|
Network Security
Date Prev | Date Next |
Date Index |
Thread Index |
Author Index |
Historical
FW: Security In The News - February 17, 2004
- From: Howell, Paul
- Date: Wed Feb 18 06:40:25 2004
Title: Message
Security In The News
LAST UPDATED: 2/17/04
This report is
also available on the Internet at http://news.ists.dartmouth.edu/todaysnews.html
,
Cybercrime-Hacking
Woodbine hacker regrets his 'evil'
actions
- The
Globe and Mail, 2/17/04
Politics-Legislation
Lawmakers call for suspension of new
passenger screening system
- Government
Executive, 2/13/04
Malware
Code for MSBlast variant posted online
- ZDNet
UK, 2/17/04
New Bagle Virus Gaining Momentum
- EWeek.com,
2/17/04
- Also - sophos virus info,
2/17/04
Technology
Forum delivers XML firewall
- InfoWorld,
2/16/04
IBM pushes on with 'self-healing'
systems
- Silicon.com,
2/17/04
Germany Uses Text Messages to Fight
Crime
- SiliconValley.com,
2/16/04
State's new technology gathers information
to find tax cheats
- The
Boston Globe, 2/15/04
Vulnerabilities & Exploits
Bluetooth phone hacking tools 'spreading
quickly'
- Silicon.com,
2/17/04
Best Practices & Risk Management
Disaster recovery plans not up to
scratch
- vnunet.com, 2/17/04
- Also - Silicon.com,
2/16/04
Civil & Consumer Issues
German airport begins biometric
checking
- Silicon.com,
2/16/04
E-voting controversy in Ireland
- news.com.au,
2/17/04
Record Industry Sues 531 More
File-Sharers
- Reuters,
2/17/04
Cybercrime-Hacking
- Title: Woodbine hacker regrets his 'evil'
actions
- Source: The Globe and Mail
- Date Written: February 17, 2004
- Date Collected: February 17, 2004
- Ken Hornick, a former employee of Woodbine Entertainment Group (WEG), has
sent an e-mail to WEG's senior vice-president of racing, Hugh Mitchell,
apologizing for his "evil" act of breaking into Mr. Mitchell's e-mail. One of
Mr. Mitchell's e-mails was introduced as evidence in a hearing of the Ontario
Racing Commission regarding horse trainer Bill Robinson. Mr. Robinson's
lawyer, Arlen Sternberg, quoted the e-mail as describing Mr. Robinson as "a
creep and a jerk with serious mental problems." Mr. Mitchell denies using
those words or holding that viewpoint. WEG president David Willmot notes that
the e-mail presents two issues: how the e-mail was obtained and whether it had
been altered. Mr. Hornick says he used passwords he found on a slip of paper
to access the e-mail, but did not alter it, though he says the quote is not
Mr. Mitchell's.
- http://www.globetechnology.com/servlet/story/RTGAM.20040217.gtharness17/BNStory/Technology
Politics-Legislation
- Title: Lawmakers call for suspension of new
passenger screening system
- Source: Government Executive
- Date Written: February 13, 2004
- Date Collected: February 17, 2004
- A bipartisan group of twenty-two lawmakers, led by Representative Dennis
Kucinich (D-Ohio), have signed a letter to David Stone, acting director of the
Transportation Security Administration, arguing that the controversial
Computer Assisted Passenger Pre-Screening System (CAPPS) II should be
suspended indefinitely. The letter comes after the General Accounting Office
(GAO) released a report finding that the project fails to meet seven out of
eight congressional requirements, including countermeasures against identity
theft and privacy abuses. The letter argued that the benefit gained by CAPPS
II would be less than the cost in civil liberties. The Department of Homeland
Security (DHS) issued a factsheet in defense of the system, outlining what
data would be collected on airline passengers, checked against terrorist watch
lists, and used to assign a color-coded risk assessment. DHS Chief Privacy
Officer Nuala O'Connor Kelly plans to issue a privacy impact statement by
March 2004.
- http://www.govexec.com/dailyfed/0204/021304c1.htm
Malware
- Title: Code for MSBlast variant posted
online
- Source: ZDNet UK
- Date Written: February 17, 2004
- Date Collected: February 17, 2004
- A French website has posted exploit code for a critical vulnerability
affecting Windows XP, NT, 2000, and Server 2003, only four days after
Microsoft released a patch for the flaw on February 10, 2004. Microsoft urged
users to apply the patch quickly, since it could be used to develop a worm
similar to MS-Blast. According to Jay Heiser, chief analyst at TruSecure, the
code circulating on the Web contains a payload for a distributed denial of
service attack, but since it exploits a buffer overflow, can be used to
engineer a more sophisticated attack. Computers that apply the patch should
not be affected, but enough unpatched computers can cause havoc for the
Internet as a whole.
- http://news.zdnet.co.uk/internet/security/0,39020375,39146606,00.htm
- Title: New Bagle Virus Gaining Momentum
- Source: EWeek.com
- Date Written: February 17, 2004
- Date Collected: February 17, 2004
- Antivirus companies report that a new variant of the Bagle worm, Bagle.B,
is circulating on the Internet. Bagle.B is a mass-mailer worm which includes a
component to let the worm's author know, via HTTP (hypertext transfer
protocol), every time a new computer is infected. The worm comes in an e-mail
with the subject "ID" followed by random characters, with the text "Yours ID"
followed by random characters. The e-mail carries an attachment with a .exe
file with a randomly generated name. The file, when run, mails itself to all
the e-mail addresses found on the hard drive and opens port 8866 for remote
access.
- http://www.eweek.com/article2/0,4149,1528349,00.asp?kc=EWRSS03119TX1K0000594
- Also - http://www.sophos.com/virusinfo/articles/bagelb.html
Technology
- Title: Forum delivers XML firewall
- Source: InfoWorld
- Date Written: February 16, 2004
- Date Collected: February 17, 2004
- Forum Systems will unveil XWall, its XML firewall, at the DEMO 2004
conference. As web services gain more users, malicious traffic will
increasingly bypass most firewalls and target open HTTP (hypertext transfer
protocol) ports, embedding malicious code in SOAP (Simple Object Access
Protocol) and XML (Extensible Markup Language) messages. According to Weston
Swenson, chief executive of Forum Systems, trust management has already been
addressed, but not threat protection; WSDL (Web Services Description Language)
documents describe network services to trusted partners, but an attacker could
use a partner's access to trusted WSDL documents to insert malware into web
services packets. XWall covers a number of known threats, and comes with
policies against them.
- http://www.infoworld.com/article/04/02/16/07NNforum_1.html
- Title: IBM pushes on with 'self-healing'
systems
- Source: Silicon.com
- Date Written: February 17, 2004
- Date Collected: February 17, 2004
- IBM has released the open source Autonomic Tool Kit to help developers
include autonomic, or self-managing, capabilities into their applications. IBM
previously released autonomic software on it AlphaWorks research site; the new
tool kit, however, is being released on the DeveloperWorks website, making it
a fully tested and supported software. The tool kit is currently a free add-on
for IBM's Eclipse development environment, though IBM may decide to charge for
it in the future. IBM is pushing a number of technologies and common data
formats to the Organization for the Advancement of Structured Information
Standards (OASIS) as standards for computers that can monitor their programs
and resolve their own glitches. "A lot of autonomic computing is bringing
industry accepted standards into alignment and deciding how to work with these
technologies," says IBM's director of autonomic computing David Bartlett.
- http://www.silicon.com/hardware/servers/0,39024647,39118437,00.htm
- Title: Germany Uses Text Messages to Fight
Crime
- Source: SiliconValley.com
- Date Written: February 16, 2004
- Date Collected: February 17, 2004
- German police have launched an SMS (Simple Message Service) program to
distribute information on fugitives and missing persons. People can sign up
for the free message service to receive information on such persons believed
to be in the subscriber's city or area. Police hope that bus, taxi, and
streetcar drivers will choose to subscribe, since they are in a unique
position to monitor the streets. Eleven police districts have been using the
system since September 2002, and it has now been approved by Interior minister
Otto Schily for national use.
- http://www.siliconvalley.com/mld/siliconvalley/news/7965775.htm
- Title: State's new technology gathers information
to find tax cheats
- Source: The Boston Globe
- Date Written: February 15, 2004
- Date Collected: February 17, 2004
- The Massachusetts Revenue Department has launched Discovery, a system
tying together information from over a dozen public databases to make sure
state taxpayers are paying the correct amount. So far, according to Revenue
Department Commissioner Alan LeBovidge, the system has cost $3 million,
generated $43 million in new revenues, and $6 million in refunds to
individuals who overpaid. The system can access a Customs database to make
sure individuals pay use tax on items purchased abroad, or Registry of Motor
Vehicles records to compare the cost of a car with reported income.
Eventually, the state will begin using private databases, such as a Dun &
Bradstreet database tracking business activity, to catch corporate tax fraud.
Mr. LeBovidge describes the project as in its embryonic stage, and expects the
project to grow as it becomes more efficient at collecting taxes.
- http://www.boston.com/business/taxes/articles/2004/02/15/states_new_technology_gathers_information_to_find_tax_cheats
Vulnerabilities & Exploits
- Title: Bluetooth phone hacking tools 'spreading
quickly'
- Source: Silicon.com
- Date Written: February 17, 2004
- Date Collected: February 17, 2004
- British Member of Parliament Tom Watson (Labor - West Bromich East) has
called on mobile phone manufacturers to fix recently discovered
vulnerabilities in Bluetooth-enabled phones that would allow "bluesnarfing"
attacks. Bluesnarfing is a method for stealing the contents of a mobile
phone's memory over a Bluetooth connection. Nokia and Sony Ericsson have
admitted their phones carry the vulnerabilities; Sony Ericsson is addressing
the problem, however, Nokia considers the flaws not serious enough to warrant
a fix. Mark Rowe, security consultant for Pentest, notes that the number of
people learning the attack and the number of tools available online are
growing. The flaw lies in the object exchange (OBEX) protocol, whose design
does not include authentication. While this allows people to easily beam
business cards to each other, it also means files can be transfered without
permission.
- http://www.silicon.com/networks/mobile/0,39024665,39118440,00.htm
Best Practices & Risk Management
- Title: Disaster recovery plans not up to
scratch
- Source: vnunet.com
- Date Written: February 17, 2004
- Date Collected: February 17, 2004
- According to the United Kingdom's Department of Trade and Industry
biennial Information Security Breaches Survey for 2004, UK businesses have
inadequate disaster recovery plans. 95% of companies have data backup
facilities, but a third store backup tapes on site, while less than 20% backup
desktops. Only 8% have tested their recovery plans. Two thirds report
suffering an incident in the last year requiring them to restore data from
backup copies; 88% found it easy to justify the cost of data backup and
recovery. The survey polled 1,000 UK companies and was led by
PricewaterhouseCoopers.
- http://www.vnunet.com/News/1152819
- Also - http://www.silicon.com/software/security/0,39024655,39118420,00.htm
Civil & Consumer Issues
- Title: German airport begins biometric
checking
- Source: Silicon.com
- Date Written: February 16, 2004
- Date Collected: February 17, 2004
- Lufthansa Airlines is launching a six month pilot project at the Frankfurt
airport involving eighteen countries to collect iris scans and passport data
in an effort to replace conventional identity checks at airport immigration
counters. During the first six months, Lufthansa will target Swiss and
European Union frequent flyers for the program, then launch it full-scale if
successful. Airlines have looked for stronger security measures since the
September 11 terrorist attacks, and settled on iris scans for identification,
since iris patterns are more difficult to fake than fingerprints and other
biometric data. The system is being implemented by Byometric Systems and Oki
Electric Industry.
- http://www.silicon.com/research/specialreports/protectingid/0,3800002220,39118396,00.htm
- Title: E-voting controversy in Ireland
- Source: news.com.au
- Date Written: February 17, 2004
- Date Collected: February 17, 2004
- Controversy surrounds Ireland's switch to electronic voting machines in
time for the June 2004 elections for the European Parliament as some question
their reliability. Irish Minister for the Environment Martin Cullen, whose
responsibilities include elections, says the machines will make elections more
accurate, since it will eliminate votes from being thrown out for such reasons
as poor handwriting, improper stamping, and numbering mistakes. However, the
opposition Fine Gael Party, which originally supported the switch, says the
government has failed to answer a list of 41 security questions from
information technology experts. Some critics have called for electronic votes
to be backed up on paper to prevent fraud, a measure the government has
rejected as expensive and unnecessary.
- http://news.com.au/common/story_page/0,4057,8696999^15322,00.html
- Title: Record Industry Sues 531 More
File-Sharers
- Source: Reuters
- Date Written: February 17, 2004
- Date Collected: February 17, 2004
- The Recording Industry Association of America (RIAA) has sued 531 more
file-sharers as of February 17, 2004, adding to the 333 the trade group sued
in January. The 864 suits are so-called John Doe suits, since a federal court
ruled in December that the RIAA can longer force Internet service providers
(ISPs) to hand over the names associated with Internet addresses. The RIAA has
begun seeking court-issued subpoenas to obtain the names from ISPs. The RIAA
argues that illegal online file trading is responsible for a three year slump
in compact disc sales.
- http://www.reuters.com/newsArticle.jhtml?type=internetNews&storyID=4377024
To change your delivery preferences please go
to:
http://news.ists.dartmouth.edu/cgi-bin/change.cgi
If you wish to
stop receiving the 'Security in the News' service please go
to:
http://news.ists.dartmouth.edu/substop.html
The Institute for
Security Technology Studies (ISTS) accepts no responsibility for any error or
omissions in this e-mail. The information presented is a compilation of
material from various sources and has not been verified by staff of the ISTS.
Therefore, the ISTS cannot be made responsible for the factual accuracy of the
material presented. The ISTS is not liable for any loss or damage arising from
or in connection with the information contained in this report. It is the
responsibility of the user to evaluate the content and usefulness of this
information. References in this e-mail to any specific commercial products,
processes, or services by trade name, trademark, manufacturer, or otherwise,
does not constitute or imply endorsement, recommendation, or favoring by the
ISTS. ISTS is a research, not operational, organization, and makes its
Security in the News e-mail available as a public service on a best-effort
basis. Security in the News will be sent out on most business days, but not
all.
Institute for Security Technology Studies
Dartmouth
College
45 Lyme Road, Suite 200
Hanover, NH 03755
Tel: (603) 646
0700
E-mail: dailyreport@ists.dartmouth.edu
|
|
|
