|
Network Security
Date Prev | Date Next |
Date Index |
Thread Index |
Author Index |
Historical
FW: Security In The News - February 16, 2004
- From: Howell, Paul
- Date: Tue Feb 17 08:19:51 2004
Security In The News
LAST UPDATED: 2/16/04
This report is
also available on the Internet at http://news.ists.dartmouth.edu/todaysnews.html
,
Homeland Security & Infrastructure Protection
Homeland Security auditors to probe IT
projects
- Government
Computer News, 2/13/04
Cybercrime-Hacking
Forces Reunited 'hacker' questioned by
police
- Ananova,
2/13/04
FBI joins Microsoft code hunt
- vnunet.com, 2/16/04
Windows Source Leak Traces Back to
Mainsoft
- EWeek.com,
2/13/04
Malware
Belgian police arrest female virus
writer
- The
Register, 2/16/04
Technology
D.C. to Test Emergency Transmission
Network
- Washington
Post, 2/13/04
Red Hat unveils Linux security
upgrades
- vnunet.com, 2/16/04
PC security kit achieves
certification
- vnunet.com, 2/16/04
Wireless Honeypot Trickery
- Security Focus,
2/13/04
Vulnerabilities & Exploits
Exploit based on leaked Windows code
released
- Security Focus,
2/16/04
ASN.1 exploit code circulating;
universal shellcode only a matter of time
- SearchSecurity,
2/16/04
Best Practices & Risk Management
Hackers for Hire
- TechNewsWorld,
2/13/04
Civil & Consumer Issues
SCO readies legal action against
users
- vnunet.com, 2/16/04
The Computer Ate My Vote
- Wired
News, 2/16/04
Canadian record companies seek names in
piracy battle
- The
Globe and Mail, 2/13/04
VoIP: It's not so easy to listen in
- ZDNet,
2/13/04
Homeland Security & Infrastructure Protection
- Title: Homeland Security auditors to probe IT
projects
- Source: Government Computer News
- Date Written: February 13, 2004
- Date Collected: February 16, 2004
- The Inspector General (IG) of the Department of Homeland Security (DHS)
will review several major DHS information technology projects throughout
2004. The US-VISIT (U.S. Visitor and Immigrant Status Indicator Tracking)
system is perhaps the most prominent project to be reviewed. The Inspector
General will also examine the Transportation Security Administration's
outsourcing of IT to Unisys Corporation. The IG reviews will cover, among
other attributes: logical and physical controls over data, effectiveness of
government communications during failures of critical infrastructures,
wireless security, protection of classified data, and cybersecurity
programs.
- http://www.gcn.com/vol1_no1/daily-updates/24940-1.html
Cybercrime-Hacking
- Title: Forces Reunited 'hacker' questioned by
police
- Source: Ananova
- Date Written: February 13, 2004
- Date Collected: February 16, 2004
- Great Britain's Wiltshire Police have questioned a 29-year-old Chorley,
Lancashire man in connection with a hacking attempt on the Forces Reunited
website. Police have seized a number of computers from the man, who is now
out on bail pending further inquiries. Forces Reunited helps former members
of the armed services get in touch over the Internet. It has a database of
150,000 members from the various military services, as well as civilians
with military connections.
- http://www.ananova.com/news/story/sm_865955.html
- Title: FBI joins Microsoft code hunt
- Source: vnunet.com
- Date Written: February 16, 2004
- Date Collected: February 16, 2004
- Microsoft has enlisted the Federal Bureau of Investigation (FBI) to
trace the origin of a leak which reveled Microsoft source code. Microsoft's
internal investigation has not revealed a breach of the corporate network or
internal security, nor does the company believe the leak to have resulted
from its Shared Source Initiative or Government Security Program which
provides universities, developers and governments access to certain parts of
the Windows source code. According to a company statement, Microsoft source
code is protected by copyright and as a trade secret, and the company will
take all appropriate legal action to protect its intellectual property. The
leaked code contains references to Microsoft partner Mainsoft, who is fully
cooperating with the investigation.
- http://www.vnunet.com/News/1152775
- Title: Windows Source Leak Traces Back to
Mainsoft
- Source: EWeek.com
- Date Written: February 13, 2004
- Date Collected: February 16, 2004
- BetaNews reports that the 30,915 files containing Microsoft Windows
source code leaked to the public on Thursday, February 12, 2004, originated
from Microsoft partner Mainsoft. The code has been licensed to Mainsoft for
its MainWin product, which creates native Unix versions of Windows
applications. References to MainWin are found thoughout the leaked source
code, which does not compile into a useable form of Windows. Mainsoft was
one of only two companies licensed to use Windows source code under
Microsoft's Windows Interface Source Environment (WISE) program, a
predecessor of the Shared Source Initiative launched in 2001. The source
code is part of the WIndows 2000 source code, which serves as the basis for
Windows XP and Server 2003. The Federal Bureau of Investigation is examining
the case.
- http://www.eweek.com/article2/0,4149,1526831,00.asp
Malware
- Title: Belgian police arrest female virus
writer
- Source: The Register
- Date Written: February 16, 2004
- Date Collected: February 16, 2004
- Belgian police have arrested a 19-year-old woman suspected of being the
virus writer Gigabyte, charging her with computer data sabotage offenses,
punishable by three years imprisonment and up to €100,000 in fines. Police
also seized five computers and shutdown her website. Gigabyte is well known
for her gender and youth in virus circles, and is credited with writing the
first virus to use Microsoft's C# language. She is also known for her vocal
disagreements with antivirus expert Graham Cluley over his unflattering
sociological analyses of virus writers, often describing them as "spotty
teenage nerds who couldn't pull."
- http://www.theregister.co.uk/content/56/35580.html
Technology
- Title: D.C. to Test Emergency Transmission
Network
- Source: Washington Post
- Date Written: February 13, 2004
- Date Collected: February 16, 2004
- The United States capital District of Columbia will launch a $2.7
million pilot program for an emergency communications network that could
become a model for other cities. The network will consist of a private
wireless network for police, fire, and other emergency services capable of
transmitting video, databases, and voice communications. Around 200
officials from local public safety agencies will be able to connect to the
network during the trial period. The system will be used for disaster
response as well as for day-to-day tasks such as crime scene investigation
and distributing photos of missing children. The system will be deployed and
maintained by Motorola.
- http://www.washingtonpost.com/wp-dyn/articles/A38246-2004Feb12.html
- Title: Red Hat unveils Linux security
upgrades
- Source: vnunet.com
- Date Written: February 16, 2004
- Date Collected: February 16, 2004
- Linux distributor Red Hat is enhancing the security model of its Red Hat
Enterprise Linux 4.0, due for release sometime in 2005, to include support
for SE-Linux (Security Enhanced Linux), a project funded by the National
Security Agency to add multi-level security to the operating system. The
Linux community has stepped up its efforts to strengthen Linux security in
light of the recent security issues surrounding Windows, such as the MyDoom
worm attacks. Red Hat's chief technology officer Michael Tiemann says
SE-Linux will be the default security policy of the next version of the
Fedora open source project. Much of the code for SE-Linux has been added to
the upcoming version 2.6 of the Linux kernel, according to Linux creator
Linus Torvalds.
- http://www.vnunet.com/News/1152793
- Title: PC security kit achieves
certification
- Source: vnunet.com
- Date Written: February 16, 2004
- Date Collected: February 16, 2004
- Pointsec Mobile Technologies has announced that it has achieved
Assurance Level 4 under the Common Criteria--the highest classification
available for commercial products--for its Pointsec for PC security tool.
The Common Criteria are an internationally recognized security validation,
required for products used within many government agencies. Common Criteria
participants include such countries as the United States, the United
Kingdom, Germany, France, Canada, and the Netherlands. Pointsec for PC
encrypts all files on a Windows machine and enforces password access to the
files. Pointsec is only available under a volume license, starting at £8,500
($16,000) for one hundred users.
- http://www.vnunet.com/News/1152770
- Title: Wireless Honeypot Trickery
- Source: Security Focus
- Date Written: February 13, 2004
- Date Collected: February 16, 2004
- A technical paper from Laurent Oudot discussing the use of honeypot
technology to protect wireless environments, specifically Wi-Fi. Black hats
like to target wireless networks, since the technology is still new, and
usually weakly protected; their radio signals often open holes in otherwise
protected wired networks. Honeypots can gather data on the threats faced by
wireless networks and waste attackers' time by providing fake targets. The
article discusses how to generate fake wireless packets, architecture of
wireless honeypots, and provides practical examples of simulating networks
and access points. However, wireless honeypots suffer the same stealth
problems as their wired counterparts, requiring careful consideration when
designing a simulated network.
- http://www.securityfocus.com/infocus/1761
Vulnerabilities & Exploits
- Title: Exploit based on leaked Windows code
released
- Source: Security Focus
- Date Written: February 16, 2004
- Date Collected: February 16, 2004
- A hacker working under the name "GTA" has posted to the Full Disclosure
mailing list a proof-of-concept exploit which uses a flaw discovered in
leaked Windows source code to corrupt system memory, possibly to execute
arbitrary code. The flaw lies in the code that governs how Internet Explorer
5 and Outlook Express handle bitmap image files. A carefully constructed
bitmap can crash Outlook Express 6 for Windows XP, however, Service Pack 1
corrects the flaw. Many security experts thought the source code leak would
lead to a number of new exploits, while others were more reserved in their
judgement. Ron Gula, chief technical officer of Tenable Network Security,
notes that source code leaks in the past usually did not result in a spike
of new exploits. One anonymous security researcher noted that the fix for
the flaw comes in a Service Pack, which means machines running pirated
copies of Windows XP could be exploited against other computers.
- http://www.securityfocus.com/news/8060
- Title: ASN.1 exploit code circulating;
universal shellcode only a matter of time
- Source: SearchSecurity
- Date Written: February 16, 2004
- Date Collected: February 16, 2004
- A denial of service exploit is circulating on the Internet, designed to
use recently disclosed vulnerabilities in Microsoft's implementation of
ASN.1 to crash a Windows machine, according to a SANS (SysAdmin, Audit,
Network, Security) Institute advisory. Marc Sachs of the SANS Internet Storm
Center says the exploit appears to only work against Windows 2000
professional, but may affect XP, which uses the same code base. The denial
of service exploit uses port 445, 139, or 135 to access a computer, then
kills lsass.exe, and reboots the machine after a minute. The exploit could
serve as a base for more serious attacks, such as remote access, Trojans, or
worms.
- http://searchsecurity.techtarget.com/originalContent/0,289142,sid14_gci950665,00.html
Best Practices & Risk Management
- Title: Hackers for Hire
- Source: TechNewsWorld
- Date Written: February 13, 2004
- Date Collected: February 16, 2004
- As new cyberthreats highlight concerns about network security, many
companies are debating whether to hire former hackers to protect their
networks. Thomas Patterson, former partner for the Deloitte & Touche
Security Services Group, describes hiring ex-hackers as "placing a fox in a
henhouse," but notes that several large security companies employ hackers.
James Harrison, cofounder of Invisus, argues that while BLack Hat hackers do
more damage, their White Hat counterparts are still breaking the law. Mr.
Harrison also argues that specialists with training and certification can
better lock down a system. Some institutions, such as banks, are restricted
by regulation from hiring anyone with a criminal background. Security
consultant Gary Morse notes that consultant hackers spend most of their time
writing up documentation of security holes rather than breaking into a
system. If the threat of targeted hacks to steal data from systems grows,
companies may look upon hiring ex-hackers more favorably.
- http://www.technewsworld.com/perl/story/32847.html
Civil & Consumer Issues
- Title: SCO readies legal action against
users
- Source: vnunet.com
- Date Written: February 16, 2004
- Date Collected: February 16, 2004
- The SCO Group says it is committed to plans it announced in November
2003 to sue a Linux end-user within ninety days; SCO public relations
director Blake Stowell says the company will act by February 18, 2004. Gary
Barnett, analyst at Ovum, warns that legal action against Linux end-users
could be a risky strategy; if a judge throws out the case, SCO's licensing
program would be finished. Open Source Development Labs chief executive
Stuart Cohen expected legal action at the beginning of February, prompting
his organization to set up a legal defense fund. So far, SCO has brought no
lawsuit against end-users.
- http://www.vnunet.com/News/1152767
- Title: The Computer Ate My Vote
- Source: Wired News
- Date Written: February 16, 2004
- Date Collected: February 16, 2004
- Ben Cohen of Ben & Jerry's Ice Cream has launched "The Computer Ate
My Vote" campaign to encourage secretaries of state across the United States
to secure electronic voting machines. The campaign raised $100,000 in its
first two days of fundraising. California, Nevada, and Washington have
mandated that electronic voting machines used in those states produce a
voter-verified paper trail. Three groups of computer scientists have
outlined serious security flaws in one brand of electronic voting machine,
while voting officials in North Carolina discovered that machines from
Election Systems & Software lost 436 absentee ballots. Stanford computer
scientist David Dill launched VerifiedVoting.org to gather grassroots
support for paper audit trails on e-voting machines. Mr. Cohen plans to
present his case at the annual conference of the National Association of
Secretaries of State, to be held at the Hyatt Regency Hotel in Washington,
D.C.
- http://www.wired.com/news/business/0,1367,62294,00.html?tw=wn_tophead_3
- Title: Canadian record companies seek names in
piracy battle
- Source: The Globe and Mail
- Date Written: February 13, 2004
- Date Collected: February 16, 2004
- The Canadian Recording Industry Association (CRIA) has launched a legal
challenge to 29 users it alleges illicitly shared music files over the
Internet, but so far, Internet service providers (ISPs) are refusing to
disclose customer information on the users. Shaw Communications, as well as
Telus Corporation, Rogers Cable, Bell Canada's Sympatico unit and Quebecor's
Vidéotron Télécom have received requests for data on a number of users. Shaw
Communications plans to argue in court that obligations to its customers
under a federal privacy law that went into effect in January 2004 prevent
the company from revealing customer data. A Canadian judge may consider a
United States court ruling that found that the recording industry could not
require ISPs to disclose customer details without filing a lawsuit and
obtaining a subpoena.
- http://www.globetechnology.com/servlet/story/RTGAM.20040213.gtshawm13/BNStory/Technology
- Title: VoIP: It's not so easy to listen
in
- Source: ZDNet
- Date Written: February 13, 2004
- Date Collected: February 16, 2004
- Many VoIP (Voice over Internet Protocol) providers say they would be
willing to help law enforcement wiretap VoIP phone calls, but it may be
technologically difficult. Jeff Pulver, founder of Free World Dialup says it
might take "a few months science project" to wiretap a particular customer,
while Niklas Zennstrom, founder of Skype, says that even if they could
successfully tap into a phone conversation, the data would be encrypted. Not
only is it difficult to gather the millions of bits of data of a voice call,
there is no standardized way to pick voice calls out of the other data
traversing the Internet. Broadband providers could be required to set up
wiretapping capabilities, however, they have many of the same problems as
VoIP providers. The Federal Communications Commission (FCC) is investigating
whether VoIP can be reconfigured to provide wiretaps in accordance with the
1994 Communications Assistance for Law Enforcement Act (CALEA). Mr.
Zennstrom speculates that CALEA may need to be rewritten to address new
technologies.
- http://zdnet.com.com/2100-1103_2-5159159.html
To change your delivery preferences please go
to:
http://news.ists.dartmouth.edu/cgi-bin/change.cgi
If you wish to
stop receiving the 'Security in the News' service please go
to:
http://news.ists.dartmouth.edu/substop.html
The Institute for
Security Technology Studies (ISTS) accepts no responsibility for any error
or omissions in this e-mail. The information presented is a compilation of
material from various sources and has not been verified by staff of the
ISTS. Therefore, the ISTS cannot be made responsible for the factual
accuracy of the material presented. The ISTS is not liable for any loss or
damage arising from or in connection with the information contained in this
report. It is the responsibility of the user to evaluate the content and
usefulness of this information. References in this e-mail to any specific
commercial products, processes, or services by trade name, trademark,
manufacturer, or otherwise, does not constitute or imply endorsement,
recommendation, or favoring by the ISTS. ISTS is a research, not
operational, organization, and makes its Security in the News e-mail
available as a public service on a best-effort basis. Security in the News
will be sent out on most business days, but not all.
Institute for
Security Technology Studies
Dartmouth College
45 Lyme Road, Suite
200
Hanover, NH 03755
Tel: (603) 646 0700
E-mail:
dailyreport@ists.dartmouth.edu
|
|
|
