[iwar] news

From: Fred Cohen (fc@all.net)
Date: 2001-06-25 22:21:09

Return-Path: <sentto-279987-1372-993532871-fc=all.net@returns.onelist.com>
Delivered-To: fc@all.net
Received: from by localhost with POP3 (fetchmail-5.1.0) for fc@localhost (single-drop); Mon, 25 Jun 2001 22:22:07 -0700 (PDT)
Received: (qmail 27561 invoked by uid 510); 26 Jun 2001 04:22:51 -0000
Received: from ml.egroups.com ( by with SMTP; 26 Jun 2001 04:22:51 -0000
X-eGroups-Return: sentto-279987-1372-993532871-fc=all.net@returns.onelist.com
Received: from [] by ml.egroups.com with NNFMP; 26 Jun 2001 05:21:11 -0000
X-Sender: fc@big.all.net
X-Apparently-To: iwar@onelist.com
Received: (EGP: mail-7_1_3); 26 Jun 2001 05:21:11 -0000
Received: (qmail 14376 invoked from network); 26 Jun 2001 05:21:10 -0000
Received: from unknown ( by l9.egroups.com with QMQP; 26 Jun 2001 05:21:10 -0000
Received: from unknown (HELO big.all.net) ( by mta3 with SMTP; 26 Jun 2001 05:21:10 -0000
Received: (from fc@localhost) by big.all.net (8.9.3/8.7.3) id WAA01547 for iwar@onelist.com; Mon, 25 Jun 2001 22:21:09 -0700
Message-Id: <200106260521.WAA01547@big.all.net>
To: iwar@onelist.com (Information Warfare Mailing List)
Organization: I'm not allowed to say
X-Mailer: don't even ask
X-Mailer: ELM [version 2.5 PL1]
From: Fred Cohen <fc@all.net>
Mailing-List: list iwar@yahoogroups.com; contact iwar-owner@yahoogroups.com
Delivered-To: mailing list iwar@yahoogroups.com
Precedence: bulk
List-Unsubscribe: <mailto:iwar-unsubscribe@yahoogroups.com>
Date: Mon, 25 Jun 2001 22:21:09 -0700 (PDT)
Reply-To: iwar@yahoogroups.com
Subject: [iwar] news
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit

Feds warn of rogue code A government Internet watchdog warned companies
this past weekend of a new malicious program that spreads to previously
compromised PCs and seemingly prepares the infected machines to launch a
denial-of-service attack, sources said Monday.  The program, known as
W32-Leaves.worm, places additional code on the compromised machines and
synchronizes the PCs'internal clocks with the one at the U.S.  Naval
Observatory, said Vincent Gullotto, director of the antivirus research
team at security company Network Associates.  "That may indicate that
(the worm) is preparing to do something," he said, but he added that
Network Associates has had only three reports of the infection in the
past 48 hours.  "The government was primarily worried that it could be a
denial-of-service attack.  Based on their numbers, we decided to give it
a medium risk."

Bank confirms crackers break into website The National Australia Bank
has confirmed that online vandals broke into and defaced one of the
company's Web servers last week.  An NAB spokesperson said today the
bank detected crackers breaking into and replacing a website's index
page on Saturday with a statement denouncing the United States
Government and a wellknown website cracker.  The defacement appears to
be the work of the sadmind worm, which spreads between Solaris systems
using a year-old exploit and seeks out systems running Microsoft's
Internet Information Service (IIS) servers.  The worm uses an
eight-month-old security loophole to deface the IIS Web server's index

Newly Discovered Bug 'Skims' Credit Card Data Circuitry recently
discovered on a merchant machine allowed information to be stolen when
the retailer or restaurant legitimately processed a credit card.  A
maker of credit card clearing systems has discovered an electronic bug
that, when implanted in a merchant's machine, could allow thieves to
secretly "skim" or steal credit card data and use telephone lines to
retrieve it.  Phoenix, Arizona- based Hypercom, with applications
installed on more than 4 million card payment terminals worldwide,
issued a warning after discovering the skimming circuitry on
card-billing machines in Hong Kong.  While major credit card companies
downplayed the danger, Hypercom claims the bug skimming could mark a
trend that affects millions of merchants and cardholders. 

Concern grows over 'secret' hacking tool Security professionals are
concerned that a program used by hackers to exploit a flaw in Microsoft
IIS webserver has not been made public.  They fear that the hackers are
keeping the tool secret in a bid to launch further damaging IIS attacks. 
The latest in a long line of vulnerabilities in IIS was discovered last
week, when it was revealed that a remote buffer overflow in all versions
of IIS Internet Services API could be exploited to give an attacker
complete control of a system.  But the security community is worried
that hackers may be hanging on to the tool used for exploiting this
hole, rather than releasing it for analysis so that a patch can be

Iran denies barring teens from using Internet The national
telecommunications monopoly in Iran denied a news report that it had
prohibited youths under 18 from using the Internet.  The article,
published Sunday in the reformist newspaper Hambastegi, said that Iran
Telecommunications Company had issued new regulations making Internet
service providers block access to juveniles.  The state telecom denied
the charge.  "This is a misunderstanding.  There is no limit for
under-18s to use the Internet.  But the Internet Service Provider cannot
authorize those under 18 to open cyber-cafes," it said in a statement
faxed late Sunday to the Islamic Republic News Agency, the official
media outlet of Iran. 


Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/ 

This archive was generated by hypermail 2.1.2 : 2001-06-30 21:44:18 PDT