DAILY BRIEF Number: DOB02-070 Date: 29 May 2002 NEWS
Instant Messaging Programs Vulnerable to Attacks Instant messaging (IM) applications, used by millions of computer owners to chat in real-time with friends and co-workers, are being threatened by hackers who can exploit the programs to steal personal information and corrupt personal computers, according to security experts. Carey Nachenberg, chief architect for the security response team at Symantec, explains that "a properly crafted worm could literally hit millions or tens of millions of IM clients very quickly," resulting in a potentially devastating coordinated attack. Attackers are targeting the file sharing capability of IM, which can be used to insert viruses as attachments. While there is no specialized IM security software in existence now, basic security measures such as personal firewalls and up-to-date anti-virus software are recommended. (Source: PCWorld.com, 28 May 2002) http://www.pcworld.com/news/article/0,aid,101084,00.asp Comment: Government agencies and organizations should evaluate the risk to their business requirement associated with allowing IM on their production systems IN BRIEF Alberta Forest Fire: Update The forest fire that forced the evacuation of 1,200 residents from Conklin continues to burn out of control and has now engulfed approximately 1,000 square kilometres. The cost of fighting this fire is estimated at $1 million a day. (Source: CBC News, 28 May 2002) http://www.cbc.ca/stories/2002/05/28/alta_fire020528 FBI Restructuring Plans to Be Announced Today Plans for restructuring the FBI will be announced today at a press briefing by U.S. Attorney General John Ashcroft and FBI Director Robert Mueller. There will be some emphasis put on replacing outdated technology and computers, according to Mueller. The FBI is expected to create a new cyber organization as well as another new division that would monitor the communications of potential terrorists. (Source: govexec.com, 28 May 2002) http://www.govexec.com/dailyfed/0502/052802td1.htm FBI's Carnivore Technology Breaks Privacy Law A system used by the FBI to monitor Internet traffic and communications through Internet service providers can accidentally capture e-mail from people not under investigation, thus breaking federal wiretap laws, according to the Electronic Privacy Information Center (EPIC), a privacy watchdog group. The Carnivore technology, as it is understood, is designed to filter data in order to obtain only lawfully authorized information on suspects under investigation. (Source: CNET News.com, 28 May 2002) http://news.com.com/2100-1023-927252.html?tag=fd_top Saskatchewan Investigates Third CWD Case A third case of chronic wasting disease (CWD) is being investigated by scientists in Saskatchewan. The highly infectious disease, which destroys the brains of elk and deer in the same manner as mad cow disease affects cattle, has also been reported in several states in the U.S. (Source: CBC News, 29 May 2002) http://cbc.ca/stories/2002/05/28/elk020528 Comment: More information on CWD is available on the Canadian Food Inspection Agency web site at: http://www.inspection.gc.ca/english/anima/heasan/disemala/cwdmdce.shtml CYBER UPDATES See: What's New for the latest Alerts, Advisories and Information Products Threats There are no updates to report at this time. Vulnerabilities SecuriTeam provides a report on a vulnerability in PAT (Port Address Translation) that can be used to access all ports in the computer behind the router. This could allow an attacker to cause the 3com OfficeConnect ADSL router product to effectively scan the server residing behind the ADSL router, even though the PAT should prevent this. Follow link for details. http://www.securiteam.com/securitynews/5ZP0P2075Q.html SecuriTeam provides a report on multiple vulnerabilities in VP-ASP shopdbtest.asp that will give anyone the location to the database file. Follow link for details. http://www.securiteam.com/securitynews/5AP0Q2075Y.html SecuriTeam provides a report on vulnerabilities in YIM (Yahoo! Messenger), which could allow unauthorized execution of programs on a YIM user's PC via buffer overflows or Java or VB script execution. http://www.securiteam.com/securitynews/5BP0R2075K.html Comment: For more information, see News - Instant Messaging Programs Vulnerable to Attacks. SecuriTeam provides a report on a denial-of-service vulnerability in NetScreen 25. A remote, unauthenticated attacker can cause a NetScreen 25 to remotely reboot. Follow link for workaround information. http://www.securiteam.com/securitynews/5CP0S2075E.html Tools There are no updates to report at this time. CONTACT US For additions to, or removals from the distribution list for this product, or to report a change in contact information, please send to: Email: [EMAIL PROTECTED] For urgent matters or to report any incidents, please contact OCIPEP’s Emergency Operations Centre at: Phone: (613) 991-7000 Fax: (613) 996-0995 Secure Fax: (613) 991-7094 Email: [EMAIL PROTECTED] For general information, please contact OCIPEP’s Communications Division at: Phone: (613) 991-7035 or 1-800-830-3118 Fax: (613) 998-9589 Email: [EMAIL PROTECTED] Web Site: www.ocipep-bpiepc.gc.ca Disclaimer The information in the OCIPEP Daily Brief has been drawn from a variety of external sources. Although OCIPEP makes reasonable efforts to ensure the accuracy, currency and reliability of the content, OCIPEP does not offer any guarantee in that regard. The links provided are solely for the convenience of OCIPEP Daily Brief users. OCIPEP is not responsible for the information found through these links. IWS INFOCON Mailing List @ IWS - The Information Warfare Site http://www.iwar.org.uk