CRIME FW: [Information_technology] Daily News 7/08/03

From: George Heuston (GeorgeH@private)
Date: Tue Jul 08 2003 - 09:09:26 PDT

  • Next message: Rasmussen, Michael: "RE: CRIME Open Source Development Lab"

    -----Original Message-----
    From: InfraGard [mailto:infragard@private] 
    Sent: Tuesday, July 08, 2003 7:17 AM
    To: Information Technology
    Subject: [Information_technology] Daily News 7/08/03
    
    July 07, The Register
    FTC calls privacy claims to account. Most online businesses promise
    they'll
    protect customer data as if it were their own. Now the government is
    holding
    them to it. United States Federal Trade Commission has indicated its
    intention to actively pursue companies that obtain personal information
    by
    promising a level of security, and then not delivering it. Almost every
    company that does business in cyberspace has a security and privacy
    policy,
    typically buried at the bottom of a home page, under "legal notice" or
    "privacy policy." The FTC concluded that data that is collected under
    false
    pretenses is a "deceptive trade practice." Source:
    http://www.theregister.co.uk/content/55/31592.html
    
    July 03, SecurityFocus
    Study: Wi-Fi users still don't encrypt. Two days of electronic
    eavesdropping
    at the 802.11 Planet Expo in Boston last week sniffed out more evidence
    that
    most Wi-Fi users still aren't getting the message. Security vendor
    AirDefense set up two of its commercial "AirDefense Guard" sensors at
    opposite corners of the exhibit hall at the Boston World Trade Center,
    the
    site of the conference. The company provided attendees with ample notice
    of
    the study. "There were huge signs throughout the place saying AirDefense
    is
    monitoring all conference traffic." They found that users checking their
    e-mail through unencrypted POP connections vastly outnumbered those
    using a
    VPN or another encrypted tunnel. Only three percent of e-mail downloads
    were
    encrypted on the first day of the conference, 12 percent on the second
    day.
    That means the other 88% could easily be intercepted by eavesdroppers
    using
    commonly-available tools, compromising both the e-mail and the user's
    passwords. Source: http://www.securityfocus.com/news/6290
    
    
    Internet Security Systems - AlertCon: 1 out of 4
    https://gtoc.iss.net/
    Last Changed 10 June 2003
    
    Security Focus ThreatCon: 1 out of 4
    www.securityfocus.com
    Last Changed 11 June 2003
    
    Current Virus and Port Attacks
    Virus: #1 Virus in USA: WORM_LOVGATE.F
    Source: http://wtc.trendmicro.com/wtc/wmap.html, Trend World Micro Virus
    Tracking Center [Infected Computers, North America, Past 24 hours, #1 in
    United States]
    
    Top 10 Target Ports:
    137 (netbios-ns), 80 (www), 445 (microsoft-ds), 1434 (ms-sql-m), 113
    (ident), 139 (netbios-ssn), 27020 (---), 4662 (eDonkey2000), 0 (---),
    2234
    (directplay)
    Source: http://isc.incidents.org/top10.html; Internet Storm Center
    
    _______________________________________________
    Information_technology mailing list
    Information_technology@listserv
    



    This archive was generated by hypermail 2b30 : Tue Jul 08 2003 - 09:33:11 PDT