Return-Path: <sentto-279987-1086-986182166-fc=all.net@returns.onelist.com> Delivered-To: fc@all.net Received: from 204.181.12.215 by localhost with POP3 (fetchmail-5.1.0) for fc@localhost (single-drop); Sun, 01 Apr 2001 20:30:08 -0700 (PDT) Received: (qmail 23496 invoked by uid 510); 2 Apr 2001 03:30:00 -0000 Received: from fk.egroups.com (64.211.240.232) by 204.181.12.215 with SMTP; 2 Apr 2001 03:30:00 -0000 X-eGroups-Return: sentto-279987-1086-986182166-fc=all.net@returns.onelist.com Received: from [10.1.4.53] by fk.egroups.com with NNFMP; 02 Apr 2001 03:29:26 -0000 X-Sender: fc@all.net X-Apparently-To: iwar@onelist.com Received: (EGP: mail-7_1_0_1); 2 Apr 2001 03:29:25 -0000 Received: (qmail 37068 invoked from network); 2 Apr 2001 03:29:24 -0000 Received: from unknown (10.1.10.26) by l7.egroups.com with QMQP; 2 Apr 2001 03:29:24 -0000 Received: from unknown (HELO all.net) (65.0.156.78) by mta1 with SMTP; 2 Apr 2001 03:29:23 -0000 Received: (from fc@localhost) by all.net (8.9.3/8.7.3) id UAA25934 for iwar@onelist.com; Sun, 1 Apr 2001 20:29:23 -0700 Message-Id: <200104020329.UAA25934@all.net> To: iwar@onelist.com (Information Warfare Mailing List) Organization: I'm not allowed to say X-Mailer: don't even ask X-Mailer: ELM [version 2.5 PL1] From: Fred Cohen <fc@all.net> Mailing-List: list iwar@yahoogroups.com; contact iwar-owner@yahoogroups.com Delivered-To: mailing list iwar@yahoogroups.com Precedence: bulk List-Unsubscribe: <mailto:iwar-unsubscribe@yahoogroups.com> Date: Sun, 1 Apr 2001 20:29:23 -0700 (PDT) Reply-To: iwar@yahoogroups.com Subject: [iwar] news Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Massive solar flare eruptions likely to disrupt telecommunications Telecommunications may be disrupted briefly and the northerly night skies will shimmer red and green this weekend as intense storms rage on the sun, scientists say. The biggest sunspot cluster seen in at least 10 years has developed on the upper right face of the sun's disc, according to satellite readings. Researchers said the sunspot could persist for several days. The sunspot, which is a cooler, darker region on the sun's surface, is caused by temporarily distorted magnetic fields. It spawns tremendous eruptions, or flares, into the sun's atmosphere and hurls clouds of electrified gas toward Earth. NASA scientists said the most powerful flare erupted Thursday, rated a class X, the most potent category. The other flares were less intense. http://www.siliconvalley.com/docs/news/tech/026002.htm Study: Insiders pose main hacking threat While chief executives worry about external foes hacking into corporate networks, their real concerns should be the Trojan Horses-- disgruntled employees with the inside knowledge to easily steal sensitive secrets-- according to a study released on Thursday. Over 90 percent of global CEOs and chief information officers believe a breach of e-commerce systems would be perpetrated through the Internet or other external means, said survey of 1,283 companies by the accounting firm KPMG. And while the breach could come from outside the company walls, it is highly likely that the electronic fraudster will be an employee or consultant, as is the situation with more traditional forms of fraud, said Norman Inkster, president of KPMG Investigation and Security Inc. "Most security breaches are committed by individuals who possess intimate knowledge of the systems they are attacking," said Inkster. http://www.zdnet.com/zdnn/stories/newsbursts/0,7407,2702783,00.html Hacking 'is now bigger threat than terrorism' COMPUTER hacking could now cripple Britain more quickly than a military strike or terrorist campaign, Robin Cook, the Foreign Secretary, told the Commons last night. He said that the electronic technology controlling essential services such as water, power and transport had become a leading target for terrorists and other groups who wanted to disrupt the life of the nation.Mr Cook gave a graphic account of how terrorists or anti-capitalist protesters could wreak havoc in a modern economy such as Britain's if they managed to gain access to the computer systems of the key public services. http://www.telegraph.co.uk/et?ac=3D000114832908976&rtmo=3DqxeqJtd9&atmo=3D9= 9999999=20 &pg=3D/et/01/3/30/nhack30.html http://www.theregister.co.uk/content/8/17986.html http://thebusiness.vnunet.com/News/1119938 Internet Crime-Fighting Plan May Open Door for Snoopers Governments this year are expected to approve a wide-ranging treaty to combat cybercrime, a document that some critics are describing as a potentially Orwellian threat to privacy and as a wish list for law enforcement agencies. The proposal has the laudable aim of preventing serious crimes, such as child pornography, and will be a weapon against hacking into computer systems and propagating electronic viruses. But critics contend that it contains no safeguards for privacy and due process and places few limits on government snooping. The document would require that all countries that sign the treaty make copyright infringement a crime, hold Internet service providers responsible for the content of their systems, and outlaw anonymity on the Internet. The treaty, known as the Convention on Cybercrime, has been drawn up by the Council of Europe, a 43-nation intergovernmental organization based in Strasbourg. The European Union and the United States, meanwhile, have been coordinating their actions against cybercrime within the Group of Seven industrialized countries plus Russia. http://www.iht.com/articles/14308.html Lawmakers To Probe Federal Cyber-Security A House Oversight and Investigations subcommittee Apr. 3 plans to hold a hearing examining cyber- security problems at federal agencies. The House Energy and Commerce Committee's oversight subcommittee under Chairman James Greenwood, R-Penn., will look into the issue, one that the Commerce Committee last year under former Chairman Thomas Bliley, R-Va., examined in meticulous detail. Witnesses scheduled to appear at the hearing include Ron Dick, director of the FBI's National Infrastructure Protection Center; Sallie McDonald, assistant commissioner in the General Services Administration's Office of Information Assurance and Critical Infrastructure Protection; John Tritak, director of the Commerce Department's Critical Infrastructure Assurance Office; Robert Dacey, director of information security issues at the General Accounting Office; Tom Noonan, president and CEO of Internet Security Systems Inc.; and Glenn Podonsky, the Energy Department's director of independent oversight and performance assurance. http://www.newsbytes.com/news/01/163895.html Companies tight-lipped over cyber breaches Almost one in 10 firms had a cyber-security breach in the past year, and most sought no legal action, according to a global survey. A poll of leading companies in 12 countries including Hong Kong by accounting firm KPMG showed gross under-reporting and ignorance among executives of security risks. Only 17 per cent of the companies that suffered a security breach took legal steps against the offenders. An equally bleak picture emerged in a separate KPMG survey on conventional fraud in Hong Kong, with 25 per cent of companies admitting they were victims. However, less than one in five reported the crime to law enforcers. http://www.zdnetasia.com/news/dailynews/story/0,2000010021,20193342,00.htm OpenHack: Did He Win or Not? A hacker is claming that he has won Argus' ballyhooed OpenHack III competition by cracking its much-vaunted PitBull security system. Argus concedes the crack, but isn't awarding the promised big cash prize. Systems running Argus' PitBull were offered up as a challenge to hackers in the OpenHack III competition in February. During the contest, 40,000 people attempted to crack the system and were unsuccessful. The same challenge was offered at the European technology conference CeBit this week. This time, one person says he was able to crack the system. But he evidently missed the deadline. http://www.wired.com/news/technology/0,1282,42747,00.html VeriSign certificate snafu highlights threat of human errors When VeriSign Inc. disclosed last week that it had issued two digital certificates to an individual who fraudulently claimed to be a Microsoft Corp. employee, the incident highlighted for corporate users how simple human error can undo technology-based security schemes. The mistaken issuance of the digital certificates, which led Microsoft to release a software update for all Windows releases dating back to 1995, also put companies on notice about the importance of having both preventive and reactive processes in place to deal with such security lapses. In addition, users and analysts said, VeriSign's goof points out some of the broader challenges associated with reliably establishing identities within public-key infrastructure (PKI) networks. http://www.computerworld.com/cwi/stories/0,1199,NAV47-68-84-88-93_STO59099,00.html ------------------------ Yahoo! Groups Sponsor ---------------------~-~> Find software faster. Search more than 20,000 software solutions on KnowledgeStorm. Register now and get started. http://us.click.yahoo.com/1OWqsB/yMSCAA/7f4EAA/kzAVlB/TM ---------------------------------------------------------------------_-> ------------------ http://all.net/ Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/
This archive was generated by hypermail 2.1.2 : 2001-06-30 21:44:06 PDT