1
n e w s 4 Infosecurity Today March/April 2005 Windows XP SP2- the cull of the Bots Sarah Hilley T he number of slave computers plunged last year by around 80% after the release of Microsoft XP Service Pack 2, research from Symantec shows. Bot network computers plummeted from 30,000 per day in July last year to below 5,000 per day by the end of 2004 according to the Internet Security Threat Report. The climax of last's year downfall of zombie computers came in August, which marked the combative debut of the XP update. As a result the number of scans and attacks against TCP port 445 and TCP port 135 by hacker-controlled computers dropped. Both ports are used by bot network applications such as Gaobot to spread into systems through unpatched flaws or bad user name and password choices. Symantec also said that the inclusion of default firewall rules that block TCP port 135 and limit TCP port 445 activity may have curbed the enlistment of machines for bot networks. Hackers are fighting back, however, by reverting to using spoofed hosts for denial-of-services attacks. These allow an attacker to overwhelm a victim with fewer compromised computers. But this gets harder to defend against. Symantec warned: “The spoofing of the addresses makes filtering based on the IP address much more complicated.” However, the mass slay ofbots by SP2 has not liberated the UK of zombies completely. The country still has the biggest number of bot- infected computers in the world. Britain has more than a quarter of all bots installed with the US coming a close second and China a distant third. “The fact that Britain has the highest percentage of bot infections is significant because it is directly linked to the rapid roll-out of broadband in the country,” said Nigel Beighton, Symantec’s Director of Enterprise Strategy, EMEA. “We saw 93% growth in broadband connections last year and this has had a huge impact on the number of people accessing the Internet.” Choicepoint: sued, defrauded and share price quartered Sarah Hilley C hoicepoint has suffered a major fraud, been hurt by a painful share plunge, and now its executives are being investigated by the SEC. The share price of Choicepoint, the US data aggregator, has plunged by 20% due to the discovery of an elaborate identity fraud. Shareholders have responded to the drop by filing a class-action lawsuit against the company and its executives. The cause of the downfall? — a group of identity thieves who set up fake companies and registered as Choicepoint customers to obtain vast amounts of confidential US citizen data last year. Social security numbers and place of birth details enabled the fraudsters to commit identity theft. In response, Choicepoint is withdrawing the sale of citizen information that contains sensitive data except where it is of direct benefit to consumers. Choicepoint CEO, Derek BV Smith said “We apologise again to those consumers who may be affected by the fraudulent activity.” The identity attacks against people are still being investigated. To try and rectify matters further, the company has created an independent office of Credentialing, Compliance and Privacy that will report to the Board of Directors’ Privacy Committee. Despite the positive efforts to clean up the mess, the company is also being investigated by the Securities and Exchange Commission for hasty share sales. The SEC are probing stock sales by CEO, Derek Smith and president, Douglas Curling for a $16.6 million profit after they allegedly learnt of the data security breach at Choicepoint. Close shave for Japanese bank Brian McKenna I sraeli police have foiled an attempt to defraud Sumitomo’s City offices of £13.9m. They arrested a man who tried to benefit from information got from key-logging software. Yeron Bolondi, 32, is charged with money laundering and deception. Meanwhile, as recently as 8 March, the UK payments body APACS released online fraud figures for the first time. These show that losses due to phishing and key-logging trojans amounted to £12m in 2004 — less than the Israeli's alleged attempted fund transfer. The Financial Times broke the Sumitomo story on 17 March, reporting that rumours of an £220m attempted theft have been circulating in police and corporate circles since late last year. Takashi Morita, head of communications at Sumitomo in Tokyo, said the company had not suffered any financial loss as a consequence of the robbery attempt. He said: “The case is still in the middle of investigation so we cannot comment further.” The UK’s National Hi-Tech Crime Unit, which works closely with the Israeli police, has been credited by the BBC with the original discovery of a wider plot. The IT security supplier community was fast to comment. Symantec’s Richard Archdeacon said: “We have seen a meteoric rise in cyber fraud that specifically targets confidential data. It’s information warfare”. Computer Associates’ Simon Perry said: “The use of keystroke logging software in this case, sends a strong message to all companies that anti- spyware technology is now a first line defence against cyber-crime”. CA said, in a statement, that this was 'the first recorded instance in the UK of key-logging being used for large-scale online theft'. Meanwhile, Gary Clark, VP EMEA at Safenet, expressed surprise and intrigue that username and password seemed, in this case, to be good enough for banking security in the City. “Ifthere aren't real moves to two-factor authentication, or putting in PKI infrastructures that is scary”, he said. "Moreover, maybe we are only hearing about this because it was prevented”. News In Brief Security build up for BlackBerry T he Canadian military and US security agencies are working together on a year long trial to make BlackBerry devices more secure, with a view for using them in top secret communications. The devices have been incredibly popular in the business community, enabling the user to be contactable at all times and earning the nickname 'CrackBerry' due to their addictive nature. However, hacking of the devices has recently become more common and the main focus of the trial is to improve security of transmissions.

Close shave for Japanese bank

Embed Size (px)

Citation preview

Page 1: Close shave for Japanese bank

ne

ws

4In

fosecu

rity Tod

ayM

arch/April 2005

Windows XP SP2- the cull of the BotsSarah Hilley

The number of slave computers plunged last year by around 80%

after the release of Microsoft XP Service Pack 2, research from

Symantec shows.

Bot network computers plummeted from 30,000 per day in July last

year to below 5,000 per day by the end of 2004 according to the

Internet Security Threat Report.The climax of last's year downfall of zombie computers came in

August, which marked the combative debut of the XP update.

As a result the number of scans and attacks against TCP port

445 and TCP port 135 by hacker-controlled computers dropped.

Both ports are used by bot network applications such as Gaobot to

spread into systems through unpatched flaws or bad user name and

password choices.

Symantec also said that the inclusion of default firewall rules that

block

TCP port 135 and limit TCP port 445 activity may have curbed the

enlistment of machines for bot networks.

Hackers are fighting back, however, by reverting to using

spoofed hosts for denial-of-services attacks. These allow an

attacker to overwhelm a victim with fewer compromised

computers. But this gets harder to defend against. Symantec

warned: “The spoofing of the addresses makes filtering based on

the IP address much more complicated.”

However, the mass slay of bots by SP2 has not liberated the UK of

zombies completely. The country still has the biggest number of bot-

infected computers in the world. Britain has more than a quarter of

all bots installed with the US coming a close second and China a

distant third.

“The fact that Britain has the highest percentage of bot infections

is significant because it is directly linked to the rapid roll-out of

broadband in the country,” said Nigel Beighton, Symantec’s Director

of Enterprise Strategy, EMEA.

“We saw 93% growth in broadband connections last year and

this has had a huge impact on the number of people accessing the

Internet.”

Choicepoint: sued, defrauded and share price quarteredSarah Hilley

Choicepoint has suffered a major fraud, been

hurt by a painful share plunge, and now its

executives are being investigated by the SEC.

The share price of Choicepoint, the US data

aggregator, has plunged by 20% due to the

discovery of an elaborate identity fraud.

Shareholders have responded to the drop by

filing a class-action lawsuit against the company

and its executives.

The cause of the downfall? — a group of

identity thieves who set up fake companies and

registered as Choicepoint customers to obtain vast

amounts of confidential US citizen data last year.

Social security numbers and place of birth details

enabled the fraudsters to commit identity theft.

In response, Choicepoint is withdrawing the sale

of citizen information that contains sensitive data

except where it is of direct benefit to consumers.

Choicepoint CEO, Derek BV Smith said “We

apologise again to those consumers who may be

affected by the fraudulent activity.” The identity

attacks against people are still being

investigated.

To try and rectify matters further, the

company has created an independent office of

Credentialing, Compliance and Privacy that will

report to the Board of Directors’ Privacy

Committee.

Despite the positive efforts to clean up the

mess, the company is also being investigated by

the Securities and Exchange Commission for

hasty share sales. The SEC are probing stock

sales by CEO, Derek Smith and president,

Douglas Curling for a $16.6 million profit after

they allegedly learnt of the data security breach

at Choicepoint.

Close shave for Japanese bankBrian McKenna

Israeli police have foiled an attempt to defraud Sumitomo’s City offices

of £13.9m. They arrested a man who tried to benefit from information

got from key-logging software. Yeron Bolondi, 32, is charged with money

laundering and deception.

Meanwhile, as recently as 8 March, the UK payments body

APACS released online fraud figures for the first time. These show

that losses due to phishing and key-logging trojans amounted to

£12m in 2004 — less than the Israeli's alleged attempted fund

transfer.

The Financial Times broke the Sumitomo story on 17 March, reporting

that rumours of an £220m attempted theft have been circulating in police

and corporate circles since late last year.

Takashi Morita, head of communications at Sumitomo in Tokyo,

said the company had not suffered any financial loss as a

consequence of the robbery attempt.

He said: “The case is still in the middle of investigation so we cannot

comment further.”

The UK’s National Hi-Tech Crime Unit, which works closely with the

Israeli police, has been credited by the BBC with the original discovery of

a wider plot.

The IT security supplier community was fast to comment.

Symantec’s Richard Archdeacon said: “We have seen a meteoric rise

in cyber fraud that specifically targets confidential data. It’s

information warfare”.

Computer Associates’ Simon Perry said: “The use of keystroke logging

software in this case, sends a strong message to all companies that anti-

spyware technology is now a first line defence against cyber-crime”. CA

said, in a statement, that this was 'the first recorded instance in the UK of

key-logging being used for large-scale online theft'.

Meanwhile, Gary Clark, VP EMEA at Safenet, expressed surprise

and intrigue that username and password seemed, in this case, to be

good enough for banking security in the City. “If there aren't real moves

to two-factor authentication, or putting in PKI infrastructures that is

scary”, he said. "Moreover, maybe we are only hearing about this

because it was prevented”.

News In Brief

Security build upfor BlackBerry

The Canadian military and US

security agencies are working

together on a year long trial to

make BlackBerry devices more

secure, with a view for using them

in top secret communications.

The devices have been

incredibly popular in the business

community, enabling the user to

be contactable at all times and

earning the nickname

'CrackBerry' due to their addictive

nature. However, hacking of the

devices has recently become more

common and the main focus of

the trial is to improve security of

transmissions.

A Close Shave - Chapter 002

A Close Shave - Chapter 002

Documents
A Close Shave - Chapter 006

A Close Shave - Chapter 006

Documents
I shave Me afeito I need to shave Necesito afeitarme

I shave Me afeito I need to shave Necesito afeitarme

Documents
A Close Shave - Chapter 004

A Close Shave - Chapter 004

Documents
Close, Fast Shaveobjects.icecat.biz/objects/mmo_28346548_1540084995_9817_23086… · Close, Fast Shave The Shaver Series 5000 adds speed to your morning routine with a fast, MultiPrecision

Close, Fast Shaveobjects.icecat.biz/objects/mmo_28346548_1540084995_9817_23086… · Close, Fast Shave The Shaver Series 5000 adds speed to your morning routine with a fast, MultiPrecision

Documents
Smoov Shave Ver7

Smoov Shave Ver7

Documents
CLOSE SHAVE: Sharon and Justin riding past the big mower

CLOSE SHAVE: Sharon and Justin riding past the big mower

Documents
Challenges Close Shave Sprint, Spin, Sprint The Labyrinth Zamboni Driver The Prairie Dog Burrow Driver Education – Intersections The Clapper

Challenges Close Shave Sprint, Spin, Sprint The Labyrinth Zamboni Driver The Prairie Dog Burrow Driver Education – Intersections The Clapper

Documents
THE BARBERSHOP - The Ritz-Carlton MEN’S GRANDE SHAVE 60 MINUTES / $60 A true gentleman’s shave experience, beginning with a shave prep oil and hot lathered shave cream, followed

THE BARBERSHOP - The Ritz-Carlton MEN’S GRANDE SHAVE 60 MINUTES / $60 A true gentleman’s shave experience, beginning with a shave prep oil and hot lathered shave cream, followed

Documents
Shave code sampling event

Shave code sampling event

Business
DQ cruZer - Boulanger• Shave («2»): For a close shave of stubbled areas with the shaving system (3) Pressing the « » button, extend the slider (5) as far as it will go to setting

DQ cruZer - Boulanger• Shave («2»): For a close shave of stubbled areas with the shaving system (3) Pressing the « » button, extend the slider (5) as far as it will go to setting

Documents
Clean & close, Fast shaveobjects.icecat.biz/objects/mmo_36066435_1488362860... · Clean & close, Fast shave Protects 10X better versus a regular blade* The Shaver Series 5000 adds

Clean & close, Fast shaveobjects.icecat.biz/objects/mmo_36066435_1488362860... · Clean & close, Fast shave Protects 10X better versus a regular blade* The Shaver Series 5000 adds

Documents
Close, Fast Shave - Air Miles

Close, Fast Shave - Air Miles

Documents
Cryotherapy, shave biopsies, and punch biopsies: when and … Conference/Presentations... · CRYOTHERAPY, SHAVE BIOPSIES, AND PUNCH BIOPSIES: ... do not perform a shave biopsy as

Cryotherapy, shave biopsies, and punch biopsies: when and … Conference/Presentations... · CRYOTHERAPY, SHAVE BIOPSIES, AND PUNCH BIOPSIES: ... do not perform a shave biopsy as

Documents
Shave and a Haircut 9 · 2020. 11. 7. · Shave and a Haircut 9.5 - Joseph Alter, Inc 2 Shave and a Haircut 9.5 LEGAL NOTICE Shave and a Haircut, it’s concepts and accompanying

Shave and a Haircut 9 · 2020. 11. 7. · Shave and a Haircut 9.5 - Joseph Alter, Inc 2 Shave and a Haircut 9.5 LEGAL NOTICE Shave and a Haircut, it’s concepts and accompanying

Documents
AFTER SHAVE ORIGINAL

AFTER SHAVE ORIGINAL

Documents
A Close Shave with Realism

A Close Shave with Realism

Documents
Shave Tools

Shave Tools

Documents
How to Shave

How to Shave

Education
PUNCH AND SHAVE BIOPSY Robert M. Howse, Jr,sonoranhealth.org/resources/punch++shave+biopsy.pdf · Procedure: Punch and Shave Biopsy . 939 PUNCH AND SHAVE BIOPSY Robert M. Howse, Jr,

PUNCH AND SHAVE BIOPSY Robert M. Howse, Jr,sonoranhealth.org/resources/punch++shave+biopsy.pdf · Procedure: Punch and Shave Biopsy . 939 PUNCH AND SHAVE BIOPSY Robert M. Howse, Jr,

Documents
WETech CLOSE SHAVE - thegoodguys.sirv.com• ®The Remington WETech CLOSE SHAVE is waterproof. You may use shaving foam or gel with your shaver. You may also shave in the shower. •

WETech CLOSE SHAVE - thegoodguys.sirv.com• ®The Remington WETech CLOSE SHAVE is waterproof. You may use shaving foam or gel with your shaver. You may also shave in the shower. •

Documents
W. Awdry - [THOMAS and FRIENDS 01] - A Close Shave (Thomas & Friends) (v5.0)

W. Awdry - [THOMAS and FRIENDS 01] - A Close Shave (Thomas & Friends) (v5.0)

Documents
Close, Fast ShaveP. Trimmer & Nose Trimmer SmartClean System S5510/37 Close, Fast Shave 20% more power* The Shaver Series 5000 adds speed to your morning routine with a fast, MultiPrecision

Close, Fast ShaveP. Trimmer & Nose Trimmer SmartClean System S5510/37 Close, Fast Shave 20% more power* The Shaver Series 5000 adds speed to your morning routine with a fast, MultiPrecision

Documents
Gillette India Limited - P&G · a safe and affordable shave, at just ` 1 per shave. ... the Cannes Ad Festival this year. This year’s campaign – Shave India Movement – Shave

Gillette India Limited - P&G · a safe and affordable shave, at just ` 1 per shave. ... the Cannes Ad Festival this year. This year’s campaign – Shave India Movement – Shave

Documents
Clean & close, Fast shave€¦ · S5550/06 Clean & close, Fast shave Protects 10X better versus a regular blade* The Shaver Series 5000 adds speed to your morning routine with a fast,

Clean & close, Fast shave€¦ · S5550/06 Clean & close, Fast shave Protects 10X better versus a regular blade* The Shaver Series 5000 adds speed to your morning routine with a fast,

Documents
Wet or Dry, Protective shave - AL GHANDI ELECTRONICS• Get a comfortable dry or refreshing wet shave with Aquatec • Lifts hairs to cut comfortably close A comfortable shave •

Wet or Dry, Protective shave - AL GHANDI ELECTRONICS• Get a comfortable dry or refreshing wet shave with Aquatec • Lifts hairs to cut comfortably close A comfortable shave •

Documents
A Close Shave - Chapter 007

A Close Shave - Chapter 007

Documents
A Close Shave in Burma: Unocal Corporation and Private

A Close Shave in Burma: Unocal Corporation and Private

Documents
Dollar shave club

Dollar shave club

Small Business & Entrepreneurship
A Close Shave - Chapter 005

A Close Shave - Chapter 005

Documents