August 1, 2002
Italian police shut down hacker rings
Tipped off by American officials, Italian police
shut down two rings of hackers who attacked Web
sites belonging to the U.S. Army and NASA, as
well as Internet pages in Italy, authorities
said Thursday. Police said 14 people were arrested,
including four teenagers and two network security
managers. They were charged with computer fraud
and face up to eight years in jail if convicted.
http://www.usatoday.com/tech/news/computersecurity/2002-08-01-italy-hackers_x.htm
- - - - - - - -
MASSIVE ID THEFT RING BROKEN
New York State Grand Jury Indicts Members of
Statewide Identity Theft Ring. State Attorney
General Eliot Spitzer, State Inspector General
Roslynn Mauskopf and a team of law enforcement
agencies led by New York State Police
Superintendent James McMahon, today announced
the indictment of the alleged leader and three
members of a large identity theft ring. The ring
victimized thousands of New Yorkers by obtaining
their personal identification information from
entities including the New York State Insurance
Fund, the Social Security Administration, Empire
State College, WNYC radio, Hollywood Video,
Worldcom Wireless and American Express.
http://www.oag.state.ny.us/press/2002/aug/aug01a_02.html
- - - - - - - -
Sprint Calls Audible in Spam Suit
A lawsuit charging Sprint with sending illegal,
unsolicited e-mail appears to be turning into
a test case for how much evidence a company can
recover when defending against allegations of
wrongful spamming. The class-action suit, Terry
Gillman v. Sprint Communications, claims that
the phone company violated a recently enacted
Utah statute that places restrictions on senders
of unsolicited e-mail.
http://www.wired.com/news/business/0,1367,54250,00.html
- - - - - - - -
Social Security number is password to theft
After years of warnings by privacy advocates
about the pitfalls of using Social Security
numbers as online secure passwords, the practice
is still common, even among respected institutions
and firms. That became clear once again last week
when a Princeton University official acknowledged
using students' personal information to snoop into
an online admissions database at rival Yale. The
database required only students' names, birth
dates and Social Security numbers to gain access.
http://www.usatoday.com/tech/news/internetprivacy/2002-07-31-privacy_x.htm
- - - - - - - -
When Dreamcasts Attack
White hat hackers use game consoles, handheld
PCs to crack networks from the inside out.
Cyberpunks will be toting cheap game consoles
on their utility belts this fall if they follow
the lead of a pair of white hat hackers who
demonstrated Wednesday how to turn the defunct
Sega Dreamcast into a disposable attack box
designed to be dropped like a bug on corporate
networks during covert black bag jobs. The
"phone home" technique presented by Aaron
Higbee of Foundstone and Chris Davis from
RedSiren Technologies at the Black Hat
Briefings here takes advantage of the fact
that firewalls effective in blocking entry
into a private network, are generally
permissive in allowing connections the
other way around.
http://online.securityfocus.com/news/558
http://www.theregister.co.uk/content/55/26478.html
http://www.vnunet.com/News/1134056
- - - - - - - -
Vegas Braces for the Hackers
Sin City is about to be packed with thousands
of hackers, wannabe geeks and phreaks who
envision the perfect world as the following:
Computer networks would welcome curious
exploration, all information would be openly
shared, a lot of public toilets would be
filled with concrete and no swimming pool
would go unfilled with several blocks of
dry ice.
http://www.wired.com/news/culture/0,1284,54260,00.html
Bush adviser says hackers obligated to find security flaws
http://www.nandotimes.com/technology/story/484376p-3867743c.html
- - - - - - - -
Summer brings virus relief
The number of virus attacks drops month-on-
month from June to July for the first time this
year, suggesting that users may be getting more
security-conscious. Antivirus firm Central
Command has reported that the number of virus
attacks it tracks around the Internet fell in
July, compared to June -- the first time this
year that reported virus infections dropped
month-on-month.
http://news.zdnet.co.uk/story/0,,t269-s2120178,00.html
http://news.com.com/2100-1001-947608.html
Klez remains atop virus lists
http://news.com.com/2100-1001-947611.html
Multiple virus scanning needed, says multiple scanning firm
http://www.theregister.co.uk/content/55/26491.html
- - - - - - - -
BN.com: Insecure About Security?
Where there is e-commerce, there will be
security holes. Online bookseller
BarnesandNoble.com knows this well -- just
don't tell them when they have one. Or six.
Half a dozen security holes that could allow
a malicious hacker easy access to sensitive
customer data riddled the bookseller's
e-commerce site as of early this week. Some
of the holes have been quietly closed over
the past two days, but others remain wide
open.
http://www.wired.com/news/privacy/0,1848,54251,00.html
- - - - - - - -
Puzzling Trojan affects OpenSSH
Geeks in a quandary over mystery infection
Geeks have been sent scampering to solve the
case of how the latest Open secure shell (SSH)
package came to be Trojaned. The infected file
was discovered on the OpenBSD website, but all
mirrors should also be considered compromised.
This afternoon, alerts started popping up on
security websites that a Trojan horse was hidden
in the most recent portable version of OpenSSH,
v3.4p1.
http://www.vnunet.com/News/1134061
http://www.theregus.com/content/55/25835.html
http://www.theregister.co.uk/content/55/26492.html
- - - - - - - -
As Wi-Fi Spreads, Insecurity Mounts
As Wi-Fi wireless local area networks (WLANs)
proliferate, particularly among businesses seeking
relatively cheap mobile network access, threats to
security are being overlooked, says security
intelligence firm iDefense. The company has released
a wireless "insecurity" report identifying the top
threats facing Wi-Fi users and offering better
methods to protect them.
http://www.newsfactor.com/perl/story/18841.html
- - - - - - - -
'Cambridge phenomenon' threatened by IP changes
Academics argue that a proposal by Cambridge
University to clamp down on intellectual property
rights could mean the end of 'Silicon Fen'.
Academics at Cambridge are warning that restrictive
new intellectual property rules proposed by the
university could mean an end to the high-tech
boom that gave rise to the nickname "Silicon Fen".
http://news.zdnet.co.uk/story/0,,t269-s2120183,00.html
- - - - - - - -
Tracking People with Wireless Technology
FCC mandates are pushing wireless carriers to
adopt location-based technology. But at what cost?
Violations of civil rights, bombardment by advertisers
and potential stalking are all possible downsides.
The push to adopt location-based wireless technology
may be aimed at delivering services to consumers,
but it could conceivably turn every cell phone
or handheld unit into a tracking device.
http://www.newsfactor.com/perl/story/18845.html
- - - - - - - -
Car-tracking system raises hopes, concerns
General Motors plans to begin installing new
sensors and communications systems into
vehicles next year in a move that could save
lives but that also raises privacy concerns.
http://zdnet.com.com/2100-1106-947519.html
http://news.zdnet.co.uk/story/0,,t269-s2120194,00.html
http://news.com.com/2100-1033-947519.html
http://www.msnbc.com/news/788613.asp
- - - - - - - -
Advanced Log Processing
One of Murphy's laws advises to "only look for
those problems that you know how to solve." In
security, this means to only monitor for those
attacks that you plan to respond to. It is well
known that any intrusion detection system is only
as good as the analyst watching its output. Thus,
having nobody watching the IDS is equivalent to
having no IDS at all. But what should an IDS
administrator do if he or she is drowning in
a flood of alerts, logs, messages and other
attention grabbers?
http://online.securityfocus.com/infocus/1613
***********************************************************
Search the NewsBits.net Archive at:
http://www.newsbits.net/search.html
***********************************************************
The source material may be copyrighted and all rights are
retained by the original author/publisher. The information
is provided to you for non-profit research and educational
purposes. Reproduction of this text is encouraged; however
copies may not be sold, and NewsBits (www.newsbits.net)
should be cited as the source of the information.
Copyright 2000-2002, NewsBits.net, Campbell, CA.