Newsbytes Hacker-Security Review 06/07/01.Business Editors WASHINGTON, DC--(BUSINESS WIRE)-- June 7, 2001 Did you miss these? Here are the top security and hacker-related stories that Newsbytes has covered in the last few days: -- Windows XP: A Hacker's Dream? -- Internet Security: Always One Eye On The Hackers -- Outlook Express Allows E-Mail Hijacking -- Vulnerability Discovered In Yahoo Mail, Hotmail -- Bulgarian Bugmeister Turns His Gaze To Sun -- Net Security Conference: Denial Of Service Wars Heat Up -- Europe Needs Early Warning System Against Hackers - EU -- E-Mail From Bogus FTC Investigator Sought Personal Data -- Attacks Knock Alldas Security Site Offline Windows XP The previous client version of Windows. XP was a major upgrade to the client version of Windows 2000 with numerous changes to the user interface. XP improved support for gaming, digital photography, instant messaging, wireless networking and sharing connections to the Internet. : A Hacker's Dream? Forget "raw sockets." Microsoft's forthcoming Windows XP operating system operating system (OS) Software that controls the operation of a computer, directs the input and output of data, keeps track of files, and controls the processing of computer programs. is loaded with new, potentially hacker-friendly features, security experts said. Following programmer and security vigilante vigilante n. someone who takes the law into his/her own hands by trying and/or punishing another person without any legal authority. In the 1800s groups of vigilantes dispensed "frontier justice" by holding trials of accused horse-thieves, rustlers and shooters, and Steve Gibson's scathing critique last month of Microsoft's plan to include a powerful capability called raw sockets in Windows XP, security professionals -- and Microsoft itself -- have rushed to rebut To defeat, dispute, or remove the effect of the other side's facts or arguments in a particular case or controversy. When a defendant in a lawsuit proves that the plaintiff's allegations are not true, the defendant has thereby rebutted them. TO REBUT. Gibson's claims. http://www.newsbytes.com/news/01/166598.html Internet Security ''This article or section is being rewritten at Internet security is the process of protecting data and privacy of devices connected to internet from information robbery, hacking, malware infection and unwanted software. : Always One Eye On The Hackers Most of the companies gathered at this week's Internet Security Conference 2001 had some permutation One possible combination of items out of a larger set of items. For example, with the set of numbers 1, 2 and 3, there are six possible permutations: 12, 21, 13, 31, 23 and 32. (mathematics) permutation - 1. of the phrase, "we can help stop hackers!" displayed prominently on their booths -- leaving no doubt what the priority is in the Internet security industry. In developing the weapons to fight this war, are security companies mindful of privacy concerns? The answer depends on which company you talk to, but most did not rate privacy as an important issue. http://www.newsbytes.com/news/01/166566.html Outlook Express Allows E-Mail Hijacking hijacking Crime of seizing possession or control of a vehicle from another by force or threat of force. Although by the late 20th century hijacking most frequently involved the seizure of an airplane and its forcible diversion to destinations chosen by the air pirates, when A bug in Outlook Express, the popular e-mail program Software in the user's computer that can access the mail servers in a local or remote network. Also known as an "e-mail client," "mail client," "mail program," and "mail reader," it provides the ability to send and receive e-mail messages and file attachments. bundled with Microsoft's Windows 95, 98, and ME operating systems Operating systems can be categorized by technology, ownership, licensing, working state, usage, and by many other characteristics. In practice, many of these groupings may overlap. , could allow an attacker to intercept messages sent by a user of the program to a third party. The design flaw, present in Outlook Express version 5.5 service pack 1 and earlier, could enable a malicious person to make a fraudulent entry in a target victim's Outlook Express address book and to subsequently hijack all e-mail sent by the victim to a trusted address. http://www.newsbytes.com/news/01/166599.html Vulnerability Discovered In Yahoo Mail See Yahoo! Mail. , Hotmail A college student recently discovered a new vulnerability in Web-based e-mail systems such as Yahoo mail and MSN's Hotmail. The vulnerability, known as an "error handling exploitation" or a "cross-site-scripting hole," might allow malicious individuals to take over someone's e-mail account by stealing the victim's "cookies." http://www.newsbytes.com/news/01/166436.html Bulgarian Bugmeister Turns His Gaze To Sun Microsoft Windows-based e-mail programs may be a favorite target of hackers and virus writers. But users of Unix mail systems are not immune to attack, according to an advisory published Bulgarian security consultant Georgi Guninski. Guninski has identified a buffer overflow vulnerability that can be exploited using the mail console on Sun Microsystems's Solaris version 8 for Intel platforms. http://www.newsbytes.com/news/01/166523.html Net Security Conference: Denial Of Service A condition in which a system can no longer respond to normal requests. See denial of service attack. Wars Heat Up The arms race between hackers and security personnel continues unabated as each side constantly strives to top the capabilities of the other -- especially when it comes to denial of service attacks. That is the message from the "anti-hacking" symposium at The Internet Security Conference. http://www.newsbytes.com/news/01/166549.html Europe Needs Early Warning System Against Hackers -- EU Member nations of the European Union European Union (EU), name given since the ratification (Nov., 1993) of the Treaty of European Union, or Maastricht Treaty, to the European Community (EU) must deepen cooperation on Internet and communication-network security matters, and should develop an early-warning system against hacker and virus attacks, according to a report issued by the EU's top information technology official. http://www.newsbytes.com/news/01/166526.html E-Mail From Bogus FTC FTC See Federal Trade Commission (FTC). Investigator Sought Personal Data A Federal Trade Commission (FTC) investigation into a bogus work-at-home scheme became a bit more complicated last month after a man pretending to be an FTC employee e-mailed hundreds of the scam's victims seeking personal information to be used as "evidence" in the investigation. The scam-within-a-scam stemmed from an ongoing investigation into Los Angeles, Calif.-based Medicor. http://www.newsbytes.com/news/01/166551.html Attacks Knock Alldas Security Site Offline Alldas, the nonprofit security information site, was back online after a distributed denial of service attack overwhelmed its network for more than 24 hours. But site operators said the incident has forced Alldas to find a new host for its popular archive of Web-site defacements. http://www.newsbytes.com/news/01/166409.html |
|
||||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion