7 Sept 02
With this journal, we are recording signifcant security related events that transpire during this week.
Our plan is to create a snapshot of events related by time and their revelance to Information System Security.
Week Two Week Three Week Four
|Strange Attractors and TCP/IP Sequence Number Analysis - One Year Later||An evaluation of TCP/IP sequence number generators in several mainstream operating systems by mapping the dynamics of the generated sequence numbers into a three-dimensional phase space. A folowup to a previously done study.|
How Did We Handle the XP Security Hole?
|Microsoft's problems with XP security.|
|Hackers perform a test of LA Police Network.||Chaos in a Police Department|
|CERT Massive credit card heist suspected||60,000 Numbers.|
|17 year old boy shows off his hacker capabilities||FBI smokes out "Coolio" in computer attacks probe|
14 Sept 02
An Appache/Linux Virus that infects web servers.
Since the previous week, the number of infected DDoS nodes has nearly doubled (from approximately up to 11,000). Slapper may prove to be as much trouble for Linux users as Code Red and NIMDA were for the Windows users.
|Row 1||5 Steps for keeping hackers at bay.|
|Who’s spying on my hotmail?||Using a personal e-mail account such as Yahoo or Hotmail at work may not be as safe as you think. New spy software can give an employer the ability to snoop in on your private email. Is this an invasion of privacy or does an employer have the right to snoop in this manner? Where do you stand?|
|"Hackers Hall of Fame" !||Gives you the time line of hackers. You see that hacking began back in '69 before I was born and computers became popular. Wow|
|Mobile processors save digital certificates in hardware||Intel's upcoming line of mobile processors (code-named Banias) will support Verisign's digital certificate and Personal Trust Agent (PTA) technology. By storing users' digital certificates and attributes in hardware, it's theoretically more difficult to compromise the certificates and attributes through network connections.|
|Forensics Workshop||A broad-spectrum approach to Computer Forensics intended to increase interactions between Information Security faculty, students and practitioners. Topics include performing detailed analysis of systems, use of forensic evidence in the legal system, tools available for forensic analysis, international complications, and a corporate perspective.|
|Online payment service PayPal hit by scam||PayPal clients were targeted by scam artists trying to get their personal information by sending them scam emails, requesting PayPal verification|
|See Your Computer The Way Hackers Do||Informative website listing the latest exploit, defacement and articles on securtiy with the government stance on the latest issues facing security.|
|Hacker groups declare war on US.gov||A record number of malicious hacking attempts were made this month, and anti-American groups are responsible. According to Mi2g, malicious hacker groups such as S4t4n1c_S0uls, USG, WFD, EgyptianHackers, Arab VieruZ, MHA, The Bugz and FBH, as responsible for many anti-Israeli and anti-Indian attacks, as well as the US targets.|
5 Oct 02
US Department of Justice link site with sections for:
ALso interesting is the SANs Reading Room 'Legal Issues' Section.
|Linux virus creator arrested in UK||British and U.S. authorities arrest 21-year-old man suspected of writing the malicious "T0rn" virus that attacked Linux computer systems. T0rn is considered to be the first Trojan horse-style virus written expressly to harm Linux users. This arrest has been considered a victory for law enforcement because it has been difficult to catch cyber-criminals due to few computer security laws in many countries, inexperienced police units, and an unwillingness to get corporate victims to cooperate with investigations.|
|Another New Worm Takes Aim at Windows||While most worms spread via e-mail, Opasoft is traveling over local and wide-area networks.|
|Teddy Bear, Teddy Bear!!! He's cute and he wants your credit card.||He will disable your firewall and get your data.|