|
[networknewsletters]
||
[Date Prev]
[10-2005 Date Index]
[Date Next]
||
[Thread Prev]
[10-2005 Thread Index]
[Thread Next]
[Security-News] October 17, 2005 update
- From: Educational CyberPlayGround <admin@xxxxxxxxxxxxxxx>
- To: NetworkNewsletters@xxxxxxxxxxxxx
- Date: Tue, 18 Oct 2005 15:13:33 -0400
**************************************************************
Network Newsletters Mailing List ©1994
Subscribe - Unsubscribe - Email Preferences
http://www.edu-cyberpg.com/Community/NetworkNewsletters.html
Educational CyberPlayGround Community Mailing Lists
http://www.edu-cyberpg.com/Community/
Advertise Network Newsletters Guidlines
http://www.edu-cyberpg.com/Community/Subguidelines.html
**************************************************************
*********************************************************************
CATCHING DIGITAL CHEATERS
Learn how to write proper quotations, citations, and bibliographies.
Find website sources that are used by cheaters and find the website
sources that are use to fight digital cheating.
<http://www.edu-cyberpg.com/Teachers/plagiarism.html>
*********************************************************************
SECURITY IN THE NEWS
updated on October 17, 2005
This report is available on the web at
http://www.thei3p.org/news/today.html
HOMELAND SECURITY & INFRASTRUCTURE PROTECTION
India: Google Maps Too Graphic:
Wired News, 2005-10-16
POLITICS-LEGISLATION
Replicate e-gov success across India:
Cyber India Online, 2005-10-17
MALWARE
Teen uses worm to boost ratings on MySpace.com:
Computerworld, 2005-10-17
TECHNOLOGY
Securing laptop PCs for public Wi-Fi hot spots:
Federal Computer Week, 2005-10-17
RSA boosts security of single sign-on:
Computerworld, 2005-10-17
As Threats Evolve, Defenses Must Adapt:
EWeek.com, 2005-10-17
VULNERABILITIES & EXPLOITS
Glitch afflicts critical MS patch:
The Register, 2005-10-17
CIVIL & CONSUMER ISSUES
Phone Tap: How's the Traffic?:
Wired News, 2005-10-15
FBI shuts down 'number one spammer':
Silicon.com, 2005-10-17
Music piracy boss moves to movies:
ZDNet Australia, 2005-10-17
HOMELAND SECURITY & INFRASTRUCTURE PROTECTION
Title: India: Google Maps Too Graphic
Source: Wired News
Date Written: 2005-10-16
Date Collected: 2005-10-17
Indian President A.P.J. Abdul Kalam has expressed concerns that
satellite photos available through Google's free mapping program
could aid terrorists. Google Earth allows users to view
overlapping satellite photos of various resolutions, some of
secured or sensitive locations. The governments of South Korea
and Thailand and lawmakers in the Netherlands have expressed
similar concerns. A spokesperson from Google has stated that all
information contained in Google Earth and Google Maps is from
public sources and all information is at least two years old.
President Kalam has called for new laws to stem the release of
such information.
http://www.wired.com/news/technology/0,1282,69230,00.html
POLITICS-LEGISLATION
Title: Replicate e-gov success across India
Source: Cyber India Online
Date Written: 2005-10-17
Date Collected: 2005-10-17
S Lakshminarayanan, India's Ministry of Home Affairs Inter-State
Council Secretariat Secretary, speaking at the Conflux 2005
conference in New Delhi, called for the government to expand its
e-government successes across the country. To deal with the
differences in economic development between states, India would
have to adopt e-government and localization standards. Chief
Information Commissioner designate Wajahat Habibullah called for
e-government at the grassroots level to ensure the success of the
Right to Information Act and to enable panchayats (cooperative
groups of local villages) to function better. Attendees of the
conference also discussed rural computing, information technology
in agriculture, education, and health.
http://www.ciol.com/content/news/2005/105101714.asp
MALWARE
Title: Teen uses worm to boost ratings on MySpace.com
Source: Computerworld
Date Written: 2005-10-17
Date Collected: 2005-10-17
A 19-year-old, known only by the name "Samy", attacked
MySpace.com with a worm designed to boost his popularity rating.
Samy placed code in his user profile that exploited a cross-site
scripting vulnerability to add Samy to MySpace users' friend
lists whenever they viewed his profile. The code also added the
comment "... and Samy is my hero" to victims' profiles. The worm
also copied itself to other users' profiles; launched October 4,
2005, the worm won Samy 2,500 "friends" with 6,400 friend
requests pending within thirteen hours. MySpace officials deleted
Samy's account soon thereafter.
http://www.computerworld.com/securitytopics/security/holes/story/0,10801,105484,00.html
TECHNOLOGY
Title: Securing laptop PCs for public Wi-Fi hot spots
Source: Federal Computer Week
Date Written: 2005-10-17
Date Collected: 2005-10-17
Los Gatos, California based Cranite Systems has developed a new
technology that could allow government employees to work securely
on laptop computers and other devices from public Wi-Fi hot spots
or networks at home. The SafeConnect product would provide the
first Layer 2 secure access solution for enterprise networks.
Government policies have generally prohibited the use of public
Wi-Fi systems, citing them as insufficiently secure. The product
will also be used as a component of Geospatially-Aware Urban
Approaches for Responding to Disasters (GUARD), a New York
program which would create two-way wireless communications for
first responders during disasters. Cranite will demonstrate the
product at the Military Communication conference in Atlantic
City, New Jersey.
http://www.fcw.com/article91132-10-17-05-Web&RSS=yes
Title: RSA boosts security of single sign-on
Source: Computerworld
Date Written: 2005-10-17
Date Collected: 2005-10-17
RSA Security is simplifying its Sign-On Manager to support two-
factor authentication. Version 4.5 will integrate RSA SecurID for
Windows into a single client. Users will be able to use their
SecurID tokens to sign on to their computers once after logging
on with Windows username and password; previously, users had to
use SecurID with every individual application that required two-
factor authentication. Adding two-factor authentication to single
sign-on systems should strengthen their security. RSA is also
adding an IntelliSense feature to allow remote workers to
temporarily access a system through a series of questions. Sign-
On Manager 4.5 is due November 2005.
http://www.computerworld.com/securitytopics/security/story/0,10801,105485,00.html
Title: As Threats Evolve, Defenses Must Adapt
Source: EWeek.com
Date Written: 2005-10-17
Date Collected: 2005-10-17
In this article, the author recounts the evolution of computer
viruses and the industry that serves to stop them. He asserts
that as hacking has become an activity predominated by
professional criminals, the antivirus industry is struggling to
keep up. He finishes by asserting that a combined approach of
user training, antivirus protection and more secure systems is
needed to address future security concerns.
http://www.eweek.com/article2/0,1759,1871414,00.asp
VULNERABILITIES & EXPLOITS
Title: Glitch afflicts critical MS patch
Source: The Register
Date Written: 2005-10-17
Date Collected: 2005-10-17
Microsoft has issued a warning that a patch designed to fix a
critical flaw in Windows middleware components (MS05-051.mspx)
creates system instability in environments with modified Access
Control List (ACL) settings. It is not yet clear how many users
have been effected by issues associated with the patch, ranging
from users unable to log on after the patch is applied to a blank
screen after the update. The flaw the patch is designed to fix
could be exploited by an internet worm, giving systems
administrators the choice of possibly breaking their systems or
leaving them exposed.
http://www.theregister.co.uk/2005/10/17/ms_patch_glitch/
CIVIL & CONSUMER ISSUES
Title: Phone Tap: How's the Traffic?
Source: Wired News
Date Written: 2005-10-15
Date Collected: 2005-10-17
The Missouri Department of Transportation is finalizing a
contract to monitor thousands of cell phones, using their
movements to map traffic conditions statewide. State officials
claim the identity of individual cell phones will remain
anonymous, but privacy advocates are nervous that the system
might later be used to track fugitives or drivers violating the
speed limit. Once the contract is completed, it will take an
estimated six months to implement and test the project.
http://www.wired.com/news/wireless/0,1382,69227,00.html
Title: FBI shuts down 'number one spammer'
Source: Silicon.com
Date Written: 2005-10-17
Date Collected: 2005-10-17
The US Federal Bureau of Investigation has announced details of a
September 2005 raid against the home of Alan Ralsky, number one
spammer on the Spamhaus Project's Register of Known Spam
Operations (ROSKO). Agents raided Ralsky's home and that of his
son-in-law, seizing documents, disks, and hardware. Verizon sued
Ralsky in 2002 for spamming its networks, but settled after
Ralsky agreed not to spam Verizon networks and customers. The
raid has effectively shut down Ralsky's spam operation.
http://www.silicon.com/research/specialreports/thespamreport/0,39025001,39153405,00.htm
Title: Music piracy boss moves to movies
Source: ZDNet Australia
Date Written: 2005-10-17
Date Collected: 2005-10-17
Michael Kerin, head of Australia's Music Industry Piracy
Investigations (MIPI) has announced that he will leave for a
similar position in the movie industry's Australian Federation
Against Copyright Theft (AFACT). Kerin has served as head of MIPI
for only five months. MIPI's board is examining Kerin's
recommendations for operations, which include greater educational
efforts and more criminal prosecutions. Kerin expects the
entertainment industry to face a greater risk of piracy as
broadband becomes more common in Australia.
http://www.zdnet.com.au/news/security/soa/Music_piracy_boss_moves_to_movies/0,2000061744,39217464,00.htm?feed=rss
The Institute for Information Infrastructure Protection (I3P)
accepts no responsibility for any error or omissions in this e-mail.
The information presented is a compilation of material from various
sources and has not been verified by staff of the I3P. Therefore,
the I3P cannot be made responsible for the factual accuracy of
the material presented. The I3P is not liable for any loss or
damage arising from or in connection with the information
contained in this report. It is the responsibility of the user to
evaluate the content and usefulness of this information.
References in this e-mail to any specific commercial products,
processes, or services by trade name, trademark, manufacturer, or
otherwise, does not constitute or imply endorsement,
recommendation, or favoring by the I3P. I3P is a research, not
operational, organization, and makes its Security in the News
e-mail available as a public service on a best-effort basis.
Security in the News will be sent out on most business days, but
not all.
The Institute for Information Infrastructure Protection
45 Lyme Road, Suite 300
Hanover, NH 03755
Tel: (603) 646 0700
E-mail: listmanager@xxxxxxxxxx
<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>
Copyright statements to be included when reproducing
annotations from Network Newsletters
The single phrase below is the copyright notice to be used when
reproducing any portion of this report, in any format:
EDUCATIONAL CYBERPLAYGROUND
http://www.edu-cyberpg.com
Network Newsletters copyright
http://www.edu-cyberpg.com/Community/NetworkNewsletters.html
FREE EDUCATION VENDOR DIRECTORY LISTING
http://www.edu-cyberpg.com/Directory/
HOT LIST REGISTRY OF K12 SCHOOLS ONLINE
http://www.edu-cyberpg.com/Schools/
<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>
|
