Spyware Warrior

[wawadave]

EMAIL PRIVACY IS LOST
As if the common use of "web bugs" inside spam was not enough,
companies are using new techniques to watch and track the private
emails you read, forward, print, and more.
http://www.net-security.org/news.php?id=5723

SECURITY FEARS HOLDING BACK ONLINE TRAVEL MARKET
Cyberspace is a nice place to visit but I wouldn't want to buy there.
http://www.net-security.org/news.php?id=5706

LOCKING DOWN ENDPOINTS TO PREVENT VIRUS RESURGENCE
Verifying PC security compliance before granting network access.
http://www.net-security.org/news.php?id=5700


NETWORK TROUBLESHOOTING TOOLS
Here's information on sniff and ngrep.
http://www.net-security.org/news.php?id=5702


WINDOWS SERVER 2003 SECURITY GUIDE
The Windows Server 2003 Security Guide focuses on providing a set of
easy to understand guidance, tools, and templates to help secure
Windows Server 2003 in many environments.
http://www.net-security.org/news.php?id=5703


A PROMISE FALLS IN THE FOREST
A federal court recently ruled that website privacy policies aren't
binding, because nobody reads them. The implications are far reaching
for contract law and the Internet.
http://www.net-security.org/news.php?id=5704

MICROSOFT DELIVERS OFFICE SERVICE PACK
SP1 spruces up OneNote, InfoPath.
http://www.net-security.org/news.php?id=5697


ARE P2P NETWORKS LEAKING MILITARY SECRETS?
A new Web log is posting what it purports are pictures, documents and
letters from U.S. soldiers and military bases in Iraq and
elsewhere--all of which the site's operator claims to have downloaded
from peer-to-peer networks such as Gnutella.
http://www.net-security.org/news.php?id=5698


LINUX GETS HOST APPLICATION SECURITY
New modules in the Linux 2.6 kernel make for easier host-based
application security.
http://www.net-security.org/news.php?id=5699

GOVERNMENT TAKES NEW TACK TO SECURE ONLINE TRANSACTIONS
Establishing proof of identity to conduct business online today is a
much different security challenge than it was in the mid-1990s.
http://www.net-security.org/news.php?id=5695

WIRELESS ATTACKS AND PENETRATION TESTING (PART 3 OF 3)
This third and final part of the wireless pen-test series looks at
how to mitigate the security risks outlined in the previous articles,
and then looks at some proposed solutions currently in front of the
IETF.
http://www.net-security.org/news.php?id=5692

LINUX CERTIFICATIONS CAN PAY OFF BIG
The Linux business is growing fast, and the right Linux certification
can help you grow with it.
http://www.net-security.org/news.php?id=5690


ASTARO FIREWALL EARNS ICSA LABS CERTIFICATION
Astaro Security Linux Version 5 has fulfilled the criteria and passed
the 4.0 test for ICSA Labs' Firewall Product Certification.
http://www.net-security.org/news.php?id=5691

ECURITY IS NOW TOP IT CONCERN
Security has overtaken cost cutting as the top concern of IT managers
with more than 75 percent of those polled in a new IDC study rating
security as a very or extremely significant challenge.
http://www.net-security.org/news.php?id=5686

EYE SPY WITH MY LITTLE NETWORK
Closed circuit surveillance systems are going digital, which will not
only reduce costs but lead to a dramatic increase in the scope of
coverage.
http://www.net-security.org/news.php?id=5682

LOCK DOWN REMOTE ACCESS TO THE WINDOWS REGISTRY
Take the steps outlined in this article to secure the Windows
registry from being remotely compromised by attackers.
http://www.net-security.org/news.php?id=5679


E-COMMERCE ATTACK IS IMMINENT, WARN SECURITY EXPERTS
A surge in internet scanning activity in the past week could indicate
a fresh wave of attacks on e-commerce servers, UK-based web services
company Netcraft warned.
http://www.net-security.org/news.php?id=5680


STEALING THE NETWORK: A PREQUEL
Ryan Russell has written this "prequel" depicting a '70s-era hack,
set at a tech company back East.
http://www.net-security.org/news.php?id=5681

FEDS HALT CLASSIFIED WORK AT LABS
The Energy Department responded to a security breach at the Los
Alamos weapons lab by halting classified work at two dozen other
facilities that use computer disks containing classified
nuclear-weapons research material.
http://www.net-security.org/news.php?id=5673


WINDOWS XP SP2: INSTALL WITH CARE
SP2 will wreak havoc on many security and firewall software
utilities.
http://www.net-security.org/news.php?id=5674


THE ALLURE OF KEYLESS ENTRY
Establishing proof of identity to conduct business online today is a
much different security challenge than it was in the mid-1990s.
http://www.net-security.org/news.php?id=5677


ARUBA SUBMITS IETF DRAFT
The IETF submission documents how wireless traffic can be exposed
regardless of the type of authentication and encryption used to
transmit data if the network behind the access point can be
compromised.
http://www.net-security.org/news.php?id=5678

US CRITICISED OVER CYBER-SECURITY
Efforts by the US authorities to counter cyber-crime and terrorism
have been criticised in an official report.
http://www.net-security.org/news.php?id=5672
_________________
RFID tags! SPYWARE
Tired of proprietary Cor-pirationware?
http://www.openoffice.org/
Installing Vista http://tinyurl.com/2l9qyd

[wawadave]

WINDOWS XP SP2: INSTALL WITH CARE
SP2 will wreak havoc on many security and firewall software
utilities.
http://www.net-security.org/news.php?id=5674
_________________
RFID tags! SPYWARE
Tired of proprietary Cor-pirationware?
http://www.openoffice.org/
Installing Vista http://tinyurl.com/2l9qyd

[wawadave]

Security Alert, August 2, 2004

New Microsoft Patch for IE Fixes 3 Critical Problems
Microsoft released a new patch, MS04-25 "Cumulative Security Update
for Internet Explorer (867801)," for Internet Explorer (IE) 6.01, IE
5.5, and IE 5.01 that fixes three critical problems in the browser.
The patch will help prevent such nuisances as the Download.Ject
exploit launched against IE users last month. The patch also corrects
two buffer-overflow problems. One problem involves GIF files that can
cause a buffer overflow in mshtml.dll. The other problem involves
bitmap images, where malformed bitmap images can cause a buffer
overflow.
http://www.winnetmag.com/article/articleID/43402/43402.html
_________________
RFID tags! SPYWARE
Tired of proprietary Cor-pirationware?
http://www.openoffice.org/
Installing Vista http://tinyurl.com/2l9qyd

[wawadave]

by Paul Thurrott, thurrott@winnetmag.com

Microsoft Finally Releases Comprehensive IE Security Fix, Updated
Worm Removal Tool
As first reported in WinInfo Daily UPDATE, on Friday Microsoft
delivered an out-of-cycle critical security update for Microsoft
Internet Explorer (IE). The update addresses three publicly disclosed
IE vulnerabilities. In a bulletin that describes the update, Microsoft
noted that it fixes the vulnerability that caused the Download.Ject
virus and other problems.
"This bulletin addresses issues that could allow a malicious
attacker to execute code on or take control of an affected computer
user's system," a note I received from Microsoft said. "This could
allow the attacker to install programs, view, change, or delete data,
or create new accounts that have full privileges. Microsoft is
committed to helping customers keep their information safe, and
encourages all users to review, download and install this security
update."
The comprehensive IE security fix is available now through
Automatic Updates, Microsoft Windows Update, and the Microsoft
Security Web site (see the first URL below). Microsoft said that this
fix will also be included in the version of IE that ships with the
final version of Windows XP Service Pack 2 (SP2), which is due later
this month. In addition, the company says that XP SP2 will include new
"underlying architectural changes" that will mitigate these types of
attacks.
The fix, which comes more than a month after attackers launched the
Donwload.Ject attack, falls outside the company's planned monthly
security-patch schedule because of the severity of the
vulnerabilities. Last month, Microsoft released an interim fix of
sorts (which the company called a configuration change) to help users
combat Download.Ject. However, security researchers quickly denounced
the configuration change as ineffective.
In related news, Microsoft also released an updated version of its
Mydoom, Zindos, and Doomjuice Worm Removal Tool, which detects and
removes various versions of the MyDoom worm (including variants A, B,
E, F, G, J, L, and O), Zindos.A, Doomjuice.A, and Doomjuice.B. You can
download the tool from Microsoft's Web site (see the second URL
below).
http://www.microsoft.com/security
http://www.microsoft.com/security/incident/mydoom.mspx
_________________
RFID tags! SPYWARE
Tired of proprietary Cor-pirationware?
http://www.openoffice.org/
Installing Vista http://tinyurl.com/2l9qyd

[wawadave]

NIST SAYS DES ENCRYPTION 'INADEQUATE'
========================================================================
Posted July 29, 2004 2:13 PM Pacific Time

The National Institute of Standards and Technology (NIST) is proposing
that the Data Encryption Standard (DES), a popular encryption algorithm,
lose its certification for use in software products sold to the
government.

For the full story:
http://newsletter.infoworld.com/t?ctl=7DE16C:1F6421C
_________________
RFID tags! SPYWARE
Tired of proprietary Cor-pirationware?
http://www.openoffice.org/
Installing Vista http://tinyurl.com/2l9qyd

[wawadave]

Three-in-One Virus Zapper Released
Microsoft's latest virus removal tool helps disinfect systems impacted by the
recent
Mydoom, Zindos and Doomjuice worm attacks.
http://nl.internet.com/ct.html?rtr=on&s=1,11i3,1,vw6,mjp,9s3s,a9gz
_________________
RFID tags! SPYWARE
Tired of proprietary Cor-pirationware?
http://www.openoffice.org/
Installing Vista http://tinyurl.com/2l9qyd

[wawadave]

70% Of 2004 Virus Activity Down To One Man |
| from the his-parents-must-be-awfully-proud dept. |
| posted by timothy on Monday August 02, @07:20 (Security) |
| http://slashdot.org/article.pl?sid=04/08/02/064259 |
+--------------------------------------------------------------------+

arpy writes "According to a [0]report produced by anti-virus software
provider [1]Sophos, 70% of anti-virus activity in the first half of this
year can be blamed on Sven Jaschan, an 18-year-old German who wrote the
Netsky and Sasser worms. According to the report, "Sasser claimed the top
spot of the virus chart, in spite of the raging battle between the
widespread Netsky and Bagle worms." The Register has a [2]good summary of
the report."

Discuss this story at:
http://slashdot.org/comments.pl?sid=04/08/02/064259

Links:
0. http://www.sophos.com/pressoffice/pressrel/uk/20040728topten.html
1. http://www.sophos.com/
2. http://www.theregister.co.uk/2004/07/30/jaschan_viral_menace/
_________________
RFID tags! SPYWARE
Tired of proprietary Cor-pirationware?
http://www.openoffice.org/
Installing Vista http://tinyurl.com/2l9qyd

[wawadave]

Title: 802.11i, WPA, RSN and What it all Means to Wi-Fi Security
Author: Deb Shinder
Summary: We've all heard about the flaws and vulnerabilities in WEP, but the
effort to create a standard that provides better security for wireless networks
has been a long and bumpy one. The IEEE's 802.11i project has been implemented,
in part, by the Wi-Fi Alliance's Wi-Fi Protected Access (WPA) and by the Robust
Secure Network (RNS). What does it all mean to you, the wireless user or network
administrator? In this article, we take a look at the new wireless networking
security mechanisms and how you can use them to protect your Wi-Fi network.
Link: http://www.WindowSecurity.com/articles/80211i-WPA-RSN-Wi-Fi-Security.html
_________________
RFID tags! SPYWARE
Tired of proprietary Cor-pirationware?
http://www.openoffice.org/
Installing Vista http://tinyurl.com/2l9qyd

[wawadave]

Title: Securing Your Pocket PC
Author: Deb Shinder
Summary: Busy executives and tech toy aficionados don't leave home without them
- their Pocket PCs, that is. The ability to quickly check e-mail or pull up a
Web site while on the go is invaluable, but what about the security implications
of connecting to your home or office network with a mobile device? This article
discusses security for handheld computers running Pocket PC/Windows Mobile 2003
operating systems.
Link: http://www.WindowSecurity.com/articles/Securing-Pocket-PC.html
_________________
RFID tags! SPYWARE
Tired of proprietary Cor-pirationware?
http://www.openoffice.org/
Installing Vista http://tinyurl.com/2l9qyd

[wawadave]

1. PC Takeover Flaw in Mozilla, Netscape
A 'highly critical' vulnerability puts users at risk of remote code execution.
http://nl.internet.com/ct.html?rtr=on&s=1,11l5,1,8sgl,ku2u,9s3s,a9gz
------------------------------------------------------------
_________________
RFID tags! SPYWARE
Tired of proprietary Cor-pirationware?
http://www.openoffice.org/
Installing Vista http://tinyurl.com/2l9qyd

[wawadave]

Title: Blocking the Slammer Virus with ISA 2004 Firewalls (v1.1)
Author: Thomas Shinder
Summary: Use your ISA 2004 firewall to whack the Slammer virus! Check out this
article for full step by step details.
Link: http://www.ISAserver.org/articles/2004blockslammer.html

Title: Blocking the SoBig Virus with ISA 2004 Firewalls (v1.1)
Author: Thomas Shinder
Summary: Use your ISA 2004 firewall to whack the SoBig virus! Check out this
article for full step by step details.
Link: http://www.ISAserver.org/articles/2004blocksobig.html

Title: Blocking the MyDoom Virus with ISA 2004 Firewalls
Author: Thomas Shinder
Summary: Use your ISA 2004 firewall to whack the MyDoom virus! Check out this
article for full step by step details and a link to Jim Harrison's *free* script
that does it all for you.
Link: http://www.ISAserver.org/articles/2004blockmydoom.html

Title: Blocking the Bagle Virus with ISA Server 2004 Firewalls
Author: Thomas Shinder
Summary: Use your ISA 2004 firewall to whack the Bagle virus! Check out this
article for full step by step details and a link to Jim Harrison's click-o-matic
script that does it all for you.
Link: http://www.ISAserver.org/articles/2004blockbagle.html

Title: Using ISA 2004 Firewalls to Block Worm Attacks (v1.2)
Author: Thomas Shinder
Summary: One of the key security features ISA Server 2004 firewalls bring to the
plate is their ability to block a wide variety of viruses and worms. The ISA
2004 firewall can block external users from infecting your network and the
prevent infected hosts on the corporate network from infecting machines on
external networks. This page will be updated on an ongoing basis with links to
articles on how to configure your ISA 2004 to block widespread virus and worm
attacks.
Link: http://www.ISAserver.org/articles/2004blockworms.html

Title: Using ISA Server 2004 Firewalls to Protect Against Ject
Author: Thomas Shinder
Summary: Use your ISA 2004 firewall to whack the Ject virus! Check out this
article for full step by step details and a link to Jim Harrison's one of a
kind, best of breed Block Ject script for ISA firewalls.
Link: http://www.ISAserver.org/articles/2004blockject.html

Title: Using ISA 2004 Firewalls to Protect Against Sasser (v1.01)
Author: Thomas Shinder
Summary: Use your ISA 2004 firewall to whack the Sasser virus! Check out this
article for full step by step details and a link to Jim Harrison's out of this
world Block Sasser script for ISA firewalls.
Link: http://www.ISAserver.org/articles/2004blocksasser.html
_________________
RFID tags! SPYWARE
Tired of proprietary Cor-pirationware?
http://www.openoffice.org/
Installing Vista http://tinyurl.com/2l9qyd

[wawadave]

IT departments must cope with Patriot Act, university CIO says,
08/03/04

Nearly three years after its enactment, the USA Patriot Act
remains not just a political but also a technological issue on
many college campuses.
http://www.nwfusion.com/news/2004/0803patriot.html?nl
_________________
RFID tags! SPYWARE
Tired of proprietary Cor-pirationware?
http://www.openoffice.org/
Installing Vista http://tinyurl.com/2l9qyd

[wawadave]

Weblog: Another week, another WLAN "controversy", 08/02/04

Aruba Networks says it has documented an attack that exploits
over wireless several well-known and long-standing RADIUS
vulnerabilities.
http://www.nwfusion.com/weblogs/wireless/005835.html?nl
_________________
RFID tags! SPYWARE
Tired of proprietary Cor-pirationware?
http://www.openoffice.org/
Installing Vista http://tinyurl.com/2l9qyd

[wawadave]

ractice safe chat, 08/02/04

Unprotected messaging can cause serious security and compliance
problems.
<http://www.nwfusion.com/research/2004/080204im.html?nl>
_________________
RFID tags! SPYWARE
Tired of proprietary Cor-pirationware?
http://www.openoffice.org/
Installing Vista http://tinyurl.com/2l9qyd

[wawadave]

P2P drag on nets getting worse, 08/02/04

Peer-to-peer traffic has reached an all-time high across the
Internet, bringing with it heightened security and legal threats
for companies that fail to rid their networks of these popular
applications.
<http://www.nwfusion.com/news/2004/080204p2ptraffic.html?nl>
_________________
RFID tags! SPYWARE
Tired of proprietary Cor-pirationware?
http://www.openoffice.org/
Installing Vista http://tinyurl.com/2l9qyd

[wawadave]

NIST says DES encryption 'inadequate', 07/29/04

The National Institute of Standards and Technology is proposing
that the Data Encryption Standard, a popular encryption
algorithm, lose its certification for use in software products
sold to the government.
http://www.nwfusion.com/news/2004/0729nistsays2.html?nl
_________________
RFID tags! SPYWARE
Tired of proprietary Cor-pirationware?
http://www.openoffice.org/
Installing Vista http://tinyurl.com/2l9qyd

[wawadave]

1. Defending IT in an Evolving Battlefield
The author of the new book, Defend IT talks to eSecurityPlanet about the
on-going battle
between hackers and security administrators. As the battle increases in
intensity, what
are IT's biggest hurdles, biggest fears and how is the battlefield changing?
http://nl.internet.com/ct.html?rtr=on&s=1,11p5,1,abu9,4d9u,9s3s,a9gz
------------------------------------------------------------
2. Mozilla: Dollars for Security Bugs
The open source browser project puts up a bounty for the discovery of 'critical'
security
flaws.
http://nl.internet.com/ct.html?rtr=on&s=1,11p5,1,khwp,io6r,9s3s,a9gz
_________________
RFID tags! SPYWARE
Tired of proprietary Cor-pirationware?
http://www.openoffice.org/
Installing Vista http://tinyurl.com/2l9qyd

[wawadave]

. US-CERT: Critical Flaws in libpng
Multiple vulnerabilities in the popular PNG reference library puts users at risk
of
malicious hacker attacks.
http://nl.internet.com/ct.html?rtr=on&s=1,11rl,1,91i1,de4p,9s3s,a9gz
------------------------------------------------------------
2. Critical Flaws Spoil Opera Tune
Opera updates its flagship browser to plug a series of potentially serious
security
holes.
http://nl.internet.com/ct.html?rtr=on&s=1,11rl,1,6k71,8xm5,9s3s,a9gz
------------------------------------------------------------
3. Spyware: Who Is Really Paying the Price?
What you need to know about spyware and why it's in your best interest to keep
it off the
network.
http://nl.internet.com/ct.html?rtr=on&s=1,11rl,1,4w9k,51i7,9s3s,a9gz
_________________
RFID tags! SPYWARE
Tired of proprietary Cor-pirationware?
http://www.openoffice.org/
Installing Vista http://tinyurl.com/2l9qyd

[wawadave]

DITCH IE? | by Ed Skoudis

It's been a rough summer for Internet Explorer. A rash of
vulnerabilities in the most widely used browser has allowed attackers
to spread particularly vicious malware at an unprecedented rate. From
exploiting a gaping hole in order to load a keystroke logger from a
Russian site to manipulating help features to run arbitrary code, the
sheer number of these flaws is driving some people to consider
dumping IE in favor of another browser. Organizations ranging from
U.S. CERT to "BusinessWeek" magazine have advised people to consider
using another browser to ride out this vulnerability storm. People
often tell me that I should jump on a soapbox and advise folks to
move off of IE to help improve their security. But is ditching IE a
reasonable way to go?
http://www.searchSecurity.com/tip/1,289483,sid14_gci996634,00.html?track=NL-363&ad=488152
_________________
RFID tags! SPYWARE
Tired of proprietary Cor-pirationware?
http://www.openoffice.org/
Installing Vista http://tinyurl.com/2l9qyd

[wawadave]

Yahoo Targets More than Spyware in Toolbar Release
By Matt Hicks
August 4, 2004


SAN JOSE, Calif.—Yahoo, which had faced criticism for the way its anti-spyware toolbar scans for software, has decided to alter the toolbar so it treats adware the same as other nefarious software.

The Sunnyvale, Calif., company on Wednesday took the beta tag off the Yahoo Toolbar with Anti-Spy and changed its default scanning settings to detect both spyware and adware by default, Yahoo officials told eWEEK.com during the Search Engines Strategies conference here.

http://www.eweek.com/article2/0,1759,1631542,00.asp
_________________
RFID tags! SPYWARE
Tired of proprietary Cor-pirationware?
http://www.openoffice.org/
Installing Vista http://tinyurl.com/2l9qyd

[wawadave]

. Microsoft's XP SP2 Arrives
BREAKING NEWS: Security will be better, even as some applications fail under the
service
pack's stringent controls.
http://nl.internet.com/ct.html?rtr=on&s=1,11uo,1,lfwp,95mi,9s3s,a9gz
------------------------------------------------------------
2. Trojan Horse Charges PDAs
UPDATE: First known backdoor attack on handhelds probably written by Russian
virus
coder.
http://nl.internet.com/ct.html?rtr=on&s=1,11uo,1,janv,boq0,9s3s,a9gz
------------------------------------------------------------
3. Indictments Returned on $10M Hacking Scheme
Romanian hacker could get up to 90 years in jail for spearheading a crime ring
that
conspired to bilk Ingram Micro out of millions.
http://nl.internet.com/ct.html?rtr=on&s=1,11uo,1,3zo8,bjb2,9s3s,a9gz
_________________
RFID tags! SPYWARE
Tired of proprietary Cor-pirationware?
http://www.openoffice.org/
Installing Vista http://tinyurl.com/2l9qyd