OCIPEP DAILY BRIEF Number: DOB02-175 Date: 29 October 2002


New act to make Ontario's drinking water safe
New legislation aimed at ensuring Ontario has cleaner, safer drinking
water will be unveiled by Ontario Premier Ernie Eves today. The Safe
Drinking Water Act will look to impose rigorous standards for operators
dealing with treatment, testing and distribution of Ontario's drinking
water. Justice Dennis O'Connor recommended the creation of the new act
following his inquiry into the Walkerton E. coli tragedy that killed
seven and sickened 2,300 people in the spring of 2000. (Source: the
star.com, 29 October 2002)
Click here for the source article

OCIPEP Comment: As reported in OCIPEP Daily Brief DOB02-154, released 27
September 2002, a report released by the Environmental Commissioner of
Ontario (ECO) was critical of Ontario's response to water treatment and

Proposal for global IT security centre
On Monday, members of the U.S. - E.U. Information Technology Security
Forum discussed the establishment of the International Security
Coordination Center, a global centre for IT security, which would be
based on the centre that was created to deal with Y2K-related events.
The centre would allow industry and governments to communicate regularly
on issues pertaining to cyber security and to react quickly during a
crisis. (Source: GovExec.com, 28 October 2002)
Click here for the source article

OCIPEP Comment: As part of their eEurope 2005 program, the European
Commission is expected to announce a European cybersecurity task force
that will function as a response centre. The centre is to be operational
by the end of 2003. Other potential actions concerning strengthening IT
security include enhancing the widespread use of smartcards by the end
of 2004 and developing a European Virus Alert System by the end of 2003.
To see the European Commission recommendations on eSecurity, go to:
.pdf. The eEurope 2005 actions can be found on page 16 of the PDF file.

IT security a corporate priority: Report
META Group, Inc., an IT consulting service, recently announced its
findings pertaining to IT security spending in the year ahead. These
findings were extracted from its 2003 Worldwide IT Benchmark Report, an
annual survey of technology trends and economics. According to the
study, despite META Group's predicted near 5 percent decrease in overall
corporate IT spending in 2003, Chief Information Officers (CIO) have
incrementally increased investments in security, a trend set in motion
even before 11 September 2001. The report forecasts that spending on IT
security and business continuity will "be almost evenly split [among]
infrastructure, business continuity, and information security". It goes
on to state that, despite current economic conditions and smaller
budgets, developing a comprehensive security and privacy architecture
has become the focus for virtually all public-sector CIOs, even though
most of their non-IT colleagues do not share the same sense of urgency.
(Source: itWorldCanada.com, 28 October 2002)
Click here for the source article

OCIPEP Comment: To obtain a copy of the report, go to:



Australia's foreign minister warns Canada about terrorism
After meeting with Foreign Affairs Minister Bill Graham on Monday,
Australia's foreign minister, Alexander Downer, warned that Canada
should remain vigilant at all times against terrorist attacks. He voiced
that "no country is safe" from terrorism and that the recent deadly
attacks in Bali, Indonesia, should be a lesson to all countries,
including Canada. (Source: the star.com, 28 October 2002)
Click here for the source article

Reuters accused of hacking
Reports indicate that Swedish software company Intentia will file
criminal charges against the Reuters news agency for allegedly hacking
into the company's computer system to retrieve financial data that had
not yet been publicly released. Reuters reportedly published information
on Intentia's third quarter profits just minutes before it was issued by
the company. (Source: ZD Net Australia, 29 October 2002)
Click here for the source article

Pro-Islamic hackers ready for cyber war: Experts
The number of politically motivated computer attacks have risen sharply
this month, according to British security firm mi2g. Hacking groups
sympathetic to Islamic interests have increased their activities, which
are primarily directed at computer systems in the U.S., U.K., India and
Israel. (Source: REUTERS.com, 29 October 2002)
Click here for the source article

See: What's New for the latest Alerts, Advisories and Information


Central Command reports on VBS/WhyHoPo, which is a Visual Basic Script
that copies itself to multiple directory locations when it is run. It
does not have a damaging payload. 

Symantec reports on Backdoor.Singu, which is a backdoor Trojan horse
that allows unauthorized access to the infected computer.

Symantec reports on Ortyc.Trojan, which is a Trojan horse that displays
pop-ups of some pornographic Web sites when you use Internet Explorer to
browse any Web site that contains any of the key words that are in the
list carried by the Trojan.

McAfee reports on VBS/Helvis, which is a Trojan horse that opens a
website in the internet browser that displays the picture of the Elvis
impersonator. Using Outlook, it will also e-mail all messages found in
the Inbox and Sent Items to the email address: [EMAIL PROTECTED]


D-Link DSL-500 Default Telnet Password Vulnerability. (SecurityFocus)

Working Resources BadBlue Double Slash Directory Access Control
Circumvention Vulnerability. (SecurityFocus)

SolarWinds TFTP Server Large UDP Packet Vulnerability. (SecurityFocus)

BRS WebWeaver Web Server File Access Vulnerability. (SecurityFocus)

LiteServe Web Server File Disclosure Vulnerability. (SecurityOffice)

vpopmail multiple vulnerabilities. (SecurityFocus)

Mojo Mail version 2.7 cross-site scripting vulnerability. (Securiteam)

Qmail-vpopmail-CGIApps arbitrary command execution. (Securiteam)

AN HTTPD cross-site scripting vulnerability. (Little eArth Corporation)

IPSwitch WS_FTP Server PASV Session Hijacking and PASV Port Scan.

There are no new updates to report at this time. 



To add or remove a name from the distribution list, or to modify
existing contact information, e-mail: [EMAIL PROTECTED]

For urgent matters or to report any incidents, please contact OCIPEP's
Emergency Operations Centre at:

Phone: (613) 991-7000
Fax: (613) 996-0995
Secure Fax: (613) 991-7094

For general information, please contact OCIPEP's Communications Division

Phone: (613) 944-4875 or 1-800-830-3118
Fax: (613) 998-9589
Web Site: www.ocipep-bpiepc.gc.ca

The information in the OCIPEP Daily Brief has been drawn from a variety
of external sources. Although OCIPEP makes reasonable efforts to ensure
the accuracy, currency and reliability of the content, OCIPEP does not
offer any guarantee in that regard. The links provided are solely for
the convenience of OCIPEP Daily Brief users. OCIPEP is not responsible
for the information found through these links. 

IWS INFOCON Mailing List
@ IWS - The Information Warfare Site

Reply via email to