Free Republic

I am starting a ping list for people interested in Information Security, Information Warfare, and Information Privacy issues. What this list isn't: Don't expect this to be a replacement for Bugtraq, etc... I'm not going to post the dozens of vulnerabilities that are discovered each week. Don't expect subscribing to be an alternative to keeping your PC's patches up to date. What this list is: News articles about information security issues, ranging from information warfare to serious virus/worm warnings, identity theft, privacy laws, lawsuits, spam, hoaxes, etc. Some of the articles may be technical, some will be more policy oriented....

Computer security specialist Symantec Thursday moved swiftly to patch for four very serious vulnerabilities in its popular Norton firewall product suite. An alert from Cupertino, Calif.-based Symantec described the flaws as "high risk" and warned that a successful exploit could wipe out a user's computer. Attackers could also execute remote code with kernel-level privileges on the targeted system. The vulnerabilities, first discovered by researchers at eEye Digital Security, affect both enterprise and consumer Norton users. Affected products include the Symantec Client Firewall 5.01 and 5.1.1; the Symantec Client Security 1.0, 1.1, 2.0 (SCF 7.1); the Norton Internet Security and Professional...

04 May 2004 Apple releases range of patches for known and unknown vulnerabilities. By Kieren McCarthy, Techworld Apple has released a range of patches for security holes - both old and new - for its Mac OS X operating system, which it advises users to download immediately. The company is downplaying the issue but one security company at least is concerned that the vulnerabilities could be extremely serious. Secunia has given the five - yes, five - patches a "highly critical" rating and warned that they may allow hijacking, security bypass, data manipulation, privilege escalation, denial of service and system...

WASHINGTON - Researchers uncovered a serious flaw in the underlying technology for nearly all Internet traffic, a discovery that led to an urgent and secretive international effort to prevent global disruptions of Web surfing, e-mails and instant messages. The British government announced the vulnerability in core Internet technology on Tuesday. Left unaddressed, experts said, it could allow hackers to knock computers offline and broadly disrupt vital traffic-directing devices, called routers, that coordinate the flow of data among distant groups of computers. "Exploitation of this vulnerability could have affected the glue that holds the Internet together," said Roger Cumming, director for...

TOKYO (AFP) - Electronics giant Sony and another Japanese company have developed a "paper disc" that can record more than two hours of high-definition images and be destroyed with scissors for foolproof data security, officials said. The 25-gigabite Blu-ray optical disc is 51 percent paper and was developed jointly with Toppan Printing Co. Ltd. of Japan. "Since a paper disc can be cut by scissors easily, it is simple to preserve data security when disposing of the disc," Toppan managing director Hideaki Kawai said in a joint statement with Sony. Masanobu Yamamoto, senior managing director at optical disc development division...

I hadn’t heard anything via the news today, but the DIS (Department of Information Services) the department responsible for upkeep of the state’s computer systems (Government, Schools, etc.) instructed all schools statewide that all computers, including workstations, servers, etc. MUST be shut down at the end of the school day today (Friday 4/16/2004). This is to apply to ALL computers tied in with the state network. The reason? An unmanageable number of viruses and an attack by hackers (probably allowed in via the email worms infecting the system). The network is suppose to be completely down through 8:00 AM Monday...

By Gene J. Koprowski TechNewsWorld March 25, 2004 "We monitor these trends for our customers, and we've been telling them that this is something they need to worry about," Bruce Hughes, director of malicious code research at TruSecure's ICSA Labs, a Herndon, Virginia-based computer security consultancy, told TechNewsWorld. "The number of complaints is increasing." Keystroke loggers and spyware developers may soon be silenced, as Congress is debating a bill that would outlaw the intrusive software and declare it akin to trespassing on private property. "It's my computer. It's my private property," said Sen. Conrad Burns (R-Montana), during a public hearing...

<p>Thanks to Apple Computer's rising star in the world of digital music, Mac OS X has become a target for malware authors.</p> <p>A Trojan horse, called MP3Concept or MP3Virus.gen, has been discovered that masquerades as an MP3 file. It hides in ID tags of the file and becomes activated when unwary users click on it, expecting to play a digital song.</p>

Vulnerability Note VU#323070 Microsoft Internet Explorer does not properly validate source of CHM components referenced by ITS protocol handlers Overview Microsoft Internet Explorer (IE) does not adequately validate the source of script contained in compiled help (CHM) file components that are referenced by the Microsoft InfoTech Storage (ITS) protocol handlers. An attacker could exploit this vulnerability to execute script in different security domains. By causing script to be run in the Local Machine Zone, the attacker could execute arbitrary code with the privileges of the user running IE. I. Description The Cross Domain Security Model IE uses a cross-domain security...

<p>Intego today said it released an updated virus definitions for Intego VirusBarrier to protect Mac users against the first Trojan horse that affects Mac OS X. This Trojan horse, MP3Concept (MP3Virus.Gen), exploits a weakness in Mac OS X where applications can appear to be other types of files: "The Trojan horse's code is encapsulated in the ID3 tag of an MP3 (digital music) file. This code is in reality a hidden application that can run on any Macintosh computer running Mac OS X. Intego says the malicious application can delete files, propogate itself by sending a message to other users, and also infect other MP3, JPEG, GIF or QuickTime files.</p>

To many Mac users, the recent news report of an Apple OS X security vulnerability seemed like an anomaly. While Windows users are greeted almost weekly with a new virus or worm, OS X users tend to view their systems as impervious to such concerns. The steady stream of Windows bugs is a phenomenon far removed from their computing experience -- or so it seems. But the late February security report cast Apple in a new light. Chris Adams, a systems administrator in San Diego, discovered a flaw in the Apple Filing Protocol (AFP), a tool in OS X 10.3,...

Microsoft is delaying the rollout of the beta of its Longhorn operating system until early next year in order to focus on improving security in... Windows XP... The beta of Longhorn - the successor to Windows XP - was supposed to be distributed before the end of this year, but has now been moved back... The move is likely to delay the commercial rollout of Longhorn, which Microsoft said would only be released once beta trial customer feedback had been incorporated into the product... In 2001, Microsoft spoke about releasing Longhorn in late 2004, but then said it was likely...

<p>Ankit Fadia, an 18-year-old freelance security tester, has successfully broken into more than a dozen computer networks in India. But the Stanford freshman really doesn't think that's much of an accomplishment.</p> <p>"As far as computer security is concerned, India is really bad,'' said Fadia, who published three books about computer security before leaving his native India. "Security is not a high priority for Indian companies."</p>

Flaws in the filtering technology used by Web-based email services make it possible for hackers to smuggle viruses past defences. Israeli security outfit GreyMagic Software warned today that this "severe security" vulnerability could allow attackers to run code of their choice, "simply by sending an email to an unsuspecting Hotmail or Yahoo! user". When the victim attempts to read this email, the code executes to potentially dire consequence (e.g. theft of the user's login and password, seizure of machines etc.). The problem stems from a Cross-Site Scripting vulnerability involving IE. To blame is a new way to embed script involving...

March 23, 2004 Hotmail, Yahoo Users at Risk of PC Takeover By Ryan Naraine A potentially serious security flaw found in Web-based e-mail services offered by Microsoft (Quote, Chart) and Yahoo (Quote, Chart) could put millions of PCs at risk of takeover, an Internet security research firm warned Tuesday. Israel-based security consultants GreyMagic issued the advisory with a chilling warning that attackers could inject malicious code by simply sending an e-mail to an unsuspecting Hotmail or Yahoo user. The vulnerability only affects Hotmail and Yahoo running on Microsoft's Internet Explorer (IE) browser. "When the victim attempts to read this email,...

Computer hackers have started using peer-to-peer networks to remotely take over hoards of "zombie" computers, adding yet more malicious capability to the hackers' tool-kit. Network administrators at universities from Europe to the US recently detected the tool, a worm called Phatbot, on their machines. Phatbot is currently under analysis by the US Department of Homeland Security, in conjunction with a group of security analysts. They say that Phatbot represents a new way for hackers to send spam and launch denial of service attacks that bring down websites by flooding them with traffic. However, although the worm has infected millions of...

Malicious attackers have embraced a new tool that uses the peer-to-peer concept employed by file-sharing software to create bigger networks under their command, using which they can flood people with either malware or spams. The new tool is a trojan which is being called Phatbot by security researchers. It links each computer it infects into a network and the attacker can then issue commands to the bot through any of the commandeered machines. This effectively means that unless all the infected machines are shut down, the attacker can continue to issue instructions through those which have not been taken down....

If you've been feeling under siege lately from computer viruses and worms, you're not paranoid. Yes, the authors of this malicious code really are out to get you, and with increasing frequency. Apparently, they're out to get each other, too. The makers of antivirus software have discovered taunting messages buried in the code of several worms currently plaguing the online world. It appears the authors of the Bagle, MyDoom and Netsky variants are trying to one-up each other in a virus-writing war. For example, found inside Netsky.F, a version released this week, are the words "Bagle — you are a...

O-088: Sun passwd(1) Command Vulnerability [Sun Alert ID: 57454] March 2, 2004 22:00 GMT PROBLEM: The passwd command computes the hash of a password typed at run-time or the hash of each password in a list. A vulnerability exists in this command. PLATFORM: Solaris 8, 9 (SPARC and x86 Platforms) DAMAGE: A local unprivileged user may be able to gain unauthorized root privileges due to a security issue involving the passwd(1) command. SOLUTION: Install the security patch. VULNERABILITY ASSESSMENT: The risk is MEDIUM. A local unprivileged user may be able to gain unauthorized root privileges. LINKS: CIAC BULLETIN: http://www.ciac.org/ciac/bulletins/o-088.shtml ORIGINAL...

SecurityTracker Alert ID:  1009283 CVE Reference:  GENERIC-MAP-NOMATCH   (Links to External Site) Date:  Mar 2 2004 Impact:  Execution of arbitrary code via network, User access via network Advisory:  eEye Digital Security Description:  An unspecified vulnerability was reported in Apple's QuickTime media player. A remote user can cause arbitrary code to be executed on a target user's system. eEye Digital Security issued a preliminary notice of an upcoming advisory. Apple's QuickTime media player reportedly contains a vulnerability that allows a remote user to cause arbitrary code to be executed "with little user interaction." All affected QuickTime platforms are affected, the report said. No further information was provided...