Internet Security Systems Moves to Parry Drive-by Hackers
Atlanta-based Internet Security Systems Inc. (ISS) has long had this concern about
drive by hackers. That's right -- drive-by hackers.
http://www.internetnews.com/wd-news/article/0,,10_752201,00.html
Consumer Groups Rally to Decry Spam Before Senate Meeting
Several consumer groups who have written Congress to ask the body to quash spam will air an audio conference before the Senate meets Thursday to discuss bills addressing the unsolicited e-mail dilemma.
A letter written by JunkBusters.com President Chief Executive Officer Jason Catlett outlined the concerns of the groups and provided some interesting scenarios of how they would like to see bills currently before the Senate Commerce Committee's Communications Subcommittee, dubbed S. 630 and H.R. 718, altered to create an opt-in policy and a private right of action.
http://www.internetnews.com/IAR/article/0,,2_753191,00.html
Microsoft Sued Over Digital Rights Patent
Long a proponent and activist in the digital rights management and antipiracy
movement, Microsoft finds itself sued by a newcomer to the field.
http://www.winplanet.com/winplanet/newss/3282/1
Microsoft Gives A Virus to its Support Customers
Despite the best possible security precautions, Microsoft was hit by a
virus that contaminated one of its Web servers.
http://winplanet.com/winplanet/newss/3285/1
Microsoft Says IIS 5.0 Web Servers Vulnerable to Attack
The software giant revealed that a serious security flaw exists within
Windows 2000 Server which makes machines running the software
vulnerable to remote attackers.
http://www.internetnews.com/wd-news/article/0,2171,10_756411,00.html
Government Warns of Possible Chinese Hacker Attacks
The National Infrastructure Protection Center warned that Chinese
hackers may escalate defacement and denial-of-service attacks between
April 30 and May 7.
http://www.internetnews.com/wd-news/article/0,2171,10_754261,00.html
Zone Labs Upgrades Security Software
Those who have come to rely on Windows need to rely on security for the ubiquitous
OS as well; Zone Labs hopes to provide it with revamped applications.
http://www.internetnews.com/wd-news/article/0,2171,10_757721,00.html
Pop-up Internet Ads: More Eyeballs -- and More Frowns
New How People Use� study sheds light on do's, don'ts of Web marketing
PRESS RELEASE
Westfield, New Jersey, May 3, 2001: How People Use � the Internet 2001 -- a new report from
Statistical Research, Inc. (SRI) -- shows that pop-up Internet advertisements are 50% more likely to be noticed than banner ads, but also that they are 100% more likely to be considered intrusive.
Nearly half (49%) of active Internet users "agreed strongly" that pop-up ads get noticed (versus 33% for banner ads); but 62% felt strongly that pop-ups interfere with their reading or use of a Web page (compared to 31% for banners).
http://www.statisticalresearch.com/press/pr050301.htm
Worm Turns Sun Against Microsoft
Sun and Microsoft may compete bitterly in the Internet server marketplace, but to eradicate a new and rapidly spreading malicious worm, Sun Solaris and Microsoft IIS administrators will have to cooperate closely, security experts said Tuesday.
http://www.internetnews.com/wd-news/article/0,,10_761061,00.html
Hackers Deface Web Sites; FBI Issues DDoS Warning
Web page defacement attacks by hackers have escalated dramatically in the last 24 hours, with technology news site CNET, Webex and game developer Blizzard.com among those hit this
morning.
http://www.internetnews.com/wd-news/article/0,,10_760451,00.html
Security Expert's Site Knocked Offline By Attack
Victims of distributed denial-of-service attacks are usually reluctant to admit they've been hit, let alone provide specific technical details about the attacks. But Gibson Research Corporation president Steve Gibson said Monday that he intends to turn some weekend lemons into lemonade.
http://www.internetnews.com/wd-news/article/0,,10_760441,00.html
Home Page Virus
Another e-mail virus is taking the industry by storm. This one, called Homepage,
is patterned after the Kournikova worm that hit a few months ago.
The e-mail spreading the worm says that it has a link to a website guaranteed
to become the next Internet craze. The subject line is "Homepage" and the
message is "Hi! You've got to see this page. It's really cool ;o)."
http://www.geek.com/news/geeknews/2001may/gee20010509005794.htm
Password Glitch Exposes DSL Subscribers
Cayman Systems confirmed Wednesday that a potentially serious security vulnerability exists in the DSL equipment it supplies to many leading providers, including SBC Communication's numerous subsidiaries such as Pacific Bell and Southwestern Bell, as well as to Verizon and Nortel Networks.
http://www.internetnews.com/wd-news/article/0,,10_767581,00.html
NIPC Gets Failing Grade in Warning of Hacker Attacks
Congress' investigative arm, the General Accounting Office (GAO), has given the Federal Bureau of Investigation's National Infrastructure Protection Center (NIPC) a failing grade when it comes to issuing warnings about electronic attacks.
http://www.internetnews.com/wd-news/article/0,,10_770951,00.html
Researchers Say DoS Attacks Average 4,000 a Week
[Johannesburg, SOUTH AFRICA] Research conducted by the University of California at San
Diego has revealed that more than 4,000 denial-of-service attacks are launched every week.
By 'listening' to a large segment of the Internet -- known as an A-class network, UCSD researchers were able to discern traces of "scattered responses," typical indicators of DoS attacks. During three weeks of observation the team discerned an average of 4,000 attacks per week -- half of which lasted less than 10 minutes.
Denial-of-service attacks are attempts to overload or crash computers connected to the Internet by targeting them with so much data that they can no longer process legitimate requests. According to UCSD, most DoS attacks go unreported whilst only a small percentage make the media.
http://www.internetnews.com/intl-news/article/0,,6_773341,00.html
24 May 2001 Max Butler Jail Sentence
Max Butler - hacker and former FBI informant - has been sentenced to
18 months in prison for unleashing a worm in military and defense
computer networks three years ago. The worm had a benevolent intent -
it was designed to fix a vulnerability another worm was exploiting -
but it also left a backdoor in infected systems. Other hackers and
crackers have expressed concern that the government's treatment of Mr.
Butler might discourage others from aiding security efforts.
http://www.wired.com/news/politics/0,1283,44007,00.html
23 & 24 May 2001 CERT/CC Hit by DDoS Attack
The Computer Emergency Response Team Coordination Center (CERT/CC) web
site was the victim of a distributed denial of service (DDoS) attack.
The cyber assault lasted about 30 hours, and no data were compromised.
CERT/CC said it would still be able to issue security alerts if
necessary. One computer expert pointed out that the attack highlights
the risks inherent in centralizing computer alert teams.
http://news.cnet.com/news/0-1003-200-6016900.html?tag=prntfr
http://www.computerworld.com/cwi/stories/0,1199,NAV47_STO60799,00.html
http://www.cnn.com/2001/TECH/internet/05/24/computerattack.ap/index.html
25 May 2001 Shopping Cart Software Flaw Exposes Health Site Customer Information
A flaw in PDG shopping cart software exposed the names, addresses, e-
mail addresses and phone numbers of people who obtained free drug and
alcohol addiction pamphlets from Health.org. Although NIPC issued a
warning about the software problem in early April and the software
company has attempted to contact all of its customers, the technical
department director at the company that maintains the site for the
Department of Health and Human Services said he never received a
notice.
http://www.msnbc.com/news/578476.asp?0nm=T219
(Note: Hopefully, consumers are beginning to realize that even if they have end-to-end encryption of their data, it is not sufficient if the ends are not secure. ]
25 May 2001 Cyber Disaster Drills
Computer disaster drills are on the rise due to the increase in cyber
attacks and viruses, the threat of power outages, and the fact that
more and more data are being stored on networks that can be reached
from the Internet. The drills help workers identify security holes,
recognize security problems, and maintain their data recovery skills.
http://www.usatoday.com/life/cyber/tech/2001-05-24-cyberattacks-disaster-drills.htm
25 May 2001 Media Player Patch
Microsoft has issued a fix for two vulnerabilities in Media Player 6.4
and 7. A buffer overrun could allow a cracker to run hostile code on
someone else's machine. Another flaw that saves Internet shortcuts to
a temporary files folder could be exploited, with the help of HTML
code, to allow crackers to read files on the affected machine. Media
Player 6.4 users need to install the patch, while Media Player 7 users
should install Media Player 7.1 to fix the problems.
http://www.zdnet.com/zdnn/stories/news/0,4586,2765352,00.html
25 May 2001 Worm Aims to Combat Child Pornography
The Noped worm searches infected computers for certain image files
names and alerts government agencies if any are found. Noped uses
keyword and phrase identification rather than content analysis, which
could result in a large number of false alerts.
http://www.wired.com/news/technology/0,1282,44112,00.html
(Note: The ends do not justify the means. At the least it is rude, a privacy issue,
and may be criminal to attempt to run your code on another's machine
without their knowledge and consent. There is no motive so noble as
to justify this behavior. And if were allowed where (at what criminal behavior) would
it end? Software piracy, tax evasion ...)
24 May 2001 Trojans are Stealthy, Damaging and Tenacious
Trojan horse programs can be used by malicious hackers to spy on and
stalk people, manipulate data and computers, steal money from bank
accounts, and launch denial of service attacks. Trojans often slip
into a computer while hidden in screensavers, games, e-mail messages
or web pages, and they can be hard to detect and remove. The best
methods may be reverting to a clean back-up or re-installing clean
copies of software.
http://www.wired.com/news/technology/0,1282,43981,00.html
(Note: This is not news. It is included because it offers useful security awareness education material.)
23 May 2001 Social Security Numbers and Identity Theft
Social security numbers can be purchased on line and used to steal
people's identities and fraudulently obtain credit. Legislation has
been introduced which, if passed, would restrict requests for social
security numbers as identifiers and would ban their sale and display
on public documents. One legislator wants the government to issue all
citizens new social security numbers that will be kept secret.
http://www.usatoday.com/life/cyber/tech/2001-05-23-id-theft-solutions.htm
22 & 23 May 2001 GAO Report on NIPC
A General Accounting Office (GAO) report says that the National
Infrastructure Protection Center (NIPC) lacks sufficient staffing and
fails to alert the public to virus threats in a timely manner. The
National Security Council wrote a letter to the GAO suggesting that
NIPC's responsibilities be distributed among several agencies. The
report does say that NIPC has helped cyber crime investigations.
http://www.fcw.com/fcw/articles/2001/0521/web-nipc-05-23-01.asp
http://www.zdnet.com/zdnn/stories/news/0,4586,2763767,00.html
http://www.wired.com/news/politics/0,1283,44019,00.html
22 & 23 May 2001 NSF Information Security Scholarships
The National Science Foundation's (NSF) Scholarship for Service
program will provide two years of tuition assistance and a paid summer
internship to students who agree to work for the government for two
years in information security and assurance positions. The NSF plans
to announce additional grants for faculty instruction development in
these areas.
http://news.cnet.com/news/0-1003-200-6008345.html?tag=prntfr
http://www.wired.com/news/technology/0,1282,44021,00.html
http://www.fcw.com/fcw/articles/2001/0521/web-nsf-05-23-01.asp
21 May 2001 The Security Manager's Journal: Testing Intrusionb Detection Systems
Security manager describes how he tested his network-based intrusion
detection system (IDS). Using a variety of attacks in a closed,
controlled environment, he gradually increased network traffic to find
out at what level the system began dropping packets.
http://www.computerworld.com/cwi/community/story/0,3201,NAV65-663_STO60687,00.html
21 May 2001 Invicta Takes New Approach to Security
A former CIA director and a former KGB agent have released Invicta, a
new security system that continuously changes network IP addresses,
thereby creating "moving targets" for crackers. One insurance company
is so convinced of Invicta's effectiveness that it plans to offer 10%
discounts to companies that use the product.
http://www.msnbc.com/news/576522.asp?0nm=T25B
15 May 2001 Las Vegas Phone Crackers
Some purveyors of adult entertainment and bail bonds in Las Vegas are
convinced their phones are being hacked and their calls diverted to
competing businesses. Testing showed no irregularities, but a
convicted computer criminal says the Las Vegas network has security
holes that could allow such a scheme to work.
http://www.theregister.co.uk/content/6/18950.html
16, 17, & 18 May 2001 Cheese Worm Tries to Repair Lion Damage
The Cheese worm attempts to repair damage caused by the Lion worm.
While the Cheese worm may have good intentions, it nonetheless is an
intrusion, and could easily be tweaked to become malicious.
http://www.theregister.co.uk/content/6/19029.html
http://www.idg.net/go.cgi?id=477634
http://www.zdnet.com/zdnn/stories/news/0,4586,5083014,00.html
http://www.cert.org/incident_notes/IN-2001-05.html
17 May 2001 Site Never Got Shopping Cart Software Flaw Notice
When a serious security vulnerability was found in PDG shopping cart
software last month, the company e-mailed all its customers informing
them of the problem and also issued a fix. A company that bought the
software from a reseller never received the warning, and many of its
customers have experienced the fraudulent charges made to their credit
cards.
http://www.msnbc.com/news/574294.asp?0nm=T21B
(Note: This story raises a fundamental issue that may
ultimately lead to legislation. To what extent must software vendors
be held liable for verifiable notice and correction of critical
security vulnerabilities. Is a software package that puts patients at
risk in a hospital so different from a crib that puts children at risk
in their bedrooms? Why is the software industry allowed to deliver
provably unsafe systems when automobile manufacturers are not allowed
to deliver cars that are unsafe?)
14 May 2001 Testing Security
Sm@rt Partner Technology editor David Raikow maintains that
conscientious testing is the best way to strengthen application and
operating system security. While so-called "hacker challenges" may
provide helpful ancillary tests, they are often little more than
publicity stunts.
http://www.zdnet.com/zdnn/stories/comment/0,5859,2760262,00.html
15 & 16 May 2001 Microsoft Will Sign Safe Harbor Agreement
Microsoft has announced it will sign the US/EU safe harbor agreement
that requires adherence to strict data privacy standards. This is
especially significant because a large number of other US companies
have not signed the agreement.
http://www.wired.com/news/politics/0,1283,43800,00.html
http://news.cnet.com/news/0-1005-200-5930589.html?tag=prntfr
22 May 2001 National Infrastructure Protection Center Criticized
Citing understaffing and lack of support, The US General Accounting
Office told Congress that the NIPC often fails to give timely warning
of attacks. Despite the problems, the GAO said some alerts had been
issued in time to avert damage.
http://www.computerworld.com/cwi/story/0,1199,NAV47_STO60773,00.html.html
http://washingtonpost.com/wp-dyn/business/A61449-2001May22.html
18 May 2001 e-Commerce Security Problems
While the absence of privacy or security policies* should give online
shoppers pause, even sites that do post security policies can have
weaknesses. While data may be encrypted during transfer, sites may
not always store the data as securely. Additionally, third-party
contractors may be vulnerable to data theft. (*Me)
http://www.pcworld.com/features/article/0,aid,49929,00.asp
17 May 2001 Mawanella Worm
The Mawanella worm, which arrives as a .vbs attachment, displays a
political message after propagating itself via Outlook but does not
carry a destructive payload. The message will appear on infected
Windows 9X, NT, and 2000 machines even if they are not running
Outlook.
http://www.computerworld.com/cwi/stories/0,1199,NAV47_STO60640,00.html
http://www.zdnet.com/zdnn/stories/news/0,4586,5083078,00.html
16 & 17 May 2001 Love Bug Variant Tries to Attract Echelon's Attention
The comments in the code of VBS/LoveLet-CL, a variant of the Love Bug
worm, are comprised of a string of terms apparently designed to alert
and overwhelm electronic communication monitoring software systems.
The journalist at The Register points out that the random
conglomeration of words probably would not trigger Echelon's
surveillance methods. The worm also overwrites certain files and can
replicate via Internet Relay Chat (IRC).
http://www.theregister.co.uk/content/6/19004.html
http://www.zdnet.com/zdnn/stories/news/0,4586,5083050,00.html
http://www.infoworld.com/articles/hn/xml/01/05/17/010517hnsophos.xml
16 May 2001 Cracker Path Traced Through German University Computer
The crackers who stole US Navy satellite control software apparently
took control of a German University computer to commit the theft,
according to law enforcement and university officials.
http://63.108.181.201/2001/05/16/eca/0186-0609-Germany-Crime..html
16 May 2001 UK Conservative Party Web Vulnerabilities Exposed
A cracker's scan of the UK Conservative Party web site turned up a
number of vulnerabilities that revealed security patches had not been
applied for more than a year. The information was posted to a Usenet
forum and on the cracker's home page.
http://www.theregister.co.uk/content/6/19000.html
(Note: Bill Arbaugh's informative paper documents how most security
incidents resulted from exploiting known and un-patched security
vulnerabilities. http://www.cs.umd.edu/~waa/vulnerability.html)
15 May 2001 Worm Poses as Virus Warning
The VBS.Hard.A@mm worm arrives in the guise of a virus alert from
Symantec. The worm, launched when users open a .vbs attachment,
changes the default web page to a phony virus information page,
propagates via Outlook, alters registry files, and displays a message
on November 24.
http://www.computerworld.com/cwi/stories/0,1199,NAV47_STO60596,00.html
http://news.cnet.com/news/0-1003-200-5933461.html?tag=prntfr
14 & 15 May 2001 Windows XP Build Downloaded
Due to a leaked tester logon, a small number of people were able to
download an interim build of Windows XP. Microsoft said the site
controls limit the number of downloads from one logon, and the
software can be used only for two weeks before it needs to be renewed
through Microsoft.
http://www.zdnet.com/zdnn/stories/news/0,4586,2760606,00.html?chkpt=zdhpnews01
http://news.cnet.com/news/0-1003-200-5924431.html?tag=prntfr
13 May 2001 Suspension for Hacking Has Tragic Results
A New Jersey teenager, suspended for hacking into his school
district's computer system, committed suicide, apparently believing he
would have gone to jail as punishment for his actions.
http://www.nj.com/news/times/index.ssf?/news/times/05-13-CCQR1VHB.html
11 May 2001 Teen Charged with Hacking Emergency Radio System
A teenager who allegedly hacked into the Denver police emergency radio
system, concocted false emergencies, and interfered with real calls
has been charged with wire tapping, eavesdropping, and telecommunications fraud.
http://www.rockymountainnews.com/drmn/local/article/0,1299,DRMN_15_455095,00.html
10 May 2001 Gateway Customer Information Exposed
A routine request on Gateway's UK site yielded an Excel spreadsheet
containing detailed information about the accounts of 449 customers.
Gateway has evidently disabled the search function that exposed the data.
http://www.theregister.co.uk/content/8/18867.html
11 May 2001 New Types of DDOoS Attacks Uncovered
Three new types of denial of service attacks are described by analysts
who monitored the Internet2 network for six months.
http://www.wired.com/news/technology/0,1282,43697,00.html
8 May 2001 DDoS Attacks Target Real and Phony White House Sites
www.Whitehouse.org, a presidential parody site, was the target of a
presumably misguided distributed denial of service (DDoS) attack. The
real site, www.Whitehouse.gov, was taken off line for a while after
suffering a similar attack. The FBI's National Infrastructure
Protection Center (NIPC) said several sites were attacked using
fragmented large UDP packets (see story below).
http://www.theregister.co.uk/content/8/18808.html
9 May 2001 NIPC DDoS Warning
The FBI's National Infrastructure Protection Center (NIPC) has issued
a warning that attackers are conducting distributed denial of service
(DDoS) attacks by sending large, fragmented User Datagram Protocol
(UDP) packets to port 80. Administrators are advised to check for
such packets at port 80; outbound packets directed at port 80 could
indicate that a machine has been infected with DDoS tools.
http://www.PlanetIT.com/docs/PIT20010509S0002
http://www.nipc.gov/warnings/advisories/2001/01-012.htm
14 May 2001 FBI Security Review
In the wake of the Hanssen spy case, the FBI is conducting a review of
its computer security practices, policies, and procedures.
http://www.fcw.com/fcw/articles/2001/0514/web-secure-05-14-01.asp
14 May 2001 2600's Domain Name Taken
A problem at the domain name registrar Network Solutions left
2600.com's domain registration bill unpaid, allowing the domain name
to be grabbed by someone else.(Note: They used a forged email)
http://it.mycareer.com.au/breaking/2001/05/14/FFXNHJ44PMC.html
http://www.2600.com/news/display.shtml?id=413
11 May 2001 BGP Vulnerability
Cisco has issued a security advisory warning that a security weakness
in the Border Gateway Protocol (BGP) could be exploited to crash
routers. The vulnerability can be exploited only "in configurations
that include both BGP and inbound route filtering on affected software."
http://www.theregister.co.uk/content/8/18885.html
http://www.cisco.com/warp/public/707/ios-bgp-attr-corruption-pub.shtml
11 May 2001 Truce in China-US Hacking
A group of Chinese hackers responsible for a plethora of web site
attacks has released a statement claiming its goal of 1,000 attacked
sites has been met and has declared a truce. Hackers on both sides of
the cyber conflict have defaced numerous sites. There is concern that
the Lion worm, written by the founder of the Chinese hacking group,
has infiltrated systems and could be used to launch attacks at a later
date.
http://www.computerworld.com/cwi/stories/0,1199,NAV47_STO60477,00.html
11 May 2001 Visa Security Measures to Include Passwords
Visa U.S.A Inc. plans to implement "payer authentication applications"
which will require people shopping on-line with Visa cards to provide
passwords. Retailers will install the authentication service on their
servers, and the banks that issue the Visa cards will have to install
a database application for user passwords.
http://www.computerworld.com/cwi/stories/0,1199,NAV47_STO60508,00.html
7 & 10 May 2001 Cyber Attacks on Pentagon: Still No Leads
Cyber intruders have infiltrated pentagon computer systems for more
than three years, leaving backdoors and rerouting traffic through
Russia, writes James Adams, National Security Agency (NSA) advisory
board member, in Foreign Affairs magazine. Despite evidence that the
attacks appear to originate from Russian addresses, Adams claims the
Russian government has been less than accommodating in the investigation.
http://dailynews.yahoo.com/h/nf/20010507/tc/9546_1.html
http://www.washingtonpost.com/wp-dyn/articles/A51965-2001May6.html
http://www.cnn.com/2001/TECH/internet/05/10/3.year.cyberattack.idg/index.html
7 May 2001 Exodus Security Site Breached
Exodus Communications, which hosts the likes of Yahoo.com and
eBay.com, acknowledged that attackers were able to view firewall logs.
The intruders also gained control of two employee computers and
posted several Exodus usernames and passwords in an Internet Relay
Chat (IRC) room.
http://www.msnbc.com/news/569965.asp?0nm=T23E
7 May 2001 Interview With Virus Writer Expert
In an interview, an expert on virus writers discusses their
motivations and ethics. She says that the best way to deter virus
writers is not through legislation, but by making it "uncool" to write
viruses.
http://www.usatoday.com/life/cyber/tech/2001-05-07-virus-tracker.htm
1 May 2001 Internet Information Server (IIS) 5.0 Buffer Overflow Vulnerability
Microsoft warned of a security hole in machines running Windows 2000
with IIS 5.0. By sending the servers carefully crafted strings,
attackers could cause a buffer overflow that would allow them system
administrator level control of the machines. System administrators
can protect their systems by turning off the Internet printing
component. Microsoft has released a patch for the vulnerability, and
is delaying the release of Service Pack 2 until the patch is incorporated.
http://www.msnbc.com/news/567192.asp
http://news.cnet.com/news/0-1003-200-5784437.html?tag=prntfr
http://www.cert.org/advisories/CA-2001-10.html
Microsoft security advisory and patch information
1 May 2001 FBI Data Gathering Methodology in Cracker Case Raises Concerns
Some cyber law experts have expressed concern that the FBI's method
used in gathering incriminating evidence in the case of two Russian
cyber criminals may invite indiscriminate international hacking. The
FBI, unable to gain Russian authorities' cooperation in gathering data
from the servers the crackers used, took it upon themselves to gather,
compress, and download 1.3 GB of data to agency computers without a
search warrant. They obtained a warrant before examining the files.
http://news.cnet.com/news/0-1003-200-5785729.html?tag=prntfr
4 May 2001 White House Site DDoSed
Whitehouse.gov was the victim of a distributed denial-of-service
attack that lasted just over two hours. An Albuquerque-based Internet
service provider (ISP) discovered six of its servers had been planted
with DDoS tools and were sending data to Whitehouse.gov. The attack
was similar to one directed at the CIA earlier in the week.
1 & 2 May 2001 US Government Web Sites Attacked
A number of US government web sites came under attack last week,
possibly by crackers acting on threats to escalate cyber attacks
during the first week of May. Affected sites include the Department
of Transportation's Surface Transportation Board, the US Geological
Survey and the Federal Emergency Management Agency's (FEMA's)
Hurricane Liaison team. Security experts have focused on the fact
that many systems are unsecured.
http://www.usatoday.com/life/cyber/tech/2001-05-02-china-hack-usat.htm
http://www.usatoday.com/life/cyber/tech/2001-05-01-dot-hack.htm
http://www.msnbc.com/news/567402.asp?0nm=T24F
4 May 2001 FBI Documents Detail Carnivore Use
FBI documents obtained under the Freedom of Information Act (FOIA)
show that the agency used Carnivore and a similar, commercially
available network monitoring device called Etherpeek 24 times between
October 1999 and August 2000. The tools were used in cases involving
hacking, extortion, intellectual property, and national security.
http://www.wired.com/news/business/0,1367,43570,00.html
30 April and 3 & 4 May 2001 Chinese Hacking Threat Loses Steam
Despite threats of massive attacks on US computer networks, the
purported cyberwar between China and the US has largely deteriorated
into a rash of site defacements. Some experts have speculated that
the cyber attacks were largely fueled by the media.
http://news.cnet.com/news/0-1003-200-5773288.html?tag=prntfr
http://www.thestandard.com/article/0,1902,24202,00.html
http://www.wired.com/news/politics/0,1283,43520,00.html
3 May 2001 CERT Warns of ISN Vulnerability
The Computer Emergency Response Team (CERT/CC) has issued an advisory
regarding a vulnerability in the way initial sequence numbers (ISNs)
are generated for TCP use. TCP was built for reliability, not
security, and the predictability of ISNs could allow an attacker who
has deduced the correct ISN to access a victim's computer. A CERT/CC
Internet security analyst pointed out that exploiting the
vulnerability would require statistical analysis tools.
http://news.cnet.com/news/0-1003-200-5815298.html?tag=prntfr
This is one more reason to move to IPv6.
2 May 2001 "Hacktivists" are Not Activists
The author of this opinion piece deplores the use of the word
"hacktivism," claiming the activity it describes is usually neither
hacking nor activism. While the perpetrators may not be activists in
the true sense of the word, they do serve to point out the lamentable
condition of Internet security; the author would like to see systems
administrators and software companies taken to task for poor security practices.
http://www.msnbc.com/news/568036.asp?0nm=T23D
1 May 2001 Uncovering a Cracker's Footsteps
A systems administrator describes the process of figuring out how a
cracker broke into a Linux box and what the cracker did there. The
author also offers some advice on securing servers: keep current with
patches, turn off unnecessary services, download and install
portsentry, and familiarize yourself with security resources.
http://www2.linuxjournal.com/articles/culture/0022.html
1 May 2001 W32/Hello Worm Spreads Via MSN Messenger
The Hello worm arrives as an executable file via MSN Messenger; if
activated, it sends itself on to the infected machine's MSN e-mail
contact list. The worm is unlikely to cause significant damage
because users must deliberately download and execute the file to
become infected. While Hello appears to be largely a proof of concept
worm, future variants could prove more harmful.
http://www.zdnet.com/zdnn/stories/news/0,4586,5082130,00.html
Advice for securing instant messaging services. (25 April 2001)
http://www.zdnet.com/zdnn/stories/news/0,4586,2711950,00.html
30 April 2001 Group to Release Filter-Foiling Tool
A hacker group plans to introduce a peer-to-peer censorship-thwarting tool at this year's Defcon in July. "Peekabooty" will be distributed between systems, and will allow people in countries that restrict Internet content to receive controversial web pages in a compacted,
encrypted form that will not be filtered out.
http://www.zdnet.co.uk/news/2001/17/ns-22536.html
30 April 2001 Biometrics and Privacy
The Pentagon is considering using biometric technology for physical
facility and information network security. Some employees are
concerned that the stored biometric templates (constructed from the
initial scan of the person's fingerprint, iris, or face) could invade
their privacy. The director of the Pentagon's Biometrics Management
Office, suggested that the templates may be protected under section 6
of the Freedom of Information Act (FOIA) which prohibits agencies from
disclosing personal information that could be deemed an invasion of
privacy.
http://www.fcw.com/fcw/articles/2001/0430/pol-bio-04-30-01.asp
An explanation of how biometrics works
26 & 27 April 2001 NIPC Warns of Potential for Increased Cyber Attacks
The National Infrastructure Protection Center (NIPC) warned US
businesses to prepare to defend against increased cyber attacks from
China during the first week of May which encompasses May Day, Youth
Day, and the anniversary of the accidental NATO bombing of the Chinese
embassy in Belgrade.
http://www.zdnet.com/zdnn/stories/news/0,4586,2712904,00.html
http://www.cnn.com/2001/TECH/internet/04/26/hacker.warning/index.html
http://www.computerworld.com/cwi/stories/0,1199,NAV47_STO60022,00.html
27 April 2001 Cyber Vigilantism May be on the Rise
A panel of security experts at the Infosecurity show warned that
companies' reluctance to call in law enforcement to deal with
cybercrime could lead to cyber vigilantism. One survey suggests that
70% of companies that have been victims of cyber attacks would employ
counter measures. The debate emphasized the need for firms to get
their security infrastructure robust enough to frustrate attackers in
the first place. Businesses that "take matters into their own hands"
run the risk of breaking laws and of striking back at the wrong target.
http://www.theregister.co.uk/content/8/18553.html
27 April 2001 Wireless (In)Security
Many wireless networks are apparently running no security, allowing
anyone with relatively inexpensive equipment to drive by and check out
network activity. Malicious eavesdroppers could steal passwords,
access servers, commandeer web sites or shut down networks altogether.
Virtual Private Network (VPN) software can secure wireless networks.
http://www.msnbc.com/news/565275.asp?0nm=T18L
26 April 2001 SDMI Researchers Won't Present Paper
Bowing to legal threats from the Recording Industry Association of
America (RIAA) and two other groups, the team of researchers who
cracked a watermarking content protection system will not present a
paper detailing their methods.
http://www.wired.com/news/politics/0,1283,43353,00.html
27 April 2001 IBM Plans Intelligent Computer
IBM plans to build a computer that will never go down; Project eLiza
aims to create a computer that can correct system failures without the
help of technicians. The new system may also be able to help
automatically fend off hackers.
http://www.cnn.com/2001/TECH/ptech/04/30/project.eliza.idg/index.html
24 & 27 April 2001 Software Guards Against Mass E-Mailing Viruses
The Defence Evaluation and Research Agency (DERA), an agency of the
UK's Ministry of Defence (MoD), has developed behavior blocker
software called "::Mail" that alerts users when a virus is trying to
send out mass e-mailings and requires authorization before it
completes the task. Experts note that turning off Visual Basic
Scripting (VBS) would prevent many viruses from spreading. Critics
say that the software won't stop the newest batch of viruses, and that
users find the technique, which has been used before, to be a nuisance.
http://news.bbc.co.uk/hi/english/sci/tech/newsid_1294000/1294473.stm
http://www.zdnet.com/zdnn/stories/news/0,4586,2711638,00.html
http://www.theregister.co.uk/content/8/18580.html
Note: You can get much more convenient protection from the "Just be
friends" tool http://www.cigital.com/jbf/ (Win2000/NT only)
24 & 25 April 2001 Global Internet Fraud Web Site
Thirteen countries, including the United States, the UK, Canada,
Mexico, and Sweden have consolidated their on-line consumer fraud
efforts in econsumer.gov. The web site will provide information about
consumer protection as well as a means for consumers to file
complaints to appropriate government officials in the country where
the offending business is located. The Federal Trade Commission will
maintain and control the site.
http://news.cnet.com/news/0-1007-200-5715293.html?tag=prntfr
http://www.infoworld.com/articles/hn/xml/01/04/25/010425hnborder.xml
23 April 2001 NIST Security Grants
The National Institute of Standards and Technology (NIST) has $5
million to offer in grants to companies doing research and development
in areas of security that will help protect the nation's critical
infrastructure information systems. Proposals are due to NIST by June
15, 2001.
http://www.fcw.com/fcw/articles/2001/0423/news-nist-04-23-01.asp
http://csrc.nist.gov/grants/
23 April 2001 GAO Report Suggests Citizens' Privacy is at Risk from Data Sharing
A General Accounting Office (GAO) report says that information sharing
between agencies could threaten citizens' privacy as linking data sets
creates dossiers of information about private citizens, which could
easily be abused. The GAO offered several solutions, including
getting signed consent forms before joining citizens' data.
http://www.computeruser.com/news/01/04/23/news3.html
20 April 2001 BT Web Site Security Glitch
The British Telecommunications plc (BT) web site was taken down for
about two hours after the company became aware of a security problem
that allowed customers to see others' bills. One security analyst
said that anyone who had registered for the bill-viewing feature could
access others' bills if the appropriate customer reference numbers
were available, and that BT's system does not include proper authentication.
http://www.theregister.co.uk/content/8/18418.html
19 April 2001 Cyber Sabotage Verdict Set Aside
The government is fighting to have a guilty verdict reinstated against
a man prosecuted for computer sabotage. Tim Lloyd was found guilty of
planting a malicious software program in a file server at the company
where he worked; the program wreaked havoc, causing millions of
dollars in loses and many layoffs. The judge set aside the decision
after a juror said a TV news story might have affected her decision.
Mr. Lloyd maintains his innocence.
http://www.nwfusion.com/news/2001/0419sabotage.html
