Return-Path: <sentto-279987-1242-990108845-fc=all.net@returns.onelist.com> Delivered-To: fc@all.net Received: from 204.181.12.215 by localhost with POP3 (fetchmail-5.1.0) for fc@localhost (single-drop); Thu, 17 May 2001 07:15:07 -0700 (PDT) Received: (qmail 14236 invoked by uid 510); 17 May 2001 13:15:49 -0000 Received: from c3.egroups.com (208.50.99.225) by 204.181.12.215 with SMTP; 17 May 2001 13:15:49 -0000 X-eGroups-Return: sentto-279987-1242-990108845-fc=all.net@returns.onelist.com Received: from [10.1.4.55] by c3.egroups.com with NNFMP; 17 May 2001 14:14:06 -0000 X-Sender: fc@all.net X-Apparently-To: iwar@onelist.com Received: (EGP: mail-7_1_3); 17 May 2001 14:14:04 -0000 Received: (qmail 46357 invoked from network); 17 May 2001 14:14:03 -0000 Received: from unknown (10.1.10.142) by l9.egroups.com with QMQP; 17 May 2001 14:14:03 -0000 Received: from unknown (HELO all.net) (65.0.156.78) by mta3 with SMTP; 17 May 2001 14:14:02 -0000 Received: (from fc@localhost) by all.net (8.9.3/8.7.3) id HAA18687 for iwar@onelist.com; Thu, 17 May 2001 07:14:02 -0700 Message-Id: <200105171414.HAA18687@all.net> To: iwar@onelist.com (Information Warfare Mailing List) Organization: I'm not allowed to say X-Mailer: don't even ask X-Mailer: ELM [version 2.5 PL1] From: Fred Cohen <fc@all.net> Mailing-List: list iwar@yahoogroups.com; contact iwar-owner@yahoogroups.com Delivered-To: mailing list iwar@yahoogroups.com Precedence: bulk List-Unsubscribe: <mailto:iwar-unsubscribe@yahoogroups.com> Date: Thu, 17 May 2001 07:14:02 -0700 (PDT) Reply-To: iwar@yahoogroups.com Subject: [iwar] news Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Trail of hackers who targeted U.S. Navy leads to German university Hackers who stole a top-secret U.S. Navy program that manages spy satellites commandeered a university computer in provincial Germany for the break-in, police and academics confirmed Wednesday. SWR4 radio in Germany reported earlier that the program was stolen in December from a navy site in Washington D.C. using two computers at the University of Kaiserslautern, 100 kilometres southwest of Frankfurt. Whoever took over the computers has not been identified. The radio report said that just the economic value of the program was huge: an annual licence to use it would cost 60 million dollars. But the software was also strategically valuable as it would allow someone to control the espionage satellites. http://www.AntiOnline.com/2001/05/16/eca/0186-0609-Germany-Crime..html Washington state Web site hacked The Washington state Legislature's Web site was defaced with Chinese characters, possibly the latest attack in an Internet skirmish over a spy plane incident. The attack was discovered Saturday and repaired quickly, said Cathy Munson, director of the Legislative Service Center. "We're at this point assuming it's Chinese hackers, but since we don't know Chinese characters we don't know exactly who it is," Munson said, adding no information was lost and there was no permanent damage. http://www.uniontrib.com/news/computing/20010516-0147-webattack.html 2600 hackers hijacked Hacker group 2600 has been subjected to a domain name hijacking. Due to a database error at domain registrar Network Solutions (NSI), a company called NB Productions was recently able to register 2600.com illegally. According to 2600, the problem dates back to June 2000 when the domain's registration was transferred from NSI's registrar database, apparently by using a false email address. According to a statement from the hacking news site: "This resulted in our site both existing and not existing at the same time, as it was entered into the registry database but not into NSI's internal cosmetic database." http://www.silicon.com/public/door?REQUNIQ=989998222&6004REQEVENT=&REQINT1=44418 Copy-protected CD hacked--or is it? Free copies of songs from country music singer Charley Pride's latest album appeared on the Internet this week, just shortly before a version of the CD incorporating new anti-copying technology was released in US stores on Tuesday. The CD, released by Nashville-based, Music City Records, features Pride's new album, "A Tribute to Jim Reeves." Eight of the 15 songs on the CD were posted, on Monday, on a private Web page hosted by Yahoo. The appearance of MP3s from the album muddies the debate over the effectiveness of CD encryption schemes in one of the first such commercial releases. Phoenix-based SunnComm, which provided the copy-protection technology for the CD, said the leaked songs did not come from a cracked CD but were likely copied from an unprotected set of 2,000 CDs released in Australia. http://www.zdnet.co.uk/news/2001/19/ns-22845.html Cheese worm: A Linux fixer-upper? System administrators worldwide reported signs Wednesday that another self-spreading program --or worm--had started to infect Linux systems. This worm appears to be different, however: Dubbed the Cheese worm, the program is basically a self-spreading patch. It enters servers that have already have been compromised by a previous bit of malicious code--the 3-month-old 1i0n worm --and closes the back door behind it, adding security to the system. http://news.cnet.com/news/0-1003-200-5949401.html An Outlook worm to jam NSA's Echelon UK-based anti-virus outfit Sophos is reporting a new variant of the LoveBug Outlook worm which contains a large amount of hidden text, apparently designed to attract the US National Security Agency's Echelon spy satellite network and overload it. Comments within the executable file include large swaths of text such as: "NSA national security agency code PGP GPG satellite cia yemen toxin botulinum mi5 mi6 mit kgb .mil mil base64 us defence intelligence agency admiral diplomat alert! BATF," and so on. As for social engineering, this worm looks like a total non-starter. The subject line reads, !!!; the body reads, :-) MuCuX...; and then there's an attached file: echelon.vbs. We don't expect it to get very far. http://www.theregister.co.uk/content/6/19004.html Eurocops want seven-year retention of all phone, Net traffic The official EU body that represents the member governments will recommend the long- term retention of personal data at a meeting with the European Commission later this month, according to documents leaked to London-based civil liberties journal Statewatch. The Council of the European Union, which represents the 15 member governments, will discuss implementing a policy originally designed with the FBI six years ago. It calls for the retention of "every phone call, every mobile phone call, every fax, every e-mail, every website's contents, all internet usage, from anywhere, by everyone, to be recorded, archived and be accessible for at least seven years," notes the journal. The proposal gives law enforcement agencies powers far beyond authorised, approved interceptions. Existing provisions permit data to be retained for the length of the billing period, up to 90 days. http://www.theregister.co.uk/content/5/19003.html Potential Cyberattacks Worry U.S. Sen. Ron Wyden didn't think Cuba posed a military threat to the United States and believed that Rear Adm. Thomas Wilson would reinforce that view when he raised the subject with Wilson at a Senate hearing. Wilson's answer surprised Wyden, D-Ore. Wilson, director of the Defense Intelligence Agency, said Cuba has the potential to use ``information warfare or computer network attack,'' enabling the country ``to disrupt our access or flow of forces to the region.'' Moments later, the public portion of the Senate Intelligence Committee hearing ended and the participants continued their discussion in secret. The little-noticed exchange took place in February. Wyden acknowledged later to a reporter that he had thought Cuba was too weak to be a threat to the United States. After hearing Wilson's testimony, Wyden said he believes the issue ``warrants further review.'' http://dailynews.yahoo.com/h/ap/20010516/tc/cuba_cyberterrorism_1.html White House plans to overhaul computer security plan The Bush administration's approach to computer security will focus on realigning federal agencies' responsibilities for their own computer networks before revising the national plan that details how the government and the private sector should work together to combat threats from hackers and cyberterrorists, administration officials said Tuesday. The realignment of government responsibility may involve changes to the current patchwork of agencies that each oversees a piece of the problem, said Kenneth Juster, who was sworn in Monday as the new head of the Bureau of Export Administration. Amplifying a White House statement on cybersecurity last week, Juster said the agency review would be completed over the next several weeks. http://www.govexec.com/dailyfed/0501/051601td.htm NIST launching security review The National Institute of Standards and Technology next month will begin reviewing agency security programs and practices as part of an initiative started by the Clinton administration. The NIST Computer Security Expert Assist Team (CSEAT) is a group established to help agencies comply with Presidential Decision Directive 63, the May 1998 order requiring agencies to protect the systems that support the nation's critical infrastructure. Such systems include essential services like the power grid and the National Airspace System. http://www.fcw.com/fcw/articles/2001/0514/web-team-05-16-01.asp ------------------ http://all.net/ Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/
This archive was generated by hypermail 2.1.2 : 2001-06-30 21:44:13 PDT