OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
Subject: SANS NewsBites Vol. 2 Num. 13
From: The SANS Institute (sanssans.org)
Date: Wed Mar 29 2000 - 17:05:33 CST

**********************************************************************
To: Security Express (SD397643)
From: Alan for the SANS NewsBites service
Re: March 29 SANS NewsBites

Congratulations to the 218 people who completed the intensive five-day
Intrusion Detection Immersion Curriculum (IDIC) and earned passing
grades on the certification test. An upgraded version of the IDIC will
be offered May 8-12 in San Jose for the overflow from the Orlando
conference and for others desiring to learn how to be intrusion
detection analysts. Also offered in San Jose are immersion tracks
leading to certification in firewalls, incident handling and hacker
exploits, Windows NT security, and remote access. Details at
http://www.sans.org/sj00.htm

                                            AP
                                            
**********************************************************************

                          SANS NEWSBITES

                  The SANS Weekly Security News Overview

Volume 2, Number 13 March 29, 2000

                           Editorial Team:
Kathy Bradford, Crispin Cowan, Roland Grefer, Rob Kolstad, Bill Murray,
 Stephen Northcutt, Alan Paller, Howard Schmidt, Eugene Schultz
                          <sansrosans.org>

*********************************************************************

25 March 2000 Canada Seen as Hacker Haven by US Law Enforcement
24 March 2000 Welsh Crackers Arrested
24 March 2000 The Specter of Cyber Warfare
24 March 2000 Brazilian Cracker Arrested
24 March 2000 FBI Cyber Informant Charged with Cracking
24 March 2000 Microsoft "Whistler" OS Illegally Posted on Net
24 March 2000 Senate Approves Security Bill
24 March 2000 Electronic Subpoenas Filed in CyberPatrol Case
23 March 2000 First Cybercrime Task Force Formed
22 March 2000 Insurance Site Glitch Exposes Personal Information
22 March 2000 TWA Customers' E-Mail Addresses Exposed
21 March 2000 Australian Treasury Web Site Defaced
21 March 2000 Protecting Military Weapons Systems
21 March 2000 Is NSA Losing Technological Ground?
21 March 2000 Dangerous Viruses Could Give Rise to Legal Issues
21 March 2000 NASA Blocks Brazil's Access to Site
20 March 2000 Brazilian Crackers Deface Government Sites
20 March 2000 Federal Systems are Targets
19 March 2000 Mexican President Under Cyber Attack

**************** This week's sponsor: Network-1 *********************
  
Network-1 Security Solutions - Embedded NT Firewalls

Now you can stop denial of service attacks against your critical NT
servers. CyberwallPLUS-SV is the industry's first embedded firewall for
NT servers. It allows you to protect your valuable NT servers from
unwanted access and intrusion by Internet, Intranet and Extranet users.

Visit http://www.network-1.com/eval/eval6992.htm and get your free
CyberwallPLUS evaluation kit.

**********************************************************************

- 25 March 2000 Canada Seen as Hacker Haven by US Law Enforcement
The US Defense Intelligence Agency has prepared a report asserting that
as many as 80% of cyber attacks on US government systems originate in
or come through Canada.
http://www.nationalpost.com/home.asp?f=000325/242501

- 24 March 2000 Welsh Crackers Arrested
Two Welsh teenagers were arrested last week on charges they violated
the UK's Computer Misuse Act of 1990. The two, using the screen name
"Curador," stole over 26,000 credit card numbers from e-commerce sites
and posted them on the Internet. Losses were estimated at up to $3
million.
http://www.msnbc.com/news/386402.asp?0m=N11M
http://news.bbc.co.uk/hi/english/uk/wales/newsid_689000/689368.stm
http://news.cnet.com/category/0-1007-200-1583595.html

- 24 March 2000 The Specter of Cyber Warfare
The threat of cyber warfare is likely to grow, and while the US is
taking steps to guard against this potential menace, citizens' privacy
should not be compromised, said a United States senator speaking before
the US Chamber of Commerce.
http://www.currents.net/newstoday/00/03/24/news2.html

- 24 March 2000 Brazilian Cracker Arrested
Brazilian authorities arrested a cracker suspected of cracking sites
including those of NATO, NASA, and the Brazilian government. The
cracker, who uses the name "Jamiez," is a security analyst.
http://www.computerworld.com/home/print.nsf/all/000324CD76

- 24 March 2000 FBI Cyber Informant Charged with Cracking
A self-described "ethical hacker" who has been a confidential source
for the FBI stands accused of cracking into a number of government and
University computer systems, and of possessing nearly 500 passwords
belonging to customers of a California ISP.
http://www.sfgate.com/cgi-bin/article.cgi?file=/chronicle/archive/2000/03/24/MN57003.DTL

- 24 March 2000 Microsoft "Whistler" OS Illegally Posted on Net
An "internal build" of a future Microsoft operating system (OS) has been
posted on the Internet. Code named "Whistler," the OS is being tested
internally.
http://www.zdnet.com/zdnn/stories/news/0,4586,2473290,00.html?chkpt=zdhpnews01

- 24 March 2000 Senate Approves Security Bill
The Senate last week approved a security bill which requires agencies
to appoint network security directors responsible for strengthening
computer systems' security and requiring the Defense Department and
Intelligence Agencies to develop especially strong security measures
for their information systems.
http://www.currents.net/newstoday/00/03/24/news8.html

- 24 March 2000 Electronic Subpoenas Filed in CyberPatrol Case
The attorney representing the company suing two crackers for reverse
engineering their software has sent out two dozen subpoenas and notices
by e-mail. The apparently unprecedented legal move has the ACLU crying
foul and those who have received the electronic messages in an ambiguous
legal situation.
http://www.zdnet.com/zdnn/stories/news/0,4586,2473503,00.html?chkpt=zdhpnews01
http://www.zdnet.com/zdnn/stories/news/0,4586,2473577,00.html

- 23 March 2000 First Cybercrime Task Force Formed
The first of sixteen planned cybercrime task forces was formed in
Pittsburgh. The task force, comprised of federal, state, and local
authorities will investigate cybercrime, Internet fraud, and work to
quell the occurrence of DDoS attacks.
http://www.currents.net/newstoday/00/03/23/news17.html

- 22 March 2000 Insurance Site Glitch Exposes Personal Information
Twenty people requesting life insurance quotes on-line had their
sensitive personal data exposed due to a programming error. Customers
were alerted to the problem by others who viewed their information.
http://www.msnbc.com/news/385464.asp?0m=N19M

- 22 March 2000 TWA Customers' E-Mail Addresses Exposed
A list management software glitch exposed the e-mail addresses of TWA
newsletter subscribers.
http://news.cnet.com/category/0-1007-200-1580221.html
http://www.computerworld.com/home/print.nsf/all/000322CBF6

- 21 March 2000 Australian Treasury Web Site Defaced
Brazilian crackers broke into Australia's Department of Treasury web
site, leaving a message calling for change in their country. The site
was closed down as soon as the problem was discovered, and security was
upgraded.
http://dailynews.yahoo.com/h/nm/20000321/wr/australia_hackers_1.html

- 21 March 2000 Protecting Military Weapons Systems
Army officials are concerned that cyber criminals could gain control of
military weapons systems. An information assurance training CD-ROM
asserts that in a controlled experiment, false navigational data was
planted in a Navy ship's steering system.
http://www.fcw.com/fcw/articles/2000/0320/web-hacker-03-21-00.asp

- 21 March 2000 Is NSA Losing Technological Ground?
The National Security Agency's (NSA) three-day computer outage in
January leads some observers to claim the Agency is losing the
technological edge it once held.
http://www.it.fairfax.com.au/communications/20000321/A19747-2000Mar20.html

- 21 March 2000 Dangerous Viruses Could Give Rise to Legal Issues
Newer viruses borrow users' network and Internet connections to
replicate, making it appear that innocent people have sent the virus
onward. Other viruses seek out confidential documents and e-mail them,
change clauses in documents, alter numbers in spreadsheets, and change
the word "yes" to "no", all of which could present serious legal issues.
http://www.it.fairfax.com.au/networking/20000321/A19808-2000Mar20.html

- 21 March 2000 NASA Blocks Brazil's Access to Site
NASA blocked Brazilian access to its Jet Propulsion Laboratory web site
last week due to a number of attacks seemingly coming from that country.
The blocks were removed on March 17th.
http://www.gcn.com/vol1_no1/daily-updates/1572-1.html

- 20 March 2000 Brazilian Crackers Deface Government Sites
A Brazilian cracker group known as "Crime Boy's" defaced Bureau of Land
Management (BLM) and ROTC web sites, and tried to attack NASA's Jet
Propulsion Lab site, which resulted in Brazil have all access to the
site denied for a short time. The group had threatened to take down
the Army's home page, but the site is based on a platform that is tough
to crack. Another cracker says that the security at the attacked sites
must not have been very good, because the cracker group used
unsophisticated methods.
http://www.fcw.com/fcw/articles/2000/0320/news-crimby-03-20-00.asp
http://www.computerworld.com/home/print.nsf/all/000321CBB6

- 20 March 2000 Federal Systems are Targets
The cracker community views attacks on federal computer systems as a
rite of passage. The chief of the Command and Control Protect Division
in the Army's Information Assurance Office pointed out that many
cracking tools are available on the Internet.
http://www.fcw.com/fcw/articles/2000/0320/web-3hacku-03-20-00.asp

- 19 March 2000 Mexican President Under Cyber Attack
Mexico's President Zedillo has had his web page altered by crackers,
had phony e-mail sent out bearing his name, and most recently, was the
target of a phony Internet posting.
http://dailynews.yahoo.com/h/nm/20000319/wr/tech_mexico_1.html

****************** Also sponsored by: Axent ******************

FREE Windows 2000 Security WebCast

AXENT's "Everything You Need to Know about Windows 2000 Security"
WebCast on March 30 will inform you of Windows 2000's first security
patch, its potential defects, as well predictions for what's to come.
It also highlights a number of new security features.
 
Space is limited - register today at
http://www.axent.com/redirect/newsbites03-28

AXENT is the leading provider of e-security solutions for your
business, delivering integrated products and expert services to 45 of
the Fortune 50 companies.

== End ==

Please feel free to share this with interested parties via email (not
on bulletin boards). For a free subscription, e-mail sanssans.org
with the subject: Subscribe NewsBites

Use this personal URL to change your subscription, address, or other
information:
        http://www.sans.org/sansaddr?hashid=SD397643jFg25PaJ7aa
or email <sanssans.org> with complete instructions and your SD number
(from the headers) for subscribe, unsubscribe, change address, add
other digests, or any other comments.