|
Network Security
Date Prev | Date Next |
Date Index |
Thread Index |
Author Index |
Historical
FW: Security In The News - February 10, 2004
- From: Howell, Paul
- Date: Wed Feb 11 07:57:01 2004
Security In The News
LAST UPDATED: 2/10/04
This report is
also available on the Internet at http://news.ists.dartmouth.edu/todaysnews.html
,
Homeland Security & Infrastructure Protection
Watch list target pushed to summer's
end
- Federal
Computer Week, 2/9/04
Cybercrime-Hacking
Security experts work to prevent hacker
infiltration of Athens Olympics
- OSAC
(AP), 2/10/04
VeriSign says online fraud growing
fast
- news.com.com,
2/9/04
UK.gov announces hi-tech elite police
squad
- The
Register, 2/10/04
- Also - PublicTechnology.net,
2/10/04
Politics-Legislation
The first fallout from Cybergate
- Security Focus,
2/9/04
Malware
New viruses feed on MyDoom
infections
- news.com.com,
2/9/04
- Also - sophos
virus info, 2/10/04
- Also - Windows
& .Net Magazine, 2/10/04
- Also - The
Register, 2/10/04
Technology
Review: Windows XP's big security
fix
- Computerworld,
2/9/04
DARPA hopes to give field radio networks
a BLAST of speed
- Government
Computer News, 2/9/04
Cheapskate's Guide to a Safe PC
- Wired
News, 2/10/04
Vulnerabilities & Exploits
Online Search Engines Help Lift Cover of
Privacy
- Washington
Post, 2/9/04
Feds finalize standards for rating
security risk
- Government
Computer News, 2/10/04
Microsoft warns of widespread Windows
flaw
- ZDNet,
2/10/04
- Also - Security Focus
(AP), 2/10/04
Best Practices & Risk Management
IT security: Something's gotta give
- news.com.com,
2/10/04
Civil & Consumer Issues
Sharman to challenge court order
- news.com.com,
2/9/04
Digital evidence raises doubts
- CNN
(AP), 2/10/04
Homeland Security & Infrastructure Protection
- Title: Watch list target pushed to summer's
end
- Source: Federal Computer Week
- Date Written: February 9, 2004
- Date Collected: February 10, 2004
- Homeland Security Secretary Tom Ridge, testifying before the Senate
Governmental Affairs Committee on the Bush administration's 2005 budget
proposal, says he expects the integration of twelve terrorist watch lists to
be completed by the end of summer 2004. Some Senators questioned why the FBI
(Federal Bureau of Investigation) was in charge of the integration while the
CIA (Central Intelligence Agency) housed the Terrorist Threat Integration
Center. Sen. Richard Durbin (D-Illinois) said he had information that the
intelligence agencies are engaging in bureaucratic battles over the watch
lists. Secretary Ridge described the integration process as "as much art as
science," leading to the delay of a final product. Secretary Ridge also
defended the budgets for the Coast Guard, border, port, and airport
security, and grants to universities, amounting to a 10% increase in
Homeland Security's budget over fiscal year 2004.
- http://www.fcw.com/fcw/articles/2004/0209/web-ridge-02-09-04.asp
Cybercrime-Hacking
- Title: Security experts work to prevent hacker
infiltration of Athens Olympics
- Source: OSAC (AP)
- Date Written: February 10, 2004
- Date Collected: February 10, 2004
- Security officials for the 2004 Olympics in Athens, Greece are
investigating ways to protect equipment from cyberattacks during the games
from August 13 to August 29. According to Athens daily newspaper Ta Nea,
attackers could shutdown scoreboards, electronic airport systems, the
telephone company, and the electric company. Officials were alerted to
possible threats by an article in an unnamed American computer magazine.
Greece has budgeted $750 million for security at the Olympic games, with
over 50,000 personnel, including soldiers.
- http://www.ds-osac.org/view.cfm?KEY=7E455C44425C&type=2B170C1E0A3A0F162820
- Title: VeriSign says online fraud growing
fast
- Source: news.com.com
- Date Written: February 9, 2004
- Date Collected: February 10, 2004
- VeriSign. the company responsible for the .com and .net top level
domains, has released a report outlining rapid growth in site hacks, online
fraud, and identity theft. Online commerce rose 59% during the 2003 holiday
season, compared to the 2002 holidays, from $4 billion in sales to $6.4
billion. During that time, VeriSign also recorded a 176% increase in
potentially malicious probes against corporate firewalls and intrusion
detection systems. Online merchants rejected 7% of online orders as "too
risky," usually as suspected credit card fraud or identity theft. VeriSign
also pointed out that some legitimate sales may have been lost, since the
rejection systems are automated. VeriSign suggests retailers have humans
monitor security systems 24 hours a day, either through employees or outside
providers.
- http://news.com.com/2100-7355-5156062.html?tag=cd_top
- Title: UK.gov announces hi-tech elite police
squad
- Source: The Register
- Date Written: February 10, 2004
- Date Collected: February 10, 2004
- The United Kingdom's Home Office has announced plans for a Serious
Organized Crime Agency (SOCA) to bring together technical and financial
expertise from numerous law enforcement agencies, such as the National High
Tech Crime Unit, to combat organized crime both in the physical and digital
realms. Home Secretary David Blunkett stated, "We need to respond to this
changing criminal threat, harness the skills of non-traditional
investigators like accountants and legal experts and combine these with our
world-class detectives and intelligence officers." The new agency, along
with new legislation, will be part of a comprehensive strategy to address
organized crime and cybercrime, to be set out in a policy paper released by
the Government in March 2004.
- http://www.theregister.co.uk/content/55/35459.html
- Also - http://www.publictechnology.net/modules.php?op=modload&name=News&file=article&sid=581
Politics-Legislation
- Title: The first fallout from Cybergate
- Source: Security Focus
- Date Written: February 9, 2004
- Date Collected: February 10, 2004
- Republican staffers on the Senate Judiciary Committee are under
investigation by the Senate Sergeant at Arms for accessing internal
Democratic memos regarding their strategy in blocking approval of certain
nominees for federal judges, particularly Miguel Estrada. When Democrats
controlled the Senate and the Judiciary Committee, they used the Judiciary
Committee server to keep their internal memos. When Republicans took control
of the Senate, they also took control of the Judiciary Committee and its
server. Republican staff were then able to access Democratic memos simply by
clicking the "My Network Places" icon on their Windows desktops. Then
Republican staffer Manuel Miranda justified the access by arguing that the
Democrats should have better protected their memos, that they cannot claim
property rights over government documents, and the Senate disclosure rules
do not apply since they were not government documents. The author warns that
if such an argument is accepted, "truth, justice and information security
may be the next casualties of political warfare."
- http://www.securityfocus.com/columnists/219
Malware
- Title: New viruses feed on MyDoom
infections
- Source: news.com.com
- Date Written: February 9, 2004
- Date Collected: February 10, 2004
- Two new worms, Doomjuice and Deadhat, are spreading over the network of
computers infected by the MyDoom.A worm, using the backdoor that worm opened
rather than e-mail. The viruses threaten only those computers currently
infected, but not computers which have been cleaned of the worm; Vincent
Gullotto, vice president for antivirus at Network Associates, estimates that
only 50,000 to 75,000 infected computers are left. Doomjuice, also known as
MyDoom.C, has had moderate success in spreading, and hijacks computers for a
denial of service attack against Microsoft's website. Microsoft experienced
brief outages Monday, February 9, 2004, but it is uncertain whether it was
related to the virus. Sophos reports that Doomjuice also plants source code
for the MyDoom.A virus on infected machines, perhaps in an attempt by the
author to cover his tracks. Deadhat spreads through the MyDoom back door and
over the SoulSeek file-trading network; once inside it removes the MyDoom
virus and awaits further instructions. Security experts consider both
viruses low risk.
- http://news.com.com/2100-7349_3-5156105.html?tag=nefd_top
- Also - http://www.sophos.com/virusinfo/articles/doomevidence.html
- Also - http://www.winnetmag.com/Article/ArticleID/41731/41731.html
- Also - http://www.theregister.co.uk/content/56/35450.html
Technology
- Title: Review: Windows XP's big security
fix
- Source: Computerworld
- Date Written: February 9, 2004
- Date Collected: February 10, 2004
- PC World's Paul Thurrot reviews the upcoming Windows XP Service Pack 2
(SP2). Windows XP came with an Internet Connection Firewall, however it was
disabled by default, and hard to find and configure. SP2 enables the
firewall (renamed "Windows Firewall"), makes it easy to find, and now scans
both inbound and outbound traffic. Wireless networking has an easier to use
interface. The improved Internet Explorer will block pop-up ads. New
controls will help prevent users from unknowingly downloading spyware, but
may cause problems with some browser plug-ins in the short term. Outlook no
longer downloads images for HTML (hypertext markup language) e-mails that
could alert spammers that an address is real, but Mr. Thurrott finds the
lack of a white list for Outlook lamentable. Windows Update has been
modified to package the most critical updates into a single-step install
process, while new memory protections guard against buffer overflows.
- http://www.computerworld.com/softwaretopics/os/windows/story/0,10801,90002,00.html
- Title: DARPA hopes to give field radio networks
a BLAST of speed
- Source: Government Computer News
- Date Written: February 9, 2004
- Date Collected: February 10, 2004
- The Defense Advanced Research Projects Agency (DARPA) has awarded an
$11.5 million contract to Lucent Technologies to demonstrate the agency's
Mobile Networked Multiple-Input, Multiple-Output (MIMO) program. MIMO uses
multiple antennae to transmit wireless signals in mobile ad hoc networks;
the first phase of the program aims to increase spectral efficiency
twenty-fold. Lucent will use the Bell Labs Layered Space Time (BLAST)
technology. BLAST tailors transmissions to the natural scattering of radio
signals to enhance accuracy, and to let several messages travel over the
same frequency. Lucent will develop the media access control and physical
layers of the system to develop self-forming networks for vehicles in
motion, with a twenty vehicle demonstration. DARPA will solicit further
industry participation if the first phase is successful.
- http://www.gcn.com/vol1_no1/daily-updates/24902-1.html
- Title: Cheapskate's Guide to a Safe PC
- Source: Wired News
- Date Written: February 10, 2004
- Date Collected: February 10, 2004
- Many home computers, unbeknownst to their users, are infected with
various viruses, spywares, Trojans, and backdoors. Protecting these systems
is necessary, but can be costly. However, there are a number of free and
inexpensive options for protecting a home computer or a small network. The
most essential tool for home security is a firewall. ZoneAlarm's free
firewall is the most popular, while Agnitum's Outpost firewall uses plug-in
modules, making the system open to other developers. Windows XP includes a
firewall, but that shouldn't be relied on until it is upgraded by Service
Pack 2, due by the end of summer 2004. Free antivirus is also available,
though users must remember that they need to be updated as new viruses
appear. Trend Micro offers a free online virus scan. BitDefender offers a
number of free virus scanners for home Windows and Linux machines.
SpyBot-Search & Destroy is good for tracking down spywares and Trojans.
SpamBayes and MailWasher can help to keep an e-mail inbox spam-free. The
Mozilla web browser has advanced features for safe web surfing.
- http://www.wired.com/news/infostructure/0,1377,62222,00.html?tw=wn_tophead_2
Vulnerabilities & Exploits
- Title: Online Search Engines Help Lift Cover of
Privacy
- Source: Washington Post
- Date Written: February 9, 2004
- Date Collected: February 10, 2004
- Powerful search engines such as Google can be used to find private or
secret documents on the Internet. Known as "Google hacking," many users are
fine-tuning their search requests to uncover sensitive information, such as
military documents on suspected al Qaeda operatives, with names and
identification numbers, medical records, and credit card numbers. Such
searches do not require an illegal trespass of a computer, but use Google to
find material kept with little or no security in obscure but open parts of
the Internet. Google's computers crawl webpages cataloging the data they
find, and then provide users with powerful tools for searching that data.
Searches including the terms "xls," "cc," and "ssn," can find Excel
spreadsheets with customer credit card or Social Security data. In one
instance, security consultant Edward Skoudis was able to find a bank's
spreadsheet with the names, credit card numbers, and Social Security numbers
of over 10,000 of its customers.
- http://www.washingtonpost.com/wp-dyn/articles/A24053-2004Feb8.html
- Title: Feds finalize standards for rating
security risk
- Source: Government Computer News
- Date Written: February 10, 2004
- Date Collected: February 10, 2004
- The Commerce Department has approved the NIST's (National Institute of
Standards and Technology) Federal Information Processing Standard (FIPS) 199
for categorizing security risks to government computers and information. The
Federal Information Security Management Act (FISMA) mandates that agencies
evaluate the risk to their systems and develop security measures and
practices. FIPS 199 gives a common framework for discussing risks and is
mandatory for unclassified systems unrelated to national security. FIPS 199
address confidentiality, integrity, and availability; the final draft
includes privacy as an element of confidentiality.
- http://www.gcn.com/vol1_no1/daily-updates/24908-1.html
- Title: Microsoft warns of widespread Windows
flaw
- Source: ZDNet
- Date Written: February 10, 2004
- Date Collected: February 10, 2004
- Microsoft has released a patch for flaws that could allow an attacker to
build a worm to spread quickly through the Internet or take control of a
target computer. The flaws lies in the implementation of the Abstract Syntax
Notation One (ASN.1) networking protocol, and affects Windows NT, 2000, XP,
and Server 2003. Marc Maiffret, chief hacking officer for eEye Digital
Security, says that ASN.1 is deeply built into Windows, making the
vulnerability pervasive. eEye informed Microsoft of the flaw six months
before the patch release, a delay Mr. Maiffret criticized as "ridiculous."
Microsoft security executive Stephen Toulouse justified the delay, saying
that since the technology is so foundational throughout Windows, getting it
right the first time was absolutely necessary. Microsoft urges users to
download the patch immediately.
- http://zdnet.com.com/2100-1105_2-5156647.html
- Also - http://www.securityfocus.com/news/8003
Best Practices & Risk Management
- Title: IT security: Something's gotta
give
- Source: news.com.com
- Date Written: February 10, 2004
- Date Collected: February 10, 2004
- 2004 started with one of the most effective virus attacks ever. MyDoom
infected computers by tricking users into opening an e-mail attachment,
spread so rapidly that it clogged networks, slowed business productivity,
launched a successful denial of service attack, and opened backdoors on
infected machines. Information technology departments reacted with a
familiar process: define the problem, deploy a point solution, declare the
problem solved, and wait for the next problem. This practice has proven
ineffective in protecting networks. Board-level executives need to
understand the return on investments for security spending, while IT
personnel must tailor security to mission-critical applications and business
processes. MyDoom demonstrates that security is a business necessity, and
enterprises that recognize this can protect their bottom lines against
future attacks.
- http://news.com.com/2010-7355_3-5156080.html
Civil & Consumer Issues
- Title: Sharman to challenge court order
- Source: news.com.com
- Date Written: February 9, 2004
- Date Collected: February 10, 2004
- Sharman Networks will challenge the validity of the Anton Pillar court
order that allowed Australia's Music Industry Piracy Investigations (MIPI)
to raid twelve offices searching for evidence of copyright infringement. An
Anton Pillar order allows a copyright holder to enter a premises to search
for and seize evidence of infringement without alerting the target
beforehand. Sharman's lawyers allege that the record labels did not provide
all relevant materials to the judge when requesting the order. The lawyers
are requesting the Federal Court of Australia to set aside the order until a
lawsuit between record labels and Sharman Networks in the United States is
resolved, after which Sharman hopes an Anton Pillar order will not be
necessary. The case will be heard February 20, 2004 before Justice Murray
Wilcox.
- http://news.com.com/2100-1027_3-5156239.html?tag=nefd_top
- Title: Digital evidence raises doubts
- Source: CNN (AP)
- Date Written: February 10, 2004
- Date Collected: February 10, 2004
- In 1996, a Florida jury acquitted Victor Reyes of murder, citing
concerns about the legitimacy and trustworthiness of digital evidence
presented by the prosecution. A key piece of evidence was a strip of duct
tape with a smudged handprint; police used the More Hits software to enhance
an image of the tape and match the handprint to Mr. Reyes. However, a
defense witness compared such digital processing to techniques used in Adobe
Photoshop, which could allow such evidence to be forged. While photographs
from film could be manipulated in the dark room, digital images are much
easier to manipulate; Larry Meyer, former head of photography for State Farm
Insurance, says "What you can do in a darkroom is 2 percent of what
Photoshop is capable of doing." Some legal experts believe that digital
evidence needs a technological review before it can be widely accepted by
juries, similar to the review given DNA evidence. Richard Vorder-Bruegge, an
FBI (Federal Bureau of Investigation) forensic expert, recommends that law
enforcement continue to rely on film for photographic evidence.
- http://www.cnn.com/2004/TECH/ptech/02/10/digital.evidence.ap/index.html
To change your delivery preferences please go
to:
http://news.ists.dartmouth.edu/cgi-bin/change.cgi
If you wish to
stop receiving the 'Security in the News' service please go
to:
http://news.ists.dartmouth.edu/substop.html
The Institute for
Security Technology Studies (ISTS) accepts no responsibility for any error
or omissions in this e-mail. The information presented is a compilation of
material from various sources and has not been verified by staff of the
ISTS. Therefore, the ISTS cannot be made responsible for the factual
accuracy of the material presented. The ISTS is not liable for any loss or
damage arising from or in connection with the information contained in this
report. It is the responsibility of the user to evaluate the content and
usefulness of this information. References in this e-mail to any specific
commercial products, processes, or services by trade name, trademark,
manufacturer, or otherwise, does not constitute or imply endorsement,
recommendation, or favoring by the ISTS. ISTS is a research, not
operational, organization, and makes its Security in the News e-mail
available as a public service on a best-effort basis. Security in the News
will be sent out on most business days, but not all.
Institute for
Security Technology Studies
Dartmouth College
45 Lyme Road, Suite
200
Hanover, NH 03755
Tel: (603) 646 0700
E-mail:
dailyreport@ists.dartmouth.edu
|
|
|
