June 17, 2002 Hackers cripple US news sites DoS attacks take out Foxnews and ABCNEWS Foxnews.com, theweatherchannel.com, espn.com and ABCNEWS.com have suffered denial of service attacks which disrupted services to hundreds of thousands of internet users. The attacks began on Thursday and caused intermittent outages and slowdowns on the sites before normal service was restored on Friday night. http://www.vnunet.com/News/1132665 - - - - - - - - Aust Federal Court slams PlayStation piracy ring The Federal Court of Australia has ordered a group of backyard PlayStation game pirates to pay Sony Computer Entertainment Australia AU$208,000 bringing over a year of litigation to an end. The order was handed down by Justice Lindgren after the court completed its account of profit assessment late last week. Lindgren found that Barry Jakopcevic, who ran the piracy operation from his home in the Melbourne suburb of Cranbourne, had infringed Sony Computer Entertainment (SCE) Australia's copyrights last year. http://www.zdnet.com.au/newstech/security/story/0,2000024985,20266009,00.htm - - - - - - - - Beijing closes unlicensed Internet cafes after fire Beijing officials have closed the city's 2,400 Internet cafes after a fire at an unlicensed cafe killed 24 people, a move that could temporarily keep millions off the Internet. While a city official in the Chinese capital said Monday that the move was motivated strictly by safety concerns following Sunday's fire, the closures coincide with a crackdown on Internet cafes nationwide meant to tighten Chinese government control of Web use. http://www.nandotimes.com/technology/story/437081p-3499358c.html http://www.wired.com/news/politics/0,1283,53232,00.html http://www.cnn.com/2002/WORLD/asiapcf/east/06/16/beijing.fire/index.html http://www.siliconvalley.com/mld/siliconvalley/news/editorial/3486948.htm http://news.zdnet.co.uk/story/0,,t269-s2111915,00.html http://news.com.com/2100-1023-936773.html http://www.theregister.co.uk/content/6/25747.html - - - - - - - - White House cyber czar maps out intelligence and security strategy In announcing the presidents proposal for a new Department of Homeland Security last week, Bush administration officials said protecting information networks from electronic attacks and conducting more thorough analyses of intelligence were among its top priorities. Under the new department, both of these functions would be housed in the same division, covering information analysis and infrastructure protection. http://www.govexec.com/dailyfed/0602/061702h1.htm - - - - - - - - Colleges Are Defending Against Computer Hacker Attacks One incident that set off alarms at many schools was an attack at Georgia Tech, where hackers broke into the network and dumped 350 GB of information, including sensitive credit data. Colleges and universities continue to be prime targets for hackers because they have vast computer networks and a reputation, at least, for being easier pickings than corporate systems. And with the number of overall attacks growing every year, schools in Minnesota and across the nation have had to work harder to thwart the intruders. http://www.newsfactor.com/perl/story/18250.html - - - - - - - - Threat of cyberterror ignored Valley companies not serious about high-tech security. This past week's headlines about the arrest of a man suspected of plotting to attack the United States with a "dirty" radioactive bomb reinforces the point that terrorist attacks can take many forms. Attacks on computer networks are one such form. But businesses, while aware of the risk, are slow to pay money or attention to cyber-security, a new report shows. (Business Journal article, free registration required) http://www.bizjournals.com/sanjose/stories/2002/06/17/story4.html - - - - - - - - Companies doing little to protect against cyber risks Companies that are doing business on the Internet aren't taking enough precautions to protect themselves against risks such as a virus invading a company's computers or hackers causing damage or stealing customer and other confidential data. A survey conducted for insurance company The St. Paul Cos. in St. Paul found that risk managers at companies are usually much less aware of outside threats than information technology managers. (Business Journal article, free registration required) http://twincities.bizjournals.com/twincities/stories/2002/06/10/daily28.html - - - - - - - - Hackers, porn, pirates add to ISP woes Software piracy monitors at the Business Software Alliance asked Finnish Internet service provider Jippii Group last November to remove a customer's Web site that allegedly helped others to scam bootlegged software. Jippii repeatedly denied BSA requests to take down the site, maintaining it would protect its customer until the anti-piracy group could conclusively prove that the site was distributing serial numbers required to crack popular business software programs. http://www.usatoday.com/life/cyber/tech/2002/06/17/isp-woes.htm http://www.siliconvalley.com/mld/siliconvalley/news/editorial/3487654.htm - - - - - - - - EarthLink's Passwords Are Naked Passwords are Internet users' best defense against online-identity theft. So why is EarthLink exposing customer passwords to tech support staffers? In a break from industry practice, EarthLink, the nation's fourth-largest Internet service, is allowing its support employees to have full access to the passwords of its 4.9 million subscribers. http://www.wired.com/news/privacy/0,1848,53208,00.html - - - - - - - - Europe data laws to cover media player 'spyware' Over the past few days it has been reported in various places that the European Union is extending its privacy investigations to include music players, meaning that Microsoft is in the frame again, this time alongside Real. The reports, however, are not strictly true (we accept that headline-hungry sub- editors will have had something to do with them). The EU is indeed looking at media players, but it is doing so as part of a far wider-ranging effort to nail down privacy protection policy and its implementation. http://www.theregister.co.uk/content/4/25757.html http://news.bbc.co.uk/hi/english/sci/tech/newsid_2049000/2049593.stm - - - - - - - - Copy-protected CDs: Technically flawed? The five major record companies have been hit with a class-action lawsuit charging that new CDs designed to thwart Napster-style piracy are defective and should either be barred from sale or carry warning labels. The suit was brought this week in Los Angeles Superior Court by class-action specialists at the law firm Milberg, Weiss, Bershad, Hynes & Lerach on behalf of two Southern California consumers. http://zdnet.com.com/2100-1105-936607.html http://news.zdnet.co.uk/story/0,,t269-s2111918,00.html - - - - - - - - FedCIRC will work with universitys CERT The Federal Computer Incident Response Center is putting together a pilot to stop hacker attacks on agency Web sites. FedCIRC, a General Services Administration unit that is to be part of the proposed Homeland Security Department, is joining with Carnegie Mellon Universitys CERT Coordination Center to collect and analyze data from sensors in agency firewalls and intrusion detection systems. . http://www.gcn.com/vol1_no1/daily-updates/19008-1.html - - - - - - - - Agencies to unveil e-signature prototype The federal government is embarking on an initiative that could be the linchpin for revolutionizing government services and boosting the use of advanced Internet commerce. The Office of Management and Budget, the General Services Administration and other agencies this week will be discussing a prototype of an electronic gateway for delivering federal services to businesses, consumers and other government entities utilizing electronic signatures and identification. http://www.govexec.com/dailyfed/0602/061702td1.htm - - - - - - - - Louder calls to sue the software makers Microsoft, a company known for its popular software and its very deep pockets--but also glitches in some products--is a liability lawyer's dream: the big game target that always gets away. For decades, software makers have been protected from lawsuits as U.S. courts have struggled with the task of defining something as abstract and fast- changing as computer code. http://zdnet.com.com/2100-1104-936619.html Iowa lets consumers sue Microsoft http://zdnet.com.com/2100-1104-936621.html - - - - - - - - Security Threat Or False Alarm? Improper programming around a little-known but ubiquitous communication protocol used in networking gear, Abstract Syntax Notation One, or ASN.1, has the government, networking manufacturers, security researchers, and IT executives worried that networks--including key parts of the Internet, phone systems, and the electrical power grid--may be vulnerable to disruptive buffer overflow and malformed packet attacks. http://www.informationweek.com/story/IWK20020614S0019 - - - - - - - - Bank software combats money laundering Wells Fargo will announce Monday that it plans to launch new software to combat money laundering. The software, from enterprise software company Searchspace, uses artificial intelligence to weed out any activity deemed suspicious. Wells Fargo plans to have the software up and running by the end of the year. http://zdnet.com.com/2100-1106-936637.html - - - - - - - - Hottest Hardware for Wi-Fi Security "If you're an enterprise, you're going to be locked into the wireless cards and the access points of one vendor," Gartner analyst Bill Clark told Wireless NewsFactor. Because security concerns are darkening the early days of Wi-Fi adoption, a number of technology companies are marketing hardware offerings to calm user fears. http://www.newsfactor.com/perl/story/18241.html New IBM Device To Monitor Wi-Fi Security http://www.newsfactor.com/perl/story/18248.html Microsoft boosts Wi-Fi security http://news.com.com/2100-1033-936822.html - - - - - - - - State issues ID card plan As they forge ahead with a smart card program, State Department officials have learned that changing indentification cards means more than printing new badges. "This is a department wide project and not bureau-centric," said Lolie Kull, access control smart card implementation program manager for the department's Bureau of Diplomatic Security. "It's very hard to get that message out." http://www.fcw.com/fcw/articles/2002/0617/mgt-state-06-17-02.asp - - - - - - - - Funny money prevention may add color to dollar When you look at your greenbacks in the future, you might see red. Or blue, or any number of colors as the nation's money makers mull another makeover to thwart high-tech counterfeiters. Perhaps a spot on the paper bills might even look 3-D. Those are some of the ideas being floated as the government works on designing new bills that will be harder to knock off. It is a continuing challenge in a world where large quantities of counterfeit notes can be produced easily and quickly using increasingly sophisticated computer technology. http://www.usatoday.com/life/cyber/tech/2002/06/17/funny-money.htm - - - - - - - - O Charney, Where Art Thou? Microsoft desperately needed a reformer as security chief. Instead, it looks like it got a talking head. Well, it's been 10 weeks now, so I thought it would be a good time to review all the new security strategies and tactics that Scott Charney, Microsoft's Chief Security Strategist, has been hard at work laying out. Kind of reads like "Clinton's Accomplishments While Wearing Pants." Okay -- so maybe that is not entirely fair. After all, it has only been two months. What can we really expect? http://online.securityfocus.com/columnists/88 - - - - - - - - Old code creates new cracks It really shouldn't surprise anyone that Microsoft is turning off some legacy code in its Internet Explorer (IE) browser. After it was discovered that the Gopher protocol was being exploited to let hackers potentially control computers running IE, turning off the code seemed like the right thing to do. It also shouldn't surprise anyone that some features in Windows will be changed so that they are disabled by default. Many of the security holes in Windows are the result of support for legacy applications, protocols, and operations that were left in for compatibility. http://zdnet.com.com/2100-1107-936627.html - - - - - - - - Snort can expose what's missed in security logs Several months ago, we replaced our aging firewall with a newer, much improved version. Almost everything about the new version was easier to work with, especially the log files. The logs on the old version of the firewall were almost unreadable in their native form. Even when filtered to remove unwanted entries, the old logs were pretty useless in trying to determine whether an attack from the outside was taking place. Thus, we had high hopes for the logging capability of the new firewall. http://www.techrepublic.com/article.jhtml?id=r00220020131tmg01.htm - - - - - - - - Filtering E-Mail with Postfix and Procmail, Part One An Overview of Server Solutions for Spam Reduction Most folks dislike spam in their e-mail. Spam takes up our network, disk, and cpu resources. It requires that we weed through unwanted messages to find the ones that we requested. http://online.securityfocus.com/infocus/1593 - - - - - - - - Airport security tech scrutinized A task force charged with reviewing current and emerging technologies to improve security at the San Jose, Calif., airport has prepared a report that could have national implications. The report, which will be submitted today to the city council and the federal Transportation Security Administration (TSA), focuses on promising technologies that could address passenger convenience, security and cost, said John Thompson, chairman and chief executive officer of Symantec Corp. and chairman of the task force, which was convened by San Jose Mayor Ron Gonzales and U.S. Rep. Mike Honda (D-Calif.). http://www.fcw.com/geb/articles/2002/0617/web-jose-06-17-02.asp - - - - - - - - U.S. to implement wireless emergency telecom network The U.S. government will establish an emergency wireless communications system for the nation's top decision makers by the end of the year, a Bush administration official said last week. Implementation of the Wireless Priority Services program, an effort of the 22-agency National Communications System (NCS), is being sped up since the Sept. 11 terrorist attacks, according to Brenton Greene, the NCS deputy manager. http://www.govexec.com/dailyfed/0602/061702td3.htm *********************************************************** Search the NewsBits.net Archive at: http://www.newsbits.net/search.html *********************************************************** The source material may be copyrighted and all rights are retained by the original author/publisher. The information is provided to you for non-profit research and educational purposes. Reproduction of this text is encouraged; however copies may not be sold, and NewsBits (www.newsbits.net) should be cited as the source of the information. Copyright 2000-2002, NewsBits.net, Campbell, CA.