Return-Path: <sentto-279987-2773-1002550533-fc=all.net@returns.onelist.com> Delivered-To: fc@all.net Received: from 204.181.12.215 by localhost with POP3 (fetchmail-5.1.0) for fc@localhost (single-drop); Mon, 08 Oct 2001 07:16:18 -0700 (PDT) Received: (qmail 12951 invoked by uid 510); 8 Oct 2001 14:15:31 -0000 Received: from n33.groups.yahoo.com (216.115.96.83) by 204.181.12.215 with SMTP; 8 Oct 2001 14:15:31 -0000 X-eGroups-Return: sentto-279987-2773-1002550533-fc=all.net@returns.onelist.com Received: from [10.1.4.55] by n33.groups.yahoo.com with NNFMP; 08 Oct 2001 14:15:33 -0000 X-Sender: fc@big.all.net X-Apparently-To: iwar@onelist.com Received: (EGP: mail-7_4_1); 8 Oct 2001 14:15:33 -0000 Received: (qmail 61603 invoked from network); 8 Oct 2001 14:15:33 -0000 Received: from unknown (10.1.10.142) by l9.egroups.com with QMQP; 8 Oct 2001 14:15:33 -0000 Received: from unknown (HELO big.all.net) (65.0.156.78) by mta3 with SMTP; 8 Oct 2001 14:15:32 -0000 Received: (from fc@localhost) by big.all.net (8.9.3/8.7.3) id HAA10718 for iwar@onelist.com; Mon, 8 Oct 2001 07:15:32 -0700 Message-Id: <200110081415.HAA10718@big.all.net> To: iwar@onelist.com (Information Warfare Mailing List) Organization: I'm not allowed to say X-Mailer: don't even ask X-Mailer: ELM [version 2.5 PL1] From: Fred Cohen <fc@all.net> Mailing-List: list iwar@yahoogroups.com; contact iwar-owner@yahoogroups.com Delivered-To: mailing list iwar@yahoogroups.com Precedence: bulk List-Unsubscribe: <mailto:iwar-unsubscribe@yahoogroups.com> Date: Mon, 8 Oct 2001 07:15:32 -0700 (PDT) Reply-To: iwar@yahoogroups.com Subject: [iwar] [fc:NIPC.ADVISORY.01-023:.Update.to.NIPC.Advisory.01-003."E-Commerce.Vulnerabilities"] Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit NIPC ADVISORY 01-023: Update to NIPC Advisory 01-003 "E-Commerce Vulnerabilities" NIPC, 10/8/2001 <a href="http://www.nipc.gov/warnings/advisories/2001/01-023.htm">http://www.nipc.gov/warnings/advisories/2001/01-023.htm> The National Infrastructure Protection Center (NIPC) continues to observe hacking activity targeting the e-commerce or e-finance/banking industry. Over the past several months, hackers have increased their targeting of several third-party service providers that employ weak security practices. This advisory reemphasizes NIPC Advisory 01-003, "E-Commerce Vulnerabilities," dated March 08, 2001, in view of the continuing threat to e-commerce networks. Hackers are targeting third party service providers because of the access they have into a partner company and the proprietary information contained therein. Because the level of security can differ between a third-party service provider and a partner company, hackers attempt to exploit these security inconsistencies. The most prevalent exploit being used to gain access to targeted systems is the Unicode vulnerability found in the Microsoft Internet Information Services (IIS) web server software. For additional information on this topic please refer to: <a href="http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/bulletin/MS00-086.asp">http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/bulletin/MS00-086.asp> Patches for the Unicode exploit have been available for some time. The appropriate patches for Windows based systems are found in a Microsoft scanner released at the following site: <a href="http://support.microsoft.com/support/kb/articles/q303/2/15.asp?id=303215&sd=tech">http://support.microsoft.com/support/kb/articles/q303/2/15.asp?id=303215&sd=tech> The NIPC strongly recommends that all systems administrators check relevant systems and apply the updated patches, especially for systems related to e-commerce or e-banking/financial businesses. Computer users are advised to keep their anti-virus and systems software current by checking their vendor's Web sites frequently for new updates, and to check for alerts put out by the NIPC, CERT/CC, and other cognizant organizations. Recipients of this advisory are encouraged to report computer intrusions to their local FBI office <a href="http://www.fbi.gov/contact/fo/fo.htm">http://www.fbi.gov/contact/fo/fo.htm> or the NIPC, and to the other appropriate authorities. Incidents may be reported online at <a href="http://www.nipc.gov/incident/cirr.htm">http://www.nipc.gov/incident/cirr.htm>. The NIPC Watch and Warning Unit can be reached at (202) 323-3204, toll free 1 (888) 585-9078, or nipc.watch@fbi.gov. ------------------------ Yahoo! Groups Sponsor ---------------------~--> Pinpoint the right security solution for your company- Learn how to add 128- bit encryption and to authenticate your web site with VeriSign's FREE guide! http://us.click.yahoo.com/yQix2C/33_CAA/yigFAA/kgFolB/TM ---------------------------------------------------------------------~-> ------------------ http://all.net/ Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/
This archive was generated by hypermail 2.1.2 : 2001-12-31 20:59:54 PST