September 10, 2002
New Sept. 11 worm not a threat
Buggy Chet comes with attachment named
11september.exe. A programming prankster has
released an Internet worm that seeks to tempt
victims by promising a message about Sept. 11.
Antivirus firm F-secure Corp. rates the worm
called Chet a low risk because it is
hampered by programming bugs, and doesnt
work as its author intended.
http://www.msnbc.com/news/806381.asp
- - - - - - - -
Administration Pares Cyber-Security Plan
As the White House moves to finalize a national
plan to better secure cyberspace, high-tech
firms and other companies are continuing a
furious campaign to have some recommendations
struck from the document. The administration
no longer plans to recommend that Internet
service providers such as America Online,
MSN and EarthLink bundle firewall and other
security technology with their software.
Instead, it will ask ISPs to "make it
easier" for home users to get access
to such protections.
http://www.washingtonpost.com/wp-dyn/articles/A59168-2002Sep9.html
- - - - - - - -
Bill urges rules for policing privacy
A House committee on Tuesday approved a bill that
would require federal agencies to take privacy
more seriously. The Judiciary committee approved
the Federal Agency Protection of Privacy Act by
voice vote, which means it goes to the full House
for a possible floor vote within the next month.
http://news.com.com/2100-1023-957419.html
- - - - - - - -
Post-9/11, 'sanitized' sites aim to shield data
Agencies, groups remove information deemed too
sensitive. Before September 11, 2001, most federal
groups viewed the Internet as a place to store
their vast library of public documents and as
a way to network with community leaders in a
timelier manner. But in the days that followed
9/11, authorities revealed that terrorists also
used the Web because they had access to the
same technology.
http://www.cnn.com/2002/TECH/internet/09/10/ar911.sensitive.sites/index.html
- - - - - - - -
Virus-ridden UK spread email nasties
Public rather than companies responsible for
virus activity. The UK is one of the focal
points of world email virus activity - and
it is members of the public that are causing
the problem. A report from antivirus service
provider MessageLabs found that UK companies
received over 25 per cent of all intercepted
email viruses in August, second only to the
US. Three per cent of emails monitored contained
a potentially harmful payload. About one in
40 emails to retail and leisure companies
were infected, with legal and finance
companies getting less than one in 400.
http://www.vnunet.com/News/1134930
- - - - - - - -
VeriSign, Intel team up on secure computing
Internet security company VeriSign Inc. and
chip giant Intel Corp. Tuesday said they will
work together to build content security directly
into new computers, potentially saving companies
time and money and protecting confidential data
from prying eyes.
http://www.siliconvalley.com/mld/siliconvalley/news/editorial/4043915.htm
http://online.securityfocus.com/news/614
http://zdnet.com.com/2251-1110-957096.html
http://www.msnbc.com/news/806011.asp
- - - - - - - -
IE 6 SP1 omits fixes for 20 outstanding flaws
Researchers have discovered that inadequate
security restrictions in Internet Explorer
make it possible for an attacker to execute
script on any Web page that containing frames.
Grey Magic Software describes the vulnerability
as critical, a warning backed up by several
proof of concept demonstrations. Because of
the way frames (and iframes) are handled by
IE version 5.5 and above, attackers are able
to get to all sorts of mischief with minimal
effort.
http://www.theregister.co.uk/content/55/27048.html
- - - - - - - -
XP Service Pack Said to Fix Major Flaw
Security boards are buzzing with warnings of
a serious hole, but Microsoft is simply urging
users to upgrade. Microsoft always urges users
to update programs when it ships a Service Pack,
but an easily exploited Windows XP flaw makes
it especially important that users of the
operating system download and install the newly
released SP1 promptly, several security experts
warn. The Win XP flaw is described as a still
little-known but critical vulnerability, and is
described as "trivially easy" to exploit by some
who have studied it. It could allow files on any
PC running Windows XP to be deleted simply by
clicking on a malicious URL, according to bug
hunter's reports.
http://www.pcworld.com/news/article/0,aid,104810,00.asp
- - - - - - - -
Blocked China Web users given detour
Chinese Internet users trying to access the
blocked search engine Google are being routed
to an array of similar sites in China, the
latest sign of an escalating media clampdown
ahead of November's Communist Party congress.
Hijacked attempts to log on to the immensely
popular Web tool, already blocked more than
a week long, triggered a flurry of criticism
in Chinese chatrooms and biting disclaimers
from beneficiary sites.
http://www.cnn.com/2002/TECH/internet/09/10/china.google.reut/index.html
- - - - - - - -
Surveillance Society
Don't look now, but you may find you're being
watched These days, if you feel like somebody's
watching you, you might be right. One year after
the Sept. 11 attacks, security experts and privacy
advocates say there has been a surge in the number
of video cameras installed around the country.
The electronic eyes keep an unwavering gaze
on everything from the Golden Gate Bridge to
the Washington Monument.
http://www.sfgate.com/cgi-bin/article.cgi?file=/chronicle/archive/2002/09/09/BU.DTL
- - - - - - - -
Technology Versus Terrorism
The Iridium network, developed by Motorola,
relays signals between its 66 low-flying
satellites. The U.S. military uses Iridium
phones for field operations. Satellite-based
communications networks can help combat
terrorism, according to a new report issued
by Datacomm Research. These networks were
originally built for ordinary civilian
communications, but they failed to compete
effectively with land-based cellular networks.
However, some are proving to have significant
military and security applications.
http://www.newsfactor.com/perl/story/19351.html
- - - - - - - -
US security plagues US emergency alert system
The FCC-mandated network that lets officials
interrupt radio and television broadcasts in
an emergency is wide open to electronic tampering,
and the government has no plans to fix it. A national
alert system that gives the president the ability
to take over the U.S. airwaves during a national
crisis may inadvertently extend hackers the same
courtesy, thanks to security holes that put radio
stations, television broadcasters and cable TV
companies at risk of being commandeered by anyone
with a little technical know-how and some off-the-
shelf electronic components.
http://online.securityfocus.com/news/613
- - - - - - - -
Who's bluffing whom on cybersecurity?
Remember Omar Abdel-Rahman? This blind Egyptian
sheik convicted in the 1993 car bombing of the
World Trade Center had a long affiliation with
terror groups dating back to the assassination
of Egyptian President Anwar Sadat in 1981.
That didn't bar his entry into the United States,
which granted Rahman permanent resident alien
status nine years later. Had Rahman's rap sheet
been brought to the attention of the Immigration
and Naturalization Service, the goof-up might
have been avoided. But bureaucracies change
slowly. It turns out that information about
the Sept. 11 hijackers was available in
different federal, state and local databases.
http://zdnet.com.com/2100-1107-956847.html
- - - - - - - -
Security pros: Our defenses are down
Though most corporate security professionals see
network protection as critical, they have only
made modest gains in securing their companies,
according to a report published Monday. The
Internet Security Alliance's survey of 227
information security professionals worldwide
found that nearly 88 percent of participants
believed that protecting their business
information was essential to their company's
survival. But only 56 percent are prepared
for cyberterrorism and information threats,
up 20 percent since the Sept. 11 attacks.
http://zdnet.com.com/2100-1105-957219.html
- - - - - - - -
Evaluating Network Intrusion Detection Signatures, Part 1
Over the past several years, a number of academic
and commercial entities have conducted evaluations
of various network intrusion detection (NID)
software, to determine the overall effectiveness
of each product and to compare the products to
each other. Many system administrators and security
analysts are also responsible for conducting their
own evaluations of NID products, in order to choose
a solution for deployment in their environments.
http://online.securityfocus.com/infocus/1623
- - - - - - - -
Northcom to have joint intell cell
The Defense Department's new Northern Command
will include a joint intelligence center with
representatives from numerous federal civilian,
intelligence and DOD agencies, according to the
command's chief of staff. Army National Guard
Maj. Gen. H. Steven Blum, Northern Command's
chief of staff, said the command will house
"resident liaisons" from the Federal Emergency
Management Agency, the FBI, the CIA, the National
Security Agency, the Defense Intelligence Agency
and other organizations that will form a "joint
intelligence and information fusion center or cell."
http://www.fcw.com/fcw/articles/2002/0909/web-intell-09-10-02.asp
***********************************************************
Search the NewsBits.net Archive at:
http://www.newsbits.net/search.html
***********************************************************
The source material may be copyrighted and all rights are
retained by the original author/publisher. The information
is provided to you for non-profit research and educational
purposes. Reproduction of this text is encouraged; however
copies may not be sold, and NewsBits (www.newsbits.net)
should be cited as the source of the information.
Copyright 2000-2002, NewsBits.net, Campbell, CA.