Network Security Roundup for October 27, 2003

TechNewsWorld: Attack Code Targets Windows Messenger Service
27-Oct-03 12:35 ET

Story Highlights:
"Security experts and network administrators are once again on worm watch because of the existence of exploit code for a software vulnerability in a widely used Windows service. The critical weakness lies in the Windows Messenger Service, a feature used primarily in business by systems administrators who use the service to send alerts to users on a network, by spammers to make text messages pop up on user screens, and by employees to communicate between applications."

Full Story on TechNewsWorld

Story Highlights:
"A US judge has turned down a Justice Department request to seek out and delete online records about classified information that temporarily became public as the result of a lawsuit. AP reports that legal experts considered the government motion 'highly unusual' because it failed to name the computers on which the information was held nor specify how the government would retrieve and destroy information already made public."

Full Story on The Register

Story Highlights:
"High-street banks Halifax and NatWest have become the latest victims of an e-mail fraud scam, which aims to trick customers into giving away confidential bank details via a link to a spoofed website. Halifax closed its online operation over the weekend after customers received e-mails requesting security details, and the site was still down on Monday morning."

Full Story on ComputerWeekly.com

Story Highlights:
"This is the second part of our interview with two UK hackers, dryice and frixion, who were implicated in testimony during a recent trial over a denial of service attack on one of the largest ports in the US. Here they reveal how businesses are still leaving themselves woefully exposed to even the most inexperienced script kiddies."

Full Story on Silicon.com