|
Network Security
Date Prev | Date Next |
Date Index |
Thread Index |
Author Index |
Historical
FW: Security In The News - March 10, 2004
- From: Howell, Paul
- Date: Thu Mar 11 06:29:03 2004
Title: Message
Security In The News
LAST UPDATED: 3/10/04
This report is
also available on the Internet at http://news.ists.dartmouth.edu/todaysnews.html
,
Cybercrime-Hacking
The meth connection to identity theft
- MSNBC, 3/10/04
Hacking tools tipped to become weapons of
the state
- ZDNet UK,
3/10/04
Politics-Legislation
OMB, CIO Council will measure agencies'
e-gov success
- Government
Computer News, 3/9/04
Malware
Netsky author signs off
- ZDNet, 3/9/04
- Also - Network
Magazine, 3/10/04
Netsky-L: Was it written by a new virus
writer? Has the Netsky source code been released?
- sophos
virus info, 3/10/04
Technology
Cisco beefs up security
- ZDNet, 2/29/04
Long arm of the law reaches into ears with
biometrics
- Silicon.com,
3/10/04
Vulnerabilities & Exploits
MSN Messenger flaw allows hard-drive
access
- ZDNet, 3/9/04
Googling Up Passwords
- Security Focus,
3/9/04
Best Practices & Risk Management
O.C. Supervisor Wants Audit of Flawed
Electronic Voting
- LA
Times, 3/10/04
The rethinking of computer security
- news.com.com,
3/10/04
Comcast cutting off spam 'zombies'
- InfoWorld,
3/9/04
Civil & Consumer Issues
Heading into an era of the PC police
- Australian
IT, 3/9/04
E-Mail Providers Slam Spammers
- Wired
News, 3/10/04
- Also - ZDNet,
3/10/04
Cybercrime-Hacking
- Title: The meth connection to identity
theft
- Source: MSNBC
- Date Written: March 10, 2004
- Date Collected: March 10, 2004
- Police are increasingly finding that identity theft rings are connected to
methamphetamine users. Detective Jim Dunn of the Thurston County Sheriff's
office in Washington estimates that 95% of identity theft cases he
investigates are connected to methamphetamine addiction; police detective
Steve Williams of Eugene, Oregon puts the number at 90%. The properties of
methamphetamine make it ideally suited to identity theft; users are awake for
days at a time, alert and focused, and ready to do such repetitive tasks as
piece together shredded documents. In some cases, such as that identity thief
Steven Massey, dealers promise addicts meth in exchange for mail and identity
papers. When meth users gather for parties, they often bring laptops to
exchange advice and skills on identity theft. Such crimes can even be
committed while under house arrest. Meth use is skyrocketing in concert with
identity theft; in 2003, police discovered 9,800 meth labs while the Federal
Trade Commission reported 10 million victims of identity theft.
- http://msnbc.msn.com/id/4460349
- Title: Hacking tools tipped to become weapons of
the state
- Source: ZDNet UK
- Date Written: March 10, 2004
- Date Collected: March 10, 2004
- Speaking at a seminar at the Oxford Internet Institute (OII), Joel
Reidenberg, a law professor at Fordham University in New York, argues that in
the future, nation-states can bring cyberspace under the jurisdiction of law
through hacking and distributed denial of service attacks. Mr. Reidenberg
cites the example of a French ruling that ordered Yahoo to block Nazi
memorabilia from being sold on its auction site in France; an American court
later ruled that the order could not be enforced since Yahoo servers are in
the United States. However, in the future, a court could order police to hack
into computers or deny service to enforce laws. Democratic countries need to
establish guidelines and agreements for the legitimate use of such tools in
law enforcement, according to Mr. Reidenberg. Some attendees doubt that an
accountable appeal process could be developed; Stephen Coleman, an OII
visiting professor in e-democracy, notes that the British government's secure
intranet is hacked once every three seconds, primarily by Britain's allies.
- http://news.zdnet.co.uk/business/0,39020645,39148211,00.htm
Politics-Legislation
- Title: OMB, CIO Council will measure agencies'
e-gov success
- Source: Government Computer News
- Date Written: March 9, 2004
- Date Collected: March 10, 2004
- The Office of Management and Budget (OMB) and the Chief Information
Officers (CIO) Council have agreed on the details of four areas government
agencies must focus on to succeed in e-government initiatives. Agencies must
meet these criteria by September 30, 2004. The goals include: expanded
e-government, with 80% of the 25 Quicksilver e-government initiatives
deployed; cross-agency collaboration, with 80% of agencies implementing
enterprise architectures, saving $50 million; cybersecurity, with 80% of
agency systems certified and accredited by the end of the year; and human
resource management to reduce the amount of time it takes to hire information
technology professionals.
- http://www.gcn.com/vol1_no1/daily-updates/25219-1.html
Malware
- Title: Netsky author signs off
- Source: ZDNet
- Date Written: March 9, 2004
- Date Collected: March 10, 2004
- The author of the various Netsky variants has released the eleventh
version, Netsky.K, with a message hidden in the code declaring that this
variant would be the last. Netsky, Bagle, and MyDoom have been engaged in
verbal warfare through their various virus releases. However, Netsky differed
from the other two by removing Bagle and MyDoom from computers, while the
other two converted infected machines into spam boxes. Mikko Hyppönen,
director of the F-Secure antivirus firm, says the the Netsky authors seem to
consider themselves an antivirus team, writing in their code "To F-Secure and
so on, we do not want damage systems . . . We have respect of your work (Your
heuristic scan is not good enough! Make it better) This is the last version of
our antivirus. The source code is available soon." Mr. Hyppönen says he has
little reason to doubt the message. Researchers at Panda Software believe
Netsky's authors may be planning an attack for March 11, 2004, citing a
message in the code that reads "The 11th of march is the skynet day."
- http://zdnet.com.com/2100-1105_2-5171743.html
- Also - http://www.networkmagazine.com/shared/article/showArticle.jhtml;jsessionid=3QSZQNKMC1XPAQSNDBGCKHY?articleId=18311791
- Title: Netsky-L: Was it written by a new virus
writer? Has the Netsky source code been released?
- Source: sophos virus info
- Date Written: March 10, 2004
- Date Collected: March 10, 2004
- Antivirus researchers at Sophos have announced the discovery of a twelfth
Netsky variant, Netsky.L. Like previous Netskys, it spreads as an e-mail
attachment, but some differences lead researchers to believe it has a
different author: the code does not mention 'skynet', does not remove copies
of the Bagle worm, and does not contain insults to Bagle's authors. A message
in Netsky.K warned that the K variant would be the final one, but that the
source code would be released shortly thereafter.
- http://www.sophos.com/virusinfo/articles/netskyl.html
Technology
- Title: Cisco beefs up security
- Source: ZDNet
- Date Written: February 29, 2004
- Date Collected: March 10, 2004
- Cisco has released several new products to enhance its security offerings.
Cisco 7301 Router and Cisco VPN (virtual private network) 3020 Concentrator
fit within existing product lines, while new management capabilities have been
added and upgraded to Cisco's Internetworking Operating System (IOS), such as
denial-of-service protections, new support for IPv6 (Internet Protocol version
6), and the ability to partition a network into separate security areas.
Richard Stiennon, a security analyst at Gartner, notes that up to 30% of
traffic on network backbones is spam or malware, and argues that Cisco has
done little to prevent threats from entering a network in the first place.
Jeff Platon, a marketing executive for Cisco, responds that Cisco is working
with other companies--such as Symantec, Network Associates, IBM, and Trend
Micro--on antivirus, and is adding intrusion prevention through its
acquisition of Okena.
- http://zdnet.com.com/2100-1104_2-5171842.html
- Title: Long arm of the law reaches into ears with
biometrics
- Source: Silicon.com
- Date Written: March 10, 2004
- Date Collected: March 10, 2004
- Researchers at the University of Leicester's Forensic Pathology Unit have
developed a computerized ear-recognition system capable of identifying whole
or partial ears from pictures or prints. The new system, more reliable than
human investigators' ear measurements, may lead to national and international
ear-print databases. The European Union's Project FeariD (Forensic Ear
Identification) is examining the reliability of ear biometrics for law
enforcement. The International Biometric Group expects biometric spending to
reach $1.2 billion in 2004, with $350 million devoted to fingerprinting.
- http://www.silicon.com/management/government/0,39024677,39119051,00.htm
Vulnerabilities & Exploits
- Title: MSN Messenger flaw allows hard-drive
access
- Source: ZDNet
- Date Written: March 9, 2004
- Date Collected: March 10, 2004
- Microsoft has released its March 2004 patches, revealing three
vulnerabilities in various softwares. Two are classified as medium risk, while
the third is rated as a low-to-medium risk. One flaw, the first to affect
Microsoft's MSN Messenger 6.0 and 6.1, would allow an attacker to view the
contents of a target's hard drive during a chat session. Users who do not
block anonymous callers are most vulnerable. Microsoft will also announce this
flaw through the MSN Messenger network. Another flaw would let an attacker
gain control over a system by exploiting Outlook 2002 to execute Internet
Explorer code. The third flaw would allow attackers to deny service against
servers running Windows Media Services 2004. Attackers could use specially
constructed TCP/IP (Transmission Control Protocol/Internet Protocol) packets
to interrupt video streams.
- http://zdnet.com.com/2100-1104_2-5171898.html
- Title: Googling Up Passwords
- Source: Security Focus
- Date Written: March 9, 2004
- Date Collected: March 10, 2004
- Many people publish data on web servers without realizing the security
risks of such publication. This makes Google and other search engines tools
for hackers seeking sensitive information. Google comes with some advanced
features to allow web surfers to fine-tune their searches. The "site:"
operator restricts searches to certain servers, websites, and top level
domains; the "intitle:" operator restricts searches to webpages with certain
words in the title; and "filetype:" allows searchers to look for common file
formats, such as Word documents, Excel spreadsheets, and Adobe PDF (Portable
Document Format). Black hat hackers can use these feature to dig up sensitive
information, such as Excel budget sheets with names and contact information of
valuable clients or plain text password files. The author recommends several
sites administrators can consult to learn how to protect sensitive files from
malicious Google searches.
- http://www.securityfocus.com/columnists/224
Best Practices & Risk Management
- Title: O.C. Supervisor Wants Audit of Flawed
Electronic Voting
- Source: LA Times
- Date Written: March 10, 2004
- Date Collected: March 10, 2004
- California's Orange County Supervisor Bill Campbell has requested the
Internal Audit Department to examine voting irregularities from the March 2,
2004 primaries after discovering that 7,000 votes were cast in the wrong
precinct. Apparently, poll workers using new electronic voting machines
accidentally gave voters codes for the wrong ballots. Registrar of Voters
Steve Rodermund says he will certify the election only after investigators
have assured that the outcome was not affected by the irregularities; while
many votes remain correct despite being cast in the wrong precinct, others
voted in the wrong election. Mr. Campbell believes the problem is one of human
error rather than technical failure and suggests that each polling place
should only accept votes for one precinct to avoid such errors.
- http://www.latimes.com/news/local/la-me-machines10mar10,1,2347867.story?coll=la-headlines-california
- Title: The rethinking of computer
security
- Source: news.com.com
- Date Written: March 10, 2004
- Date Collected: March 10, 2004
- Jon Oltsik argues that the computer security industry is about to undergo
a transition, similar to the way the web browser changed the Internet from a
research vehicle to a key business infrastructure. The force driving this
change is the integration of security into business processes. Microsoft
demonstrated awareness of this change at the RSA Conference, unveiling
products designed to build security features into business processes,
accelerating upgrade cycles and lowering operating costs. Such companies as
Cisco, Oracle, Hewlett-Packard, and IBM have leveraged business concerns into
sales of their products. Mr. Oltsik contrasts this with others at the RSA
Conference, which he describes as a "technology love-in." Executives are
starting to spend on security as they realize its importance to the bottom
line.
- http://news.com.com/2010-1071_3-5171969.html?part=rss&tag=feed&subj=news
- Title: Comcast cutting off spam 'zombies'
- Source: InfoWorld
- Date Written: March 9, 2004
- Date Collected: March 10, 2004
- Internet service provider Comcast has begun cutting service to customers
whose machines have been converted to spam "zombies," forwarding spam e-mails
often without the customer's knowledge. Comcast has received much criticism
from antispam advocates as a leading provider of broadband Internet access to
home users; Comcast counts overs 5.2 million subscribers. Recent reports
suggest that virus writers have teamed with spammers to access home machines
and turn them into spam relays. Senderbase records show that more than 40
Comcast customers send more than 100,000 e-mails each day. Comcast says it is
alerting customers whose computers have been hijacked and helping to protect
their computers.
- http://www.infoworld.com/article/04/03/09/HNcomcastspam_1.html
Civil & Consumer Issues
- Title: Heading into an era of the PC
police
- Source: Australian IT
- Date Written: March 9, 2004
- Date Collected: March 10, 2004
- Whit Diffie, chief security officer for Sun Microsystems, warns that
Digital Rights Management (DRM) promises to offer more fluid secure Internet
connections, but may spark a war between consumers and movie and music
providers for control over computer use, as content providers claim they have
not only "a right to be compensated for what they've done, but have a right to
be given actual control over how people use it." However, DRM would aid
security by ensuring that computers meet certain configuration requirements
before allowing them to connect to certain systems. Paul Kocher, chief
scientist for Cryptography Research, notes that content providers have
difficulty controlling the technologies that threaten their intellectual
property, since they do not produce those technologies. Mr. Kocher argues that
consumers should be concerned as content providers call for government
regulation, since corporations and law enforcement do not have the same
incentive to protect privacy as consumers do.
- http://australianit.news.com.au/articles/0,7204,8905801^15321^^nbv^15306,00.html
- Title: E-Mail Providers Slam Spammers
- Source: Wired News
- Date Written: March 10, 2004
- Date Collected: March 10, 2004
- In a Washington, D.C., press conference March 10, 2004, Microsoft, America
Online (AOL) EarthLink, and Yahoo announced they will sue six of the most
active spammers under the federal CAN-SPAM (Controlling the Assault of
Non-Solicited Pornography and Marketing) Act. Most of the suits have been
filed against unidentified "John Does," but EarthLink chief privacy officer
Les Seagraves says the four ISPs (Internet service providers) are following
the money trail and are only a "couple of subpoenas away from showing up at
these spammers' doors and handing subpoenas directly to them." Nancy Anderson,
deputy general counsel for Microsoft, say that even offshore spammers may be
targeted, since they are doing business in the United States. Many antispam
advocates have criticized the CAN-SPAM Act as ineffective, but the four
companies say it has given them the legal tools to fight spam.
- http://www.wired.com/news/business/0,1367,62606,00.html?tw=wn_tophead_2
- Also - http://zdnet.com.com/2100-1105_2-5172038.html
To change your delivery preferences please go
to:
http://news.ists.dartmouth.edu/cgi-bin/change.cgi
If you wish to
stop receiving the 'Security in the News' service please go
to:
http://news.ists.dartmouth.edu/substop.html
The Institute for
Security Technology Studies (ISTS) accepts no responsibility for any error or
omissions in this e-mail. The information presented is a compilation of
material from various sources and has not been verified by staff of the ISTS.
Therefore, the ISTS cannot be made responsible for the factual accuracy of the
material presented. The ISTS is not liable for any loss or damage arising from
or in connection with the information contained in this report. It is the
responsibility of the user to evaluate the content and usefulness of this
information. References in this e-mail to any specific commercial products,
processes, or services by trade name, trademark, manufacturer, or otherwise,
does not constitute or imply endorsement, recommendation, or favoring by the
ISTS. ISTS is a research, not operational, organization, and makes its
Security in the News e-mail available as a public service on a best-effort
basis. Security in the News will be sent out on most business days, but not
all.
Institute for Security Technology Studies
Dartmouth
College
45 Lyme Road, Suite 200
Hanover, NH 03755
Tel: (603) 646
0700
E-mail: dailyreport@ists.dartmouth.edu
|
|
|
