October 23, 2002 FBI looks for source of Internet attack The White House sought Wednesday to allay concerns about an unusual attack this week against the 13 computer servers that manage global Internet traffic, stressing that disruption was minimal and the FBI is working to trace the attackers. http://www.usatoday.com/tech/news/computersecurity/2002-10-23-fbi-attack_x.htm Net attack flops, but threat persists news analysis A widespread but unsophisticated attack on the computers that act as the address books for the Internet failed to cause any major problems, but experts warn that more security is necessary. Beginning Monday, a flood of data barraged the Internet's 13 domain-name service (DNS) root servers in what's known as a denial- of-service attack. But the simple nature of the attack, and the system's resiliency, allowed administrators to quickly block the data stream. http://news.com.com/2100-1001-963095.html http://news.zdnet.co.uk/story/0,,t269-s2124305,00.html http://zdnet.com.com/2100-1105-963095.html http://zdnet.com.com/2100-1105-963005.html http://online.securityfocus.com/news/1413 http://www.msnbc.com/news/824620.asp http://www.cnn.com/2002/TECH/internet/10/23/net.attack/index.html Powerful attack cripples majority of key Internet computers http://online.securityfocus.com/news/1400 Internet attack will be hard to trace http://www.siliconvalley.com/mld/siliconvalley/news/editorial/4353537.htm DoS Attack Maims Web Servers http://www.wired.com/news/business/0,1367,55960,00.html Little-noticed cyberattack could have been devastating They - and no one knows who "they" are - attacked early this week. It was a sneak attack consisting of a data bombardment against computer servers that direct traffic on the Internet. It maimed nine of the 13 and if it had lasted much longer and defensive technicians had not responded alertly, the problems could have mounted. http://www.nandotimes.com/technology/story/588206p-4579797c.html - - - - - - - - Bugbear hits Australian parliament The Australian government has had its workings interrupted for the second time by an attack of the Bugbear virus. The Bugbear virus is causing havoc for the second time in a month at Australia's Parliament House in Canberra, interrupting the government's operations and highlighting dangerous security flaws. http://news.zdnet.co.uk/story/0,,t269-s2124317,00.html - - - - - - - - Domain name scams hit the NHS Scare tactics warn of 'mystery shoppers' Guy's & St Thomas' Hospital Trust has become the latest target of domain name resellers using high-pressure sales tactics to dupe organisations into buying extra online addresses at premium prices. Domain Registrar Services (DRS), which has been the subject of numerous complaints, contacted the Trust claiming that a mystery buyer was attempting to register variations of its name. http://www.vnunet.com/News/1136238 - - - - - - - - Microsoft Cites Software Piracy Hotspots Microsoft Corp. said on Wednesday software piracy was on the rise worldwide and China, Taiwan, Hong Kong, Malaysia and Indonesia were the "hotspots" in Asia where major counterfeiting activities thrived. Katharine Bostick, Microsoft's senior corporate attorney, said penalties imposed by many governments were not tough enough, resulting in the growth of large-scale manufacturing and distribution of counterfeit products. "It involves organized crime," Bostick told a technology conference in Cyberjaya, Malaysia's software hub. http://www.washingtonpost.com/wp-dyn/articles/A3699-2002Oct23.html - - - - - - - - P2P hacking bill may be amended Bill will have to be reintroduced next year. A proposal to let copyright owners hack into and disrupt peer-to-peer networks will be revised, a congressional aide said Wednesday. Alec French, an aide to bill author Rep. Howard Berman, D-Calif., defended his boss ideas but acknowledged that some critics had made reasonable points about the controversial proposal. http://www.msnbc.com/news/825050.asp - - - - - - - - Bush urges ban on "morphed" porn President Bush warned parents of the perils the Internet may hold for their children on Wednesday and urged Congress to outlaw "morphed," or virtual, child pornography. Speaking in the Presidential Hall in the White House complex, Bush described undercover police as "true patriots." "The House passed a bill which makes it illegal for child pornographers to disseminate obscene, computer- generated images of children," Bush said. "It's an important piece of legislation. http://news.com.com/2100-1023-963110.html - - - - - - - - Hackers target wireless networks Technology sophisticates who specialize in exposing corporate-security lapses will orchestrate a world-wide war drive to strut their stuff Saturday. IN 25 LOCALES in seven countries from Alberta, Canada, to New Zealand, they plan office-building drive-bys armed with laptops, radio scanners and antennas, aiming to intercept signals from the ever-spreading wireless networks used to connect corporate computers with each other and the Internet. http://www.msnbc.com/news/824622.asp - - - - - - - - ISPs revolt against data retention law The government wants ISPs to intercept and retain all Internet traffic, but refuses to answer industry concerns over the process. ISPs say they may not be able to comply. UK ISPs are poised to ignore a Home Office voluntary code of practice addressing retention of Internet data unless big changes are made to the wording. http://news.zdnet.co.uk/story/0,,t269-s2124371,00.html http://www.cnn.com/2002/WORLD/europe/10/22/crime.internet.reut/index.html - - - - - - - - Watchdog clamps down on net porn ICSTIS is determined to protect users from abuse Two companies have been heavily fined and reported to police for promoting pornographic material involving children on the internet. Premium rate service regulator ICSTIS has barred two online sexual entertainment service providers, Spanish- based Greenock and German-based Premium Call GmbH. ICSTIS (Indepedent Committee for the Supervision of Telephone Information Services) imposed fines of PS75,000 and PS50,000 respectively and reported the cases to the British National Hi-Tech Crime Unit. http://news.bbc.co.uk/2/hi/technology/2353477.stm http://www.theregister.co.uk/content/6/27747.html - - - - - - - - Bandits Dial Up Trouble Cell phone cloning was rampant in the 1990s, but cloning has declined, largely due to the switch from analog to digital technology, which industry officials say is harder for hackers to defeat. In recent weeks, cellular phone customers in cities along the Texas-Mexico border have been held up by phone bandits. The phones are not being stolen at gunpoint but rather snatched out of the air, as border crooks use small electronic radio scanners to intercept cell phone transmissions. Later, they use the encoded information to "clone" a second phone, billing their calls to the account of the phone that was scanned. http://www.newsfactor.com/perl/story/19751.html - - - - - - - - Legislative delay hinders technology officials' security work Federal technology leaders are making progress in coordinating an e-government infrastructure and harmonizing information technology needs in preparation for the proposed Homeland Security Department, a white House official said Wednesday, but the congressional delay in creating the Cabinet-level agency is hampering the effort. - - - - - - - - Experts meet to combat child porn An international conference of police and criminologists aims to fight the rising tide of Web-based child pornography. Police and criminologists from 34 countries have begun a three-day meeting aimed at combating crime against children, especially pornography on the Internet, officials say. http://news.zdnet.co.uk/story/0,,t269-s2124315,00.html - - - - - - - - Claranet drops virus outbreak blocker Claranet, the leading British ISP, this week abandoned its first line of defence against email-borne viruses following performance issues with its in-house developed technology, its global mail filter. Claranet continues to market to business users a separate service which uses more sophisticated virus scanning and filtering. Other ISPs sometimes bundle such services with basic access packages targeted at consumers - for example, BTOpenworld this month rolls out virus/spam blocking technology from Brightmail/Symantec to improve the customer online experience. http://www.theregister.co.uk/content/56/27757.html - - - - - - - - Images get distortion-proof crypto marks Researchers have created a new way to encrypt information in a digital image and extract it later without any distortion or loss of information. A team of scientists from Xerox and the University of Rochester said that the technique, called reversible data hiding, could be used in situations that require proof that an image has not been altered. http://zdnet.com.com/2100-1104-963054.html - - - - - - - - Listen to offer legal CD-burning As it readies a new version of its online music subscription service, Listen.com plans to announce on Thursday agreements to allow consumers to burn CDs from digital files. It won't be the digital free-for-all seen in the popular file-swapping arenas, however. The company will charge consumers 99 cents per song, which means a full album of songs will cost only a few dollars less than the retail price. However, the deals are a sign that the major music labels are increasingly loosening their licensing policies for digital music. http://news.com.com/2100-1023-963120.html - - - - - - - - Microsoft says it won't pull Xbox from Australia Microsoft has no intention of withdrawing its Xbox video game console from Australia despite reports it was considering such a move in a dispute over a copyright law, the company said Tuesday. Australian newspaper The Age reported last Friday that Microsoft Chief Executive Steve Ballmer, angry over a court ruling that allowed an individual there to sell after-market chips that modify game consoles, had said the company would have to reconsider selling its console there. http://www.usatoday.com/tech/techreviews/games/2002-10-23-microsoft-xbox_x.htm - - - - - - - - IE hopelessly bug ridden Nine closely-related Internet Explorer flaws leave users open to a variety of powerful attacks, security researchers at Israeli firm GreyMagic Software warned yesterday. The vulnerabilities revolve around object caching and a combination could enable an attacker to steal private local documents, steal cookies from any site, forge trusted web sites, steal clipboard information or even execute arbitrary programs, GreyMagic reveals. http://www.theregister.co.uk/content/55/27745.html - - - - - - - - Reverse Engineering Hostile Code Computer criminals are always ready and waiting to compromise a weakness in a system. When they do, they usually leave programs on the system to maintain their control. We refer to these programs as "Trojans" after the story of the ancient Greek Trojan horse. Often these programs are custom compiled and not widely distributed. Because of this, anti-virus software will not often detect their presence. It also means information about what any particular custom Trojan does is also not generally available, so a custom analysis of the code is necessary to determine the extent of the threat and to pinpoint the origin of the attack if possible. http://online.securityfocus.com/infocus/1637 - - - - - - - - Certifiably Certified As security certifications become more plentiful, they are losing their real value. A recent issue of SC Magazine, one of the information security industrys cheerleading trade rags, featured a full-page advertisement with the following emblazoned across the top of the page: How to increase your salary by 21.39% in 7 days or less. http://online.securityfocus.com/columnists/118 - - - - - - - - Will OIS Put Bite On White Hats? It reads like a who's who of major vendors, and if it has its way it could mean the end of white hats. "It" is the new Organization for Internet Safety (OIS), which includes such heavy-hitters as Caldera, Internet Security Systems, Oracle, Symantec, and Microsoft. Its quietly stated aim: "To propose and institutionalize industry best practices for handling security vulnerabilities." Its practical effect: To stop white-hat hackers from publicly posting vulnerabilitiesinstead creating a private community to address security holes without the messy publicity. http://www.techweb.com/tech/security/20021023_security - - - - - - - - Perspective: Privacy lessons Pushed by supporters as a model for the U.S., Europe's tough Internet privacy regulations have come under fire--from surprising sources. The recent European Union-sponsored Data Protection Conference on privacy heard reports from businesses, media outlets, trade unions and four EU nations that demonstrated why the United States should not follow Europe's pro-regulation path in protecting Internet privacy. http://news.com.com/2010-1069-962993.html - - - - - - - - Eyes have it for identification Iris-recognition technology from a Moorestown firm is being used in U.N. camps, airports and Saudi Arabia. Thousands of refugees in an ancient and war-scarred corner of the world are being tracked with identification technology so new it isn't in widespread use anywhere. The refugees are Afghans in Pakistan, seeking to go home, and the iris- recognition technology is provided by Iridian Technologies Inc., a Moorestown company that is virtually alone in this field. http://www.siliconvalley.com/mld/siliconvalley/news/editorial/4350883.htm - - - - - - - - FBI technology shortcomings hamper sniper investigation The FBI doesnt have the technological capacity to handle the crushing volume of leads that agents and police officers in Montgomery County, Md., have received in the investigation of the Washington- area sniper, according to law enforcement sources. - - - - - - - - Interpol upgrades criminal-catching technology The Interpol international police organization is finally going digital, dispensing with clackety telex machines and snail mail for expediting most- wanted notices. By the end of next year, Interpol officials hope, all 181 member countries will be linked to an Internet-based clearinghouse on criminals that will flash digital fingerprints, pictures and even DNA profiles to anyone with a personal computer, the right software and proper authorization. http://www.nandotimes.com/technology/story/588781p-4583190c.html - - - - - - - - Database pools crime information Even months before it will be fully operational, a St. Louis regional crime database is demonstrating its crime-fighting finesse. "We were just toying with it and we picked some names randomly," said U.S. Attorney Raymond Gruender. When investigators typed a name from a drug case into the database, the search function told them the suspect was also being investigated by another agency for mail fraud. It took the database seconds to make the match, said Gruender, who presides over the Justice Department's Eastern District of Missouri. http://www.fcw.com/geb/articles/2002/1021/web-crime-10-23-02.asp *********************************************************** Search the NewsBits.net Archive at: http://www.newsbits.net/search.html *********************************************************** The source material may be copyrighted and all rights are retained by the original author/publisher. The information is provided to you for non-profit research and educational purposes. Reproduction of this text is encouraged; however copies may not be sold, and NewsBits (www.newsbits.net) should be cited as the source of the information. Copyright 2000-2002, NewsBits.net, Campbell, CA.