Month: November 2003

Conqueror Worm?

Posted on by admini

Last week’s elevated warning levels surrounding MiMail.C, a new, fast-spreading worm, gave IT departments time to brace themselves for a new round of attacks–but only barely.

The arrival of this new family of worms is not without attendant irony: MiMail.C arrived just as SoBig finally lost its spot at the top of the “Most Popular Virus” heap.

MiMail may or may not achieve a similar “status,” but the time between first deployment and release of refined versions spanned just a couple of months.

But those vendors–and all IT security professionals, for that matter–face an ongoing challenge of shortening the time between detection, alert announcement, and effective prevention and/or removal tools.

More info: [url=http://www.securitypipeline.com/showArticle.jhtml;jsessionid=Z2SCZM2ERD0ASQSNDBGCKHY?articleId=16000158]http://www.securitypipeline.com/showArticle.jhtml;jsessionid=Z2SCZM2ERD0ASQSNDBGCKHY?articleId=16000158[/url]

Read more

Users look to redefine security approach

Posted on by admini

In a presentation to the RSA Security Conference in Amsterdam, members of the Royal Mail, ICI and BT Global Services outlined their position on what defines a secure network and how they want to see it achieved.

“This isn’t pushing for a new BS7799 standard or anything,” said Paul Simmonds, global information security director at chemical manufacturer ICI.

The eventual goal is to shift the security market away from trying to keep networks pure from outside influences with a hardened perimeter, and concentrate on securing data access and enabling more business-to-business secure traffic.

He described Microsoft’s Rights Management Services (RMS) as interesting, but said that an ideal solution would see documents passed over a variety of operating systems and computing environments without sacrificing any degree of confidentiality.

Cisco has already been contacted and other large IT vendors are on the target list.

More info: [url=http://www.vnunet.com/News/1147499]http://www.vnunet.com/News/1147499[/url]

Read more

Brazil police bust gang of Internet hackers

Posted on by admini

The operation, dubbed “Trojan Horse” and involving 205 officers, targetted a gang that stole more than $10 million last year by breaking into banks and clients computers, federal police said in a statement.

Police said the gang had created Internet sites and programs capable of uncovering the passwords of clients who transferred money on the Web.

Once the gang obtained the passwords, funds were stolen electronically from accounts and transferred to other bank accounts held in the names of third persons.

More info: [url=http://economictimes.indiatimes.com/cms.dll/html/uncomp/articleshow?msid=269501]http://economictimes.indiatimes.com/cms.dll/html/uncomp/articleshow?msid=269501[/url]

Read more

Hackers in attack on Scottish credit card firm

Posted on by admini

WorldPay, which is part of Edinburgh-based Royal Bank of Scotland Group, said it had been bombarded with millions of bogus e-mails in the past couple of days, which had left the firm struggling to deal with genuine payments.

The bulk of its clients are located in the UK and mainland Europe, and payment requests from websites are normally sent in via e-mail.

The firm said a massive number of messages from elsewhere had come in to the same address over a 24-hour period.

As a result, transaction requests have either crashed or been slowed down.

However, it appears those behind the e-mails – which originate in the Ukraine – have set out to disrupt business rather than attempt to commit fraud.

At the start of this year, Visa and Mastercard admitted a hacker had gained access to more than five million credit card accounts.

More recently, net provider PSINet and security firm PanSec International said an unprotected website they set up as part of a study was attacked about 2000 times a week over a two-month period.

More info: [url=http://www.edinburghnews.com/business.cfm?id=1224512003]http://www.edinburghnews.com/business.cfm?id=1224512003[/url]

Read more

Wireless Intrusion Detection Systems

Posted on by admini

Security issues ranging from misconfigured wireless access points (WAPs) to session hijacking to Denial of Service (DoS) can plague a WLAN.

Wireless networks are not only susceptible to TCP/IP-based attacks native to wired networks, they are also subject to a wide array of 802.11-specific threats.

The standard 802.11 encryption method, Wired Equivalent Privacy (WEP) is weak.

Rogue WAPs can also be introduced by users.

The point is that the threats are real, they can cause extensive damage, and they are becoming more prevalent as the 802.11 technology grows in popularity.

Without some sort of detection mechanism, it can be difficult to identify the threats to a WLAN.

Traditional wired based Intrusion detection systems (IDSs) attempt to identify computer system and network intrusions and misuse by gathering and analyzing data.

More recently, IDSs have been developed for use on wireless networks. These wireless IDSs can monitor and analyze user and system activities, recognize patterns of known attacks, identify abnormal network activity, and detect policy violations for WLANs.

Wireless IDSs gather all local wireless transmissions and generate alerts based either on predefined signatures or on anomalies in the traffic. A Wireless IDS is similar to a standard, wired IDS, but has additional deployment requirements as well as some unique features specific to WLAN intrusion and misuse detection.

A centralized wireless IDS is usually a combination of individual sensors which collect and forward all 802.11 data to a central management system, where the wireless IDS data is stored and processed.

[url=http://www.securityfocus.com/infocus/1742]http://www.securityfocus.com/infocus/1742[/url]

Read more