From: The SANS Institute (NewsBitessans.org)
Date: Tue Mar 28 2006 - 13:02:55 CST

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Did you know it is illegal to use a wireless connection without
permission? If you didn't, take a look at the first story.
                                    Alan

*************************************************************************
SANS NewsBites March 28, 2006 Vol. 8, Num. 25
*************************************************************************

TOP OF THE NEWS
  Man Fined and Sentenced to Court Supervision for Wireless Piggybacking
  UK Fraud Bill Would Make it a Crime to Deceive a Computer
  Web Sites Exploiting IE Flaw; Microsoft Working On Fix
  Lenovo Says National Security Concerns Over Computer Deal Unwarranted

THE REST OF THE WEEK'S NEWS
  ARRESTS, CONVICTIONS AND SENTENCES
    Israeli Trojan Couple Sentenced to Prison
    Four Indicted on Charges Related to Nigerian 419 Scam
  HOMELAND SECURITY AND GOVERNMENT SYSTEMS SECURITY
    HHS IG Refutes GAO Report Findings
  SPYWARE, SPAM & PHISHING
    Australian Judge Opens Door for Contempt Charges Against Kazaa
  COPYRIGHT, PIRACY & DIGITAL RIGHTS MANAGEMENT
    German Anti-Piracy Law Imposes Stiff Penalties
  WORMS, ACTIVE EXPLOITS, VULNERABILITIES & PATCHES
    RealNetworks Addresses Four Vulnerabilities
  ATTACKS & INTRUSIONS & DATA THEFT & LOSS
    Florida State Employee Data Compromised
    Stolen Laptop Contained Personal Data from Vermont State Colleges
  MISCELLANEOUS
    Company Will Pay Hefty Fine for Violating Anti-Spam Law
    NEC to Restate Results Following Internal Theft of 50 Million Yen
    Interpol: Police Forces Need Money, Manpower and Data Sharing

*********************** Sponsored By LURHQ *****************************

LURHQ's Managed Security and Consulting Sefvices empower the security
professional by enabling a strategic Threat and Vulnerability Management
process focused on your critical business assets. Download this
presentation, featuring Gartner Analyst Kelly Kavanagh, to learn how a
Threat & Vulnerability Management program enabled by our Services can
enhance your security posture and facilitate compliance efforts.
http://www.sans.org/info.php?id=1083

************************************************************************
SANS Training in San Diego, Munich, London and Washington DC

Turbo charge your security career or the careers of any of your
coworkers this spring in San Diego in early May: a dozen of SANS most
popular courses and a vendor exposition right on the harbor.
http://www.sans.org/security06/
Or in London at the end of June: http://www.sans.org/london06
Or Munich in early April: http://www.sans.org/munich06
Or Washington in July right after July 4 for the biggest SANSFIRE ever:
with all 17 SANS immersion tracks and more than a dozen special courses,
a big exposition, and an inside look at how the Internet's Early Warning
System (Internet Storm Center) actually works Bring your family for the
national fireworks show.
http://www.sans.org/sansfire06
*************************************************************************

TOP OF THE NEWS

 --Man Fined and Sentenced to Court Supervision for Wireless Piggybacking
(24/23 March 2006)
David M. Kauchak has been fined US$250 and sentenced to one year of
court supervision for accessing another person's wireless network
without permission. Kauchak was arrested after he was seen sitting in
his parked car with his computer.
http://www.techweb.com/wire/183702832
http://rrstar.com/apps/pbcs.dll/article?AID=/20060323/NEWS0107/103230036/1011
[Editor's Note (Schultz): I know many people who "piggyback" on others'
wireless networks without any fear of being punished. Perhaps the ruling
in this case will help them change their minds concerning engaging in
such activity.]

 --UK Fraud Bill Would Make it a Crime to Deceive a Computer
(23 March 2006)
UK Attorney General Lord Goldsmith has added a clause to the Fraud Bill
that would make it a criminal offense to deceive a computer, by, for
example, engaging in activity such as trying to steal money from cash
machines. The clause would "close a legal loophole." The present
wording could result in unsuccessful prosecution of cyber criminals "on
the grounds that you cannot deceive a machine."
http://www.vnunet.com/computing/news/2152523/bill-seals-crime-loophole

 --Web Sites Exploiting IE Flaw; Microsoft Working On Fix
(27/24/23 March 2006)
There are reports that web sites are already exploiting the Internet
Explorer TextRange () flaw to install spyware on vulnerable computers.
As of Monday morning, more than 200 such sites have been detected. The
flaw exists in IE 6 and IE 7 beta 2; this marks the third IE
vulnerability disclosed in one week. Microsoft is developing a fix.
Users are advised to disable Active Scripting in IE.
Internet Storm Center:
http://isc.sans.org/diary.php?storyid=1223
http://isc.sans.org/diary.php?storyid=1221
http://www.techworld.com/security/news/index.cfm?NewsID=5629
http://news.com.com/2102-1002_3-6053456.html?tag=st.util.print
http://www.techweb.com/wire/183702818
http://news.bbc.co.uk/2/hi/technology/4849904.stm
http://www.computerworld.com/printthis/2006/0,4814,109943,00.html
http://www.zdnetasia.com/news/security/printfriendly.htm?AT=39346257-39000005c
[Editor's Note (Boeckman): Most web proxies have a feature that can
enforce web client agent filtering. This provides a network
administrator the ability to limit the use of Internet Explorer during
periods of high risk, which seem to occur quite frequently.]

 --Lenovo Says National Security Concerns Over Computer Deal Unwarranted
(27/25/24 March 2006)
Some members of the US China Economic and Security Review Commission
have called for an investigation after expressing concerns that a US$15
million contract with CDW Government Inc. for upgrades to the US State
Department's computer system could pose a threat to national security.
They have called for an investigation. The computers to be bought are
made by the Chinese-owned Lenovo Group. Lenovo "rejects that assertion
and welcomes an inquiry into the matter."
http://www.computerworld.com/printthis/2006/0,4814,109942,00.html
http://news.com.com/2102-1014_3-6053586.html?tag=st.util.print
http://www.eweek.com/print_article2/0,1217,a=174327,00.asp
[Editor's Note (Weatherford): While the political/intelligence aspect
of this deal is certainly worth discussion, the other issue here is the
lack of awareness expressed in the statement that "the computers were
intended for unclassified systems." I suppose the State Department of
the United States doesn't conduct any sensitive business on
"unclassified" systems.]

*********************** Sponsored Links: ******************************

1) Email threat protection for small and medium-sized businesses - get
our white paper now!
http://www.sans.org/info.php?id=1084
*************************************************************************

THE REST OF THE WEEK'S NEWS

ARRESTS, CONVICTIONS AND SENTENCES
 --Israeli Trojan Couple Sentenced to Prison
(27 March 2006)
Ruth and Michael Haephrati, the Israeli couple convicted of developing
and selling a Trojan horse program, have both been sentenced to prison.
Ruth Haephrati received a four-year sentence; her husband received a
two-year sentence. The couple sold their Trojan horse program to
private investigators who used it to glean data from clients' business
competitors. The couple was also ordered to pay 2 million Shekels
(US$428,000) in compensation.
http://news.zdnet.com/2102-1009_22-6054116.html?tag=printthis

 --Four Indicted on Charges Related to Nigerian 419 Scam
(27/24 March 2006)
A grand jury in Brooklyn, NY has indicted four people on charges of
conspiracy, wire fraud and mail fraud for their alleged roles in an
email 419 scam that cost victims more than US$1.2 million. If convicted
of all charges against them, the men face decades of prison time.
http://zdnet.com.au/news/security/print.htm?TYPE=story&AT=39247806-2000061744t-10000005c
http://www.theregister.co.uk/2006/03/27/419_scammers_indicted/print.html

HOMELAND SECURITY AND GOVERNMENT SYSTEMS SECURITY
 --HHS IG Refutes GAO Report Findings
(23 March 2006)
The Department of Health and Human Services (HHS) Inspector General (IG)
Daniel Levinson has responded to a report from the Government
Accountability Office (GAO) that says "significant weaknesses in
information security controls at HHS ... put at risk the
confidentiality, integrity and availability of their sensitive
information and information systems." Levinson says the GAO used
outdated reports to draw its conclusions and that progress has been made
in securing HHS systems. Levinson also objects to "the frequent use of
the word 'significant' ... throughout the assessment [as it] evokes a
negative connotation that is not reflective of the progress or current
state of HHS's information security program."
http://govhealthit.com/article92719-03-23-06-Web

SPYWARE, SPAM & PHISHING
 --Australian Judge Opens Door for Contempt Charges Against Kazaa
(23 March 2006)
An Australian judge has ruled that Sharman networks, parent company of
Kazaa, did not comply with an earlier order to take steps to prevent
people in Australia from illegally downloading digital music files with
its peer-to-peer (P2P) file sharing software by December 5, 2005.
Rather than deploy keyword filters, Kazaa chose to block access to its
network for Australian users. Sharman maintained that blocking the
network met the requirements for compliance with the order. Record
industry representatives said the measure would not prevent Australian
citizens who already had the Kazaa software from downloading the music.
The judge's ruling allows record companies to bring contempt of court
proceedings against Kazaa.
http://www.theage.com.au/news/breaking/kazaa-faces-new-court-battle/2006/03/23/1143083882135.html

COPYRIGHT, PIRACY & DIGITAL RIGHTS MANAGEMENT
 --German Anti-Piracy Law Imposes Stiff Penalties
(24 March 2006)
Under new legislation in Germany, people convicted of downloading movies
and music for private use could face penalties of up to two years
imprisonment; those who download movies for commercial use could face
up to five years. The new law takes effect January 1, 2007.
http://technology.timesonline.co.uk/article/0,,20409-2100973,00.html

WORMS, ACTIVE EXPLOITS, VULNERABILITIES & PATCHES
 --RealNetworks Addresses Four Vulnerabilities
(24 March 2006)
RealNetworks has released updates to address four flaws in RealPlayer,
Rhapsody, Helix Player and RealOne Player. The flaws affect software
on Windows, Mac OS X and Linux systems. Three of the flaws are
considered critical.
Internet Storm Center: http://isc.sans.org/diary.php?storyid=1211
http://news.com.com/2102-1002_3-6053912.html?tag=st.util.print
http://service.real.com/realplayer/security/03162006_player/en/

ATTACKS & INTRUSIONS & DATA THEFT & LOSS
 --Florida State Employee Data Compromised
(26 March 2006)
People who worked for the state of Florida between January 1, 2003 and
June 30, 2004, are being notified that the privacy of their personal
data may have been compromised. Florida's Department of Management
Services was using an outsourcing service provider, Convergys, that
outsourced the data to GDXData, that, in turn, outsourced the contract
to a subcontractor in India. Convergys maintains the offshore work was
done without its knowledge and has cancelled its contract with GDXData.
One Florida state public employee union wants the contract with
Convergys cancelled.
http://www.computerworld.com/printthis/2006/0,4814,109938,00.html
[Editor's Note (Kreitner) Security is about accountability,
accountability, and accountability. I am distressed about the
reluctance of many enterprises to hold everyone (including executives
and the star sales people) accountable for security policy compliance
by stating clear consequences for policy violations. A security policy
without explicit compliance requirements explicitly acknowledged by
everyone granted access to enterprise information assets is of
relatively little value.]

 --Stolen Laptop Contained Personal Data from Vermont State Colleges
(24 March 2006)
A laptop computer stolen from a car parked on a Montreal street contained personal data belonging to thousands of Vermont State Colleges students, faculty and staff. Security precautions were taken as soon as the school learned of the theft, which occurred on February 28, but people whose data were stored on the computer were notified just last week.
http://www.timesargus.com/apps/pbcs.dll/article?AID=/20060324/NEWS/603240363/1002

MISCELLANEOUS
 --Company Will Pay Hefty Fine for Violating Anti-Spam Law
(24 March 2006)
Internet marketing company Jumpstart has agreed to pay a US$900,000 fine
"to settle charges it violated federal anti-spam laws." Jumpstart
allegedly sent out spam offering free movie tickets in exchange for five
friends' email addresses. The company allegedly sent unsolicited email
messages to the addresses it gathered with misleading subject lines and
headers in an attempt to evade spam filters and to make the messages
appear to come from friends. In its complaint, the Federal Trade
Commission (FTC) accused Jumpstart of sending email with falsified or
misleading subject lines, not identifying it as commercial email and not
clearly informing recipients of ways to opt out of receiving more email.
http://www.msnbc.msn.com/id/11996880/
[Editor's Note (Grefer): The fact that Jumpstart was willing and able
to settle with the FTC to the tune of US$900,000 provides an inkling of
the profits still involved in sending out spam. Please help to fight
back and give the offenders a taste of what they're dishing out.
Subscribe to the Do Not Intrude Registry and let BlueSecurity's Blue
Frog utilize its Active Deterrence.
http://www.ranum.com/security/computer_security/editorials/bluesecurity/
http://www.bluesecurity.com/]

 --NEC to Restate Results Following Internal Theft of 50 Million Yen
(23 March 2006)
NEC says it will restate previous financial results after learning that
an employee pushed through numerous phony transactions to the tune of
36.3 billion yen (US$312 million) between February 2002 and December
2005. His actions netted him approximately 50 million yen (US$428,000).
Once the auditors have completed their investigation, NEC plans to
improve its financial controls. The company plans to fire the man and
file a civil complaint against him.
http://www.theregister.co.uk/2006/03/23/nec_accounting_woes/print.html
http://search.japantimes.co.jp/cgi-bin/nn20060323a6.html

 --Interpol: Police Forces Need Money, Manpower and Data Sharing
(22 March 2006)
Interpol says police forces worldwide lack sufficient human and
financial resources to effectively combat cyber crime. Bernhard Otupal,
crime intelligence officer for Interpol's financial and hi-tech crime
unit, said at a Brussels anti-phishing conference that politicians are
not adequately funding cyber crime fighting efforts because they are
unaware of cyber criminals' methods and of the need for updates as
technology changes. In addition, Otupal has called on politicians
around the world to develop a "global legislative framework" to exchange
evidence.
http://www.crime-research.org/news/22.03.2006/1896/
http://news.com.com/2102-7348_3-6052249.html?tag=st.util.print

===end===

NewsBites Editorial Board:
Kathy Bradford, Chuck Boeckman, Rohit Dhamankar, Roland Grefer, Brian
Honan, Clint Kreitner, Stephen Northcutt, Alan Paller, John Pescatore,
Marcus Ranum, Howard Schmidt, Eugene Schultz, Gal Shpantzer, Koon Yaw
Tan, Mark Weatherford

Please feel free to share this with interested parties via email, but
no posting is allowed on web sites. For a free subscription, (and for
free posters) or to update a current subscription, visit
http://portal.sans.org/

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (GNU/Linux)

iD8DBQFEKXor+LUG5KFpTkYRAsMpAJ9XhHuc+Z/CMvFVfZGWyR4No93+SgCffvVo
rmHG7I4eI+ES2W76AQvdGJ8=
=2084
-----END PGP SIGNATURE-----

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]