SECURITY IN THE NEWS
updated on March 8, 2005
This report is available on
the web and as an RSS
feed.
Cybercrime-Hacking
UK card fraud
hits £505m
The Register, 2005-03-08
Arizona
student guilty of Web piracy
CNet,
2005-03-08
Politics-Legislation
Hidden
fraud risk in Sarbanes-Oxley?
CNet, 2005-03-07
Banks Brace for New Antiterrorism Law
Security Pipeline,
2005-03-07
Malware
MMS virus
discovered
The Register, 2005-03-08
Virus authors
form unholy alliance
vnunet.com, 2005-03-08
Worm
Chatter Escalates on MSN Messenger
EWeek.com, 2005-03-07
FTC Calls For Action Against Spyware
Security Pipeline,
2005-03-07
Vulnerabilities & Exploits
DNS cache poisoning bugs hits Symantec shops
The Register,
2005-03-08
Old-School DoS Attack Can Penetrate XP
SP2
EWeek.com, 2005-03-08
Civil & Consumer
Issues
ISP sues Dutch gov for snooping costs
The
Register, 2005-03-08
German ISP told to cough up
customer's details
The Register,
2005-03-08
Cybercrime-Hacking
Title: UK card fraud hits £505m
Source:
The Register
Date Written: 2005-03-08
Date Collected:
2005-03-08
According to an annual report by the UK Association for Payment
Clearing Services (APACS), credit card fraud in the UK rose in 2004 to £504
million, a 20% increase from 2003. Card-not-present fraud (CNP) is the most
prevalent form of fraud, and increased by 24% to £150.8 million. Identity theft
grew by 22%, but still accounted for only £36.9 million. Fraud on lost, stolen,
or counterfeit cards accounted for 48% of losses, and the APACS believes the
widespread adoption of chip and PIN schemes will lower fraud. However,
anti-fraud organization Early Warning says chip and PIN schemes will simply move
fraud onto the Internet while allowing card companies to shift liability to
retailers.
http://www.theregister.co.uk/2005/03/08/apacs_fraud_2004/
Title: Arizona student guilty of Web
piracy
Source: CNet
Date Written: 2005-03-08
Date
Collected: 2005-03-08
A University of Arizona student is believed to be
the first person in the nation to plead guilty under state Internet piracy laws.
Parvin Dhaliwal, 18, was charged with uploading digital copies of recently
released movies and music. He entered a guilty plea to possession of counterfeit
marks, or unauthorized copies of intellectual property, a Class 6 Felony under
Arizona's new piracy law, according to the Arizona state Attorney General's
Office. Mr. Dhaliwal was sentenced to three months in prison, three years
probation, 200 hours of community service, a $5,400 fine, and must take a
university course on copyright issues.
http://news.com.com/Arizona+student+guilty+of+Web+piracy/2110-1030_3-5604005.html
Politics-Legislation
Title: Hidden fraud risk in
Sarbanes-Oxley?
Source: CNet
Date Written:
2005-03-07
Date Collected: 2005-03-08
Peter Dorrington, head of
fraud solutions at the SAS Institute, says the robust requirements of the
Sarbanes-Oxley Act for data storage on corporate networks may be
counter-productive in stopping fraud. Mr. Dorrington says companies are now
storing huge volumes of data, but are not interpreting it. He says fraudsters
rely on their transactions being lost among other transactions, and the increase
in the volume of data makes that easier. James Governor, an analyst at RedMond,
added that even when fraud it discovered, the sheer volume of data now stored by
companies makes it very time consuming to wade through it all.
http://news.com.com/Hidden+fraud+risk+in+Sarbanes-Oxley/2100-1002_3-5602776.html
Title: Banks Brace for New Antiterrorism
Law
Source: Security Pipeline
Date Written:
2005-03-07
Date Collected: 2005-03-08
The Intelligence Reform and
Terrorism Prevention Act of 2004 was intended to tie all intelligence agencies
together through information sharing, however the legislation will also impact
the banking industry. Ariana-Michele Moore, senior analyst at Celent
Communications, says there are industry concerns that additional technology
investments and consumer privacy invasion will result from requirements to share
information with the Treasury Department. For example, Ms. Moore said all wire
transfers will be moved into a central database to help identify potential
terrorist activity. There is already some reporting, as the Bank Secrecy Act
requires banks to report wire transfers over $3,000, but Ms. Moore says the
majority are simply consumers wiring money to their families.
http://www.securitypipeline.com/60407440
Malware
Title: MMS virus discovered
Source: The
Register
Date Written: 2005-03-08
Date Collected:
2005-03-08
Anti-virus firm F-Secure has discovered the first mobile phone
virus capable of replicating through Multimedia Messaging Service (MMS)
messages. Commwarrior-A targets Symbian Series 60 phones and while it has the
capability to spread through MMS, it is not yet spreading. Previous mobile phone
viruses spread over Bluetooth, allowing them to infect only nearby phones, but a
virus spreading through MMS could potentially spread as quickly as an e-mail
worm. F-Secure believes the virus is Russian, as it contains Russian text that
translates to ìNo to braindeads.î
http://www.theregister.co.uk/2005/03/08/mms_virus/
Title: Virus authors form unholy
alliance
Source: vnunet.com
Date Written:
2005-03-08
Date Collected: 2005-03-08
Security analysts at
Kaspersky Lab say the authors of the Bagle, Zafi, and Netsky viruses have joined
forces. While investigating the outbreak of recent Bagle variants, analysts
discovered on February 15, 2005 the SpamTool.Win32.Small.b, malicious code that
harvests e-mail addresses from compromised PCs. They have found evidence that
the tool, which was used in the Bagle attack, is being used by the other virus
writers. While they may not know each other personally, Kaspersky says they are
working closely together and using information provided by the Bagle author to
distribute malware.
http://www.vnunet.com/news/1161786
Title: Worm Chatter Escalates on MSN
Messenger
Source: EWeek.com
Date Written:
2005-03-07
Date Collected: 2005-03-08
Anti-virus vendors say there
was an increase in viral activity on Microsoftís Network (MSN) messenger between
March 6 and 7, 2005. Security experts say the increase in activity appears to
have been a concentrated attack on MSN messenger users, as several new worms
exploiting the message service as well as new Bropia virus variants were
discovered. The new worms, Kelvir and Sumon, are like the Bropia mutants in that
they install the Backdoor.Rbot Trojan program, giving attackers remote access to
victimís PCs. The worms contain a .PIF extension and lure victims by offering
pornography.
http://www.eweek.com/article2/0,1759,1773454,00.asp?kc=EWRSS03129TX1K0000614
Title: FTC Calls For Action Against
Spyware
Source: Security Pipeline
Date Written:
2005-03-07
Date Collected: 2005-03-08
The Federal Trade Commission
(FTC) issued a report March 7, 2005 identifying spyware are a serious and
growing problem. The report confirms the warnings of security professionals that
spyware can impair PC operation and put security and privacy at risk. The FTC
recommends increased prosecution under existing statutes and the use of
technological solutions to protect computers. The report also says that the
business community should define spyware and decide whether adware is a form a
spyware, for fear that legislation will cover beneficial software as well.
http://www.securitypipeline.com/60407427
Vulnerabilities
& Exploits
Title: DNS cache poisoning bugs hits Symantec
shops
Source: The Register
Date Written:
2005-03-08
Date Collected: 2005-03-08
Hackers are exploiting a
security vulnerability in Symantec's enterprise products to redirect victims to
websites hosting malicious code. The SANS Institueís Internet Storm Center
detected the attack on March 4, 2005 and traced the primary source to a
vulnerability in Symantec firewalls with DNS caching, though the attack is not
confined to Symantec firewall users. Symantec has issued a patch for its
Enterprise Firewall and Enterprise Security Gateway products, and users are
advised to update. Under the attack, users attempting to visit domains such as
google,com, ebay.com, and weather.com were redirected to servers hosting
spyware.
http://www.theregister.co.uk/2005/03/08/dns_malware_attack/
Title: Old-School DoS Attack Can Penetrate XP
SP2
Source: EWeek.com
Date Written: 2005-03-08
Date
Collected: 2005-03-08
Security researcher Dejan Levaja has released a
SecurityFocus advisory warning that Windows Server 2003 and XP Service Pack 2
(SP2) are vulnerable to LAND attacks. A LAND attack is a remote
denial-of-service (DoS) attack where a packet is sent to a machine with the
source and destination host/port are identical. Mr. Levaja found that a single
LAND packet could cause Windows Explorer to freeze on all workstations connected
to the server, which can be repeated to execute a DoS attack. Microsoft
confirmed the report, but said such an attack would merely slow down a network
briefly, and could not result in the execution of malicious code. XP SP2 users
running the default Windows Firewall are not affected.
http://www.eweek.com/article2/0,1759,1773958,00.asp?kc=EWRSS03129TX1K0000614
Civil
& Consumer Issues
Title: ISP sues Dutch gov for snooping
costs
Source: The Register
Date Written:
2005-03-08
Date Collected: 2005-03-08
Dutch Internet service
provider XS4ALL is suing the Dutch government for the cost of making its network
accessible to law enforcement. Under Dutch laws, ISPs can claim the
administrative cost of individual wiretaps, but not the cost of equipment
enabling them, and XS4ALL says it has spent Ä500,000 making its network
accessible to police. The company says it wants to set a precedent for who pays
for law enforcement, and it claims ISPs in other European countries are fully
reimbursed for the expense of installing wiretaps.
http://www.theregister.co.uk/2005/03/08/isp_sues_police/
Title: German ISP told to cough up customer's
details
Source: The Register
Date Written:
2005-03-08
Date Collected: 2005-03-08
As a result of a ruling by
the District Court in Stuttgart, German Internet service providers may be forced
to provide customer data to law enforcement agencies without a court order.
Telecommunications company T-Online, the German subsidiary of T- Mobile, was
asked to give police details of an unknown customer suspected of trading
pornography, when all police had was an IP address. When T-Mobile refused,
arguing that a court order was mandatory under the German Telecommunications
Act, the court ruled that there was sufficient reason to believe that the person
using the IP address was responsible for the distribution of pornography. It is
unclear what the ramifications of the ruling will be, as court decisions on the
subject have been mixed.
http://www.theregister.co.uk/2005/03/08/german_isp_ruling/
The Institute for Information Infrastructure Protection (I3P)
accepts
no responsibility for any error or omissions in this e-mail.
The information
presented is a compilation of material from various
sources and has not been
verified by staff of the I3P. Therefore,
the I3P cannot be made responsible
for the factual accuracy of
the material presented. The I3P is not liable
for any loss or
damage arising from or in connection with the information
contained in this report. It is the responsibility of the user to
evaluate the content and usefulness of this information.
References in
this e-mail to any specific commercial products,
processes, or services by
trade name, trademark, manufacturer, or
otherwise, does not constitute or
imply endorsement,
recommendation, or favoring by the I3P. I3P is a
research, not
operational, organization, and makes its Security in the News
e-mail available as a public service on a best-effort basis.
Security in
the News will be sent out on most business days, but
not all.
The
Institute for Information Infrastructure Protection
45 Lyme Road, Suite
300
Hanover, NH 03755
Tel: (603) 646 0700
E-mail: listmanager@thei3p.org
