November 2003 – CyberSecurity Institute

Foreign firms must toe US security line

Posted on November 30, 2003December 30, 2021 by admini

The ‘Foreign Manufacturer Security Recommendations Customs-Trade Partnership Against Terrorism (C-TPAT)’, has been drawn up in the wake of the increased threat of terrorism. It will be implemented in a phased approach to foreign companies, with Mexican manufacturers being the first to fall under the rules. Within 90 days of signing the C-TPAT Agreement for Foreign Manufacturers, companies will have to provide an executive summary outlining the elements of the security procedures they have in place.

At a minimum, non-US companies must demonstrate they have information security controls proving the integrity of automated systems, and a process established for reporting and correcting problems. Pringle believes that C-TPAT will become an external business driver to speed up good security practice and companies that comply with BS7799, the British standard for information security management, will have a good framework in place as a starting point.

He said important security standards for systems include ‘having up-to-date anti-virus protection and firewalls that are properly configured. ‘Companies should also carry out penetration tests.’

More info: [url=http://www.vnunet.com/News/1150526]http://www.vnunet.com/News/1150526[/url]

Hackers haunting Europe now

Posted on November 30, 2003December 30, 2021 by admini

Moreover, the successful hacking and distributed denial of service attacks now originate from Brazil, Russia, China and India, the mi2g Intelligence Unit reported in new research. The combined number of attacks — 5,682 — against the European countries far exceeds the overt digital attacks recorded against the United States (3,696) and Canada (209). Brazil, with 962 attacks, Turkey (549) and China (317) are the only non-Western countries in the top 10.

The mi2g report found that 55 per cent of all digital attacks in November were launched against small entities with a turnover below $7-million (U.S.). Only 1 per cent of all successful digital attacks in November were against larger entities with a turnover in excess of $40-million.

In terms of operating systems, Linux remained the most popular among hackers, according to mi2G, reflecting how popular Linux has become as a platform for Internet-connected computers and servers. Systems running the open-source system accounted for 61.7 per cent of all attacks. Microsoft Windows followed with 23.7 per cent.

But since most government computers run Microsoft systems, Windows servers in governmental operations registered a record high of 84.1 per cent of all successful digital attacks.

The mi2g report also estimated worldwide economic damage from hacker attacks, DDoS attacks, as well as virus, worm and spam proliferation at $166.7-billion to $203.75-billion, with the greatest damage coming from malware and spam.

More info: [url=http://www.globetechnology.com/servlet/story/RTGAM.20031128.gthacknov28/BNStory/Technology/]http://www.globetechnology.com/servlet/story/RTGAM.20031128.gthacknov28/BNStory/Technology/[/url]

Security Threats Will Continue To Plague Enterprises In ’04

Posted on November 30, 2003December 30, 2021 by admini

The hard times for security professionals has many explanations, but one of the most significant trends this year has been the rise in so-called ‘blended’ threats, exploits that use multiple modes of infection — ranging from hacking and computer worms to denial-of-service attacks and Web site defacements — to create a single, advanced assault that overwhelms defenses.

Older threats such as Code Red and Nimba, and newer ones like Sobig and MS Blast, Weafer said, are perfect examples of such assaults, which have been steadily increasing for the past three years, but in 2003 really caught the attention of security professionals in their numbers and sophistication.

What makes blended threats so dangerous is that they’re much more difficult to defend against than, say, a single-vector exploit that propagates via e-mail or can be stopped by simply plugging a port at the network firewall.

In response, enterprises will have to implement a more comprehensive, in-depth defense that goes beyond the traditional firewall and anti-virus protection, and takes a more proactive approach.

Worse, an increasing number of those vulnerabilities can be exploited remotely — 80 percent at the moment — which means that hackers can more easily insert malicious code and wreck havoc on systems.

That’s one of the reasons why the window between the disclosure of a vulnerability and the release of exploit code — and then a self-replicated worm — continues to shrink.

More info: [url=http://www.techweb.com/wire/story/TWB20031126S0006]http://www.techweb.com/wire/story/TWB20031126S0006[/url]

Microsoft, user differ on details of Exchange 2003 flaw

Posted on November 26, 2003December 30, 2021 by admini

Users have the ability to interact with other people’s mailboxes and can send, receive and read messages, as well as open and manipulate Outlook folders.

Microsoft has given the administrator — who has requested anonymity for himself and his company — a patch, and the company says the vulnerability exists only in certain configurations.

The admin said that, three months ago, his team had upgraded two front-end and back-end servers to Windows Server 2003 and Exchange Server 2003. Shortly after the upgrade, users randomly began reporting that they were being logged on to other people’s mailboxes with full privileges.

Microsoft released a statement late last week about this situation, and the company said the security issue occurs only if Kerberos authentication is disabled.

More info: [url=http://searchsecurity.techtarget.com/originalContent/0,289142,sid14_gci938649,00.html]http://searchsecurity.techtarget.com/originalContent/0,289142,sid14_gci938649,00.html[/url]

Virus warning over ‘Mary’ porn photos email

Posted on November 26, 2003December 30, 2021 by admini

Security firm Sophos said that a great many copies of the message have been circulating by email.

Even though Sysbug is unlikely to become a major security threat, IT managers need to be alert as any one of their staff could make the mistake of opening the attachment.

Kevin Hogan from Symantec’s Security Response team told silicon.com’s sister site ZDNet UK that the Trojan is unlikely to spread much further because it does not self-replicate.

“I don’t see it getting worse because it relies on manual spamming – unless they re-spam it,” he said.

Cluley recommends that companies work on user awareness of these risks, and also implement a combined anti-spam and antivirus product at their gateway.

Sysbug comes just months after another virus that claimed to be compromising pictures of Hollywood star Julia Roberts.

[Editor Note: Yes, we are protected]

More info: [url=http://www.silicon.com/software/security/0,39024655,39117071,00.htm]http://www.silicon.com/software/security/0,39024655,39117071,00.htm[/url]

Firms Wep up security nightmare

Posted on November 26, 2003December 30, 2021 by admini

The research found 28 per cent of firms have implemented wireless infrastructures, while 40 per cent plan to do so by 2005, using Wep as the security standard rather than technologies such as virtual private networks.

“Security is still a concern, but the biggest danger isn’t enterprise deployment but deployment by an end-user,” he said.

Mike Smart, European product manager at SonicWall, said: “Relying on Wep or banning wireless usage is not enough to guarantee network integrity.”

More info: [url=http://www.vnunet.com/News/1150021]http://www.vnunet.com/News/1150021[/url]