|
Network Security
Date Prev | Date Next |
Date Index |
Thread Index |
Author Index |
Historical
FW: Security In The News - February 27, 2004
- From: Howell, Paul
- Date: Sat Feb 28 09:16:59 2004
Title: Message
Security In The News
LAST UPDATED: 2/27/04
This report is
also available on the Internet at http://news.ists.dartmouth.edu/todaysnews.html
,
Homeland Security & Infrastructure Protection
Alleged WebTV 911 hacker charged with
cyberterrorism
- Security Focus,
2/26/04
Homeland Security unveils technology
advisory panel
- Government
Executive, 2/26/04
Senator: Information sharing is key to
thwarting cyber attacks
- ZDNet,
2/25/04
Cyber-Terrorism Warning Sounded
- LA
Times, 2/25/04
Homeland security officials downplay need
for antiterrorist center
- Government
Executive, 2/26/04
Cybercrime-Hacking
ISU student charged with hacking former
roommate's e-mail
- USA
Today (AP), 2/26/04
E-mail scam hits MBNA customers
- BBC,
2/25/04
Man Gets Prison for Trick Web Names
- Siliconvalley
(AP), 2/26/04
Politics-Legislation
Putnam drafting Clinger-Cohen
amendment
- Government
Computer News, 2/23/04
Malware
Security vendor mass-mails worm to
clients
- vnunet.com, 2/26/04
Vulnerabilities & Exploits
Hotel networks face hacker threat
- CNN,
2/25/04
Dell peers into critical security hole,
shrugs shoulders
- Techworld,
2/27/04
Vulnerability in WinZip Could Compromise
Security
- EWeek.com,
2/27/04
Civil & Consumer Issues
VeriSign sues ICANN to restore Site
Finder
- ZDNet, 2/26/04
Homeland Security & Infrastructure Protection
- Title: Alleged WebTV 911 hacker charged with
cyberterrorism
- Source: Security Focus
- Date Written: February 26, 2004
- Date Collected: February 27, 2004
- Federal agents have arrested David Jeansonne, 43, of Louisiana on
cyberterrorism charges under the USA PATRIOT Act for a malware attack against
eighteen MSN TV (formerly known as WebTV) customers. As part of an online
conflict in July 2002, Mr. Jeansonne wrote a script to change the dial-up
number of MSN TV equipment to the 911 emergency number. He disguised the
script as a tool to change the colors of the user interface, and sent it to
his eighteen foes; the next time they tried to log on, they would end up
calling the police instead. Several of the customers sent the tool to friends,
bringing the total number of victims up to twenty-one. The script also posted
the users' browser history to a website and e-mailed hardware serial numbers
to a free webmail account. Prosecutors charge that the act meets the
definition of cyberterrorism since it endangered public safety.
- http://www.securityfocus.com/news/8136
- Title: Homeland Security unveils technology
advisory panel
- Source: Government Executive
- Date Written: February 26, 2004
- Date Collected: February 27, 2004
- The Department of Homeland Security (DHS) has announced the creation of an
eighteen member science and technology committee. The committee, mandated
under the 2002 Homeland Security Act, consists of government and industry
scientists expert in fields considered essential to homeland security. Charles
McQueary, undersecretary for science and technology, says DHS has succeeded in
integrating the efforts of border security agencies, but that more work will
be necessary for the flow of goods and people. DHS plans to focus attention on
bioterrorism surveillance and countermeasures in 2004.
- http://www.govexec.com/dailyfed/0204/022604td2.htm
- Title: Senator: Information sharing is key to
thwarting cyber attacks
- Source: ZDNet
- Date Written: February 25, 2004
- Date Collected: February 27, 2004
- ZDNet interviews Senator Bob Bennett (R-Utah). Mr. Bennett has received
the RSA Award for Excellence in the Field of Public Policy for his work on
economic policy and high tech issues. Mr. Bennett calls for an information
sharing system to anticipate, detect, and counter cyberattacks. Congress,
however, is currently more focused on physical attacks than cyberattacks. As
American intelligence improves, making it more difficult to launch physical
attacks, terrorists may turn to disrupting the economy through cyberattacks;
this is an important concern, since 85% of critical infrastructures are owned
by private industry. Mr. Bennett addresses privacy concerns by arguing that
greater sharing on information will lead to greater privacy. Many law
enforcement agencies have been criticized for lack of information sharing, but
Congress will do little to address the issue as legislators prepare for the
election season.
- http://techupdate.zdnet.com/techupdate/stories/main/Information_sharing_is_key_to_thwarting_cyber_attacks.html
- Title: Cyber-Terrorism Warning Sounded
- Source: LA Times
- Date Written: February 25, 2004
- Date Collected: February 27, 2004
- According to testimony before the Senate Judiciary subcommittee on
terrorism, technology, and homeland security, the federal government must
cooperate with the private sector to guard against cyberattacks; such critical
infrastructures as direct transportation, water supplies, and energy and
emergency systems are vulnerable to cyberattacks which would multiply the
effects of a physical attack. Dan Verton, a former Marine intelligence
officer, warns that al Qaeda is a thinking organization that values formal
training; Senator Jon Kyl (R-Arizona) pointed out the al Qaeda has a growing
number of young computer-savvy sympathizers. Mr. Verton added that, in a
worst-case scenario, five US states and three Canadian provinces could be
deprived of electricity for several months. A 2000 study by the Department of
Energy and the Utah Olympic Public Safety Command outlined the potential
damage of a combined physical/cyber attack.
- http://www.latimes.com/technology/la-na-cyber24feb25,1,7457295.story
- Title: Homeland security officials downplay need
for antiterrorist center
- Source: Government Executive
- Date Written: February 26, 2004
- Date Collected: February 27, 2004
- Steve Cooper, chief information officer for the Department of Homeland
Security (DHS), speaking at a conference sponsored by the American Forces
Communications and Electronics Association, says the intelligence community
has the virtual equivalent of an integrated terrorist watchlist, and that
producing a single database may not be necessary. The Terrorist Screening
Center, established in 2003 and hosted by the FBI (Federal Bureau of
Investigation), has as part of its mission the duty of consolidating twelve
terrorist databases into a single system for local, state, and federal law
enforcement. The single watchlist has been delayed several times; DHS
Secretary Tom Ridge told the Senate Governmental Affairs Committee that a list
would be prepared by the summer of 2004, while the DHS strategic plan expects
to have it finished by the end of 2004. Senator Joseph Lieberman has
criticized the delay, but Mr. Cooper and DHS Deputy Secretary James Loy say
the federal agencies are receiving timely terrorist intelligence, and that a
single database may not be necessary.
- http://www.govexec.com/dailyfed/0204/022604c1.htm
Cybercrime-Hacking
- Title: ISU student charged with hacking former
roommate's e-mail
- Source: USA Today (AP)
- Date Written: February 26, 2004
- Date Collected: February 27, 2004
- Nicholas Jensen, Iowa State University student, has been arrested on
charges of electronic and mechanical eavesdropping, unauthorized computer
access, and harassment after using a former roommate's e-mail account to send
false messages. Mr. Jensen used the e-mail account of Tyler Rasmussen to send
messages to his friends and family claiming he was homosexual. E-mail codes
indicated that the messages came from Mr. Jensen's computer, seized during a
search of his dorm room. Police considered charging him with a hate crime, but
hate crime laws do not include computer hacking. If convicted, Mr. Jensen
faces three years imprisonment and fines.
- http://www.usatoday.com/tech/news/2004-02-26-gay-mail_x.htm
- Title: E-mail scam hits MBNA customers
- Source: BBC
- Date Written: February 25, 2004
- Date Collected: February 27, 2004
- United Kingdom customers of MBNA Banks have been targeted in a phishing
scam designed to steal online bank account details. The e-mail portion of the
sam comes with one of the subject lines "MBNA's Official Notice," "Attention
all MBNA users," and "Official Notice for all users of MBNA." The e-mail
claims the bank has set up a new security system to guard against fraud, and
needs customers to reactivate their accounts. The e-mail provides a link to a
fake MBNA website.
- http://news.bbc.co.uk/2/hi/technology/3518411.stm
- Title: Man Gets Prison for Trick Web
Names
- Source: Siliconvalley (AP)
- Date Written: February 26, 2004
- Date Collected: February 27, 2004
- John Zuccarini, 56, of Hollywood, Florida, has been sentenced to two and a
half years imprisonment for registering misspelled domain names to lead
children to pornographic sites. Mr. Zuccarini pled guilty December 10, 2003 to
registering misspelled domain names to lead people to advertising-based
websites, from which he received a commission for every viewer he brought to a
page. The Federal Trade Commission originally sued Mr. Zuccarini for
misspelled variations of the Backstreet Boys, Victoria's Secret, and the Wall
Street Journal.
- http://www.siliconvalley.com/mld/siliconvalley/news/8052452.htm
Politics-Legislation
- Title: Putnam drafting Clinger-Cohen
amendment
- Source: Government Computer News
- Date Written: February 23, 2004
- Date Collected: February 27, 2004
- Representative Adam Putnam (R-Florida) is drafting an amendment to the
Clinger-Cohen Act to mandate that federal agencies consider cybersecurity and
enterprise architecture in their information technology oversight and
decision-making process. Mr. Putnam considers it important to refer to the
Federal Enterprise Architecture in IT oversight. Staff of Mr. Putnam's
Government Reform Subcommittee are also reviewing the Federal Information
Security Management Act on matters of IT oversight. March 3, 2003, the
Corporate Information Security Working Group will submit to Mr. Putnam
recommendations for the private sector. The working group examines best
practices, a national education campaign, procurement practices, and
information sharing.
- http://www.gcn.com/vol1_no1/technology-policy/25044-1.html
Malware
- Title: Security vendor mass-mails worm to
clients
- Source: vnunet.com
- Date Written: February 26, 2004
- Date Collected: February 27, 2004
- Antivirus firm F-Secure has apologized to several thousand customers in
the United Kingdom for inadvertently sending them the Netsky.B virus through
one of its mailing lists. In an e-mail warning customers of the mistake,
F-Secure said that the virus did not originate from F-Secure networks, but was
sent to the list by an unknown party. F-Secure research director Mikko
Hypponen says the list was outside of the company's normal scanning process,
but should not have been set up to accept external e-mails; the list has since
been modified to correct the mistake. Anyone with up-to-date virus protection
would be immune from the worm.
- http://www.vnunet.com/News/1153081
Vulnerabilities & Exploits
- Title: Hotel networks face hacker threat
- Source: CNN
- Date Written: February 25, 2004
- Date Collected: February 27, 2004
- While many hotels provide high speed Internet access for business
travelers, most are unaware of basic security issues, leaving their networks
open to attack. Black hat hackers could easily sit in a lobby and access
businessmen's computers through the hotel network, possibly stealing company
secrets. Many companies can guard against this threat through virtual private
networks (VPN), however, human error can make this inadequate. For example,
most Windows computers, by default, are set up to share files over a network,
assuming that workers will be located in one office environment. Travelers
should ask hotels what security features they have in place before booking a
room, and protect their computers with personal firewalls and antivirus, turn
off sharing, and keep the operating system patches up-to-date.
- http://edition.cnn.com/2004/TRAVEL/02/25/biz.trav.security
- Title: Dell peers into critical security hole,
shrugs shoulders
- Source: Techworld
- Date Written: February 27, 2004
- Date Collected: February 27, 2004
- Secunia reports a flaw in Dell's OpenManage server that could allow an
attacker to deny service or access a system. The flaw rests in how OpenManage
handles HTTP (Hypertext Transfer Protocol) Post requests; a hidden and
oversized variable can cause a heap overflow. Administrators can work around
the flaw by restricting traffic on TCP port 1311 to trusted Internet
addresses. The researcher who discovered the flaw, going by the name
"wirepair," says Dell Tech Support did not understand the problem when he
contacted them, while an e-mail to security@dell.com resulted only in an "out
of office" message.
- http://www.techworld.com/news/index.cfm?fuseaction=displaynews&NewsID=1115
- Title: Vulnerability in WinZip Could Compromise
Security
- Source: EWeek.com
- Date Written: February 27, 2004
- Date Collected: February 27, 2004
- According to security firm iDefense, a flaw has been discovered in WinZip
versions 7, 8, and the beta version of WinZip 9, that could allow an attacker
to execute arbitrary code on a victim machine. The attack involves
constructing a MIME (Multipurpose Internet Mail Extension) archive with a
.mim, .uue, .uu, .b64, .bhx, .hqx or .xxe extension and executable code. Once
opened, the file can trick WinZip into executing the code; iDefense has a
proof of concept exploit. Users usually do not handle executables with WinZip,
making them more likely to open files, even from anonymous sources. Users can
work around the flaw by turning off automatic unzipping of such files, or
upgrading to the release version of WinZip 9.
- http://www.eweek.com/article2/0,4149,1540280,00.asp
Civil & Consumer Issues
- Title: VeriSign sues ICANN to restore Site
Finder
- Source: ZDNet
- Date Written: February 26, 2004
- Date Collected: February 27, 2004
- VeriSign has filed suited against ICANN (Internet Corporation of Assigned
Names and Numbers) accusing the company of breach of contract and antitrust
violations regarding its suspension of VeriSign's Site Finder service. Site
Finder was launched by VeriSign to direct users who type in expired or invalid
.com or .net domains to VeriSign's own search service. ICANN ordered VeriSign
to suspend Site Finder after network administrators complained it was
disruptive. VeriSign vice president Tom Galvin says he has yet to see any
evidence that Site Finder threatens the stability of the Internet. The lawsuit
comes as many international organizations, such as the United Nations'
International Telecommunication Union (ITU) question ICANN's role in Internet
governance.
- http://zdnet.com.com/2100-1104_2-5165982.html
To change your delivery preferences please go
to:
http://news.ists.dartmouth.edu/cgi-bin/change.cgi
If you wish to
stop receiving the 'Security in the News' service please go
to:
http://news.ists.dartmouth.edu/substop.html
The Institute for
Security Technology Studies (ISTS) accepts no responsibility for any error or
omissions in this e-mail. The information presented is a compilation of
material from various sources and has not been verified by staff of the ISTS.
Therefore, the ISTS cannot be made responsible for the factual accuracy of the
material presented. The ISTS is not liable for any loss or damage arising from
or in connection with the information contained in this report. It is the
responsibility of the user to evaluate the content and usefulness of this
information. References in this e-mail to any specific commercial products,
processes, or services by trade name, trademark, manufacturer, or otherwise,
does not constitute or imply endorsement, recommendation, or favoring by the
ISTS. ISTS is a research, not operational, organization, and makes its
Security in the News e-mail available as a public service on a best-effort
basis. Security in the News will be sent out on most business days, but not
all.
Institute for Security Technology Studies
Dartmouth
College
45 Lyme Road, Suite 200
Hanover, NH 03755
Tel: (603) 646
0700
E-mail: dailyreport@ists.dartmouth.edu
|
|
|
