admini – Page 406 – CyberSecurity Institute

“MiMail” Viruses Top November Infections

Posted on December 1, 2003December 30, 2021 by admini

The software firm noted that many versions of current viruses, such as “MiMail.I” are being written for financial gain, actively attempting to search for or persuade victims to enter personal information such as credit card numbers.

Viruses such as MiMail also seek out and harvest email addresses, propagating the worm onto other systems. “Swen.A,” “Dumaru”, and “Klez.H” were the top three most infectious viruses for Novemberm the firm found. Incidents of the Swen.A virus appeared more than 600,000 times, the company found, followed closely by Dumaru with just under 500,000 entries.

More info: [url=http://www.extremetech.com/article2/0,3973,1400299,00.asp?kc=ETRSS02129TX1K0000532]http://www.extremetech.com/article2/0,3973,1400299,00.asp?kc=ETRSS02129TX1K0000532[/url]

Biggest security problem–it’s human

Posted on December 1, 2003December 30, 2021 by admini

Some of us stick to a single password that we use everywhere–whether it’s a pet’s name, a memorable date or the make of our monitor.
Some of have thrust upon us by (rightly) paranoid system admins very safe, very convoluted passwords that we promptly write down on a post-it note and stick to our monitors. A few very peculiar souls actually make up their own very safe, very convoluted passwords (over eight characters with non-alpha characters please) that they actually remember them, but I’m not convinced that these people actually exist.

Passwords have an uncommon ability to draw out from the most successful, sensible and intelligent individual, an idle Neanderthal with the memory of a lobotomized goldfish. They make us stupid, but we should all by now have come to expect and accept that.

There are some pretty simple lessons to be learnt here: that you should always e-mail passwords back to account holders, and never display them onscreen; that you should use a fixed list of password prompts and never, under any circumstances, let users make up their own password prompt questions.

More info: [url=http://zdnet.com.com/2100-1107_2-5112223.html]http://zdnet.com.com/2100-1107_2-5112223.html[/url]

Foreign firms must toe US security line

Posted on November 30, 2003December 30, 2021 by admini

The ‘Foreign Manufacturer Security Recommendations Customs-Trade Partnership Against Terrorism (C-TPAT)’, has been drawn up in the wake of the increased threat of terrorism. It will be implemented in a phased approach to foreign companies, with Mexican manufacturers being the first to fall under the rules. Within 90 days of signing the C-TPAT Agreement for Foreign Manufacturers, companies will have to provide an executive summary outlining the elements of the security procedures they have in place.

At a minimum, non-US companies must demonstrate they have information security controls proving the integrity of automated systems, and a process established for reporting and correcting problems. Pringle believes that C-TPAT will become an external business driver to speed up good security practice and companies that comply with BS7799, the British standard for information security management, will have a good framework in place as a starting point.

He said important security standards for systems include ‘having up-to-date anti-virus protection and firewalls that are properly configured. ‘Companies should also carry out penetration tests.’

More info: [url=http://www.vnunet.com/News/1150526]http://www.vnunet.com/News/1150526[/url]

Hackers haunting Europe now

Posted on November 30, 2003December 30, 2021 by admini

Moreover, the successful hacking and distributed denial of service attacks now originate from Brazil, Russia, China and India, the mi2g Intelligence Unit reported in new research. The combined number of attacks — 5,682 — against the European countries far exceeds the overt digital attacks recorded against the United States (3,696) and Canada (209). Brazil, with 962 attacks, Turkey (549) and China (317) are the only non-Western countries in the top 10.

The mi2g report found that 55 per cent of all digital attacks in November were launched against small entities with a turnover below $7-million (U.S.). Only 1 per cent of all successful digital attacks in November were against larger entities with a turnover in excess of $40-million.

In terms of operating systems, Linux remained the most popular among hackers, according to mi2G, reflecting how popular Linux has become as a platform for Internet-connected computers and servers. Systems running the open-source system accounted for 61.7 per cent of all attacks. Microsoft Windows followed with 23.7 per cent.

But since most government computers run Microsoft systems, Windows servers in governmental operations registered a record high of 84.1 per cent of all successful digital attacks.

The mi2g report also estimated worldwide economic damage from hacker attacks, DDoS attacks, as well as virus, worm and spam proliferation at $166.7-billion to $203.75-billion, with the greatest damage coming from malware and spam.

More info: [url=http://www.globetechnology.com/servlet/story/RTGAM.20031128.gthacknov28/BNStory/Technology/]http://www.globetechnology.com/servlet/story/RTGAM.20031128.gthacknov28/BNStory/Technology/[/url]

Security Threats Will Continue To Plague Enterprises In ’04

Posted on November 30, 2003December 30, 2021 by admini

The hard times for security professionals has many explanations, but one of the most significant trends this year has been the rise in so-called ‘blended’ threats, exploits that use multiple modes of infection — ranging from hacking and computer worms to denial-of-service attacks and Web site defacements — to create a single, advanced assault that overwhelms defenses.

Older threats such as Code Red and Nimba, and newer ones like Sobig and MS Blast, Weafer said, are perfect examples of such assaults, which have been steadily increasing for the past three years, but in 2003 really caught the attention of security professionals in their numbers and sophistication.

What makes blended threats so dangerous is that they’re much more difficult to defend against than, say, a single-vector exploit that propagates via e-mail or can be stopped by simply plugging a port at the network firewall.

In response, enterprises will have to implement a more comprehensive, in-depth defense that goes beyond the traditional firewall and anti-virus protection, and takes a more proactive approach.

Worse, an increasing number of those vulnerabilities can be exploited remotely — 80 percent at the moment — which means that hackers can more easily insert malicious code and wreck havoc on systems.

That’s one of the reasons why the window between the disclosure of a vulnerability and the release of exploit code — and then a self-replicated worm — continues to shrink.

More info: [url=http://www.techweb.com/wire/story/TWB20031126S0006]http://www.techweb.com/wire/story/TWB20031126S0006[/url]

Microsoft, user differ on details of Exchange 2003 flaw

Posted on November 26, 2003December 30, 2021 by admini

Users have the ability to interact with other people’s mailboxes and can send, receive and read messages, as well as open and manipulate Outlook folders.

Microsoft has given the administrator — who has requested anonymity for himself and his company — a patch, and the company says the vulnerability exists only in certain configurations.

The admin said that, three months ago, his team had upgraded two front-end and back-end servers to Windows Server 2003 and Exchange Server 2003. Shortly after the upgrade, users randomly began reporting that they were being logged on to other people’s mailboxes with full privileges.

Microsoft released a statement late last week about this situation, and the company said the security issue occurs only if Kerberos authentication is disabled.

More info: [url=http://searchsecurity.techtarget.com/originalContent/0,289142,sid14_gci938649,00.html]http://searchsecurity.techtarget.com/originalContent/0,289142,sid14_gci938649,00.html[/url]