High Tech "NewsBits" for 11/27/01

November 27, 2001 Worm hits home for the holidays A computer worm that was spreading at an alarming rate has begun to slow, according to security experts. Known as as BadTrans.B, the worm installs hacking software on infected computers. It hit home e-mail users hard last weekend, but the damage to corporate consumers was less than previously anticipated. http://news.cnet.com/news/0-1003-200-7979449.html Internet worm that tracks typing still spreading http://www.siliconvalley.com/docs/news/tech/020757.htm E-mail virus hits home http://news.cnet.com/news/0-1005-201-7990483-0.html 'Badtrans' worm still spawns at slower pace http://www.cnn.com/2001/TECH/internet/11/27/badtrans.update/index.html Britain invaded by worm http://www.zdnet.com/zdnn/stories/news/0,4586,2827085,00.html Badtrans worm leaves back doors, logs data http://www.computerworld.com/storyba/0,4125,NAV47_STO66067,00.html - - - - - - - - Hybrid viruses set to become bigger threat Viruses which try to infect users through a variety of means, such as the infamous Nimda worm, and mass mailers are predicted to become even more of a problem for Internet users next year. That's the prediction of anti-virus firm Sophos which has gazed into the crystal ball and come up with some predictions for the threats we'll see next year. http://www.theregister.co.uk/content/56/23050.html - - - - - - - - Nimba, SirCam Most Prevalent Viruses of 2001 Sophos, a Wakefield, Mass., maker of corporate anti-virus software, said two viruses -- Nimda and Sircam -- accounted for nearly half of the reports to its help desk this year. Code Red, the most hyped virus of the year, does not appear in the top 10. Sophos has detected 11,160 new viruses, worms and Trojan horses this year, bringing the total protected against to almost 70,000. On average, the Sophos virus labs produce detection routines for over 30 viruses each day. http://boston.internet.com/news/article/0,1928,2001_929311,00.html - - - - - - - - 'Lantern' Backdoor Flap Rages Network Associates has been snared in a web of accusations over whether it will place backdoors for the U.S. government in its security software. Since Network Associates (NETA) makes popular security products, including McAfee anti-virus software and Pretty Good Privacy encryption software, reports of a special arrangement with the U.S. government have drawn protests and threats of a boycott. http://www.wired.com/news/conflict/0,2100,48648,00.html AV vendors split over FBI Trojan snoops http://www.theregister.co.uk/content/55/23057.html - - - - - - - - Cybersecurity chief pushes early-warning system The top priorities for the White House Office of Cyberspace Security include the creation of both an early-warning network for cyberattacks and an analysis center that would help the government target the most vulnerable points in the nation's critical infrastructure, the office's chief said last week in an interview with National Journal's Technology Daily. http://www.govexec.com/dailyfed/1101/112601td2.htm White House resurrects plan to track computer break-ins. White House cybersecurity adviser Richard Clarke would like to revive a plan for tracking patterns of computer activity and attempted intrusions at all government agencies, though the plan has been controversial in the past. http://www.govexec.com/dailyfed/1101/112601td1.htm - - - - - - - - US assumes global cyber-police authority Much has been written about the new anti- terrorism legislation passed by Congress and signed by President Bush, particularly as it respects the ability of the government to conduct surveillance on email, voice-mail, and other electronic communications. http://www.theregister.co.uk/content/6/23036.html - - - - - - - - Bill would boost Commerce role in computer security. Citing the failing grades that government agencies are getting for securing their computer networks, Reps. Connie Morella, R-Md., House Science Committee Chairman Sherwood Boehlert, R-N.Y., and Rep. Ralph Hall, D-Texas, Tuesday pushed legislation, H.R. 1249, that would turn the Commerce Department's National Institute of Standards and Technology into the official computer security adviser to federal agencies. http://www.govexec.com/dailyfed/1101/112701td1.htm House Ready To Pass Computer Security Bill The House of Representatives today finished debate on a bill designed to increase the National Institute of Standards and Technology's (NIST) role in enhancing U.S. network infrastructure security, and appears set to pass the bill within the next several hours. http://www.newsbytes.com/news/01/172452.html - - - - - - - - Cantwell Introduces Bill To Combat ID Theft Sen. Maria Cantwell, D-Wash., today introduced legislation that would broaden the rights of consumers to obtain information from, and pursue legal action against credit companies that don't do enough to prevent identity theft. http://www.newsbytes.com/news/01/172460.html - - - - - - - - House Approves Short Term Export Act Extension The U.S. House of Representatives today approved a short-term extension of laws governing the export of high-performance computers, software and other sensitive technologies. By a voice vote, the House passed H.R. 3189, a measure introduced by House International Relations Committee Chairman Henry Hyde, R-Ill., to extend the Export Administration Act (EAA) until April 20, 2002. http://www.newsbytes.com/news/01/172461.html - - - - - - - - European Union Holds Cybercrime Conference The European Union has taken several steps to combat cybercrime, notably heading up initiatives to confront "harmful and illegal content" on the Internet, while protecting copyrights and personal data, an E.U. official said today. http://www.newsbytes.com/news/01/172449.html - - - - - - - - Agencies Prepare To Hit Back At Hackers A number of federal agencies are preparing to fight back against hackers who attack their computer systems. The Veterans Affairs Department soon will ask industry to help it create an IT security center that can monitor agency systems for intrusions, retaliate against hackers, and gather forensic evidence of intrusions to use in prosecutions. http://www.federaltimes.com/issues/iss111901c.html - - - - - - - - DTI anti-fraud budget is 'too small' IT managers say the Ł3m fund announced by the DTI last week will not be of any practical value to companies or their customers. The Department of Trade and Industry's Ł3m funding to help firms fight fraud and boost consumer and business confidence in e-commerce has been criticised for being too small, and the scale of government buy-in can only add to IT managers' problems in gaining budget approval for security projects. http://news.zdnet.co.uk/story/0,,t269-s2099868,00.html - - - - - - - - Playboy Claims Domain Registered By The Anti-Porn Flynt The publisher of Playboy magazine has wrested the Internet domain PlayboyOnline.com from anti-porn crusaders who appeared to be making money when stray surfers visited a Web site at that address. In a decision released last week, international arbitrators for disputes between trademark holders and domain registrants ordered that PlayboyOnline.com be taken away from an organization founded by Tonya Flynt, the estranged daughter of Hustler publisher Larry Flynt. http://www.newsbytes.com/news/01/172451.html - - - - - - - - Microsoft touts tightened security of Web services Microsoft Corp.'s new Web services software will allow developers to create secure applications more easily and screen out the kind of unauthorized commands that are commonly used by malicious hackers, according to a review commissioned by the company. http://www.siliconvalley.com/docs/news/tech/076856.htm http://www.cnn.com/2001/TECH/internet/11/27/microsoft.security.reut/index.html http://www.techtv.com/news/hackingandsecurity/story/0,24195,3362329,00.html - - - - - - - - This is what Microsoft said about grey imports in 1998 Last year, Levi Strauss & Co refused to allow UK supermarket chain Tesco to stock its denims. The jeans manufacturer had spent years and millions of pounds persuading the Great British public to stump up Ł50 for a pair for the privilege of wearing the brand. http://www.theregister.co.uk/content/51/23045.html - - - - - - - - Lawyer takes free-speech case to top court If they had a chance to meet, Ann Beeson and President Bush just might hit it off. Both hail from Texas and have that plain, down-home way of speaking. Both are described as personable yet passionate. Both are seen as team players. And both have dedicated their lives to causes. But they also happen to be on opposite ends of the political spectrum. http://www.usatoday.com/life/cyber/tech/2001/11/27/ebrief.htm - - - - - - - - Security Tops French Holiday List The sign alone is enough to give any self-respecting libertarian the heebie-jeebies: "In God we trust, the rest we monitor." The slogan is the brainchild of a firm called Spectronic Denmark and hangs over the company's display stand at Milipol 2001, an international exhibition in Paris devoted to "internal state security and civil defense." http://www.wired.com/news/conflict/0,2100,48627,00.html - - - - - - - - Keeping a Who's-Naughty List London police are planning to register children who exhibit criminal potential in an effort to prevent them from developing into full-fledged lawbreakers. Kids who tag buildings with graffiti, skip school, or even talk back to adults run the risk of being entered into a database program that will be used to monitor their behavior as they grow up, according to police sources. http://www.wired.com/news/business/0,1367,48637,00.html - - - - - - - - A Brief History of The Worm "You will REALLY love it when Word is part of Navigator, and macro viruses will be able to COMMUNICATE!" - The author in electronic chat, quoted in 1997. Self-replicating malware has been an issue in computer security for many years, dating back at least to Ken Thompson's self replicating code. http://www.securityfocus.com/infocus/1515 - - - - - - - - Users Are the Weakest Link: Insiders main threat to corporate networks Companies that would have trouble if asked to compile a list of their networks' users and detail the level of access those users have are sitting ducks for cybersabotage, a group of industry experts said last week. Weak user passwords, inconsistent policy enforcement and lackadaisical user-access management have made corporate network users the No. 1 cyberthreat to sensitive business data, said experts during a webcast sponsored by Irvine, Calif. -based Access360, a company that specializes in resource provisioning management. http://www.computerworld.com/storyba/0,4125,NAV47_STO66047,00.html - - - - - - - - How instant messaging can jeopardise network security The use of instant messaging within a company can slow network performance and expose systems to hackers and viruses. Jonathan Bennett explains how good policies and tools can reduce the risks Instant messaging (IM) over the Internet is a fast-growing application that allows people to send short text messages to each other in real time. http://www.zdnet.co.uk/itweek/brief/2001/45/network/ - - - - - - - - Security: When rules become the problem Perhaps the worst thing about the post-Sept. 11 environment is the abandonment of cost-benefit analysis, or any analysis at all, in the rush to prove that one has taken every possible precaution. The result reminds me of descriptions of the Prohibition era: The rules become the problem, and people begin to sneer at both the rules and at those who bother to obey them. http://www.zdnet.com/zdnn/stories/news/0,4586,2826153,00.html *********************************************************** Search the NewsBits.net Archive at: http://www.newsbits.net/search.html *********************************************************** The source material may be copyrighted and all rights are retained by the original author/publisher. The information is provided to you for non-profit research and educational purposes. Reproduction of this text is encouraged; however copies may not be sold, and NewsBits (www.newsbits.net) should be cited as the source of the information. Copyright 2000-2001, NewsBits.net, Campbell, CA.