Virus.Org  IT Security News and Information Portal. We offer the latest IT security news, updates, product reviews, books, and articles for all you IT security professionals out there. Enter and get the best IT security information on the Internet.


. Welcome to the Virus.Org Mailing List Archive  

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[INFOCON] Security In The News - August 25, 2003

  • Subject: [INFOCON] Security In The News - August 25, 2003
  • From: dailyreport at ([EMAIL PROTECTED])
  • Date: Mon Aug 25 22:20:33 2003
Security In The News


 This report is also available on the Internet at

Cybersecurity agency to improve patching:
     Federal Computer Week8/22/03

Blackout Tests Contingencies:
	Also - EWeek.com8/25/03

	Also - vnunet.com8/22/03

Paradoxes of CyberWar & Terror:
     OSAC Cybernews8/25/03

Hi-tech crime a 'significant' threat, warn police:
     The Register8/21/03

Marketers, FBI unite to curb spam:
     ZDNet News8/22/03

Man Pleads Guilty to Web Music Bootlegging:
     Los Angeles Times8/22/03

Computer expert faces sex charges:
     Pittsburgh Tribune-Review8/23/03

ESR Confirms DoS Attack; Hacker to End Attack:
     Linux Today8/25/03

Minister defends Japanese "Big Brother" identity database as hackerproof:
     Yahoo! News8/24/03

RIAA Target Appeals for Anonymity:
     Wired News8/22/03
	Also - C-Net News8/21/03

Dreaded Internet attack fizzles:
     CNN (Reuters)8/25/03
	Also - Washington Post8/23/03

	Also - Computerworld8/22/03

	Also - C-Net (Reuters)8/22/03

	Also - ZDNet News8/25/03

How to Fix the Electrical Grid:
     Business Week8/22/03
	Also - Computerworld8/25/03

	Also - NY Times8/25/03

Handhelds the next virus target?:
     Info World8/25/03

Calif. Recall Susceptible To Hackers: (AP)8/25/03

KU Med Center admits Internet security breach:
     The Wichita Eagle8/24/03

Microsoft Windows: Insecure by Design:
     Washington Post8/24/03
	Also - MacWorld8/21/03

Flash memory devices raise security flags:
     C-Net News8/22/03

BlackBerry Reveals Bank's Secrets:
     Wired News8/25/03

Cyberterrorism-Infrastructure Protection

   Title: Cybersecurity agency to improve patching
   Source:   Federal Computer Week
   Date Written:  August 22, 2003
   Date Collected: August 25, 2003
Last week's flurry of new computer worms has again highlighted the need for timely and comprehensive patching of security vulnerabilities. To address this need, the Federal Computer Incident Response Center (FedCIRC), housed in the Homeland Security Department's National Cyber Security Division, plans to improve the 'Patch Authentication and Dissemination Capability' patch management system for government agencies. More than 40 agencies have so far signed up for the system, which distributes new security fixes, but not all agencies are actually using the service. One of the main problems that FedCIRC must address is a current shortage of licenses for the patch dissemination service.

   Title: Blackout Tests Contingencies
   Source:   Computerworld
   Date Written:  August 25, 2003
   Date Collected: August 25, 2003
Disaster recovery and business continuity measures implemented by companies after the September 11 terrorist attacks paid off during the massive power outages in the Northeastern US and Canada on August 14, 2003, according to analysts. Most organizations had put in place data recovery and business continuity plans that allowed for the relatively smooth running of operations despite the blackout. Some minor problems connected to the power outages did occur, leading firms to place greater attention, once more, on planning and response to major events, including the possibility of further acts of terrorism.,10801,84323,00.html?SKC=security-84323
	Also -,3959,1229031,00.asp

	Also -

   Title: Paradoxes of CyberWar & Terror
   Source:   OSAC Cybernews
   Date Written:  August 25, 2003
   Date Collected: August 25, 2003
The author wonders why, if the Internet and its constituent users are so vulnerable to cyber attacks as demonstrated last week by the Sobig and Blaster worms, doesn't al Qaeda launch devastating cyber strikes against communications nodes or critical infrastructure systems. According to the author, al Qaeda relies too heavily on the Internet to communicate securely, spread propaganda and recruit new members to cause the system to fail. Moreover, using bombs or weapons of mass destruction is more spectacular than cyber attacks and would, in all likelihood, result in more casualties, making them more appealing to terrorists.


   Title: Hi-tech crime a 'significant' threat, warn police
   Source:   The Register
   Date Written:  August 21, 2003
   Date Collected: August 25, 2003
A UK Threat Assessment report by Britain's National Criminal Intelligence Service (NCIS), published on August 21, 2003, identifies hi-tech crime as one of the threats to the UK from serious and organized criminals. According to the report, a declassified version of which was released to the public, the threat of high-tech crime, such as online fraud or extortion, is rising due to criminals' growing technical competence. In addition, organized crime groups may be willing to hire technologically skilled individuals to help them perpetrate technology crimes, including hacking. However, the NCIS report admits that "it is unclear what proportion of hi-tech crime is attributable to serious and organised criminals, as distinct from individual criminals or mere thrill-seekers."

   Title: Marketers, FBI unite to curb spam
   Source:   ZDNet News
   Date Written:  August 22, 2003
   Date Collected: August 25, 2003
On August 22, 2003, the Direct Marketing Association (DMA) announced that it will launch Operation Slam Spam - a campaign to help law enforcement crack down on fraudulent spammers - in September or October 2003. As part of the initiative, the DMA, which represents about 47,000 direct marketers, will cooperate with the FBI's National White Collar Crime Center to identify and prosecute spammers. The move is viewed as an attempt to preempt proposed tough new anti-spam legislation that will be taken up by Congress after the summer break. The DMA argues that legitimate e-mail marketing is useful and leads to billions of dollars worth of sales per year. The group will presumably use some kind of technology to identify spammers.

   Title: Man Pleads Guilty to Web Music Bootlegging
   Source:   Los Angeles Times
   Date Written:  August 22, 2003
   Date Collected: August 25, 2003
On August 21, 2003, Mark Shumaker, 21, the leader of a group of Internet music bootleggers, the Apocalypse Production Crew, pleaded guilty to violating copyright laws, marking the first federal criminal prosecution of someone who specialized in online music piracy. Mr. Shumaker faces a maximum of five years in prison and a $250,000 fine. He is scheduled to be sentenced on November 7, 2003 in the Eastern District of Virginia. So far, the Justice department's efforts against online piracy have focused on 'warez' groups that distribute pirated software through chat rooms and other online avenues. The Apocalypse Production Crew allegedly collected pre-release CDs from reviewers and radio disc jockeys, converted them into MP3 files and distributed them online. Recording industry executives blame online file sharing more than warez groups for the prolonged slump in CD sales. Record companies are pressuring the Justice Department to prosecute people sharing music, and the Recording!
 Industry Association of America (RIAA) is bringing civil suits against hundreds of file sharers.,1,4168919.story

   Title: Computer expert faces sex charges
   Source:   Pittsburgh Tribune-Review
   Date Written:  August 23, 2003
   Date Collected: August 25, 2003
Carnegie Mellon University computer security expert, Ian A. Finlay, is accused of using the Internet to arrange a sexual rendezvous with someone he believed to be a 15-year-old girl named 'Kelly' who was really Greensburg, PA, policeman Robert Jones posing as a child to catch sexual predators. Mr. Finlay, 26, an Internet system security analyst for the Computer Emergency Response Team (CERT) Coordination Center, was arraigned on ten counts of unlawful contact with a minor and single counts of attempted involuntary deviate sexual intercourse and attempted statutory sexual assault. Mr. Finlay is accused of spending the past six weeks sending sexually explicit e-mails to Kelly, telling her he wanted to have sex with her and arranging a meeting that was to take place at a fast food restaurant. When Mr. Finlay arrived for the rendezvous, he was taken into custody. He was arraigned before District Justice Mark Mansour and jailed in lieu of $150,000 to await a preliminary hearing.

   Title: ESR Confirms DoS Attack; Hacker to End Attack
   Source:   Linux Today
   Date Written:  August 25, 2003
   Date Collected: August 25, 2003
On August 25, 2003, Eric S. Raymond, president of the Open Source Initiative, wrote that he had received confirmation that there was a denial of service (DoS) attack on SCO/Caldera's network, by an experienced Internet engineer from the open source community. The person responsible has agreed to terminate the attack in response to Mr. Raymond's earlier request, but it will not actually end until the timers on his bots run out. Mr. Raymond said that he was told enough about the attacker's background and methods to be sure that he was from the open source community. Mr. Raymond said that he was ashamed for the entire community. He asks the open source community to never make this mistake again, and to not spread the rumor that Microsoft is controlling SCO. SCO is suing the open source community for copyright violations for purportedly using some of its code.


   Title: Minister defends Japanese "Big Brother" identity database as hackerproof
   Source:   Yahoo! News
   Date Written:  August 24, 2003
   Date Collected: August 25, 2003
On August 24, 2003, Toranosuke Katayama, Japan's home affairs minister, said on a talk show that he supports a local authority's plans to try to penetrate the country's new basic resident registry network, which "contains names, birth dates, gender and address and enables local authorities to identify people online across the country." The nationwide computerized system was launched in 2002, but its service will be expanded on August 25, 2003, leading to fears that personal information may become vulnerable to hackers.

   Title: RIAA Target Appeals for Anonymity
   Source:   Wired News
   Date Written:  August 22, 2003
   Date Collected: August 25, 2003
Lawyers representing a woman calling herself 'Jane Doe' filed a motion that ultimately seeks to retain her anonymity in the ongoing legal battle over Internet music piracy. Lawyers filed the motion, the first of its kind, in federal court on behalf of a Verizon customer who was asserting her privacy and constitutional rights. They said the woman was accused of offering songs for free downloading through an Internet file-sharing network. In recent months, the Recording Industry Association of America (RIAA) has issued more than 1,000 subpoenas to Internet service providers demanding the names and addresses of people who share copyrighted music online. A report, released on August 21, 2003, said online file swapping dropped in May 2003, shortly after the RIAA publicly announced that it would prosecute individual file swappers. The number of households acquiring music fell from a high of 14.5 million in April to 12.7 million in May and 10.4 million in June.,1367,60149,00.html
	Also -


   Title: Dreaded Internet attack fizzles
   Source:   CNN (Reuters)
   Date Written:  August 25, 2003
   Date Collected: August 25, 2003
The spread of the Sobig.F e-mail virus slowed significantly on August 24, 2003 and a second planned cyber attack scheduled for that day failed to materialize due to defensive measures. The unidentified author of the virus had installed attack code on 20 poorly-protected machines on the Internet, mainly in the US and Canada. These servers were supposed to provide directions to the hundreds of thousands of infected machines on the web, but security experts were able to identify and deactivate most of the 'trigger' computers. According to anti-virus software maker Trend Micro, the number of infected computers worldwide fell from 145,264 to 98,205 from August 23 to August 24. Sobig.F is thought to have been released on August 18, 2003 on an adult Usenet news group from an account at The FBI and the Department of Homeland Security are investigating the virus outbreak. Sobig.F is the latest variant of the Sobig virus, which was first discovered in January 2003, and i!
s scheduled to expire on September 10, 2003. New variants are likely to follow after that. Some security experts believe that Sobig.F may be linked to organized crime or terrorist groups.
	Also -

	Also -,10801,84293,00.html

	Also -

	Also -


   Title: How to Fix the Electrical Grid
   Source:   Business Week
   Date Written:  August 22, 2003
   Date Collected: August 25, 2003
As the massive blackout on August 14, 2003 in the Northeastern Unites States and Canada clearly showed, the power system is vulnerable to disruptions because supply and demand constantly need to be kept in a delicate balance. Since the power outages, experts have suggested the introduction of mandatory national standards, to be enforced by the North American Electric Reliability Council (NERC), to help alleviate the problem. Technology, such as faster digital switches, real-time modeling and simulation systems, or computer systems to better monitor and control the flow of energy, would also help minimize the risk of future outages and improve operators' ability to respond to events.
	Also -,10801,84322,00.html?SKC=security-84322

	Also -

   Title: Handhelds the next virus target?
   Source:   Info World
   Date Written:  August 25, 2003
   Date Collected: August 25, 2003
This week, Symantec will present Symantec AntiVirus for Handhelds, mobile device-residing software designed to detect malicious code for the Palm and Pocket PC platforms. The product is offered in two forms: the Corporate Edition and Corporate Edition with Event and Configuration Management. Symantec is also introducing a client-based Annual Service Edition of Symantec Anti-Virus for Handhelds. Despite little evidence that viruses severely affect handheld devices, security vendors want to ensure on-demand anti-virus infrastructure protection if an outbreak occurs. The new Symantec product features scans to protect the devices after desktop synchronization or when e-mail attachments are received and files are downloaded. In addition, the new anti-virus tool introduces LiveUpdate Wireless, which allows users with a wireless Internet connection to download device-specific virus definitions and Symantec updates to the handheld device over the web.


   Title: Calif. Recall Susceptible To Hackers
   Source: (AP)
   Date Written:  August 25, 2003
   Date Collected: August 25, 2003
As election officials in California prepare for an October 7, 2003 gubernatorial recall vote, computer scientists say inferior balloting software could expose the election to fraud. They are concerned about the accidental deletion or malicious falsification of ballots from the 1.42 million Californians voting electronically (which is 9.3% of the state's registered voters.) Software experts also warn that, if any candidate contests the election, a recount would be impossible because four counties, including two of the largest, don't provide paper backups. In July, a team from Johns Hopkins and Rice universities issued a report criticizing the 33,000 machines in use nationally that are made by Diebold Election Systems. Diebold produced a 27-page rebuttal, accusing researchers of a "multitude of false conclusions". Dozens of elections officials have vouched for the security of Diebold systems.

   Title: KU Med Center admits Internet security breach
   Source:   The Wichita Eagle
   Date Written:  August 24, 2003
   Date Collected: August 25, 2003
In testimony to a legislative committee on August 22, 2003, James Bingham, chief information officer at KU Medical Center, admitted that the names and Social Security numbers of 920 nursing and allied health students at the center were posted on the Internet for one week in April 2003. However, it appears that none of the affected students have had any problems with identity theft since the security breach.

   Title: Microsoft Windows: Insecure by Design
   Source:   Washington Post
   Date Written:  August 24, 2003
   Date Collected: August 25, 2003
The article claims that malware like the recent Blaster and Sobig viruses are more successful on Microsoft Windows systems than on machines running Mac or Linux operating systems because Windows is less secure by design. The author argues that even Windows XP (Home Edition) still ships with five unnecessary ports open, while Mac OS X has no ports open to the Internet by default. Further, while Windows XP includes basic firewall software, it is turned off by default and is relatively difficult to set up. On Red Hat Linux systems, the firewall is turned on from the outset. Moreover, Windows XP automatically provides unrestricted 'administrator' access to a computer, while Mac OS X and Linux allow users to execute a wide range of tasks, but require an additional password for critical system tasks.
	Also -

   Title: Flash memory devices raise security flags
   Source:   C-Net News
   Date Written:  August 22, 2003
   Date Collected: August 25, 2003
Media cards and flash memory storage devices that store data and can be used as removable hard drives for PCs by plugging them directly into a USB port could be a serious security risk, experts said this week. Administrators have no control over the information that is transferred between one of these devices and a corporate network, unlike e-mail and other network traffic. This is dangerous because the devices could be used to copy sensitive corporate data or release malicious files inside a company's firewall. Graham Titterington, a principal analyst at Ovum, warns that smaller companies are more at risk than larger enterprises since the device could allow somebody to steal a small business's entire customer database. Next week, SecureWave will launch an updated version of its SecureEXE software, which is designed to restrict people from copying prohibited files to and from removable storage devices. Mr. Titterington believes enterprises could solve the problem by simply s!
trengthening their permissions policy.

   Title: BlackBerry Reveals Bank's Secrets
   Source:   Wired News
   Date Written:  August 25, 2003
   Date Collected: August 25, 2003
A Seattle computer consultant was able to buy a BlackBerry from eBay for $16.00 that accidentally contained 200 internal company e-mails from Morgan Stanley and a database of 1,000 names, job titles (from vice presidents to managing directors), e-mail addresses and phone numbers (some of them home numbers) for Morgan Stanley executives worldwide. The seller was a former vice president (VP) of mergers and acquisitions who had left the company months earlier. The incident serves as a cautionary tale about the ways companies fail to manage sensitive data and also shows how employees who are entrusted with confidential information are often insufficiently trained about the technologies they use. The VP who sold the BlackBerry said he removed the battery months ago, and assumed that everything had been erased. But Morgan Stanley reported he violated a contract he signed promising to destroy or return any proprietary information. The VP acknowledged he signed papers, but the Black!
Berry supposedly didn't belong to the firm.,1367,60052,00.html

To change your delivery preferences please go to:

To unsubscribe from this service please go to:

The Institute for Security Technology Studies (ISTS) accepts no responsibility for any error or
omissions in this e-mail. The information presented is a compilation of material from various
sources and has not been verified by staff of the ISTS. Therefore, the ISTS cannot be made
responsible for the factual accuracy of the material presented. The ISTS is not liable for any loss
or damage arising from or in connection with the information contained in this report. It is the
responsibility of the user to evaluate the content and usefulness of this information. References in
this e-mail to any specific commercial products, processes, or services by trade name, trademark,
manufacturer, or otherwise, does not constitute or imply endorsement, recommendation, or favoring by
the ISTS. ISTS is a research, not operational, organization, and makes its Security in the News
e-mail available as a public service on a best-effort basis. Security in the News will be sent out
on most business days, but not all.

Institute for Security Technology Studies
Dartmouth College
45 Lyme Road, Suite 200
Hanover, NH 03755
Tel: (603) 646 0700

Copyright (c) Virus.Org 1997-2006.
All Trademarks Acknowledged.
Please view our Terms and Conditions and our Privacy Policy.