|
Network Security
Date Prev | Date Next |
Date Index |
Thread Index |
Author Index |
Historical
FW: Security In The News - February 20, 2004
- From: Howell, Paul
- Date: Fri Feb 20 15:12:54 2004
Security In The News
LAST UPDATED: 2/20/04
This report is
also available on the Internet at http://news.ists.dartmouth.edu/todaysnews.html
,
Cybercrime-Hacking
Phishing Scams Jump 52 Percent in One
Month
- E-Commerce
Times, 2/19/04
- Also - Government
Computer News, 2/19/04
- Also - The
Register, 2/18/04
- Also - vnunet.com,
2/18/04
Hacker invades FSU's system
- The
Tallahassee Democrat, 2/19/04
Linux servers 'attacked more often'
- ZDNet News,
2/20/04
Clampdown on 'missed call' scam
- BBC,
2/18/04
- Also - Silicon.com,
2/19/04
Hackers crash ACT poll on merger with
National
- Stuff.co.nz,
2/17/04
Scam emails imitate police
- Australian
IT, 2/17/04
- Also - PCWorld,
2/18/04
Study: Software piracy rates remain high
in Asia
- Info
World, 2/20/04
Politics-Legislation
Budget cuts curtail NIST cybersecurity
work, other programs
- Government
Executive, 2/13/04
Antipiracy law heads for EU vote
- ZDNet News,
2/19/04
Outsourcing: Danger to Privacy
- Wired
News, 2/20/04
Malware
Netsky no longer flying high
- SearchSecurity,
2/19/04
- Also - Techweb,
2/18/04
- Also - Yahoo
(AFP), 2/19/04
February Sees Record Virus Damages
- The Whir,
2/19/04
Technology
Firewall VPN sales soar
- The
Register, 2/20/04
Vulnerabilities & Exploits
Linux servers at risk from trifecta of
flaws
- C-Net News,
2/19/04
- Also - EWeek.com,
2/19/04
- Also - NewsFactor,
2/20/04
Auditor finds 'sensitive information' on
old N.C. computers
- Wilmington
Star (AP), 2/18/04
Sun combats security holes in cancelled
Cobalt line
- SearchSecurity,
2/18/04
Technical glitch hits NYMEX
- The
Globe and Mail, 2/19/04
Cisco VoIP kit open to 'snooping
attacks'
- The
Register, 2/20/04
Best Practices & Risk Management
Yankee says patching costs companies
millions
- SearchSecurity,
2/19/04
Consortium to Target Web App
Security
- EWeek.com,
2/18/04
Civil & Consumer Issues
FBI Proposes Warning On All
Entertainment, Software Products
- Information
Week, 2/19/04
- Also - C-Net
News, 2/19/04
- Also - Wired News,
2/19/04
- Also - Washington
Post (AP), 2/19/04
Microsoft to Hackers: Drop That
Code!
- EWeek.com,
2/17/04
- Also - ZDNet
News, 2/18/04
Cybercrime-Hacking
- Title: Phishing Scams Jump 52 Percent in One
Month
- Source: E-Commerce Times
- Date Written: February 19, 2004
- Date Collected: February 20, 2004
- According to a report by the Anti-Phishing Working Group (APWG), an
industry group focused on eliminating phishing scams on the Internet,
instances of this kind of Internet fraud increased by 52% from December 2003
to January 2004. The latest monthly 'Phishing Attack Trends Report' shows
that 176 new, unique attack types were reported to the APWG in January 2004
(an average of 5.7 per day), compared to 'only' 116 new phishing attacks in
December 2003. Customers of online auction service eBay were the most
frequent targets of phishing scams, followed by Citibank and America Online.
"Phishing involves the mass distribution of 'spoofed' e-mail messages with
return addresses, links and branding that appear to originate from banks,
insurance agencies, retailers or credit card companies. The bogus messages
are used to persuade recipients into divulging personal authentication data,
such as account information, credit card or social security numbers, and
PINs."
- http://www.ecommercetimes.com/perl/story/32906.html
- Also - http://www.gcn.com/vol1_no1/daily-updates/25000-1.html
- Also - http://www.theregister.co.uk/content/55/35635.html
- Also - http://www.vnunet.com/News/1152838
- Title: Hacker invades FSU's system
- Source: The Tallahassee Democrat
- Date Written: February 19, 2004
- Date Collected: February 20, 2004
- Hackers broke into several Florida State University (FSU) servers over
the weekend of February 13-15, 2004 and gained access to a file containing
passwords of about 4,000 FSU staff members. However, according to a
statement on February 18, 2004 by Larry Conrad, associate vice president for
technology integration at FSU, the passwords were encrypted and no other
user data was compromised in the attack. Mr. Conrad called the hack "pretty
sophisticated and pervasive," but would not provide details about the attack
or FSU's security measures. The incident caused some disruptions for the
affected staff members. FSU is reviewing its security policies and measures
in response to the attack.
- http://www.tallahassee.com/mld/tallahassee/7986117.htm
- Title: Linux servers 'attacked more
often'
- Source: ZDNet News
- Date Written: February 20, 2004
- Date Collected: February 20, 2004
- A survey conducted by UK-based security consultancy mi2g found that
online servers running the Linux operating system (OS) fell victim to overt
digital attacks - excluding viruses and worms - far more often in January
2004 than servers running Microsoft Corp.'s Windows OS. According to the
study, Linux servers were hit by 13,654 successful attacks (about 80% of the
total number), while Windows systems were only breached 2,005 times. The
survey found BSD (Berkley Software Distribution) and Mac OS X to be the most
secure OSs. Linux systems also topped the list of attacks against government
servers. While some would argue that the study contradicts the claim that
open source OSs are more secure than Windows systems, mi2g chairman DK Matai
interprets the results as "a lack of training and deployment expertise
rather than inherent security problems within Linux."
- http://news.zdnet.co.uk/0,39020330,39146776,00.htm
- Title: Clampdown on 'missed call' scam
- Source: BBC
- Date Written: February 18, 2004
- Date Collected: February 20, 2004
- The United Kingdom's (UK) Independent Committee for the Supervision of
Telephone Information Services (ICSTIS) has shut down two firms for their
use of a 'missed call' scam to defraud mobile phone customers. Action was
taken after the ICSTIS received hundreds of complaints from angry customers.
The companies rang mobile phones, but hung up immediately to create a missed
call message. When curious victims called back, they were charged at premium
rates and promised a prize, which they never received. ICSTIS external
affairs manager Richard Sullivan said that this type of marketing is
"entirely unsolicited" and mainly affects children and the economically
vulnerable.
- http://news.bbc.co.uk/2/hi/uk_news/3499337.stm
- Also - http://www.silicon.com/0,39024729,39118503,00.htm
- Title: Hackers crash ACT poll on merger with
National
- Source: Stuff.co.nz
- Date Written: February 17, 2004
- Date Collected: February 20, 2004
- On February 17, 2004, hackers disrupted an online poll conducted by New
Zealand's ACT party by flooding the system with thousands of bogus votes.
With support for the party having dropped to around 1% in recent weeks, ACT
was asking its supporters whether they wanted it to merge with the National
party. The attack overwhelmed the party's www.act.co.nz website and caused
it to shut down for about 40 minutes. Politically motivated cyber attacks,
such as cyber sit-ins or e-mail bombs, have become a more common part of the
political landscape in recent years as more political activity moves online.
- http://www.stuff.co.nz/stuff/0,2106,2817596a10,00.html
- Title: Scam emails imitate police
- Source: Australian IT
- Date Written: February 17, 2004
- Date Collected: February 20, 2004
- Two new e-mail scams, aimed at obtaining user banking and personal
information, turned up in Australia this week. The Australian High Tech
Crime Centre warned the public of an e-mail claiming to be from federal
police that installs a keystroke logger on victims' machines. The second
message, a typical 'phishing' scam, targeted customers of the National
Australia Bank (NAB) in an attempt to collect their banking details. This is
the fourth time that NAB customers have been hit by this kind of scam in the
past year.
- http://australianit.news.com.au/articles/0,7204,8707873^15319^^nbv^15306,00.html
- Also - http://www.pcworld.idg.com.au/index.php?id=1041815809&fp=2&f%20pid=1
- Title: Study: Software piracy rates remain high
in Asia
- Source: Info World
- Date Written: February 20, 2004
- Date Collected: February 20, 2004
- The latest figures from the International Intellectual Property Alliance
(IIPA), released as part of an annual review process under US trade law,
show that piracy of entertainment software is still widespread in Asia, but
headway is being made in some states. The IIPA estimates that losses in 2003
due to piracy of entertainment software will reach $1.19 billion in China,
India, South Korea and Taiwan. China remains a huge problem, with 96% of
China's software pirated, but piracy losses dropped significantly from the
previous year in South Korea (by 35%) and Taiwan (by 56%). The US Trade
Representative (USTR) monitors software piracy and has the option to impose
trade sanctions on the most serious offenders. China is currently on its own
in the highest watch category, followed by India, Indonesia, Philippines,
South Korea, Taiwan and Thailand on the next watch list.
- http://www.infoworld.com/article/04/02/20/HNstudypiracy_1.html
Politics-Legislation
- Title: Budget cuts curtail NIST cybersecurity
work, other programs
- Source: Government Executive
- Date Written: February 13, 2004
- Date Collected: February 20, 2004
- The National Institute of Standards and Technology's (NIST) acting chief
of staff Mat Heyman has warned that a proposed $22 million budget cut for
the agency in fiscal 2004 would force NIST to cut back on its cybersecurity
projects, stop all activities under the Help America Vote Act and seriously
curtail efforts under the Manufacturing Extension Partnership (MEP). NIST
currently does important work to secure utility control systems and has
played a "prominent role in helping state and local election officials
implement new voting systems." Under the budget cuts, these efforts, along
with the MEP, would have to be significantly scaled back or halted. Members
of the House Science Committee are unhappy with the proposed cuts and are
looking for ways to mitigate them.
- http://www.govexec.com/dailyfed/0204/021304tdpm1.htm
- Title: Antipiracy law heads for EU vote
- Source: ZDNet News
- Date Written: February 19, 2004
- Date Collected: February 20, 2004
- The European Parliament is scheduled to vote next week on the
Intellectual Property Rights Enforcement Directive (IPRED), a controversial
new law that would give law enforcement agencies greater powers to crack
down on acts of copyright infringement. Supporters of the directive argue
that it is designed to bolster the fight against organized piracy and
counterfeiting in the European Union (EU). Opponents, such as the Foundation
for a Free Information Infrastructure (FFII), say that the law gives too
much power to copyright holders and could result in legal action against
minor infringers, including individual online file-sharers. A compromise
could be possible on how member states define the scope of the directive.
- http://zdnet.com.com/2100-1104_2-5161981.html
- Title: Outsourcing: Danger to Privacy
- Source: Wired News
- Date Written: February 20, 2004
- Date Collected: February 20, 2004
- Senator Dianne Feinstein (D-California) has sent a letter to the chief
executive officers (CEOs) of Citigroup, Bank of America, Equifax and
TransUnion, warning them that, if they don't put safeguards in place to
protect private customer information when outsourcing clerical services, she
may introduce federal legislation to do so. Many companies, particularly in
the financial services and health care industries, are planning to outsource
various clerical jobs abroad, where privacy abuses could be beyond the reach
of US laws and law enforcement. California Democratic state Senator Liz
Figueroa is considering state legislation to prohibit California hospitals
from outsourcing clerical work abroad and "make it easy for Californians who
have had their privacy violated by an overseas contractor to sue the
American hiring party here."
- http://www.wired.com/news/business/0,1367,62356,00.html
Malware
- Title: Netsky no longer flying high
- Source: SearchSecurity
- Date Written: February 19, 2004
- Date Collected: February 20, 2004
- Anti-virus experts say that the spread of the two latest e-mail worms to
hit the Internet, Bagle.B and Netsky.B, appeared to be slowing on February
19, 2004. Both worms were rated as 'medium' threats by most security firms
and both peaked around February 18, 2004. Bagle.B, which spreads via e-mail
and installs a backdoor on infected machines, is scheduled to stop
propagating itself on February 25, 2004. Netsky.B spreads via e-mail and
network shares. The worm was not particularly sophisticated and most users
have protected themselves against infection.
- http://searchsecurity.techtarget.com/originalContent/0,289142,sid14_gci951313,00.html
- Also - http://www.techweb.com/wire/story/TWB20040218S0009
- Also - http://story.news.yahoo.com/news?tmpl=story&cid=1510&ncid=1510&e=1&u=/afp/20040219/tc_afp/internet_virus_040219192146
- Title: February Sees Record Virus
Damages
- Source: The Whir
- Date Written: February 19, 2004
- Date Collected: February 20, 2004
- According to UK-based security consultancy mi2g's Intelligence Unit,
February 2004 will be the "worst month ever for malware proliferation." The
organization expects that economic damage caused by viruses and worms this
month will be between $43.8 billion and $53.6 billion worldwide, with the
MyDoom virus and its variants, as well as Bagle, Mimail and Dumaru leading
the list of new offenders. mi2g measures economic damage in terms of "loss
of business, bandwidth clogging, productivity erosion, management time
reallocation and cost of recovery," but some experts believe the company's
figures are inflated.
- http://thewhir.com/marketwatch/feb021904.cfm
Technology
- Title: Firewall VPN sales soar
- Source: The Register
- Date Written: February 20, 2004
- Date Collected: February 20, 2004
- A study by market analysts Datamonitor predicts that global spending on
firewall and virtual private network (VPN) technology will rise dramatically
in the coming years and could reach $6 billion by 2007. According to
Datamonitor's report, 'Firewall and VPN solutions', governments, utilities
and pharmaceutical companies will lead investments in security solutions.
The study also found that Secure Socket Layer (SSL) VPNs will be the fastest
growing segment of the market, with enterprise investment in this area
likely to grow 74% a year between 2003 and 2007 as organizations have to
accommodate the growing number of remote workers.
- http://www.theregister.co.uk/content/5/35708.html
Vulnerabilities & Exploits
- Title: Linux servers at risk from trifecta of
flaws
- Source: C-Net News
- Date Written: February 19, 2004
- Date Collected: February 20, 2004
- More details have become available about new security vulnerabilities in
the Linux kernel. It had initially been reported that a serious flaw existed
in version 2.4 of the Linux kernel. The latest reports show that Linux
servers and workstations are actually at risk from three different
vulnerabilities that could allow a malicious attacker to take control of a
system or cause a denial of service. Two of the flaws, discovered by Polish
security company iSEC Security Research, were found in Linux's virtual
memory kernel subsystem, while the third vulnerability "affects the module
for the kernel that supports ATI Technologies' Rage 128-bit video card." New
versions of the kernel, Linux 2.4.25 and 2.6.3, have been released and users
are urged to upgrade as soon as possible. Major Linux distributors have also
released patches for the flaws.
- http://news.com.com/2100-1002_3-5162055.html
- Also - http://www.eweek.com/article2/0,4149,1530811,00.asp?kc=EWRSS03119TX1K0000594
- Also - http://www.newsfactor.com/story.xhtml?story_title=Linux_Vendors_Warn_of_Flaws&story_id=23215&category=netsecurity
- Title: Auditor finds 'sensitive information' on
old N.C. computers
- Source: Wilmington Star (AP)
- Date Written: February 18, 2004
- Date Collected: February 20, 2004
- A review by North Carolina's State Auditor of state government computers
designated for sale to the public found that over one third still contained
sensitive and personal information, such as Social Security numbers, bank
details and agency passwords. The audit, released on February 18, 2004,
looked at a random sample of computers sent to the Surplus Property Agency
in October and November 2003. It found that state government agencies were
not complying properly with rules requiring them to erase information from
computer hard drives before re-selling them. The findings have raised
concerns about privacy abuse and identity theft. The state's General
Assembly, the courts and various executive branch agencies were among the
culprits.
- http://www.wilmingtonstar.com/apps/pbcs.dll/article?AID=/20040218/APN/402180853&cachetime=5
- Title: Sun combats security holes in cancelled
Cobalt line
- Source: SearchSecurity
- Date Written: February 18, 2004
- Date Collected: February 20, 2004
- Sun Microsystems has issued warnings and updates for a variety of
vulnerabilities in its line of Cobalt appliance servers. Sun is no longer
selling the Cobalt line of servers, but still provides software updates for
existing customers. The latest flaws - a heap-based buffer overflow in
rsync, a fault in gnupg, an integer overflow in the ls program in the
fileutils or coreutils packages, and a vulnerability in IPtables on RaQ 550
- could allow a malicious attacker to crack private keys, expose
confidential data, spoof identities, escalate privileges, execute arbitrary
code or cause a denial of service, among other things. Affected users are
urged to apply fixes expeditiously.
- http://searchsecurity.techtarget.com/originalContent/0,289142,sid14_gci950995,00.html?track=NL-358
- Title: Technical glitch hits NYMEX
- Source: The Globe and Mail
- Date Written: February 19, 2004
- Date Collected: February 20, 2004
- A "technical problem" disrupted trading at the New York Mercantile
Exchange (NYMEX), the world's biggest energy exchange, on February 19, 2004.
The problem first halted trading for half an hour at 11:30 a.m. Trading
later resumed, but ceased for the day at 12:45 p.m. The NYMEX did not
provide any details about the nature of the problem, but wire services
linked the incident to an upgrade to the floor operation computer system
carried out last weekend.
- http://www.globeandmail.com/servlet/story/RTGAM.20040219.wnymex0219/BNStory/Business
- Title: Cisco VoIP kit open to 'snooping
attacks'
- Source: The Register
- Date Written: February 20, 2004
- Date Collected: February 20, 2004
- Tests conducted by pen testing company Secure Test on its own
voice-over-Internet protocol (VoIP) network have revealed "serious security
concerns with widely-used Internet telephony equipment from networking giant
Cisco." Specifically, the test found flaws in Cisco 7900 VoIP phones and
Cisco 1760 VoIP routers, which could put the phones at risk from denial of
service (DoS) and data interception attacks and allow the routers to be
crashed. It is unclear whether Cisco has already addressed the issue. A
posting on mailing list BugTraq claims that the flaws have been fixed with
an upgrade to Cisco's VoIP server software, Cisco Call Manager Release
3.3(3). Secure Test disputes this. Either way, VoIP networks are often hard
to secure properly, even if Internet telephony is only deployed over
relatively secure corporate networks.
- http://www.theregister.co.uk/content/55/35716.html
Best Practices & Risk Management
- Title: Yankee says patching costs companies
millions
- Source: SearchSecurity
- Date Written: February 19, 2004
- Date Collected: February 20, 2004
- A new survey of more than 400 decision makers at medium to large
companies conducted by The Yankee Group found that costs of patching systems
to protect them against the growing number of software vulnerabilities have
become "astronomical," leading some businesses to apply patches only monthly
or quarterly. According to Yankee Group analyst Phebe Waterfield, the cost
of patching 5,000 desktops is over $1 million, or about $254 per machine.
Based on those numbers, an enterprise with 5,000 desktops would have to
spend $40 million to apply all 40 desktop-related security patches that
Microsoft released between January 2003 and January 2004. The spiraling
costs for patching systems have led some companies to hold off installing
new patches until multiple patches or service packs are available.
- http://searchsecurity.techtarget.com/originalContent/0,289142,sid14_gci951006,00.html
- Title: Consortium to Target Web App
Security
- Source: EWeek.com
- Date Written: February 18, 2004
- Date Collected: February 20, 2004
- A group of vendors plans to announce the creation of the Web Application
Security Consortium at next week's RSA Conference in San Francisco. The
consortium's goal will be to establish standards for classification and
product development in the field of web application security. Among other
things, the consortium will develop a classification system for application
security vulnerabilities, attacks and other threats, and establish best
practices and guidelines for secure coding and independent security reviews.
Application Security Inc., KaVaDo Inc., Sanctum Inc., SPI Dynamics Inc. and
WhiteHat Security Inc. are among the consortium's founding members.
- http://www.eweek.com/article2/0,4149,1529596,00.asp
Civil & Consumer Issues
- Title: FBI Proposes Warning On All
Entertainment, Software Products
- Source: Information Week
- Date Written: February 19, 2004
- Date Collected: February 20, 2004
- At a press conference in Los Angeles on February 19, 2004, Jana Monroe,
assistant director of the FBI's Cyber Division, announced that the FBI will
place an anti-piracy seal on movies, music and computer software, warning
that criminal copyright infringement is punishable by up to five years in
prison and a fine of $250,000. Ms. Monroe was accompanied by representatives
from the Motion Picture Association of America (MPAA), the Recording
Industry Association of America (RIAA), the Software and Information
Industry Association (SIIA), and the Entertainment Software Association
(ESA), who are all involved in this crackdown against copyright
infringement. Technological advances have made piracy a growing problem
costing the entertainment and software industries billions of dollars every
year. The latest campaign is meant to educate users about copyrights, deter
piracy and make prosecution of offenders easier.
- http://www.informationweek.com/story/showArticle.jhtmljsessionid=BJ30AIU0U3Z0EQSNDBGCKHY?articleID=17701593
- Also - http://news.com.com/2100-1025_3-5161871.html
- Also - http://www.wired.com/news/digiwood/0,1412,62335,00.html
- Also - http://www.washingtonpost.com/wp-dyn/articles/A55402-2004Feb19.html
- Title: Microsoft to Hackers: Drop That
Code!
- Source: EWeek.com
- Date Written: February 17, 2004
- Date Collected: February 20, 2004
- Microsoft Corp. spokesman Tom Pilla, on February 17, 2004, confirmed
that the software giant has sent out cease-and-desist notices to an
unspecified number of people found to be sharing Microsoft source code on
the Internet. Source code from Windows NT 4.0 and Windows 2000 has been
available since last week and has been shared widely online, mainly through
peer-to-peer (P2P) networks. It appears that Microsoft has identified some
of the people sharing its code and has sent them letters warning that their
actions are illegal and may result in "severe civil and criminal penalties."
According to a Dutch website, Microsoft's notice urges people to stop
sharing the source code, destroy copies of the code and inform Microsoft
where they got access to the source code.
- http://www.eweek.com/article2/0,4149,1528843,00.asp
- Also - http://zdnet.com.com/2100-1105_2-5161205.html
To change your delivery preferences please go
to:
http://news.ists.dartmouth.edu/cgi-bin/change.cgi
If you wish to
stop receiving the 'Security in the News' service please go
to:
http://news.ists.dartmouth.edu/substop.html
The Institute for
Security Technology Studies (ISTS) accepts no responsibility for any error
or omissions in this e-mail. The information presented is a compilation of
material from various sources and has not been verified by staff of the
ISTS. Therefore, the ISTS cannot be made responsible for the factual
accuracy of the material presented. The ISTS is not liable for any loss or
damage arising from or in connection with the information contained in this
report. It is the responsibility of the user to evaluate the content and
usefulness of this information. References in this e-mail to any specific
commercial products, processes, or services by trade name, trademark,
manufacturer, or otherwise, does not constitute or imply endorsement,
recommendation, or favoring by the ISTS. ISTS is a research, not
operational, organization, and makes its Security in the News e-mail
available as a public service on a best-effort basis. Security in the News
will be sent out on most business days, but not all.
Institute for
Security Technology Studies
Dartmouth College
45 Lyme Road, Suite
200
Hanover, NH 03755
Tel: (603) 646 0700
E-mail:
dailyreport@ists.dartmouth.edu
|
|
|
