OCIPEP DAILY BRIEF Number: DOB02-175 Date: 29 October 2002 http://www.ocipep.gc.ca/DOB/DOB02-175_e.html
NEWS New act to make Ontario's drinking water safe New legislation aimed at ensuring Ontario has cleaner, safer drinking water will be unveiled by Ontario Premier Ernie Eves today. The Safe Drinking Water Act will look to impose rigorous standards for operators dealing with treatment, testing and distribution of Ontario's drinking water. Justice Dennis O'Connor recommended the creation of the new act following his inquiry into the Walkerton E. coli tragedy that killed seven and sickened 2,300 people in the spring of 2000. (Source: the star.com, 29 October 2002) Click here for the source article OCIPEP Comment: As reported in OCIPEP Daily Brief DOB02-154, released 27 September 2002, a report released by the Environmental Commissioner of Ontario (ECO) was critical of Ontario's response to water treatment and security. Proposal for global IT security centre On Monday, members of the U.S. - E.U. Information Technology Security Forum discussed the establishment of the International Security Coordination Center, a global centre for IT security, which would be based on the centre that was created to deal with Y2K-related events. The centre would allow industry and governments to communicate regularly on issues pertaining to cyber security and to react quickly during a crisis. (Source: GovExec.com, 28 October 2002) Click here for the source article OCIPEP Comment: As part of their eEurope 2005 program, the European Commission is expected to announce a European cybersecurity task force that will function as a response centre. The centre is to be operational by the end of 2003. Other potential actions concerning strengthening IT security include enhancing the widespread use of smartcards by the end of 2004 and developing a European Virus Alert System by the end of 2003. To see the European Commission recommendations on eSecurity, go to: http://europa.eu.int/information_society/newsroom/documents/catalogue_en .pdf. The eEurope 2005 actions can be found on page 16 of the PDF file. IT security a corporate priority: Report META Group, Inc., an IT consulting service, recently announced its findings pertaining to IT security spending in the year ahead. These findings were extracted from its 2003 Worldwide IT Benchmark Report, an annual survey of technology trends and economics. According to the study, despite META Group's predicted near 5 percent decrease in overall corporate IT spending in 2003, Chief Information Officers (CIO) have incrementally increased investments in security, a trend set in motion even before 11 September 2001. The report forecasts that spending on IT security and business continuity will "be almost evenly split [among] infrastructure, business continuity, and information security". It goes on to state that, despite current economic conditions and smaller budgets, developing a comprehensive security and privacy architecture has become the focus for virtually all public-sector CIOs, even though most of their non-IT colleagues do not share the same sense of urgency. (Source: itWorldCanada.com, 28 October 2002) Click here for the source article OCIPEP Comment: To obtain a copy of the report, go to: http://www.metagroup.com/cgi-bin/inetcgi/commerce/productDetails.jsp?oid =33569 IN BRIEF Australia's foreign minister warns Canada about terrorism After meeting with Foreign Affairs Minister Bill Graham on Monday, Australia's foreign minister, Alexander Downer, warned that Canada should remain vigilant at all times against terrorist attacks. He voiced that "no country is safe" from terrorism and that the recent deadly attacks in Bali, Indonesia, should be a lesson to all countries, including Canada. (Source: the star.com, 28 October 2002) Click here for the source article Reuters accused of hacking Reports indicate that Swedish software company Intentia will file criminal charges against the Reuters news agency for allegedly hacking into the company's computer system to retrieve financial data that had not yet been publicly released. Reuters reportedly published information on Intentia's third quarter profits just minutes before it was issued by the company. (Source: ZD Net Australia, 29 October 2002) Click here for the source article Pro-Islamic hackers ready for cyber war: Experts The number of politically motivated computer attacks have risen sharply this month, according to British security firm mi2g. Hacking groups sympathetic to Islamic interests have increased their activities, which are primarily directed at computer systems in the U.S., U.K., India and Israel. (Source: REUTERS.com, 29 October 2002) Click here for the source article CYBER UPDATES See: What's New for the latest Alerts, Advisories and Information Products Threats Central Command reports on VBS/WhyHoPo, which is a Visual Basic Script that copies itself to multiple directory locations when it is run. It does not have a damaging payload. http://support.centralcommand.com/cgi-bin/command.cfg/php/enduser/std_ad p.php?p_refno=021028-000013 Symantec reports on Backdoor.Singu, which is a backdoor Trojan horse that allows unauthorized access to the infected computer. http://securityresponse.symantec.com/avcenter/venc/data/backdoor.singu.h tml Symantec reports on Ortyc.Trojan, which is a Trojan horse that displays pop-ups of some pornographic Web sites when you use Internet Explorer to browse any Web site that contains any of the key words that are in the list carried by the Trojan. http://securityresponse.symantec.com/avcenter/venc/data/ortyc.trojan.htm l McAfee reports on VBS/Helvis, which is a Trojan horse that opens a website in the internet browser that displays the picture of the Elvis impersonator. Using Outlook, it will also e-mail all messages found in the Inbox and Sent Items to the email address: [EMAIL PROTECTED] http://vil.nai.com/vil/content/v_99767.htm Vulnerabilities D-Link DSL-500 Default Telnet Password Vulnerability. (SecurityFocus) http://online.securityfocus.com/bid/6039/discussion/ Working Resources BadBlue Double Slash Directory Access Control Circumvention Vulnerability. (SecurityFocus) http://online.securityfocus.com/bid/6044 SolarWinds TFTP Server Large UDP Packet Vulnerability. (SecurityFocus) http://online.securityfocus.com/bid/6043/discussion/ BRS WebWeaver Web Server File Access Vulnerability. (SecurityFocus) http://online.securityfocus.com/bid/6041/discussion/ LiteServe Web Server File Disclosure Vulnerability. (SecurityOffice) http://www.securityoffice.net/articles/liteserve/ vpopmail multiple vulnerabilities. (SecurityFocus) http://online.securityfocus.com/bid/6037/discussion/ http://online.securityfocus.com/bid/6038/discussion/ Mojo Mail version 2.7 cross-site scripting vulnerability. (Securiteam) http://www.securiteam.com/unixfocus/6Q00R1F5PY.html Qmail-vpopmail-CGIApps arbitrary command execution. (Securiteam) http://www.securiteam.com/unixfocus/6P00Q1F5PC.html AN HTTPD cross-site scripting vulnerability. (Little eArth Corporation) http://www.lac.co.jp/security/english/snsadv_e/57_e.html IPSwitch WS_FTP Server PASV Session Hijacking and PASV Port Scan. (Securiteam) http://www.securiteam.com/windowsntfocus/6L00L1F5QW.html Tools There are no new updates to report at this time. CONTACT US To add or remove a name from the distribution list, or to modify existing contact information, e-mail: [EMAIL PROTECTED] For urgent matters or to report any incidents, please contact OCIPEP's Emergency Operations Centre at: Phone: (613) 991-7000 Fax: (613) 996-0995 Secure Fax: (613) 991-7094 Email: [EMAIL PROTECTED] For general information, please contact OCIPEP's Communications Division at: Phone: (613) 944-4875 or 1-800-830-3118 Fax: (613) 998-9589 Email: [EMAIL PROTECTED] Web Site: www.ocipep-bpiepc.gc.ca Disclaimer The information in the OCIPEP Daily Brief has been drawn from a variety of external sources. Although OCIPEP makes reasonable efforts to ensure the accuracy, currency and reliability of the content, OCIPEP does not offer any guarantee in that regard. The links provided are solely for the convenience of OCIPEP Daily Brief users. OCIPEP is not responsible for the information found through these links. IWS INFOCON Mailing List @ IWS - The Information Warfare Site http://www.iwar.org.uk