May 2, 2002 DrinkOrDie pirate sent to prison A former security software engineer convicted of providing technology to a piracy group known as DrinkOrDie was sentenced Thursday to nearly three years in prison. Barry Erickson, 35, of Eugene, Ore., pleaded guilty in federal court in Virginia to one count of conspiracy to commit criminal copyright infringement. Erickson, who is scheduled to serve 33 months in prison followed by two years of supervised release, is the first person to be sentenced in the case. - - - - - - - - FTC Settles Net Auction Fraud Case Operators of Web auctions who sold computer gear but failed to deliver the goods have agreed to pay $10,000 to consumers who lost money, and to stop engaging in such activity, federal regulators said. The Federal Trade Commission filed a complaint against California-based Auctionsaver and four individuals, alleging that they repeatedly failed to deliver items purchased at auction sites. - - - - - - - - Pa. Sues Lab Over Web Sales Of Anthrax 'Test Kit' Pennsylvania's attorney general said Wednesday the state is suing an Ohio-based company in a bid to halt online sales of what it claims is an at-home test for anthrax infections. At the Web site of Toxicology Associates Inc. in Columbus, consumers can order an "anthrax bacteria analysis" for $65, with results available within 72 hours of purchasers returning the materials the company provides for self-administered nasal swabs. - - - - - - - - Hackers set off on a rampage A group of hackers has defaced dozens of Web sites in the past two weeks and published sensitive data culled from the sites in what it says is an effort to increase awareness of online security risks. The group, which calls itself the Deceptive Duo, is in the midst of a multipart hacking campaign targeting different sectors of government and industry. Initial victims have included the Federal Aviation Administration, the Department of Defense and Sandia National Laboratories. - - - - - - - - Chaos as 'Klez cocktails' begin to strike Infamous virus tries a new tack. Reports coming in from eastern Europe that the infamous Klez virus may be down, but it's definitely not out as so-called 'Klez cocktails' are giving other viruses a new lease of life. Multiple combinations of Klez and other older viruses have been reported as producing very dangerous combinations. Klez essentially offers other viruses a piggy back. In recent cases the Elkern virus has been the prime passenger, but other more dangerous viruses now seem to be hitching a lift. - - - - - - - - Panel: Proposed IT security bill needs revisions Support for the Federal Information Security Management Act of 2002, which would replace the Government Information Security Reform Act of 2001, was lukewarm at best today at joint hearing before two House Government Reform subcommittees. 'Spam' bill bound for the Senate floor? - - - - - - - - Interior security flagged again A month after getting permission to reconnect some of its sites to the Internet, the Interior Department's Minerals Management Service is back in the hot seat. MMS has once again caught the attention of court-appointed Special Master Alan Balaran for failing to protect individual American Indian trust data. Balaran had approved the partial reopening of the sites. MMS receives royalty money from companies that extract minerals from lands held in trust. - - - - - - - - No Quick Fix to Fighting Pornography on the Internet, Report Says One of the most thorough reports ever produced on protecting children from Internet pornography has concluded there are no simple solutions to the problem.``Though some might wish otherwise, no single approach -- technical, legal, economic, or educational -- will be sufficient,'' wrote the authors of the report, `Youth, Pornography and the Internet,'' which was released Thursday by the National Research Council.,1283,52257,00.html Study: Filters can't stop child Web porn Education is key to child safety online,,t269-s2109565,00.html - - - - - - - - Privacy Groups Blast Info-Sharing By Financial Institutions The Electronic Privacy Information Center (EPIC) and other privacy groups have decried "disturbing" and "abhorrent" practices at financial institutions in submissions to a U.S. Department of the Treasury study of the industry's information-sharing practices. The groups criticized practices by some institutions - including the sale of personal data - and lamented a loss of individual privacy due to a "lack of control over use of sensitive data." - - - - - - - - No crisis over 1,024-bit encryption RSA hits out at crytographers' 'misinterpretation' Security firm RSA has hit back at cryptography experts' claims that 1,024-bit encryption is no longer secure. A discussion on security mailing list Bugtraq at the end of March concluded that 1,024-bit encryption was "compromised", but RSA is now claiming that the situation has been misinterpreted. At the Financial Cryptography conference in March the main topic of discussion was a paper published last October by cryptographer Dan Bernstein which proposed an architecture capable of factoring 1,024-bit RSA keys. - - - - - - - - Unbreakable Code Could Thwart Cyber Crooks Quantum cryptography could be employed effectively in business security systems, particularly those that handle large numbers of financial transactions. 'You might want to use this in a business when you have to deal with more than one site,' IEEE Spectrum editor Samuel Moore told NewsFactor. Encryption is literally about to make a quantum leap, thanks to a method that its designers describe as an "unbreakable code" that keeps keys to information out of the wrong hands. - - - - - - - - Texas University Plans Cybercrime Institute In what is billed as one of the first efforts of its kind, a Dallas university is teaming up with local and federal crime experts to establish a new institute aimed at fighting cybercrime. The University of Texas at Dallas is forming the Digital Forensics and Security Institute with the Greater Dallas Crime Commission, in an effort that also involves the nonprofit National White Collar Crime Center. The facility, which will offer a cybersecurity degree program, will open in September, the school said. - - - - - - - - Hacking in the shadow of 9/11 Near a table laden with coffee, tea and croissants, David Dittrich, senior security engineer for the University of Washington, discusses the newest tools of the trade with a hacker-cum-security- consultant known as "K2." They're a study in opposites: K2, stocky and jovial, has created, among other things, a "rootkit"--a tool for locking down unauthorized control of a server after an initial hack. Dittrich, tall and mainly serious, found K2's rootkit on several systems at UW, put there by a hacker who grabbed K2's tool off the Net. School for vandals in college systems - - - - - - - - Spam Helps Harmful Scams Propagate - Australian Watchdog The increased volume of spam, or unsolicited commercial e-mail, is helping con artists and scammers harm more consumers, according to an Australian consumer watchdog. The Australian Competition and Consumer Commission (ACCC) today said it is particularly concerned with the growing volume of spam that is "misleading or dangerous." - - - - - - - - Instead of a Password, Well-Placed Clicks Y$Z4#T. It is a password only a security expert could love. Most people have trouble remembering random combinations of letters and symbols. So they jot difficult passwords down near their computer or replace them with far simpler combinations, making their systems vulnerable to attack. To solve this problem, some researchers are investigating an alternative to text passwords: pictures. (NY Times article, free registration required) - - - - - - - - Biometric Security Not Ready to Replace Passwords Biometrics vendors are doing their best to supplant passwords as the chief form of computer security, but Government Computer News Lab tests indicate that many of their products are not quite ready. Some developers have continued to improve already good devices, but others need to go back to the drawing board. Bad biometric security is worse than no security at all because it can lock out a legitimate user, admit an interloper or - perhaps most dangerous - lull a network administrator into a false sense of safety. - - - - - - - - Contest: Crack this hacking tool The Honeynet Project, a group of security researchers that create networks of computers to lure hackers in for observation, will kick off the Reverse Engineering Challenge on Monday. The contest provides interested programmers with the program code found on a compromised Honeynet system. The code is a program that hasn't been seen before, but helps an intruder turn a compromised system into a zombie server, fully controlled by an intruder. Participants in the challenge will have four weeks to decode the program and submit their work to the Honeynet team. - - - - - - - - Craking the Nest Egg - Special Report After years of reluctance, consumers are finally starting to bank online in substantial numbers-- and hackers are wasting no time in preying on the trend. Law enforcement agencies and security experts agree that breaches in bank security are rising, but the number of serious incidents--and the risk to the public--remains largely unknown. The banking industry, manically protective of its reputation, releases as little information as possible about break-ins, for good reason: Consumers are more sensitive than ever about security, having been exposed to financial disasters ranging from the S&L scandal to the Enron debacle. - - - - - - - - Gartner: Attacks exploit security indifference THE VAST MAJORITY of successful attacks on computer systems exploit security weaknesses which are well known and for which patches exist, according to research company Gartner. Many recent cyberattacks could have been avoided if enterprises were more focused on their security efforts, but users seem not to learn from their mistakes, according to Richard Mogull, research director for Gartner. - - - - - - - - Richard Mayo to take over new Navy IT command The Senate has confirmed Navy Vice Adm. Richard W. Mayo to head the newly authorized Naval Network Warfare Command. Mayo, the Navys director of Space and Electronic Warfare, was confirmed on April 30 to head the new command, which will open in June. NETWARCOM will oversee all Navy networks, information operations and space activities at the Naval Amphibious Base-Little Creek in Norfolk, Va. In his new position, Mayo will oversee the Naval Network and Space Operations Command in Dahlgren, Va., the Fleet Information Warfare Center in Norfolk and the Navy Component Task Force Computer Network Defense in Washington. Other commands also will report to NETWARCOM for fleet support. - - - - - - - - MS seeks senior spook to score Federal security $$$s Microsoft is seeking to hire a high level executive whose role will be "to position Microsoft as a strategic partner to the [US] government in using our products and technologies to build Homeland Security solutions." Or, as the lead-in to the help-wanted ad less modestly puts it: "The Director of Federal Homeland Security will partner the world's most successful software company with the world's most powerful nation in using innovative and agile technology to prepare, detect, prevent, protect, respond, recover and manage against terrorism." - - - - - - - - SAN misconfiguration opens door to hack attack Hackers can access disk controllers from the Internet if storage area networks are not configured correctly, an expert warns IP-based storage area networks provide exciting opportunities but also present a security risk according to Brice Clark, vice president of storage technology, Hewlett-Packard.,,t269-s2109500,00.html - - - - - - - - DISA sets a deal aimed at providing extra cyberdefenses The Defense Information Systems Agency has licensed Symantec Desktop Firewall 2.0 for 2 million Defense Department computers plus Norton AntiVirus 2002 for Palm OS handheld devices. DOD already has firewall protection for its networks and servers, said Mark Bogart, chief of contracts at DISA, and the two enterprise licenses from Symantec Corp. of Cupertino, Calif., "will complete the suite." - - - - - - - - Anti-EULA script removes offending text An imaginative person has created a VB script which will search for an End User License Agreement (EULA) in temporary files created during the installation of a program or application, and remove or replace the text so the user can truthfully claim never to have seen it. It's an interesting approach to one of the more irritating among numerous toxic by- products of the New Economy. Because software makers presume users to be bound by text which is read and agreed to after the sale, the idea here is to undermine the presumption on which the agreement is based. - - - - - - - - ASSAiSSINAiTE all bugs Networks Associates (NAI) and Internet Security Systems (ISS) today announced an alliance to integrate their technologies aimed at providing better protection for users against increasingly complex security threats. NAI will combine RealSecure intrusion detection technology from ISS with network fault isolation and performance management software from its Sniffer Technologies division. - - - - - - - - Dark side of cyberlife Alec Wilder was livid when he realized that the only way to pay for Yahoo's e-mail forwarding service was to sign up for the company's electronic payment system. The technology consultant was concerned about the security of his personal information stored in Yahoo's so-called digital wallet, a product that keeps login names, credit card numbers and shipping addresses for automatic online transactions. "No one can prevent break-ins, and eventually there will be a break-in," Wilder said. "I feel as though I have no security right now." - - - - - - - - As wireless networks grow in popularity, privacy risks grow as well As wireless laptops, scanners and other gadgets become more popular in businesses and homes, threats to privacy are growing as well. Just this week, Best Buy suspended use of wireless cash registers over concerns that eavesdroppers could obtain credit card numbers and other customer data by sitting in the parking lot with the right equipment. - - - - - - - - How to stay one step ahead of hackers Though the term is new, "blended" security threats aren't. These types of threats target several areas of network vulnerability simultaneously. What is new and unique, however, is what the malicious code within them is doing. In a blended threat, malicious code can take many forms and can attack your enterprise in a number of different ways. It can also do more than one kind of damage while it's in your system. - - - - - - - - VBA Emulation - A Viable Method of Macro Virus Detection? Part Two This is the second of two articles discussing emulation as a viable method of virus detection. In the first article we briefly examined how emulation worked and began a discussion of some of the problems of emulation, particularly with macro source and macro execution. In this article, we will discuss code execution flow, underlying operating system problems, and incompatibility issues with incompatibility in different versions of Office, as well as VBA emulator environment. VBA Emulation - A Viable Method of Macro Virus Detection? Part One *********************************************************** Search the Archive at: *********************************************************** The source material may be copyrighted and all rights are retained by the original author/publisher. The information is provided to you for non-profit research and educational purposes. Reproduction of this text is encouraged; however copies may not be sold, and NewsBits ( should be cited as the source of the information. Copyright 2000-2002,, Campbell, CA.