[iwar] news

From: Fred Cohen (fc@all.net)
Date: 2001-06-17 06:50:26

Return-Path: <sentto-279987-1355-992785828-fc=all.net@returns.onelist.com>
Delivered-To: fc@all.net
Received: from by localhost with POP3 (fetchmail-5.1.0) for fc@localhost (single-drop); Sun, 17 Jun 2001 06:51:08 -0700 (PDT)
Received: (qmail 22434 invoked by uid 510); 17 Jun 2001 12:52:25 -0000
Received: from f19.egroups.com ( by with SMTP; 17 Jun 2001 12:52:25 -0000
X-eGroups-Return: sentto-279987-1355-992785828-fc=all.net@returns.onelist.com
Received: from [] by f19.egroups.com with NNFMP; 17 Jun 2001 13:50:30 -0000
X-Sender: fc@all.net
X-Apparently-To: iwar@onelist.com
Received: (EGP: mail-7_1_3); 17 Jun 2001 13:50:27 -0000
Received: (qmail 72198 invoked from network); 17 Jun 2001 13:50:26 -0000
Received: from unknown ( by m8.onelist.org with QMQP; 17 Jun 2001 13:50:26 -0000
Received: from unknown (HELO all.net) ( by mta2 with SMTP; 17 Jun 2001 13:50:26 -0000
Received: (from fc@localhost) by all.net (8.9.3/8.7.3) id GAA29534 for iwar@onelist.com; Sun, 17 Jun 2001 06:50:26 -0700
Message-Id: <200106171350.GAA29534@all.net>
To: iwar@onelist.com (Information Warfare Mailing List)
Organization: I'm not allowed to say
X-Mailer: don't even ask
X-Mailer: ELM [version 2.5 PL1]
From: Fred Cohen <fc@all.net>
Mailing-List: list iwar@yahoogroups.com; contact iwar-owner@yahoogroups.com
Delivered-To: mailing list iwar@yahoogroups.com
Precedence: bulk
List-Unsubscribe: <mailto:iwar-unsubscribe@yahoogroups.com>
Date: Sun, 17 Jun 2001 06:50:26 -0700 (PDT)
Reply-To: iwar@yahoogroups.com
Subject: [iwar] news
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit

Bush wrapping up cybersecurity plan The Bush administration is wrapping
up details on a new governmentwide structure to lead national
cybersecurity efforts, again rejecting the idea of having a security
czar.  White House officials have been working for months on ways to
reorganize the government's initiatives for protecting the information
systems that support the nation's critical infrastructure.  The critical
infrastructure protection (CIP) effort started under President Clinton
in 1998, when he signed Presidential Decision Directive 63. 

Creative Labs accused of spying Irate customers are accusing Creative
Labs, the maker of digital-audio players and sound cards, of spying on
them.  The dispute revolves around a piece of software called
newsupd.exe, installed with the software that comes with most Creative
products.  A number of customers say the software is connecting them to
the Internet without their authorization and relaying data secretly back
to Creative servers.  People also say newsupd.exe installs itself on the
sly.  Creative admits the feature needs tweaking, but says it is
basically there to help consumers.  In an age when consumers are
increasingly paranoid--often with reason-- about where their personal
data is being sent without their consent or knowledge, the Creative
software has hit a raw nerve. 

SECURITY FOR THE CXO In the real world, an eight-character mixed
alphanumeric password is no more secure than a simple four-character
password.  In last month's column, I talked about the myths surrounding
SSL and other Internet encryption protocols and products.  My main point
was this: While most IT/security professionals assume that plaintext
data is vulnerable to eavesdropping over the public Internet, the risk
of such an exploit is actually quite low.  The cost and effort to
maintain an infrastructure that supports Internet encryption probably
outweighs any possible gain.  In other words, when it comes to sniffing
over the public Internet, SSL is on the wrong side of the cost/benefit

Hacker Turns RTF Exploit Theory Into Reality, Kaspersky Says An
anti-virus company say that at least one hacker has released rogue code
that takes advantage of a recently uncovered security hole in Microsoft
Word's handling of rich text format (RTF) documents.  Until now, an RTF
exploitation that does an end run around Microsoft's built-in checks for
potentially malicious Word macros has been theoretical.  But
Moscow-based Kaspersky Lab said today that it has found a Trojan in the
wild that does just that.  Kaspersky says that it has received several
reports of the new Trojan, labeled "Goga," which is invited into
unsuspecting users'computers by RTF documents opened in the Word
program.  Once hunkered down on a PC, Goga collects information about
the user's Internet accounts and relays it to a location where the
Trojan's creator might receive it. 

U.S.  House leader presses FBI surveillance worries House Majority
leader Dick Armey may seek Justice Department budget cuts to curb the
use of the FBI e-mail surveillance tool formerly known as Carnivore, a
spokesman said Thursday.  ``If necessary he would consider using
Congress' power of the purse to pull the plug on Carnivore,'' said the
aide, Richard Diamond.  At issue is specialized software used by the FBI
for court-authorized tracking of a criminal suspect's online
communications with the cooperation of an Internet service provider. 
Unlike other court- ordered electronic surveillance tools, Carnivore, as
it is still widely known, gives law enforcers access to the
communications of all the service provider's customers, critics have

Castro calls U.S.  concerns about Cuban cyberattacks 'craziness' An
irritated Fidel Castro on Thursday dismissed concerns about Cuban
cyberterrorism against the United States as ``craziness,'' saying his
country doesn't have the technology to launch such attacks even if it
wanted to.  U.S.  officials who believe that Cuba could and would attack
the country's computer networks are ``orphans, and bereft of ideas,''
Castro said in a speech shown on state television.  He called the United
States ``an empire that only knows lies.'' ``It is craziness ...  it
would be against our principles,'' Castro said at the inauguration of a
new solar energy system for a school in the western province of Pinar
del Rio.

Finding pros for IT security Soured economy or no, you still have to
have the skills of a sleuth to find information security professionals. 
How bad is the dearth? Lee Kushner, CEO and founder of L.J.  Kushner &
Associates LLP, an executive recruiting company specializing in
information security, estimates that the number of unfilled jobs
requiring skilled security professionals is between 25,000 and 50,000 in
the United States alone.  Many point to this lack of trained security
personnel as the cause of increasing numbers of successful hacks and
intrusions, the costs of which a recent Computer Security Institute/FBI
survey reported as being up nearly 50 percent over last year.  So, with
the stakes so high, how do you go about finding the security experts
your e-business needs?

Alleged Israeli hackers deface UAE News Web site Computer hackers
allegedly based in Israel have vandalized the Web site of the United
Arab Emirates' Gulf News newspaper, he daily said on Friday.  A front-
page Gulf News report said the hackers had used sophisticated technology
to break into its www.gulfnews.com Web site, which is hosted on a U.S. 
-based portal.  The Gulf News report said experts had traced the source
of the attack back through several U.S.  sites to computers linked to an
Israeli Internet provider.  Investigations into the incident were now
focused on an Israeli linked to an Israeli institute. 
[FC - why would they do this really stupid thing?]

Hackers Take Down More Malaysian Sites Internet vandals defaced eight
more Malaysian government sites, highlighting the lax security and poor
maintenance among local network administrators.  A group known as
"Silver Lords" claimed responsibility through the German-based
defacement mirror site Alldas.de.  The group replaced the main page of
the sites with a graphic entitled "For the love of Kashmir."

State Sites Facing 'World of Hell' In what appears to be the latest
spate of "theme" hackings, a group known as World of Hell has reportedly
defaced nine Web sites operated by state government agencies in the past
week.  According to the Alldas Web-defacement archive, WoH's victims
include the Internet site of the Texas Lottery Commission's bingo
division, which was defaced sometime Monday night.  The break-in at the
site, which provides information about bingo in the state, forced
lottery officials Tuesday to disable the bingo site as well as the
commission's main ome page in order to review the integrity of their

Hacker invades Brazil's 'Ministry of Blackouts' website A hacker has
invaded the Brazilian government's energy crisis information website. 
The 'Ministry Of Blackouts' site has been blocked for four hours.  The
hacker also published messages contradicting the government's energy
conservation advice.  Brazil is suffering its worst energy crisis since
the 1950s.  President Cardoso set up the emergency ministry to deal with
the shortages and control the rationing operation.  The ministry's site
alerts the public to the cuts affecting the daily lives of most
Brazilians, Folha Online reports. 

New virus tools raise concerns Security consultants have warned of two
new varieties of virus, and said IT managers should ensure their
antivirus measures are kept up to date.  Last week Jonathon Mynott, a
technical consultant at security specialist Cryptic Software, said
hacker interest was growing in a virus tool called GodMessage.  It will
be easy to fall victim once the method becomes popular, Mynott warned. 
"You only have to browse a Web page to be infected," he said.  Mynott
added that GodMessage, which is available for download on hacking sites,
allows malicious hackers to place ActiveX code on Web pages.  When
Internet Explorer users visit an infected site, their browser downloads
a compressed program.  This then resides on users' hard disks, ready to
be uncompressed on startup.  Innocent sites could be surreptitiously
hacked and have the virus implanted in their pages.  "If one person does
that to the MSN homepage, half the world's computers could be [damaged]
overnight," said Mynott. 

Defence Against the Dark Arts Now that the cold war is history,
intelligence pros are turning their black-bag wizardry toward corporate
targets=97 maybe even the likes of you.  JOHN NOLAN, A FORMER U.S. 
intelligence officer, took the call on a hot sticky day in July.  It was
from the CEO of a major consumer electronics company in California.  He
told Nolan that his company was working on a mysterious new technology
that once launched, would change the face of his industry and double the
company's revenue base.  The CEO said he had taken "extraordinary
security measures" to make sure no competitors found out about the new
product.  But just to make sure, he wanted Nolan, who had founded his
own intelligence agency after retiring from the Department of Defense,
to penetrate his company's fortifications and find out what his R&D
group was working on, how much money was being invested and when the new
product would be rolled out=97all in 30 days or less. 


Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/ 

This archive was generated by hypermail 2.1.2 : 2001-06-30 21:44:18 PDT