Spyware, Viruses, & Security forum

General discussion

News - November 1, 2004

by Brent Welch / November 1, 2004 3:24 AM PST

Oxford student "hackers" suspended

Two Oxford students have been suspended after hacking into the university's IT systems in an attempt to expose security weaknesses for an article in the student newspaper.

Patrick Foster and Roger Waite used free software downloaded using Google to access a database of university students' email passwords and other personal details, spy on MSN Messenger conversations and look at some of the CCTV network. The security holes were exposed in an article they wrote for the Oxford Student newspaper but university authorities were less than impressed and called in Thames Valley police.

The university's own IT staff were also unimpressed by the students' investigation and contacted silicon.com claiming they didn't actually manage to hack into anything.

http://software.silicon.com/security/0,39024655,39125462,00.htm

Discussion is locked
You are posting a reply to: News - November 1, 2004
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: News - November 1, 2004
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Collapse -
Spam scam creates Yahoo zombies
by Brent Welch / November 1, 2004 3:25 AM PST

Yahoo members have been warned of a scam in which spammers try to take over their email accounts by sending out fraudulent emails asking for verification of Yahoo account login details. The email request, which claims to help Yahoo prevent automated registrations, tries to dupe users into creating email accounts from which spammers can then distribute large quantities of unsolicited email.

IT security firm MessageLabs warned that the emails contain a fake Yahoo.com URL that leads to a completely different site, but redirects through a Google URL three times to obfuscate the link.

It then redirects to another fake Yahoo web address that loads a real Yahoo help page with legitimate information explaining the code verification process. This is followed by a fake pop-up window which shows the user a Yahoo picture ID and asks them to enter the code.

http://www.vnunet.com/news/1159085

Collapse -
Companies Scramble to Deal With Spyware
by Brent Welch / November 1, 2004 5:16 AM PST

The people who call Dell Inc.'s customer service line often have no idea why their computers are running so slow. The ones who call America Online Inc. can't necessarily explain why Internet connections keep dropping. And those who file error reports with Microsoft Corp. don't always know why their computers inexplicably crash.

Sometimes, the company that gets the complaint is rightly to blame. But with alarming frequency, officials at these and other technology companies say they are tracing customer problems back to one culprit: spyware. In the past year, spyware problems have become especially pernicious, leaving companies scrambling to respond to customers who don't necessarily realize they have spyware.

Companies are concerned about the cost of dealing with such calls. But perhaps more worrisome, they fear customers will wrongly blame them.

http://www.forbes.com/technology/feeds/ap/2004/10/31/ap1622912.html

Collapse -
TippingPoint Releases Open Source Code for First Intrusion
by Donna Buenaventura / November 1, 2004 8:36 AM PST

Prevention Test Tool, Tomahawk

TippingPoint Technologies, Inc., (the leader in intrusion prevention, today announced the availability and open source release of Tomahawk,TM the first test tool designed specifically to evaluate the unique capabilities of network-based intrusion prevention systems (IPS).

"TippingPoint is contributing Tomahawk to the public to make IPS testing easier and more affordable for end users," said TippingPoint's Chief Technology Officer Marc Willebeek-LeMair. "By enabling users to evaluate security, performance, and usability in real world environments, we believe it will accelerate the adoption of intrusion prevention and confirm its necessity in today's threat environment. We believe the benefit of open sourcing the tool to facilitate IPS testing outweighs the potential benefits of commercializing the tool."

http://www.net-security.org/press.php?id=2615

Collapse -
New Gordano Release Upgrades Spam, Anti-Virus Features
by Donna Buenaventura / November 1, 2004 8:37 AM PST

More efficient Bayesian system, sophisticated word filtering highlight new version.

British-based Gordano has announced a revised edition of its Gordano Messaging Suite (GMS) that includes new features focused on the fight against spam and virus attacks. "Our new facilities strengthen the enterprise arsenal of weapons to fight off these attacks," said sales director Lisa Kirman.

The new features include Scored Restricted Words, a feature which allows administrators to define a set of words or phrases with a score assigned to each indicating its potential for being contained in spam messages. Gordano provides a default set of words from its Anti Spam Update Service (ASUS), and users can augment it with their own.

A more efficient Bayesian filtering system enables a single filtering program to categorize spam for the whole system. This reduces the overhead entailed in the learning process of multiple filters. Gordano's system now operates silently, preventing spammers from being alerted to any new mechanisms that have been enabled.

http://www.messagingpipeline.com/showArticle.jhtml?articleID=51201941

Collapse -
Cryptography Research Launches Licensing Program for Tamper
by Donna Buenaventura / November 1, 2004 8:38 AM PST

Resistance Patents to Prevent Fraud and Piracy

Cryptography Research, Inc. today announced it is now licensing its Differential Power Analysis (DPA) countermeasure technology for cryptographic device manufacturers, smart card vendors, and smart card issuers wanting to produce secure, DPA-resistant products. The Cryptography Research DPA Countermeasure Licensing Program provides access to the company's rich portfolio of broad, fundamental patents on technology that can reduce fraud and piracy by preventing DPA attacks.

These defenses are important to protect the security of tamper-resistant smart cards and other devices used in financial, pay television, mass transit, secure ID, wireless and other industries.

http://www.eetimes.com/press_releases/prnewswire/showPressRelease.jhtml?articleID=X252552&CompanyId=1

Collapse -
AOL joins industry anti-spam, anti-virus group
by Donna Buenaventura / November 1, 2004 8:39 AM PST

Internet service provider America Online Monday said it has joined the Messaging Anti-Abuse Working Group, which was formed last December by a group of communications and technology companies to fight spam, viruses and other online attacks and nuisances.

"America Online is committed to improving our customers' messaging experience," Carl Hutzler, director of antispam operations at AOL, said in a statement. "To do so, we must cooperate to find common solutions for eliminating spam and other unwanted communications and security threats."

http://www.nwfusion.com/news/2004/1101aoljoins.html

Collapse -
AT&T Adds Worm And Virus Protection To Firewall Service
by Donna Buenaventura / November 1, 2004 8:40 AM PST

It lets businesses protect themselves from a variety of threats without having to deploy firewalls at each of their locations.

AT&T has added worm and virus protection to its Internet Protect service network-based firewall. The service now helps businesses protect themselves from a variety of threats without having to deploy firewalls at each of their locations.

The new capabilities, which will be added to the service next year, integrate worm and virus mitigation into AT&T's network-based firewall service. The firewall service deploys early identification and mitigation capabilities for attacks directly within the AT&T global IP network, and the firm claims that doing so can more effectively prevent attacks from proliferating and infiltrating customers' internal networks.

http://informationweek.com/story/showArticle.jhtml%3Bjsessionid=EJKJ0JTAGBQYMQSNDBGCKHSCJUMEKJVN?articleID=51201882

Collapse -
Product Detects Worm Outbreaks Before AV Vendors
by Donna Buenaventura / November 1, 2004 8:41 AM PST
Collapse -
There's no worm in your Apple - honest
by Donna Buenaventura / November 1, 2004 8:42 AM PST

After a week of contemplation, Apple has announced that the 'Opener' malware program blighting OS X is not a virus - although the security community disagrees

Apple has denied that the malicious code dubbed 'Opener' is a worm, a Trojan or a virus of any kind.

In an emailed statement from a PR company that represents Apple, a spokeswoman said:

"Apple has just released the following statement and will not comment beyond this: 'Opener is not a virus, Trojan horse, or worm. It does not propagate itself across a network, through email, or over the Web. Opener can only be installed by someone who already has access to your system and provides proper administrator authentication. Apple advises users to only install software from vendors and Web sites that they know and trust.'"

But antivirus experts beg to differ, saying that while the program is not an immediate threat, it is a worm because it attempts to copy itself, is therefore a virus as well.

Antivirus company Sophos said: "Renepo is a worm, and since a worm is just a special type of virus - one which neither requires nor uses an existing host file as a carrier - it is a virus."

http://news.zdnet.co.uk/software/mac/0,39020393,39172277,00.htm

Collapse -
Citibank - 'Security Alert on Microsoft Internet Explorer'
by Donna Buenaventura / November 1, 2004 8:44 AM PST

Anti-Phishing: Citibank - 'Security Alert on Microsoft Internet Explorer'

Again, a phish that utilizes a good address bar forgery. These are getting very dangerous to unsuspicious customers, because very few obvious clues of phishing are left uncovered.

A weak spot in this scam is the e-mail message it's distributed through. It lacks Citibank logos and usual legit headers.

Yet, the sender is spoofed, and it would be very misleading to an unprepared user.

Anti-Phishing.org

Popular Forums

icon
Computer Newbies 10,686 discussions
icon
Computer Help 54,365 discussions
icon
Laptops 21,181 discussions
icon
Networking & Wireless 16,313 discussions
icon
Phones 17,137 discussions
icon
Security 31,287 discussions
icon
TVs & Home Theaters 22,101 discussions
icon
Windows 7 8,164 discussions
icon
Windows 10 2,657 discussions

FALL TV PREMIERES

Your favorite shows are back!

Don’t miss your dramas, sitcoms and reality shows. Find out when and where they’re airing!