|
Network Security
Date Prev | Date Next |
Date Index |
Thread Index |
Author Index |
Historical
FW: Security In The News - February 24, 2004
- From: Howell, Paul
- Date: Wed Feb 25 08:12:59 2004
Security In The News
LAST UPDATED: 2/24/04
This report is
also available on the Internet at http://news.ists.dartmouth.edu/todaysnews.html
,
Cybercrime-Hacking
Ex-ViewSonic employee sentenced to one
year
- news.com.com,
2/23/04
Waiters face fraud charges
- Mercury
News, 2/22/04
Web bookmakers tool up against blackmail
hack attacks
- ZDNet UK,
2/23/04
Trojans as spam robots: the evidence
- The
Register, 2/22/04
Softbank helps police arrest 3 hi-tech
extortionists
- Mainichi
Shimbun, 2/24/04
DHS will launch emergency net and
security-tracking database
- Government
Computer News, 2/24/04
Malware
New Global Epidemic ICQ Worm Harvests
Financial Info
- Techweb,
2/24/04
Technology
Mobile Carriers Provide Handsets for
Security
- The
Korea Times, 2/23/04
RSA Keeps RFID Private
- EWeek.com,
2/23/04
HP aims to throttle Net threats
- news.com.com,
2/23/04
- Also - Internet
News, 2/24/04
IE plug-in enables secure-document
viewing
- news.com.com,
2/23/04
Wi-Fi Leaders Want to Zap Beijing's
WAPI
- Internet
News, 2/24/04
Gates: 'Everything' impacted by security
concerns
- ZDNet, 2/24/04
Microsoft, RSA Tie Up to Boost Security
of Windows
- Reuters,
2/24/04
Vulnerabilities & Exploits
Will IM be the next security
culprit?
- news.com.com,
2/24/04
Civil & Consumer Issues
FBI Shutters Web Host
- Carrier
Hotels, 2/19/04
Cybercrime-Hacking
- Title: Ex-ViewSonic employee sentenced to one
year
- Source: news.com.com
- Date Written: February 23, 2004
- Date Collected: February 24, 2004
- Andy Garcia, 39, has been sentenced to one year imprisonment by a US
federal court for breaking into the servers of monitor-maker ViewSonic, his
former employer. In April 2002, Mr. Garcia was fired from ViewSonic; two
weeks later, he used another employee's password to access ViewSonic's
systems and delete critical files, causing ViewSonic's Taiwan offices to
lose access to key servers for several days. Mr. Garcia pled guilty to the
break-in in October 2003.
- http://news.com.com/2110-1003-5163743.html
- Title: Waiters face fraud charges
- Source: Mercury News
- Date Written: February 22, 2004
- Date Collected: February 24, 2004
- Police in San Jose have arrested several waitresses and accomplices
involved in a credit card fraud ring. Ringleaders recruited food servers,
often while they worked waiting tables, to swipe credit card data from
restaurant customers. One accused waitress, Luzita Cady, said she was
recruited shortly after her father died and she was having money problems.
Ms. Cady was offered $10 for every credit card she swiped through a black
box her recruiter gave her. The box was small enough to hide under her
apron; Ms. Cady says she swiped fifteen cards a night. Diedre Grace reports
that two of her codefendants recruited her, paying her $1,000 for a hundred
cards. Ms. Grace met with them every week so they could download card data
from the device and pay her. The scam is estimated to have cost credit card
companies $200,000 in purchases at retail stores, which police believe were
later sold over the Internet.
- http://www.mercurynews.com/mld/mercurynews/2004/02/22/news/local/8014003.htm
- Title: Web bookmakers tool up against blackmail
hack attacks
- Source: ZDNet UK
- Date Written: February 23, 2004
- Date Collected: February 24, 2004
- British online betting houses receive increased extortion threats just
before major sporting events, such as American football's Super Bowl and the
Grand National horse race. Organized crime groups threaten to bring down
bookmakers' servers with a distributed denial of service (DDoS) attack
unless the bookie pays up. A spokesman for online betting site Betfair
acknowledged that such threats are a major issue for the industry, making
protection against DDoS attacks a top security priority. Analysts estimate
the online betting market to be worth £3 billion ($5.6 billion) a year.
Downtime during a major sporting event can cost a site customers and bets;
the Grand National, for example, attracts £100 million ($189 million) in
bets for Betfair.
- http://news.zdnet.co.uk/0,39020330,39147278,00.htm
- Title: Trojans as spam robots: the
evidence
- Source: The Register
- Date Written: February 22, 2004
- Date Collected: February 24, 2004
- German magazine c't says it has hard evidence that virus writers are
selling the IP (Internet Protocol) addresses of machines infected with
Trojans to spammers. A college student managed to track down the author of
the Randex Trojan, leading the c't editorial staff to purchase access to
infected computers. The Randex Trojan, after it has infected a machine,
contacts the author over IRC (Internet relay chat), and can install a proxy
server to relay spam. c't has passed its evidence on to New Scotland Yard,
leading to the arrest of several individuals. c't will publish the full
story in its February 23, 2004 issue, in German.
- http://www.theregister.co.uk/content/55/35722.html
- Title: Softbank helps police arrest 3 hi-tech
extortionists
- Source: Mainichi Shimbun
- Date Written: February 24, 2004
- Date Collected: February 24, 2004
- Police in Japan have arrested three men for attempting to extort ¥3
billion ($27.7 million) from Softbank Corporation. The three men, including
company executive Teruaki Yuasa, 61, and publisher Hiroshi Mori, managed to
obtain personal data on over 138 customers of Softbank's Yahoo BB broadband
service, and threatened to sell the data if the bank did not invest in their
"overseas project." At one point, the trio delivered a DVD they claimed held
the details of over 4.6 million customers. Police also arrested a Softbank
employee for trying to use data on 104 customers in a similar scam.
- http://mdn.mainichi.co.jp/news/20040224p2a00m0dm012001c.html
- Title: DHS will launch emergency net and
security-tracking database
- Source: Government Computer News
- Date Written: February 24, 2004
- Date Collected: February 24, 2004
- The Department of Homeland Security will deploy a unified national
emergency information network and a critical infrastructure database,
according to a speech by DHS Secretary Tom Ridge at George Washington
University. The network, developed by state agencies and the Defense
Intelligence Agency, will link together all fifty states and the
territories, as well as provide video-conferencing between governors'
offices and a means of disseminating classified data to homeland security
professionals around the country. By December 2004, DHS plans to launch a
unified database of critical infrastructures to pinpoint and monitor
vulnerabilities. The first phase of the projects, cyberconnectivity, should
be complete by June 2004.
- http://www.gcn.com/vol1_no1/daily-updates/25050-1.html
Malware
- Title: New Global Epidemic ICQ Worm Harvests
Financial Info
- Source: Techweb
- Date Written: February 24, 2004
- Date Collected: February 24, 2004
- Antivirus firm Kapersky Labs reports a new worm targeting users of the
ICQ Instant Messenger (IM). The worm, called Bizex, delivers a link over IM
to the malicious website jokeworld.biz, which exploits vulnerabilities in
Internet Explorer and Windows to infect a machine with Bizex. Bizex then
sends the jokeworld link to everyone on the infected computer's ICQ contact
list. Bizex delivers a range of payloads. One scours the computer for
payment information related to various banks and financial services. It can
also install a keylogger to intercept data transmitted over HTTPS (hypertext
transfer protocol, secure) to banking sites. The jokeworld.biz site has been
shut down, but security experts warn users to treat links they receive over
ICQ with suspicion. Kapersky Labs believes Bizex to be the first major ICQ
virus, having infected over 50,000 machines.
- http://www.techweb.com/wire/story/TWB20040224S0006
Technology
- Title: Mobile Carriers Provide Handsets for
Security
- Source: The Korea Times
- Date Written: February 23, 2004
- Date Collected: February 24, 2004
- As mobile phones become an essential part of everyday life, Korean
service providers are adding security to their handsets to help customers
protect themselves. LG Telecom offers the Aladdin service, which enables a
user to snap a picture of a dangerous situation, and with the press of a
button, send it to three preset people with location information. However,
Aladdin requires a special phone, priced at over W400,000 ($340). KTF is
offering a similar Mobile Bodyguard service, which works with current
stand-alone phones, but does not offer picture transfer. SK Telecom plans to
release a service to alert parents of young handset users when they pass
through certain areas. Jeon Sang-yong believes such security services will
become popular as telecom competition heats up.
- http://times.hankooki.com/lpage/biz/200402/kt2004022318280311860.htm
- Title: RSA Keeps RFID Private
- Source: EWeek.com
- Date Written: February 23, 2004
- Date Collected: February 24, 2004
- RSA Security plans to demonstrate its RFID (radio frequency
identification) Blocker Tag at the RSA conference in San Francisco. RFID
tags promise to streamline the supply chain at grocery stores and retail
outlets, but alarm civil libertarians and consumer advocates over privacy
rights. Theoretically, a store could read all tags on products a consumer
carries and gather data on individual consumers. RSA's Blocker Tag is a
device that prevents RFID readers from reading tags in their immediate
vicinity. The Blocker Tag, when queried by a reader, responds as if it were
all possible tags at once, confusing the reader. Such privacy protection
measures could help win consumer trust of RFID technology. Burt Kaliski,
chief scientist and director of RSA Labs, remarks "Security is an
afterthought on the Internet, and we don't want to see the same thing happen
with RFID."
- http://www.eweek.com/article2/0,4149,1536569,00.asp
- Title: HP aims to throttle Net threats
- Source: news.com.com
- Date Written: February 23, 2004
- Date Collected: February 24, 2004
- Hewlett-Packard (HP) has unveiled two new services based on biological
models to help protect networks. The first, Virus Throttler, cuts down the
spread of viruses from infected machines. In the physical world,
improvements in transportation have helped diseases spread farther and
faster--airplanes, for example, are linked to influenza outbreaks.
Researchers at HP noticed that malwares tend to spread by opening up
multiple connections. Virus Throttler monitors network connections and cuts
them if it looks like suspicious activity, slowing the spread of a virus.
The Active Countermeasures service works like a vaccine, attacking systems
with benign viruses looking for common vulnerabilities, and informing
administrators when an opening is found.
- http://news.com.com/2100-7349_3-5163633.html
- Also - http://www.internetnews.com/dev-news/article.php/3316881
- Title: IE plug-in enables secure-document
viewing
- Source: news.com.com
- Date Written: February 23, 2004
- Date Collected: February 24, 2004
- Microsoft has released a plug-in for Internet Explorer to allow users to
view documents created and protected with the latest version of Office.
Office 2003 comes with new security features to let document authors
restrict access to their documents, though a company must be running Windows
Server 2003 or Windows Rights Management to use these features. The Explorer
plug-in will let users access such files through the browser if they do not
have Office 2003.
- http://news.com.com/2110-1012-5163450.html
- Title: Wi-Fi Leaders Want to Zap Beijing's
WAPI
- Source: Internet News
- Date Written: February 24, 2004
- Date Collected: February 24, 2004
- The Wi-Fi Alliance and other industry groups representing the makers of
WI-Fi wireless products will lobby the Bush administration to consider
placing unfair trade complaints against China with the World Trade
Organization (WTO). China plans to implement its own wireless protocol,
Wired Authentication and Privacy Infrastructure (WAPI), by June 1, 2004,
requiring all wireless products in China to use the WAPI standard. WAPI does
not interoperate with 802.11 specifications. Further, China has licensed the
technology to only a few Chinese companies; foreign companies must license
WAPI from them, and are required to share their proprietary technology to
get the license. Other Asian countries. such as Taiwan, are negotiating with
the Chinese to license the WAPI standard.
- http://www.internetnews.com/wireless/article.php/3316921
- Title: Gates: 'Everything' impacted by security
concerns
- Source: ZDNet
- Date Written: February 24, 2004
- Date Collected: February 24, 2004
- Microsoft chairman Bill Gates, speaking at the RSA Conference, outlined
several new changes and security features due in the middle of 2004 in
Windows XP Service Pack 2, which Mr. Gates described as being entirely
security oriented. The service pack will provide an expanded firewall and
add pop-up blocking to Internet Explorer, as well as tighter controls on
ActiveX automatic downloads. The firewall will not only block unwanted
incoming traffic, but prevent traffic from going out to the Internet without
the user's permission. Mr. Gates also outlines a sort of "caller-ID" for
e-mail to help the fight against spam by authenticating the address of the
sender. Microsoft also plans to release software to detect the malicious
activities of viruses and other malwares.
- http://zdnet.com.com/2100-1105-5164162.html
- Title: Microsoft, RSA Tie Up to Boost Security
of Windows
- Source: Reuters
- Date Written: February 24, 2004
- Date Collected: February 24, 2004
- Microsoft and RSA Security have joined forces to build support for RSA's
SecurID authentication tokens into Windows operating systems, allowing
businesses to tighten security at the desktop. This would allow companies to
rely on a single point of authentication rather than maintain different
access points for different systems, such as expensing and Internet access.
Windows accounts for 90% of desktop computers, but does not have strong
authentication like that offered by SecurID. The new Windows authentication
should be released by the last quarter of 2004.
- http://www.reuters.com/newsArticle.jhtml?type=internetNews&storyID=4420901
Vulnerabilities & Exploits
- Title: Will IM be the next security
culprit?
- Source: news.com.com
- Date Written: February 24, 2004
- Date Collected: February 24, 2004
- Sandy Bird, chief technology officer for Q1 Labs, examines the
possibility of Instant Messaging (IM) worms. IM has become commonplace; it
is included in Windows installations by default, and portable devices, such
as phone and PDAs (personal digital assistants) also have IM technology. An
IM worm could use this to spread quickly but silently. After an IM worm
infects a computer, it can access the IM buddy list, see which buddies are
online, and pass the infection to them. It can also keep track of its
infections. This would eliminate the traffic floods that accompany other
worms. Such worms could also access user profiles and past conversations to
tailor social engineering attacks. Many organizations have banned IM traffic
from their networks, but employees can IM over HTTP (hypertext transfer
protocol) and encryption can prevent effective filtering.
- http://news.com.com/2010-7355-5163671.html?tag=nefd_gutspro
Civil & Consumer Issues
- Title: FBI Shutters Web Host
- Source: Carrier Hotels
- Date Written: February 19, 2004
- Date Collected: February 24, 2004
- Data centers might want to consider a precedent set by the Federal
Bureau of Investigation (FBI) in the search and seizure of web servers from
CIT Hosting. The FBI presented CIT Hosting with a warrant for data regarding
their IRC (Internet relay chat) service as to whether CIT systems were used
by black hats as an attack platform. CIT Hosting took several hours
inspecting the terabytes of data it hosts, trying to find the pieces the FBI
was looking for. Eventually, the FBI agents lost patience, seized all
servers, and took them to field offices for further inspection. CIT
customers can contact the FBI if they need to access files, but so far the
FBI has not given CIT Hosting a tentative date for the servers' return.
- http://www.carrierhotels.com/news/2004/Feb/19/fbi_shutters_web_host.shtml
To change your delivery preferences please go
to:
http://news.ists.dartmouth.edu/cgi-bin/change.cgi
If you wish to
stop receiving the 'Security in the News' service please go
to:
http://news.ists.dartmouth.edu/substop.html
The Institute for
Security Technology Studies (ISTS) accepts no responsibility for any error
or omissions in this e-mail. The information presented is a compilation of
material from various sources and has not been verified by staff of the
ISTS. Therefore, the ISTS cannot be made responsible for the factual
accuracy of the material presented. The ISTS is not liable for any loss or
damage arising from or in connection with the information contained in this
report. It is the responsibility of the user to evaluate the content and
usefulness of this information. References in this e-mail to any specific
commercial products, processes, or services by trade name, trademark,
manufacturer, or otherwise, does not constitute or imply endorsement,
recommendation, or favoring by the ISTS. ISTS is a research, not
operational, organization, and makes its Security in the News e-mail
available as a public service on a best-effort basis. Security in the News
will be sent out on most business days, but not all.
Institute for
Security Technology Studies
Dartmouth College
45 Lyme Road, Suite
200
Hanover, NH 03755
Tel: (603) 646 0700
E-mail:
dailyreport@ists.dartmouth.edu
|
|
|
