InfoSec in the News

2001 and earlier

Most of these news stories could have been prevented with an effective security awareness program or they promote the use of security awareness.
Also visit our News Archives for older stories

Subscribe to the following e-mail lists for even more stories:

SANS NewsBites

Security Wire Digest

27 December 2002 - ID Thief Turns Extortionist

An identity thief tried to use a California woman's on-line accounts to steal money, but she thwarted the majority of his efforts. The thief then tried to extort money from the woman, offering to disclose his methods and provide advice on protecting her information for $400. When his offer was ignored, he reportedly became belligerent, threatening harassment and making clear he knew personal details about her life. Cyberstalking laws exist in most states, and people should report such events to law enforcement officials. http://www.msnbc.com/news/851175.asp?0cv=CB10

24 December 2002 - Stolen DoD Contractor Computer Equipment Contains Personal Data
Thieves stole notebook computers and server hard drives from the office of a Defense Department health care service contractor in Phoenix, AZ. The stolen items contained personal data about beneficiaries; the contractor is providing the beneficiaries with information about protecting their personal information. The FBI is involved in the investigation, along with the Defense Criminal Investigative Service and local police. http://www.gcn.com/vol1_no1/daily-updates/20735-1.html

12 December 2002 - Prestige Worm
The Prestige worm arrives as an attachment purporting to be pictures of the Prestige oil tanker disaster off the Spanish coast. The worm is in an .exe file included in the .zip attachment. If the attachment is executed, a Spanish message asks users if they want to install an application to view the pictures; if they click their approval, an error message tells them the application could not be installed, and behind the scenes, the worm is doing its work. Prestige self replicates through Outlook address books and IRC programs, changes files in the Windows system directory and replaces and renames the regedit.exe file. http://www.net-security.org/virus_news.php?id=142

12 December 2002 - Purloined e-Mail Message Spells Trouble
The editor of Durban's (South Africa) Independent newspaper has found himself in the hot seat after a cracker broke into the newspaper's e-mail system and sent around an e-mail from the editor to the paper's managing director. In the e-mail message, the editor had listed a number of senior staff who he felt should be ousted from their positions. The editor is on leave indefinitely.
- web stories removed by source -

11 December 2002 - eBa y Warns Customers of Phony Site Scam
Some eBay customers received e-mail messages informing them there were billing problems with their accounts and pointing them to a phony site that tried to collect their credit card information. The site has since been taken off line. eBay has warned its customers about the scam.
- web stories removed by source -

5 December 2002 - Sophos Malware Statistics for 2002
Sophos has published statistics for the most frequently reported malware during 2002. Top three were Klez, followed by Bugbear and Badtrans. http://www.computerworld.com/securitytopics/security/virus/story/0,10801,76408,00.html

3 December 2002 - Texas Academic Hospitals' Security Found Wanting
The Texas State Auditor's Office has found that weak security for computer systems at the state's academic hospitals could allow medical data to be accessed and altered and further, cyber intruders could disrupt systems that underlie healthcare at the facilities. The report did not detail the vulnerabilities, but the auditor's office did inform the various affected facilities. http://www.gcn.com/vol1_no1/daily-updates/20580-1.html

29 November 2002 - Phreakers Manipulate Voice Mail Systems
Phone phreakers figured out how to break into a certain brand of voice mail systems and reconfigure them to create new mailboxes from which they could make long distance calls. Businesses across the country have been affected by the problem.
- web stories removed by source -

26 November 2002 - CIO Tech Poll Indicates Security Spending Will Increase in 2003
According to a poll conducted by CIO Magazine, CIOs plan to focus spending in 2003 on security and B2B2C initiatives. IT budgets are expected to increase 5.1% over the next year; more than half of the 301 CIOs polled said they planned to increase their security spending in the next year.

13 November 2002 - Security Awareness, Inc. Client Receives Praise From Government Report
The Bureau of Public Debt, who uses SAI awareness training materials, received praise for their security policies and awareness program in a recent report from the Treasury's Office of the Inspector General. http://www.govexec.com/dailyfed/1102/111202a1.htm

18 November 2002 - Homeland Security Gets Green Light
The Senate this week approved a massive, controversial Department of Homeland Security bill that includes tougher prison sentences for computer criminals who compromise or damage critical computing systems. It also bans spyware in banner ads used to monitor browser activities. The Senate approved the bill 90-9 after a month of debate. It now goes to President George W. Bush for his signature. - web stories removed by source -

13 November 2002 - Beware Malware Disguised As Error E-mail
An e-mail message designed to look like a "bounced back" may actually be malware that drops a Trojan horse in the computers of users who take the bait and open the attachment. The message arrives with a return address prefix MAILER-DAEMON and subject line "FAILURE NOTICE." The text encourages recipients to open an attachment called mail.hta. Those who do are greeted by a spam-like ad that also drops a Trojan program that links to a defunct Web site. Because of the social engineering, some AV vendors say the potential for infection is rising. Security vendors advise consumers and enterprises to block attachments with .hta extensions. - web stories removed by source -

13 November 2002 - e-Card Tricks Recipients into Accepting License Terms
An electronic greeting card created by a Panama-based company tricks recipients into downloading an application that sends e-cards to everyone in the Outlook address book. The company manages to make such activity legal by the simple fact that users have accepted the terms of a license agreement.

11 November 2002 - CA Law Requires Reporting of Certain Security Breaches
California has passed a law requiring State agencies and private businesses to report cyber security breaches that may have compromised confidential information. As of July 1, 2003, those who fail to comply with the law face civil or class action suits.

7 November 2002 - Michigan Man Pleads Guilty to Stealing Files from Former Employer
Gregg Wysocki of Rochester Hills, Michigan has pleaded guilty to criminal computer intrusion. Wysocki could receive a prison sentence of up to five years and be ordered to pay a $10,000 fine for stealing files from his previous employer and using the information they contained to get a job with a competitor.

5 November 2002 - Phone Phreakers Rack Up $11,000 Bill in Ohio
Hackers guessed an Ohio woman's voice mail password, and recorded a message that would sound to operators as if someone were accepting charges for a collect call so that they could use her line to make lengthy international calls. Her one-month phone bill was nearly $11,000, that she did not have to pay. People should choose voice mail passwords that are hard to guess and should change them frequently; they should also consider blocking or limiting access to international calls. http://www.ohio.com/mld/ohio/news/local/4446396.htm

5 November 2002 Cyber Sabotage Stories
Examples of insider (or former insider) cyber sabotage include a terminated temporary employee crashing servers which irretrievably deleted all the data and an employee sabotaging product performance test results. - web stories removed by source -

4 November 2002 - Fraudulent Job Posting Used for Identity Theft
Fraudulent job postings on Monster.com have been used to harvest information that could be used to steal applicants' identities. Monster.com's FAQ section advises applicants not to provide social security credit card or bank account numbers to prospective employers.

4 November 2002 - East Palo Alto Phone Phreaking
Hackers apparently broke into East Palo Alto (CA) City Hall phone system and used it to make $30,000 worth of calls to the Philippines. AT&T and East Palo Alto are at odds over who is responsible for the bill. http://www.bayarea.com/mld/mercurynews/news/local/4439758.htm

1 November 2002 - Linksys Router Vulnerable to DoS
The Linksys BEFSR41 EtherFast Cable/DSL Router with 4-Port Switch with firmware earlier than version 1.42.7 is vulnerable to an easily launched denial of service (DoS) attack that could crash the router. Firmware 1.43 addresses the vulnerability. (Webmaster note: This story has been included bacause of the popularity of this router with home users.) http://www.eweek.com/article2/0,3959,663801,00.asp

17 & 18 October 2002 - Yahoo Customers Tricked into Exposing Personal Data
Some Yahoo customers were duped by a fraudulent e-mail into supplying their credit card and Yahoo account information. Yahoo sent a mass mailing to its customers advising them not to heed the phony request. - web stories removed by source -

15, 16 & 18 - October 2002 Pop-Up Spam
A company called DirectAdvertiser offers a tool which exploits Microsoft Messenger to send "anonymous and untraceable" pop-up ads to ranges of IP addresses. The Messenger service was designed for administrator use in contacting network users. Messenger is enabled by default in most versions of Windows. http://www.wired.com/news/technology/0,1282,55795,00.html

8 & 21 October 2002 - Navy Computers Missing
According to an internal Navy report, the Pacific Fleet cannot account for 595 computers; a spokesman later said that number has been reduced to 187. Some of the missing computers contain classified information. All of the computers have removable hard drives. http://news.com.com/2100-1001-962664.html

3 October 2002 - Man Pleads Guilty to Identity Fraud
Abraham Abdallah pleaded guilty to attempting to steal the identities of wealthy Americans and steal money from their bank accounts. - web stories removed by source -

2 October 2002 - CD-ROMs for UN Inspectors Contained Viruses
UN inspectors in Vienna were given four CD-ROMs of reports from an Iraqi official; the disks also contained computer viruses. The viruses were fairly common, leading to speculation that their appearance on the disks was not intentional, but the result of inadequate antivirus software. American companies are prohibited from exporting their products to Iraq under the current US embargo. http://www.siliconvalley.com/mld/siliconvalley/4201505.htm

30 September 2002 - Virus Masquerades As Microsoft Patch
A virus is circulating on the Internet in the guise of a Microsoft security patch. The virus is in an .exe attachment, which the text of the e-mail advises users to run. http://www.nwfusion.com/news/2002/0930msvirus.html

19 September 2002 - Disgruntled Former Employee Gets Prison Sentence for Erasing Company Data
A UK computer engineer who botched a job went back into the company's computer system and wiped out their data after the company refused to pay his bill; Stephen Carey had altered the company's computer system so he could access the database from home. Police who seized the man's home computer found that the time the files were destroyed matched the time his home computer was connected to the company's. Carey received an 18-month prison sentence for unauthorized modification of computer material. - web stories removed by source -

17 September 2002 - Home Users Know the Drill but Don't Abide By It
The recently released draft of the National Strategy to Secure Cyberspace recommends that home users deploy firewalls, use regularly updated anti-virus software, create strong passwords, install all necessary patches and use common sense about e-mail and downloads. Though these pieces of advice are well-known, many home users do not adhere to them. http://www.washingtonpost.com/wp-dyn/articles/A30681-2002Sep17.html

9 September 2002 - September 11th Renews Commitment to Security in the Workplace
The September 11 terrorist attacks have changed some businesses' attitudes toward security. Companies have reevaluated their security policies and disaster preparedness plans and employees are more aware of the importance of security in their workplaces.

9 September 2002 - Venezuelan CD Pirates Sold Confidential Data
Two people have been arrested in Caracas, Venezuela for their roles in a CD piracy trade that included confidential phone company records and police files.
- web stories removed by source -

7 September 2002 - City Employee Opens Hard Drive to Kazaa Network
An Aspen, Colorado city employee who had installed Kazaa peer-to-peer file sharing software on his work computer inadvertently made his entire hard drive available to the network. The problem was discovered by Canadian Kazaa member James Pocock, who e-mailed the employee as well as the city's mayor and police chief about the information he'd been able to view. The city has changed passwords and installed a new firewall.
- web stories removed by source -

4 September 2002 - Mitnick Describes Social Engineering Tactics
Kevin Mitnick describes how companies leave themselves vulnerable to socially engineered cyber attacks: corporate culture and terrain can be discerned by examining documents found in trash cans, and help desk personnel are often easily tricked into handing over login names and passwords over the phone. Furthermore, if CEOs make a habit of ignoring security policies and procedures when they want a task accomplished quickly, this too can be exploited.

26 August 2002 - Woman Pleads Guilty to Importing Phony Software
A woman in Los Angeles has pleaded no contest to charges of importing almost $75 million worth of counterfeit software. Lisa Chen will receive a sentence of between five and nine years in federal prison and pay restitution to Microsoft and Symantec. Chen and three other people were arrested after an 18-month investigation; the others' cases are pending in federal court. This is apparently the largest seizure of counterfeit software ever in the United States.

26 August 2002 - VA Revamps Computer Disposal Policy
129 computers from the Department of Veterans Affairs (VA) that contained sensitive information such as health records and government credit card numbers were given away in Indianapolis. The VA is revising its computer disposal policy. The VA's CIO says the agency will buy an enterprise license for software that will erase data from hard drives and will develop and establish a qualification and certification program for all VA ISOs.

23 August 2002 - Liquidated Computers Harbor Sensitive Data
Two used computers bought from a liquidation firm on the Internet turned out to contain quantities of sensitive information from the businesses that originally owned them. The author suggests running a magnet over hard drives before the computers are sold and instituting legal action against those who expose others' personal information by allowing it out with discarded computers. http://www.linuxjournal.com/article.php?sid=6286

22 August 2002 - Microsoft Office and Internet Explorer Holes
Critical security holes In Microsoft's Office suite and Internet Explorer could allow attackers to run programs on vulnerable computers, possible reading files or even crashing machines. Microsoft has made a patch for the vulnerability available.
- web stories removed by source -

15 & 16 August 2002 - IRS Can't Account for Computers Lent to Volunteers
According to an audit report from the Office of the Treasury InspectorGeneral for Tax Administration, the Internal Revenue Service (IRS) cannot account for some portion of 6,600 computers it lent to volunteers to help prepare returns for low income, disabled and senior citizens. Earlier this year, the Inspector General found 2,300 computers missing from other areas of the IRS. The missing machines may contain sensitive taxpayer data.

15 August 2002 - Variety of Anti-Virus Products Proves Helpful to Scottish Bank
The Halifax/Bank of Scotland uses different anti-virus products at each layer of its IT infrastructure, a strategy it says has reduced the number of virus incidents in its systems by a factor of 10, from 3,000 to 300 a month. http://www.vnunet.com/News/1134385

8 August 2002 - Missing US Military Laptops Found
Two laptop computers were reportedly missing from a US military command center in Florida; that center is responsible for coordinating US
military efforts in Afghanistan. One reportedly contains sensitive data. The two missing laptops have been recovered after a member of the
military confessed to having them. The motive for the theft was not espionage, according to a spokesman for the Air Force's Office of Special Investigations.

7 August 2002 - Australian Students Pay to Have Grades Deleted
The Independent Commission Against Corruption (ICAC) found that eleven students at the University of Technology, Sydney (UTS) paid a student liaison officer to delete their failing marks from the University's computer system. An ICAC commissioner said a survey of New South Wales's 10 public universities indicated that all were vulnerable to computer record tampering. http://www.smh.com.au/articles/2002/08/06/1028157935947.html

6 August 2002 - Information About Japanese Defense Agency Network Leaked
Fujitsu, the company that created a network for Japan's Defense Agency, says information about the network may have been leaked to outsiders. In June, a group of men attempted to extort money from the company for the return of network diagrams and other information useful to hackers.
- web stories removed by source -

5 & 6 August 2002 - 400 Laptops Missing at Department of Justice
An investigation conducted by the Office of The Inspector General of the Department of Justice revealed that they have lost track of 400 laptop computers, some of which may contain sensitive law enforcement or national security information. The investigation also showed that close to 800 weapons were unaccounted for. It has been nearly ten years since the FBI's last complete inventory of laptops and weapons; the FBI is responsible for 371 of the missing laptops. Recommendations include using bar codes and scanning devices, implementing more stringent requirements for reporting lost laptops and revising the guidelines that govern getting property back from erstwhile employees.

5 August 2002 -Former DEA Agent Pleads Guilty in Data Selling Case
Former US Drug Enforcement Administration Agent Emilio Calatayud has pleaded guilty to selling DEA information to LA private investigation firms. In a plea agreement, Calatayud admitted to stealing the data from federal databases including the FBI's National Crime Information Center (NCIC), and the California Law Enforcement Telecommunications System (CLETS); he received more than $22,000 in exchange for the information. Calatayud faces between one and two years in custody for his crimes. http://online.securityfocus.com/news/562
[SANS Editor's Note (Ranum: A violation of the public trust in the US: 1-2 years. A $360 stolen credit card transaction in Indonesia: up to 11 years. No wonder we have so many problems like this.]

31 July 2002 - Surnova-B Worm Targets Kazaa Users
The Surnova-B worm has appeared on the Kazaa filesharing network as a file purporting to be Star Ward episode two and nude pictures of Britney Spears. The worm creates more false files for other users to download (mistakenly). Infected computers that are running MSN Instant Messenger could also send the virus to their contact list. - web stories removed by source -

31 July & 1 August 2002 - Virus Count Down; Klez Still on Top
Central Command, an antivirus company, says its numbers of tracked viruses were lower on July than in June, though the company is not sure what is responsible for the decrease. The Klez virus is still topping the charts at a number of antivirus firms. http://zdnet.com.com/2100-1105-947608.html

29 July 2002 - Hacker Says Activity was Unethical, Not Illegal
Robert Starks admits he intercepted sensitive e-mail from his former employer's systems and posted it on his web site. He maintains that he used his access privileges as system administrator to obtain the e-mail and therefore did nothing illegal. - web stories removed by source -

25 July 2002 - Employees Fired in Grade Altering Scheme at Florida School
Three students have been expelled and two employees fired from Florida Memorial College for their involvement in a grade-altering scheme. Insiders in the registrar's office allegedly used their valid passwords to access and significantly change students' grades in exchange for money. An additional 69 people face disciplinary action. The scheme was discovered during a routine grade audit held in May. http://www.miami.com/mld/miamiherald/news/local/3728808.htm

25 & 26 July 2002 - Princeton Admissions Dean Charged with Hacking Yale Admissions Site
Princeton University associate dean of admissions Stephen LeMenager has been placed on administrative leave after evidence surfaced that computers there were used to log in to a Yale University admissions website without authorization. LeMenager maintains he was merely testing the security of the site, which allows Yale applicants to find out whether or not they have been accepted; birthdates and social security numbers are used as authentication tools. The site
was apparently accessed from a variety of computers. The FBI is assessing the situation to determine if federal charges are applicable.

15 July 2002 - IT Professionals Enumerate Their Security Gripes
A survey of more than 1200 security professionals, including system administrators, consultants and auditors yielded a list of their security frustrations. Topping the list are bosses who won't provide an adequate budget and who undermine initiatives, and who ignore simple precautions by taping passwords to monitors, failing to update anti-virus software and clicking on attachments of unknown origin.
- web stories removed by source -

15 July 2002 - House Overwhelmingly Approves CSEA
By a vote of 385-3, the House of representatives approved the Cyber Security Enhancement Act (CSEA), which provides for life sentences for people convicted of malicious cyber crimes. The bill now heads to the Senate. http://news.com.com/2100-1040-944023.html

12 July 2002 - Will Home Appliances Be the Next Target For Viruses?
Virus expert Eugene Kaspersky warns that embedded computers in home appliances provide an appealing target for virus writers because they will have a common operating system and millions of potential victims. http://zdnet.com.com/2100-1103-943408.html

10 July 2002 - British ISPs Have Two Weeks to Set Up Tracking Systems
The British Home Office is requiring that Internet Service Providers (ISPs) in the United Kingdom intercept and store electronic communications such as faxes, e-mails, and Web surfing information in an effort to curb organized crime and terrorism. The new Regulation of Investigatory Powers Act (RIPA), which goes into effect on August 1, exempts ISPs with fewer than 10,000 customers. http://news.zdnet.co.uk/story/0,,t269-s2118894,00.html

10 July 2002 - Two Men Arrested in Brazil for ATM Hack
Brazilian police have arrested two men - an electrician and an IT specialist - who allegedly installed a device inside ATMs to gather card numbers and placed digital cameras outside the machines to capture the corresponding PIN numbers. http://www.vnunet.com/News/1133401

5 July 2002 - Virus Traced to Temp Worker
A temporary agency worker at the Aberdeen (Scotland) city council was fired for allegedly allowing the Metrion-B virus to infect the computer system. The virus infects executables and overwrites batch and HTML files. An estimated 200 PCs were infected, and the Council shut down its entire computer system to avoid any further infection. Police are exploring the possibility that the virus, which does not spread through e-mail, was deliberately introduced.

3 July 2002 - DEA Agent Accused of Selling Law Enforcement Data
A former US Drug Enforcement Administration (DEA) agent who skipped bail was found in Mexico and sent back to Los Angeles to face a number of charges, including violating the Computer Fraud and Abuse Act. Emilio Calatayud allegedly sold information from three law enforcement databases, including the FBI's National Crime Information Center (NCIC), the California Law Enforcement Telecommunications System (CLETS) and the DEA's Narcotics and Dangerous Drug Information System (NADDIS). The case underscores the problem of law enforcement data being too easily accessible.

1 July 2002 - Attacks on Power Companies Growing
Power companies are increasingly being targeted by hackers, according to data gathered by RipTech. FBI spokespersons expressed concern. http://www.cbsnews.com/stories/2002/07/08/tech/main514426.shtml

18 & 20 June 2002 - University Computers Compromised
The Secret Service is investigating the possibility that students at universities in Texas, Arizona, Florida and California were monitored by surreptitiously installed software designed to capture passwords and credit card numbers. Nearly 20 hard drives were removed from computers at Arizona State University.
http://news.com.com/2100-1001-938126.html - web stories removed by source -

14 June 2002 - Former Employee Allegedly Broke Into Boss's Computer Account
Wendy Sholds has been charged with two counts of unauthorized access to a computer system. The Massachusetts woman allegedly broke into her former boss's computer and forwarded confidential e-mail to other employees. Sholds also allegedly used the boss's username and password to view private information on the company web site. The charges are currently designated misdemeanors and carry a 30-day sentence. Pending legislation would increase the penalties considerably. http://www.computerworld.com/securitytopics/security/cybercrime/story/0,10801,71972,00.html

13 June 2002 - Internet Piracy Ring Members Face Charges
Twenty-one people face charges for their roles in a piracy ring that dealt in software, computer games and movies. If found guilty of conspiracy to commit copyright infringement, the people could each face a five-year prison sentence and be required to pay a fine of up to $250,000.

1 June 2002 - Disgruntled (Former) Employees Cause Problems
A man planted a logic bomb in his company's computer system when he was demoted; it detonated months after he resigned, destroying part of the program supporting the sales force's handheld computers. The company went after the employee, and he has been sentenced to two years in prison and ordered to pay restitution of $200,000. Other companies are starting to step forward and prosecute saboteurs as well.

9 May 2002 - Even Without Payloads, Hoaxes Can Cause Problems
While hoax virus warnings may not carry an actual malicious payload, they do carry the threat of bogged down servers and embarrassment of those who've forwarded the message. The columnist suggests that organizations designate one person to be in charge of (finding out) the validity of virus warnings, and all employees should forward the messages to that person rather then sending them on their merry way around the Internet, causing unnecessary worry and resource consumption. http://www.vnunet.com/News/1131629

7 May 2002 - EDS Bans IM Products For Security's Sake
EDS, the computer branch of the British government, has banned the use of Instant Messenger products as of May 8, 2002. Because the IM services bypass security checkpoints, they could allow viruses and other malware to propagate within the organization's network.

29 April 2002 - GAO Undercover Agents Gain Access to Federal Buildings
Undercover investigators from the General Accounting Office (GAO) were able to gain access to and move freely about through four federal buildings in Atlanta. They were also able to obtain building passes and after hours access codes, and made copies of the credentials on computers.

26 April 2002 - Chilean Computer Thieves Caused Traffic Chaos
Thieves stole 15 PCs and 2 servers from a roadway traffic control center in Santiago de Chile, throwing traffic signals out of synchronization and causing traffic turmoil. http://www.wired.com/news/business/0,1367,52114,00.html
[It's bad enough that people steal computers, but to steal computers that are related to public safety is pretty low.]

22 April 2002 - IM Users Tricked Into Downloading DDoS Software
Many IRC and IM users have been tricked into downloading malicious software onto their computers which could then be used to launch a distributed denial of service (DDoS) attack. The users are tricked into downloading the malware. Hackers send messages telling victims that their systems are infected (not true), and instructing the victim to go to a certain website and download the software or risk being banned from the IM system. When the user executes the downloaded software, their systems become infected. http://www.ds-osac.org/edb/cyber/news/story.cfm?KEY=7929

14 April 2002 - Hidden Programs on Free Software Could Pose Problems
Programs piggy-backing on free software can take actions ranging from sending users ads to gathering surfing habits to changing Internet settings. Some can make computers crash. They could eventually be used by hackers to take more malicious action. http://www.cnn.com/2002/TECH/ptech/04/14/tag.along.software.ap/index.html

12 April 2002 - The Not-to-Do List
A list of 21 things you can do to invite cyber attacks includes not updating virus signatures, not patching software and not educating employees about security practices. http://www.computerworld.com/cwi/community/story/0,3201,NAV65-663_STO70076,00.html

11 April 2002 - Voice Mail Not So Secure
Voice mail systems are often not very secure, as is evidenced by the recent leak of a message left by Hewlett Packard Chairwoman and CEO Carly Fiorina for CFO Robert Wayman. http://www.computerworld.com/storyba/0,4125,NAV47_STO70048,00.html

20 March 2002 - CERT Warns of Social Engineering IM/IRC Attacks
CERT/CC has released an advisory warning that people using instant messaging (IM) and Internet Relay Chat (IRC) have been tricked into downloading malicious software that could be used to glean personal data, take remote control of an infected computer or to take part in a distributed denial of service attack (DDoS). http://www.computerworld.com/storyba/0,4125,NAV47_STO69329,00.html
Advisory: http://www.cert.org/incident_notes/IN-2002-03.html

6 March 2002 - Man Arrested for Allegedly Trying to Sell Personal Data
Federal and local law enforcement agents arrested Donald Matthew McNeese for allegedly trying to sell personal data belonging to 60,000 Prudential Insurance Company employees. He is charged with downloading the data while he worked for the company.  If convicted, McNeese could face as much as 45 years in prison and a fine of $750,000 plus restitution. http://www.computerworld.com/storyba/0,4125,NAV47_STO68850,00.html

4 March 2002 - Britney Virus Pops Up
Some AV researchers are warning of a new worm that spreads via an e-mail attachment masquerading as photographs of pop princess Britney Spears. When executed, VBS/Britney-A displays the message "Enable ActiveX To See Britny (sic) Pictures" before infecting the hard drive and sending itself to all the addresses listed in Outlook. According to Sophos Anti-Virus, the worm also attempts to distribute itself via Internet Relay Chat. One AV expert says it may cause a few problems because it's a Compiled Help Module attachment, and not a .vbs, and may trick some users into executing it. Another minor concern is that even users that employ filtering at the gateway may not filter for .chm attachments. http://www.sophos.com/virusinfo/analyses/vbsbritneya.html

27 February 2002 - Malware Costs to Skyrocket
According to a new study by The Radicati Group, malware will cause more than $21 billion in economic damage this year. At its current rate,
malware will cause $54 billion in damage by 2006. Examining the antivirus, anti-spam and content filtering segments of the security market, the study
found that the market for security products continues to keep pace with the expansion of the Internet. http://www.radicati.com

12 & 14 February 2002 - Anonymous Surfing Technology has Holes
Two researchers published a paper describing flaws in SafeWeb's anonymous surfing technology that could allow web sites to gather visitors' Internet addresses and other surfing habit information by using JavaScript. http://www.wired.com/news/business/0,1367,50424,00.html

11 & 13 February 2002 - Info on Web Sites Could Pose Security Risk
Corporate websites contain floor plans and back-up facility locations, telecommunications sites include locations of routers and major network nodes, and DOE websites provide sensitive information about plutonium storage and nuclear reactor locations. Richard Clarke says there is evidence that al-Qaeda used the Internet to gather information about US facilities, and that other groups may be doing the same thing.

11 February 2002 - Global Crossings Former Employee Exposes Data
A former employee of the telecommunications company Global Crossing Holdings Ltd. Has been posting personal data belonging to other company employees on the web for the last five months. According to a company attorney, the employee allegedly stole a disk containing the information. Though Global Crossing became aware of the problem in September, it didn't inform its employees until December; former employees were not told of the breach at all. Some former employees say the company failed to in implement adequate controls over who was allowed access to which data.

1 February 2002 - Pirates Plead Guilty
Two men who pleaded guilty to charges stemming from their involvement in an Internet piracy group face up to five years in prison and $250,000 in fines. As part of their plea agreement, the two men revealed details about how group members hid the illegal software.

30 & 31 January 2002 - SEC's Phony Site Gets Over 150,000 Hits
The Securities and Exchange Commission (SEC) used on-line investment scam tactics, including preying on people's fears and offering huge returns on investment with no risk, on a phony site designed to educate consumers about investment fraud. People who actually tried to invest were greeted with a warning message. The site received more than 150,00 hits in a three-day period; the SEC says it has planted other phony sites on the Internet in an effort to fight back against investment fraud. http://news.com.com/2100-1017-826434.html http://www.wired.com/news/business/0,1367,50125,00.html

28 January 2002 - Myparty Worm
The Myparty worm arrives as an attachment that appears to be an innocuous web site link. However, those who click on the link will become infected with the worm, which sends itself out through to everyone in the machine's address book and leaves a backdoor in the infected system. It infects computers between January 25 and January 29, and won't infect machines running Russian versions of Windows, leading to speculation that Myparty is of Russian origin.

14 January 2002 - File Sharing Programs Can Expose Personal Data
Users of file-sharing programs should be careful about which files and directories they make available to the network so as not to accidentally share private information. http://www.msnbc.com/news/686184.asp?0dm=C235T

13 January 2002 - MoD Laptops Missing
Of the 1354 missing UK government computers, nearly 600 alone are from the Ministry of Defense (MoD). A spokesman said that not all computers contain classified information. The MoD also reported 27 hacking incidents during the last three years. http://news.bbc.co.uk/hi/english/uk/newsid_1757000/1757792.stm

11 January 2002 - Gigger Virus
The Gigger virus arrives as an attachment purporting to be a Microsoft security update and tries to delete files from infected computers' hard drives. The JavaScript virus spreads via Outlook address books and mIRC. Antivirus vendors are updating their software to detect the virus and protection is now largely in place." - web stories removed by source -

10 January 2002 - IRS Computers Missing
A recent Treasury Department audit revealed that the Internal Revenue Service (IRS) could not account for more than 2300 of its computers. An agency spokesman said that almost 1600 of the machines have been located. He also said that taxpayer information was not compromised despite the fact that the missing machines likely contain tax return and audit information. http://news.cnet.com/news/0-1005-200-8418759.html?tag=owv

9 January 2002 - CSTB Report Says Companies are Neglecting Security
A report from the National Academy of Science's Computer Science and Telecommunications Board (CSTB) says that US companies are not using available security measures to protect themselves from cyber attacks. The CSTB encourages companies to conduct random security testing, use strong authentication systems and train all employees in the proper use of security tools. Furthermore, the report suggests that companies producing unsecure software should be held liable. http://www.wired.com/news/technology/0,1282,49570,00.html

9 January 2002 - Guarding Against Socially Engineered Attacks
In the second of two articles about social engineering, the author discusses preventing, spotting and dealing with socially engineered attacks. Companies should implement security policies, use good physical security practices and train their staff. They should also have procedures in place for handling socially engineered attacks when they occur. http://www.securityfocus.com/infocus/1533

9 January 2002 - AIM Fix Has Back Door
AIMFilter, a fix for the AIM vulnerability, contains a back door that lets the program's author redirect users' browsers to pay-for-click sites.

8 January 2002 - National Research Council Report: US Firms at Risk
Summary: "From an operational standpoint, cybersecurity today is far worse than what known best practices can provide."
- web stories removed by source -

8 January 2002 - Macromedia Flash Virus Discovered
Macromedia Flash files, commonly used for animation and special effects on popular websites, could be at risk of attack from a new kind of virus. - web stories removed by source -

4 January 2002 - BSA Offers Illegal Software Amnesty Program
The Business Software Alliance (BSA) is offering amnesty to businesses using illegally coped software. Users who own up need only pay the necessary licensing fees; they will avoid penalties, which can run as high as $150,000. The BSA provides tools to inventory the companies' software. The program is available to certain cities, including Houston, Norfolk and Richmond VA and the San Francisco Bay area, through the end of January.

3 January 2002 - Home Computer Users are Vulnerable
Home users' computers are increasingly becoming cracker targets for a number of reasons: many home machines are powerful enough to attract the attention of crackers looking at launch denial of service attacks, many home machines maintain high-speed, always-on connections that increase their vulnerability, and home users tend to neglect security measures normally employed by businesses.
- web stories removed by source -

Return to top
© 1999-2016 Security Awareness, Inc. All Rights Reserved  :  Privacy Statement
Contact Us     Site Map