Network Security
Date Prev | Date Next |
Date Index |
Thread Index |
Author Index |
Historical
FW: Security In The News - August 9, 2004
- From: Howell, Paul
- Date: Tue Aug 10 08:41:00 2004
-----Original Message-----
From: dailyreport@ists.dartmouth.edu [mailto:dailyreport@ists.dartmouth.edu]
Sent: Monday, August 09, 2004 5:11 PM
To: subscriber (2554)
Subject: Security In The News - August 9, 2004
Security In The News
LAST UPDATED: 8/9/04
This report is also available on the Internet at
http://news.ists.dartmouth.edu/todaysnews.html ,
Homeland Security & Infrastructure Protection
Border guards eye surveillance
Federal Computer Week, 8/5/04
<http://www.fcw.com/fcw/articles/2004/0802/web-border-08-05-04.asp>
Gov't, Enterprise Data Sharing Efforts Crumbling
EWeek.com, 8/9/04
<http://www.eweek.com/article2/0,1759,1632915,00.asp>
Cybercrime-Hacking
Webmaster held on terror charges
CNet, 8/6/04
<http://news.com.com/Webmaster+held+on+terror+charges/2100-1028_3-5300745.ht
ml>
FBI probes beheading hoax on Web
ZDNet (Reuters), 8/8/04
<http://zdnet.com.com/2100-1105-5301633.html>
Hackers attack more RP gov't websites
Inq7.net, 8/10/04
<http://beta.inq7.net/breaking/index.php?index=7&story_id=3323>
Politics-Legislation
FCC Blocks Spam on Wireless Devices
Security Focus, 8/5/04 <http://www.securityfocus.com/news/9278>
Fahrenheit FBI
CNet, 8/9/04
<http://news.com.com/Fahrenheit+FBI/2010-7352_3-5300198.html>
FinCEN presses for faster sharing of suspicious transactions
Government Computer News, 8/6/04
<http://www.gcn.com/vol1_no1/daily-updates/26854-1.html>
State AGs take on P-to-P vendors
InfoWorld, 8/5/04
<http://www.infoworld.com/article/04/08/05/Hnagpeer_1.html>
Malware
Windows XP SP2 may stop the worms
ZDNet, 8/9/04 <http://news.zdnet.co.uk/0,39020330,39162970,00.htm>
Technology
Industrial security guard gets backup
CNet, 8/6/04
<http://news.com.com/Industrial+security+guard+gets+back-up/2100-1009_3-5300
324.html>
Microsoft Releases Security-Focused Windows XP SP2 Update
EWeek.com, 8/6/04
<http://www.eweek.com/article2/0,1759,1632954,00.asp>
Vulnerabilities & Exploits
Online data a gold mine for terrorists
Computerworld, 8/6/04
<http://computerworld.com/securitytopics/security/story/0,10801,95098,00.htm
l>
Yahoo's Anti-Spy toolbar feature buggy
CNet, 8/6/04
<http://news.com.com/Yahoo's+Anti-Spy+toolbar+feature+buggy/2100-1024_3-5300
761.html>
'Highly critical' flaw in AOL Instant Messenger
SearchSecurity, 8/9/04
<http://searchsecurity.techtarget.com/originalContent/0,289142,sid14_gci9990
90,00.html>
Best Practices & Risk Management
IBM tells employees not to install Windows XP update
InfoWorld, 8/9/04
<http://www.infoworld.com/article/04/08/09/HNdontinstallxp_1.html>
Civil & Consumer Issues
Big Business Becoming Big Brother
Wired News, 8/9/04
<http://www.wired.com/news/conflict/0,2100,64492,00.html>
SCO-IBM Wars Take New Turn
EWeek.com, 8/6/04
<http://www.eweek.com/article2/0,1759,1632875,00.asp>
Homeland Security & Infrastructure Protection
Title: Border guards eye surveillance
Source: Federal Computer Week
Date Written: August 5, 2004
Date Collected: August 9, 2004
The US Border Patrol is planning to expand and upgrade its
Integrated Surveillance Intelligence System (ISIS) over the next several
years to meet its new counter-terrorism role. ISIS includes remote video
surveillance, intelligent computer-aided dispatch, seismic, magnetic, and
infrared sensors, as well as other equipment. The expanded ISIS could cost
as much as $2 billion. The current ISIS is composed of stand-alone systems,
creating difficulties for agents trying to process individuals and access
databases. The system also suffers from gaps in border coverage, aging
technology, inadequate coverage of nuclear, radiological, chemical,
biological, and explosive threats, and sensors that have difficulties
distinguishing humans from animals. The agency also lacks radio
interoperability with federal, state, local, and tribal law enforcement
http://www.fcw.com/fcw/articles/2004/0802/web-border-08-05-04.asp
Title: Gov't, Enterprise Data Sharing Efforts Crumbling
Source: EWeek.com
Date Written: August 9, 2004
Date Collected: August 9, 2004
A number of private network operators and security researchers have
announced plans to quit government sponsored information sharing efforts as
government and government-related agencies share less information, and other
channels provide greater overall security and revenue. Government agencies
have been criticized for keeping too much data secret, making information
sharing efforts less valuable to the private sector. CERT (Computer
Emergency Response Team) has created a paid mailing-list and closed down its
public list, and no longer shares technical advisories with the public, even
though most bulletins are based on private sector data. This led British
research firm Next Generation Security Software (NGSS) to break with CERT
and sign a contract with the British government. Bob Collet, AT&T's
Government Solutions vice president for engineering, argued before the House
Government Reform committee that a stock pile of critical infrastructure
data increases vulnerability, while Zone-h.org plans to build a private
restricted access repository for exploit code. Other companies, such as
iDefense and Internet Security Systems, say their research is a valuable
commodity, and is worth more on the market than in government databases.
This has led the FCC (Federal Communications Commission) to use its
regulatory power to require data from network operators.
http://www.eweek.com/article2/0,1759,1632915,00.asp
Cybercrime-Hacking
Title: Webmaster held on terror charges
Source: CNet
Date Written: August 6, 2004
Date Collected: August 9, 2004
A London magistrates court is holding Babar Ahmad, 30, on a US
extradition warrant on charges of material support for terrorism and
prohibited support of the Taliban for publishing two jihadist websites,
according to the US Justice Department. US authorities accuse Mr. Ahmad of
raising funds through American-based websites Azzam.com and Qoqaz.net.
According to a Justice affidavit, Mr. Ahmad used encryption and aliases to
hide his connection to the websites. Between 2000 and 2001, the two sites
urged Muslims to undergo physical and firearms training and gave explicit
instructions for raising and delivering funds to the Taliban. US
investigators claim e-mails on an Azzam account link Mr. Ahmad to a Chechen
Mujahideen leader connected to the Moscow theatre attack in October 2002. If
convicted, Mr. Ahmad faces twenty years imprisonment.
http://news.com.com/Webmaster+held+on+terror+charges/2100-1028_3-5300745.htm
l
Title: FBI probes beheading hoax on Web
Source: ZDNet (Reuters)
Date Written: August 8, 2004
Date Collected: August 9, 2004
The Federal Bureau of Investigation (FBI) is probing an Internet
beheading hoax which duped international media into believing Islamic
extremists had killed an American hostage. Benjamin Vanderford, 22, is under
investigation after falsifying a video of his own beheading in a friend's
garage and spreading it on the Internet, eventually landing on a website
used by Islamic militants. FBI special agent LaRae Quy said the matter was
still under investigation, but that FBI intended to use all available
avenues to prosecute those responsible for the hoax. Mr. Vanderford cited
curiosity at whether the media would be fooled as the motivation for the
prank.
http://zdnet.com.com/2100-1105-5301633.html
Title: Hackers attack more RP gov't websites
Source: Inq7.net
Date Written: August 10, 2004
Date Collected: August 9, 2004
According to archives on Zone-H.org, the websites of the Philippines
Department of Public Works and Highways (DPWH), the Environmental Management
Bureau (EMB), the Revenue Integrity Protection Service (RIPS), and the
Maritime Training Council (MTC) were recently defaced by two groups of
hackers, the 'Hellboyz' and the 'Moroccan Gangsters.' Herbert Narisma, head
of the Management Information Systems section of the EMB, confirmed the
defacement of the agency's website, which included renaming the homepage
'hellboyz' and renaming the index 'index2.' The attacks were confined to
defacement, with no files being deleted, and the websites were all promptly
restored. Attacks by the 'Moroccan Gangsters' are thought to be politically
motivated, as the group has a history of defacing websites to air its
anti-US sentiments.
http://beta.inq7.net/breaking/index.php?index=7&story_id=3323
Politics-Legislation
Title: FCC Blocks Spam on Wireless Devices
Source: Security Focus
Date Written: August 5, 2004
Date Collected: August 9, 2004
The Federal Communications Commission (FCC) has issued regulations
requiring marketers to have explicit permission from cell phone and PDA
(personal digital assistant) users before sending them e-mail
advertisements, and urges the technology industry to develop tools to
prevent spam from becoming a problem for wireless devices. The rules cover
web-based e-mail services offered by wireless providers, but not services
that forward e-mail from computer-based accounts or services that connect to
such accounts. The rules also do not cover phone-to-phone text messaging,
but the FCC notes that such messages generated by a computer would violate
other laws. Wireless carriers will create a family of Internet domains for
wireless services so marketers can avoid mistakenly sending e-mails to
wireless users.
http://www.securityfocus.com/news/9278
Title: Fahrenheit FBI
Source: CNet
Date Written: August 9, 2004
Date Collected: August 9, 2004
Declan McCullagh comments on the Federal Communication Commission
(FCC) decision to require Internet broadband and VoIP (Voice over Internet
Protocol) providers to make their networks open to wiretaps for law
enforcement, in accordance with a Justice Department request and the
Communications Assistance for Law Enforcement Act (CALEA). Mr. McCullagh
questions how the increased price of such services due to the required
changes will affect the Bush administration's plan for affordable broadband
nationwide. When Congress passed CALEA, it authorized $500 million in
subsidies for telephone companies to restructure their networks, but
Internet and VoIP companies will have to cover the cost themselves. Some
VoIP software companies are based outside the US, such as the
Luxembourg-based Skype, and are not subject to CALEA. Foreign providers
could offer criminals and terrorists services free of wiretaps. Skype,
PGPfone, and the upcoming GPGfone provide encryption specifically to prevent
wiretaps. Two FCC commissioners questioned whether extending CALEA to the
Internet would hold up in court, while the Patriot Act allows for wiretaps
without prior judicial approval.
http://news.com.com/Fahrenheit+FBI/2010-7352_3-5300198.html
Title: FinCEN presses for faster sharing of suspicious transactions
Source: Government Computer News
Date Written: August 6, 2004
Date Collected: August 9, 2004
Treasury's Financial Crime Enforcement Network (FinCEN) has
established a hotline for financial institutions to report information about
suspicious transactions that may be related to terrorist activities, getting
it to law enforcement more quickly. Banks and other financial services
already file regular reports of suspicious activity to the IRS (Internal
Revenue Service) Detroit Computing Center. Treasury reports that with
international cooperation, it has managed to freeze more than $140 million
in terrorist-related assets, identified 383 people and organizations as
terrorist supporters, and apprehended or disrupted key terrorist
facilitators. Treasury has worked with Homeland Security and financial
regulators to improve communications with critical financial institutions,
coordinate identification and mitigation of vulnerabilities in financial
services, provide guidance on business continuity planning, and conduct
drills to test backup systems. FinCEN also notes that scammers are sending
letters to banks spoofing FinCEN and demanding $25,000 for an anti-terrorist
certificate; banks should report such letters to local law enforcement.
http://www.gcn.com/vol1_no1/daily-updates/26854-1.html
Title: State AGs take on P-to-P vendors
Source: InfoWorld
Date Written: August 5, 2004
Date Collected: August 9, 2004
In a letter sent to peer-to-peer (P2P) software vendors by the
attorneys general of 47 US states and territories, P2P software vendors must
redesign software to prevent illegal file-sharing and must warn users of the
legal, personal, and content dangers of file-sharing. The letter reaffirms
that the attorneys general will prosecute users who engage in illegal
file-sharing, and asserts that this does not "excuse your companies from
avoiding software design changes that deliberately prevent law enforcement
in our States from prosecuting P2P users for violations of the law." Adam
Eisgrau, executive director of P2P United, responded that the radical
changes to the software referenced in the letter could not be done without
compromising the innovative aspects of P2P file-sharing and suggested that
copyright debates are best worked out at the federal and not the state
level.
http://www.infoworld.com/article/04/08/05/Hnagpeer_1.html
Malware
Title: Windows XP SP2 may stop the worms
Source: ZDNet
Date Written: August 9, 2004
Date Collected: August 9, 2004
Security company F-Secure says it has reverse engineered Windows XP
Service Pack 2, and finds that its new features may prevent the spread of
high-profile worms similar to Sasser, Slammer, and Blaster. According to
director of antivirus research Mikko Hyppönen, Microsoft has implemented the
service pack well, especially noting the stack protection and memory
protection upgrades. Mr. Hyppönen believes the new features make automated
worm attacks against Windows XP unlikely, though third party applications,
such as instant messaging, can create other holes. Users will also continue
to create vulnerabilities for themselves, and must widely apply the service
pack for it to be effective against worm attacks.
http://news.zdnet.co.uk/0,39020330,39162970,00.htm
Technology
Title: Industrial security guard gets backup
Source: CNet
Date Written: August 6, 2004
Date Collected: August 9, 2004
Control system provider Verano has teamed with security firm
Betrusted to provide softwares designed to protect critical infrastructures
in such key industries as utilities and transportation. Betrusted will offer
management and monitoring of Verano's Industrial Defender, a package of
services, softwares, and appliances built on security enhanced Linux. Verano
chief executive Brian Ahern cites the Northeast blackout of 2003 as a signal
to find a partner for security services. Verano provides tools to bridge
legacy systems to modern security technology. Betrusted sees the partnership
as an opportunity to expand into other sectors, having previously focused
only on telecommunications. Control room operators of such networks as SCADA
(Supervisory Control and Data Acquisition) and DCS (Distributed Control
System) are realizing that these networks often have Internet connections,
making security a priority.
http://news.com.com/Industrial+security+guard+gets+back-up/2100-1009_3-53003
24.html
Title: Microsoft Releases Security-Focused Windows XP SP2 Update
Source: EWeek.com
Date Written: August 6, 2004
Date Collected: August 9, 2004
Friday, August 6, 2004, Microsoft completed the last step in the
release process before a new update, officially dubbed Windows XP Service
Pack 2 with Advanced Security Technologies (SP2), is delivered to consumers,
providing the code to manufacturers. In development since 2003, SP2 includes
a nearly complete overhaul of Windows XP's security functionality, and is
being billed as a cure for most of the security and privacy issues currently
plaguing the operating system. Among the updates included in SP2 are
security enhancements to Internet Explorer, chip-level protection against
buffer overruns, and a new Windows Security Center giving users access to
all of their security settings in one place, including the status of the
Windows firewall which is turned on by default in SP2.
http://www.eweek.com/article2/0,1759,1632954,00.asp
Vulnerabilities & Exploits
Title: Online data a gold mine for terrorists
Source: Computerworld
Date Written: August 6, 2004
Date Collected: August 9, 2004
Information technology and security managers may have overlooked the
availability of sensitive data online despite a warning from the Department
of Homeland Security (DHS) regarding the possibility of terrorist attacks
against financial services. The Citigroup headquarters in Manhattan, one of
the targets specifically mentioned by the DHS alert, has freely available
three-dimensional models of the exterior and portions of the interior
online, with details of structural weaknesses. The Chicago Board of Trade
website includes photos of underground parking garages, floor plans of
office suites, and contact information for the building's telecommunications
providers. Amit Yoran, director of DHS's National Cyber Security Division,
says DHS is considering publishing best practices for posting data online to
avoid giving terrorists sensitive information. MacDonnel Ulsch of Janus Risk
Management calls the publication of such data "inexcusable", arguing that
the risks outweigh the benefits to contractors and service providers. Most
firms, when warned of potential threats, respond with redundancy and
recovery rather than counter-surveillance and information control.
http://computerworld.com/securitytopics/security/story/0,10801,95098,00.html
Title: Yahoo's Anti-Spy toolbar feature buggy
Source: CNet
Date Written: August 6, 2004
Date Collected: August 9, 2004
Yahoo confirmed Friday, August 6, 2004, that its recently released
Anti-Spy toolbar feature mistakenly linked hijacker software known as
SearchCentrix with Claria's Gator eWallet. The company said that there was
no evidence to suggest that Claria's software installed the hijacker, and
that the bug was due to problem with their partner PestPatrol's code. Claria
representatives confirmed that the company had no relation to SearchCentrix,
and PestPatrol could not be immediately reached for comment.
http://news.com.com/Yahoo's+Anti-Spy+toolbar+feature+buggy/2100-1024_3-53007
61.html
Title: 'Highly critical' flaw in AOL Instant Messenger
Source: SearchSecurity
Date Written: August 9, 2004
Date Collected: August 9, 2004
Copenhagen, Denmark-based security firm Secunia reported Monday,
August 9, 2004, that it has discovered a "highly critical" flaw in AOL
Instant Messenger. The result of a boundary error with the handling of
"Away" messages, the flaw could reportedly be used by attackers to
compromise computers and execute arbitrary code. Secunia said the flaw has
been confirmed in version 5.5.3595, and that other versions may also be
affected. Citing additional issues that would allow large amounts of user
resources to be consumed, Secunia recommends that users switch to an
alternative product.
http://searchsecurity.techtarget.com/originalContent/0,289142,sid14_gci99909
0,00.html
Best Practices & Risk Management
Title: IBM tells employees not to install Windows XP update
Source: InfoWorld
Date Written: August 9, 2004
Date Collected: August 9, 2004
In a note posted on its company intranet, IBM has instructed
employees not to install Microsoft's new Service Pack 2 (SP2) for Windows
XP. According to the note, some high-profile, business-critical applications
are known to conflict with the update and may need to be modified before IBM
releases a customized version of SP2 to employees. SP2 has raised
compatibility concerns at many businesses, as it trades compatibility for
increased security. Some of Microsoft's own applications may have
compatibility issues, as the company recently released an update to their
Customer Relationship Management software earlier this week to unsure
compatibility with SP2. Michael Cherry, a lead analyst at Directions on
Microsoft Inc., said Microsoft has been more than forthcoming in providing
information and testing opportunities to IT departments.
http://www.infoworld.com/article/04/08/09/HNdontinstallxp_1.html
Civil & Consumer Issues
Title: Big Business Becoming Big Brother
Source: Wired News
Date Written: August 9, 2004
Date Collected: August 9, 2004
According to a 'Surveillance-Industrial Complex' report released by
the American Civil Liberties Union (ACLU), the federal government is
circumventing laws restricting surveillance by purchasing databases from
private corporations, and calls on Congress to close loop holes that allow
such surveillance. Data aggregators collect information about individuals
from publicly available sources and privately held customer databases for
resale to the government. A number of airlines have provided government
contractors with passenger data to test passenger screening systems. The
government can obtain data from private sources through purchase, court
order, or simple request. Businesses often provide data in hope of gaining
favor for future contracts or of avoiding increased government scrutiny. The
1974 Privacy Act prohibits the government from maintaining dossiers on
Americans unless they are under a specific investigation, but private
corporations do not face congressional oversight or the Freedom of
Information Act in the course of their data collections. Studies show that
Americans trust corporations more than they trust the government, and will
readily provide personal details to companies. Most people are unaware how
frequently corporations provide data to government.
http://www.wired.com/news/conflict/0,2100,64492,00.html
Title: SCO-IBM Wars Take New Turn
Source: EWeek.com
Date Written: August 6, 2004
Date Collected: August 9, 2004
According to a Forbes report, SCO has unearthed IBM e-mail
correspondence indicating that IBM illegally used SCO Unix System V release
4 (SVR4) code in its AIX 5L operating system. The recently discovered
correspondence allegedly suggests that IBM knowingly has not had a proper
license for AIX since 2001, and SCO has not decided whether to pursue the
recent developments as a separate case or incorporate them into its current
litigation against IBM. These new allegations run in parallel to SCO's
standing claim that IBM placed Unix source code in its modifications of
Linux, and the new evidence may be used to imply that IBM has a pattern of
taking liberties with licensed code. SCO's standing claim is that IBM was
only licensed to use SVR4 code on an Intel-based operating system but
deliberately used it in its Power-based AIX 5L Unix.
http://www.eweek.com/article2/0,1759,1632875,00.asp
To change your delivery preferences please go to:
http://news.ists.dartmouth.edu/cgi-bin/change.cgi
If you wish to stop receiving the 'Security in the News' service
please go to:
http://news.ists.dartmouth.edu/substop.html
The Institute for Security Technology Studies (ISTS) accepts no
responsibility for any error or omissions in this e-mail. The information
presented is a compilation of material from various sources and has not been
verified by staff of the ISTS. Therefore, the ISTS cannot be made
responsible for the factual accuracy of the material presented. The ISTS is
not liable for any loss or damage arising from or in connection with the
information contained in this report. It is the responsibility of the user
to evaluate the content and usefulness of this information. References in
this e-mail to any specific commercial products, processes, or services by
trade name, trademark, manufacturer, or otherwise, does not constitute or
imply endorsement, recommendation, or favoring by the ISTS. ISTS is a
research, not operational, organization, and makes its Security in the News
e-mail available as a public service on a best-effort basis. Security in the
News will be sent out on most business days, but not all.
Institute for Security Technology Studies
Dartmouth College
45 Lyme Road, Suite 200
Hanover, NH 03755
Tel: (603) 646 0700
E-mail: dailyreport@ists.dartmouth.edu
------------------------------------------------------------------------
To unsubscribe from netsec, send mail to majordomo@merit.edu
with a body consisting of the words "unsubscribe netsec" --
without the quotes. For more help, send a message to majordomo@merit.edu
with the word "help" as the body.
------------------------------------------------------------------------
|
