TO UNSUBSCRIBE: email "unsubscribe issforum" in the body of your message to [EMAIL PROTECTED] Contact [EMAIL PROTECTED] for help with any problems! ----------------------------------------------------------------------------
INTERNET RISK UPDATE for 07-11-2002 ISS X-Force Internet Threat Intelligence Center www.iss.net - Click on the AlertCon logo for more information. ******************************************** ALERTCON 1 Projected: AlertCon 1 ******************************************** ALERTCON 1 - We are at AlertCon 1, the usual chaotic, unregulated state of the Internet. The newly established X-Force(tm) Threat Analysis Service (XFTAS) enables proactive security management through comprehensive evaluation of global online threat conditions and detailed analyses tailored for specific customer needs. The service provides a unique blend of threat information collected from Internet Security System's international network of Security Operations Centers and trusted security intelligence from the X-Force research and development organization. This powerful combination clearly denotes the nature and severity of external Internet threats. Daily summaries provide current and forecast assessments for active vulnerabilities, viruses/worms and threats, including links to recommended fixes and security advice. Please take a tour of the new service at: http://xforce.iss.net/index.php VULNERABILITIES: Microsoft has released two new Security Bulletins addressing SQL Server issues. VIRUSES/WORMS: W32/Nahata-F is an intended worm that tries to spread via email, mIRC and Pirch. The worm drops itself into the root folder of drive C: and also attempts to drop the file C:\info.vbs. ******************************************** RECOMMENDATIONS ******************************************** For the Microsoft Security Bulletins: http://www.microsoft.com/security ******************************************** BACKGROUND, COPYRIGHT NOTICE, and DISCLAIMER ******************************************** Background. We provide this information in the spirit of PDD 63 to help security professionals wage the war against Internet threats more effectively. Information in this update derived primarily from global, real time, 24 x 7 IDS feeds, ISS X-Force R&D Team research, and professional liaison. Other sources as noted. AlertCon 1 - Internet risk baseline reflecting the malicious, determined, global, 24/7 attacks experienced by all networks connected to the Internet. In simple terms, AlertCon 1 indicates that a newly configured computer will be compromised within 24 hours of first being connected to the Internet. AlertCon 2 means increased vigilance is necessary. The potential exists for increased risk because of new vulnerabilities or credible threats to the confidentiality, integrity, and/or availability of computer networks. Some degree of vulnerability assessment and potential corrective action is recommended. AlertCon 3 reflects focused attacks. Internet attacks have been noted against specific vulnerabilities or inherent information system weaknesses. Immediate defensive action is required. AlertCon 4 means an actual or potentially catastrophic security situation has arisen within a network or group of networks whose survival depends on immediate and focused defensive action. This condition may be imminent or ongoing. All summaries cover 24 hours the previous workday, GMT. Monday summaries may cover some weekend activity. Copyright 2002 Internet Security Systems, Inc. Permission is granted for the redistribution of the Internet Risk electronically. It is not to be sold or edited in any way without express consent of ISS. Refer comments or questions to: mailto:[EMAIL PROTECTED] or mailto:[EMAIL PROTECTED] Disclaimer: This information is subject to change without notice. Use of this information constitutes acceptance for use in an 'as is' condition. There are no warranties with regard to this information. In no event shall the author be liable for any damages whatsoever arising out of or in connection with the use or spread of this information. Any use of this information is at the user's own risk. No other use authorized. FOIA Exemption 4. Patrick Gray Manager, X-Force Internet Threat Intelligence Center Internet | Security | Systems The Power To Protect www.iss.net
