Australia's Leading Computer Emergency Response Team

Early Warning Alert Service
Date: 07 June 2004
Original URL: http://www.auscert.org.au/render.html?cid=3000&it=3841
Further Information: Early Warning Alert Service Application and Membership Agreement

In order to help members identify and respond to the most critical security threats and vulnerbilities in a timely manner, we have developed the AusCERT Early Warning Alert Service.

The current threat environment is such that organisations must keep up to date with the latest computer network vulnerabilities and threats to keep networks secure. Unfortunately, to do this many organisations have to evaluate multiple security bulletins on a daily basis to determine the level of risk they face with each new threat or vulnerability.

The AusCERT Early Warning Service will help make this task easier by identifying those threats and vulnerabilities which require urgent consideration and possibly, urgent action.

Using SMS technology, AusCERT will contact members to inform them about serious and time critical computer network threats and/or vulnerabilities, day or night, seven days a week. This service will assist your organisation become aware of critical computer security issues in a more time critical manner.

Each SMS Alert will contain a reference to a security bulletin, accessible from the AusCERT web site where detailed information can be obtained, if relevant to the member's network.

Each member organisation on the new membership agreement can subscribe multiple mobile phones to the service at no extra charge.

The service will be mostly utilised out of business hours but may occasionally be used during business hours to highlight the importance of a new security bulletin AusCERT has just released.

The new Early Warning Alert Service has been on trial for many months with positive feedback from participants. The last six Alerts issued during the pilot were about the following critical threats and/or vulnerabilities:

  • AusCERT Alert AL-2004.10: Bogus Banking Email Allows Trojan Infection for Outlook Users - Execute Arbitrary Code/Commands, Access Privileged Data; ETA 1244 AEST, Sunday, 4 April 2004

  • AusCERT Alert AL-2004.08: "Witty" Worm Exploits ISS ICQ Parsing Vulnerability - Execute Arbitrary Code/Commands; ETA 1017 AEST, Monday, 22 March 2004

  • AusCERT Alert AL-2004.07: New Bagle worm spreading - Bagle.Q - Execute Arbitrary Commands; ETA 1830 AEST, Thursday, 18 March 2004

  • AusCERT Alert AL-2004.06: Variants of mass-mailing worms Netsky and Bagle spreading rapidly - DoS, Access Privileged Data, Reduced Security; issued at 0900 AEST, Tuesday, 2 March 2004

  • AusCERT Alert AL-2004.05: Mass-mailer worm W32/Netsky.b - spreading rapidly; issued at 0636 AEST, Thursday, 19 February 2004

  • AusCERT Alert AL-2003.23: Microsoft Workstation Service Buffer Overflow - Administrator Compromise; issued at 0934 AEST, Wednesday, 12 November 2003

Further information about membership can be found at: http://www.auscert.org.au/1959 or by following the "Membership" link in the left side navigation bar.