November 7, 2002 New worm threat upgraded Anti-virus software maker F-Secure has upgraded the threat posed by the email worm W32/Braid.A-mm to a level 2 alert - a new virus which is causing large infections which might be local to a specific region. The worm is written in Visual Basic and it usually arrives in an e-mail message as README.EXE attachment. - - - - - - - - Russian firm warns of Roron virus Antivirus company Kaspersky Labs warns of a new worm which could let hackers gain control of home computers. Russian antivirus company on Wednesday warned that a new virus could help hackers gain control of home computers, but other security companies downplayed the threat. Kaspersky Labs has named the virus, or worm, Roron, and it is known as Oror.B by several other companies. The new computer virus can spread through email messages, shared hard drives and the Kazaa file- sharing network, Kaspersky Labs spokesman Denis Zemkin said.,,t269-s2125529,00.html Kazaa ups virus protection as Aust users threatened While its overall impact has been limited to date, the recent outbreak of the Roron virus (aka W32/ Oror-B) has served to remind P2P users of the added danger they face when downloading and swapping files. Spreading by e-mail, local area and peer-to-peer networks Roron is the latest in a series of viruses which takes advantage of the increasingly popularity of file sharing technology.,2000024985,20269727,00.htm - - - - - - - - Tech issues get new lease on life With Republicans in control of Congress, President Bush called on lawmakers to pass legislation to create the proposed Homeland Security Department before the end of the year. "The single most important item of unfinished business on Capitol Hill is creating a unified body to protect the American people," Bush said at a White House news conference Nov. 7. - - - - - - - - The FBI's Cybercrime Crackdown In contrast to the teenage hackers of yore, today's perpetrators -- virtually all of them adults -- mount extremely sophisticated attacks. They don't brag, and they don't leave obvious tracks. To protect the classified information stored on her desktop computer, Special Agent Nenette Day uses one of the most powerful tools on the planet -- an air gap. Day points to an IBM ThinkPad resting on the table behind her desk. "That computer is hooked up to the Internet," she says. "But if you break into it, have a good time: there's no secret work on it." - - - - - - - - Hack attacks on rise in Asia Indonesian hackers on rise since Bali bombing Hackers based in Indonesia and Malaysia have been launching digital attacks on neighbouring countries, say computer security experts. October, the month in which a bomb exploded on the Indonesian island of Bail, has seen heightened cyber attacks in South East Asia and Oceania, according to a report from security firm mi2g. - - - - - - - - Debit cards may be convenient, but take heed using them online As debit cards grow in popularity, more Americans are starting to use them to shop on the Internet. Before you join their ranks, there are pros and cons you should weigh. Debit cards also known as cash cards, money cards, check cards or ATM cards have an advantage over credit cards because they don't put you in debt. - - - - - - - - Privacy group counters P2P crackdown The Electronic Privacy Information Center is launching a counterattack against Hollywood's efforts to crack down on student file-swapping. The privacy advocacy group is sending letters to presidents of colleges across the country, asking them to think before they install monitoring tools on university networks. - - - - - - - - FBI names new IT executive FBI Director Robert S. Mueller III today named Charles S. Prouty to the post of executive assistant director of law enforcement services, a post in which he will oversee the bureaus Criminal Justice Information Service Division as well as training, laboratory, critical response and international operations. Prouty succeeds executive assistant director Kathleen L. McChesney who is retiring from the FBI after 24 years as a special agent to work for the U.S. Conference of Catholic Bishops. - - - - - - - - Climbing Spam Mountain Pornographic spam rose slightly last month, while financially-related unsolicited messages became marginally less of a problem. That's according to monthly statistics from spam filtering firm Brightmail which reports adult spam rose one per cent to 12 per cent in October while financial spam decreased slightly to 36 per cent last month, from 38 per cent in September. - - - - - - - - 'You are being watched' Standing on a traffic island in the middle of Times Square, Bill Brown might as well be on stage. TV cameras sweep the street to film lead-ins for news shows; security cameras protect store entrances; Web cameras focus out on the street so tourists can wave to friends and family back home via the Internet. Since the devices are often hidden or disguised, it takes several seconds for his small tour group to pick them out. - - - - - - - - Security technologies could backfire against consumers At the USENIX Security Conference held here recently, Microsoft developers touted the company's upcoming Palladium architecture as technology that would enhance privacy, stymie piracy and increase a corporation's control over its computers. Others, however, see a more nefarious role for the security software. - - - - - - - - Chicago housing agency sings password blues At the Chicago Housing Authority, theres a mouse in the house. The nations third-largest public housing authority is swapping its password-based network security for a biometric system that uses a computer mouse to scan and submit user fingerprints. The way the agencys network was set up, users had to type in several user IDs and passwords, said Bryan Land, assistant CIO at CHA. People were always calling, saying they forgot their passwords, Land said. - - - - - - - - Irises, voices give away terrorists The United States is compiling digital dossiers of the irises, fingerprints, faces and voices of terrorism suspects and using the information to track their movements and screen foreigners trying to enter the country. Since January, military and intelligence operatives have collected the identifying data on prisoners in Afghanistan and at the U.S. naval base in Guantanamo Bay, Cuba. There are also plans to extend the collection process to Iraq in the event of a U.S. invasion. - - - - - - - - How to Keep The Wireless Snoops Away A wireless network is like hundreds of network cables floating in search of a rogue computer. A good attacker can get into most networks by taking advantage of a wireless connection and its Wired Equivalent Privacy security. WEP represents the encryption of communications data sent over radio waves, specifically using an 802.11b system. But WEP, offered with varying amounts of encryption, is vulnerable because a smart attacker can obtain data pertinent to circumventing the coding by capturing sufficient frames of data. - - - - - - - - Network Signals Just Scream to Be Exploited Organizations ignore the security risks of wireless networking at their peril. I recently strolled past federal buildings along Connecticut Avenue in Washington, carrying a beta-test model of a tablet PC equipped with an integrated IEEE 802.11b wireless PC Card. In no time, it auto- detected a wireless network. The tablet asked me if I wanted to connect. I declined, but as I kept walking, the tablet detected signals for three more wireless networks. (Apparently, the Secret Service is curious about these free- ranging signals, too, and has sent teams around Washington snooping for wireless networks that broadcast signals onto the street.) - - - - - - - - Data security for Linux power users A couple of months ago I wrote a security how to for Linux newbies, the goal of which was to help people achieve decent security using easy and safe techniques. Now it's time to address you power users out there, by which I mean people comfortable with the command line, using a text editor from the console, and tweaking configuration files -- people confident enough in their ability to recover from unpleasant surprises to take a bit of risk with their systems in the interest of securing their data and their privacy. *********************************************************** Search the Archive at: *********************************************************** The source material may be copyrighted and all rights are retained by the original author/publisher. The information is provided to you for non-profit research and educational purposes. Reproduction of this text is encouraged; however copies may not be sold, and NewsBits ( should be cited as the source of the information. Copyright 2000-2002,, Campbell, CA.