercom claims the bug skimming could mark a trend that affects millions of merchants and cardholders. http://www.newsfactor.com/perl/story/11494.html Concern grows over 'secret' hacking tool Security professionals are concerned that a program used by hackers to exploit a flaw in Microsoft IIS webserver has not been made public. They fear that the hackers are keeping the tool secret in a bid to launch further damaging IIS attacks. The latest in a long line of vulnerabilities in IIS was discovered last week, when it was revealed that a remote buffer overflow in all versions of IIS Internet Services API could be exploited to give an attacker complete control of a system. But the security community is worried that hackers may be hanging on to the tool used for exploiting this hole, rather than releasing it for analysis so that a patch can be developed. http://webserv.vnunet.com/News/1123420 Iran denies barring teens from using Internet The national telecommunications monopoly in Iran denied a news report that it had prohibited youths under 18 from using the Internet. The article, published Sunday in the reformist newspaper Hambastegi, said that Iran Telecommunications Company had issued new regulations making Internet service providers block access to juveniles. The state telecom denied the charge. "This is a misunderstanding. There is no limit for under-18s to use the Internet. But the Internet Service Provider cannot authorize those under 18 to open cyber-cafes," it said in a statement faxed late Sunday to the Islamic Republic News Agency, the official media outlet of Iran. http://www.cnn.com/2001/TECH/internet/06/25/internet.iran/index.html ------------------ http://all.net/ Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/
This archive was generated by hypermail 2.1.2 : 2001-06-30 21:44:18 PDT