Effective
Professional
Affordable



InfoSec in the News
(Archives)

2015
2014
2013
2012
2011
2010
2009
2008
2007
2006
2005
2004
2003
2002
2001 and earlier

Most of these news stories could have been prevented with an effective security awareness program or they promote the use of security awareness.
Also visit our News Archives for older stories

Subscribe to the following e-mail lists for even more stories:

SANS NewsBites

Security Wire Digest


24 December 2001 - Top Ten Cyber Hoaxes
A list of the top ten Internet hoaxes includes links to debunking and urban myth sites like Vmyths.com, HoaxBusters, and Urban Legends Reference.
http://www.cnn.com/2001/TECH/internet/12/24/internet.hoaxes.idg/index.html


20 December 2001 - PayPal Spam Scam Doesn't Pay Off

Not many people appear to have been fooled by a phony PayPal e-mail asking customers to update their information - including credit card details - at a phony web site in return for a $5 account credit. http://www.theregister.co.uk/content/6/23479.html

18 December 2001 - Social Engineering Tactics
Crackers use a variety of social engineering tactics to obtain access to computer systems. They can exploit the good will of people working the help desk, peer over shoulders to gather PINs and passwords, sift through trash, impersonate network administrators on line, or even pretend to be trusted support personnel to gain physical access to computers. A future installment will address identification and prevention of social engineering attacks.
http://www.securityfocus.com/infocus/1527

17 December 2001 - Al Qaeda Suspect Says They've Sabotaged Windows XP
A suspected Al Qaeda member, arrested in India in early October, allegedly claimed other members of the terrorist network managed to secure jobs at Microsoft and tried to build backdoors and bugs into the company's new XP operating system. A Microsoft spokesman was skeptical of the statement.
- web stories removed by source -

13 December 2001 - Gokar Worm
Gokar is a mass mailer worm that spreads via email (Outlook and Outlook Express), mIRC and web servers running IIS software. Users must click on an attachment to become infected, and the worm runs each time an infected computer is booted up. The attachment file extension will be .pif, .scr, .exe, .com, or .bat; the subject, body text, and file names vary. http://www.computerworld.com/storyba/0,4125,NAV47_STO66586,00.html

13 December 2001 - Davis Wants GISRA to be Permanent
Representative Tom Davis (R-Va.) is developing legislation that would make the Government Information Security Reform Act (GISRA) permanent and would include mandatory information security standards for government agencies. GISRA will expire in October 2002.
http://www.fcw.com/fcw/articles/2001/1210/web-gisra-12-13-01.asp

6 December 2001 - Football Association Computers Stolen
Thieves stole laptop computers, hard drives and computer disks from England's Football Association's London headquarters. The information contained on the stolen items includes team travel plans, security arrangements and bank information.
http://www.theregister.co.uk/content/55/23197.html

6 December 2001 - CA Governor Halts Sale of Personal Data
California Governor Gray Davis has imposed a 45-day moratorium on the sale of birth and death records to private companies who were publishing the information on the Internet after state legislators became concerned the information could be used to steal people's identities.
http://news.cnet.com/news/0-1005-200-8090554.html?tag=prntfr

5 December 2001 - Goner Worm Virus Hits Hard
The goner worm virus comes by email, offers a screen saver, spreads rapidly, infects large numbers of user files, and tries to delete firewall and antivirus software.
http://www.cnn.com/2001/TECH/internet/12/04/goner.worm/index.html

14 November 2001 - Survey Finds Businesses Focus on Wrong Measures
A KPMG survey of 500 executives from multinational corporations found that the majority believed the solution to security problems is to purchase the right technology. KPMG says they are wrong and that developing a strategy that includes education, training and policy is a more effective response.
- web stories removed by source -

9 November 2001 - Instant Messaging Security Issues
As instant messaging (IM) services increase in popularity we are likely to see a parallel increase in related security issues. Because most security products do not address IM services, companies need to implement clear policies regarding IM use. - web stories removed by source -

9 November 2001 - Police Find Pirated Microsoft Products in Singapore
Police raids in Singapore netted over 4,000 pirated copies of Microsoft software products, the majority of which were Windows XP. People convicted of software piracy in Singapore could be sentenced to as many as seven years in prison. - web stories removed by source -

8 November 2001 - Former HP Employee Allegedly Committed a Plethora of Security Transgressions
A former Hewlett-Packard employee allegedly sabotaged Superdome performance tests by sending reset commands, reformatting disks and cutting cables. Hock-Beng Lim also allegedly copied large quantities of a co-worker's e-mail, connected to machines on which he did not have access privileges, and deleted evidence that connected him to the problems. http://chkpt.zdnet.com/chkpt/printthisclick/www.zdnet.com/filters/printerfriendly/0,6061,5099406-2,00.html

8 November 2001 - Tips for Avoiding Socially Engineered Hacks
Because hackers can use many small, seemingly innocuous pieces of gathered information to initiate an attack, companies are well advised to be on their guard against social engineering - exploiting people's naturally helpful natures into disclosing sensitive information. Among other security precautions, the author of this article advises asking for identity authentication before offering sensitive information and when you see strangers in your work area and using
a shredder that cross-cuts documents into confetti-like pieces. http://www.computerworld.com/cwi/community/story/0,3201,NAV65-663_STO65473,00.html

7 November 2001 - Malicious Code Commandeers Searches
Malicious code embedded in some web sites can cause Internet Explorer to send surfers where they don't want to go. Some of the guilty sites have instructions for undoing the "enhancements." While it is unclear which vulnerability is being exploited, security expert Georgi Guninski recommends that users disable scripting in both IE and the Outlook e-mail program. http://www.wired.com/news/technology/0,1282,48177,00.html

7 November 2001 - Former IRS Worker Sentenced in Computer Sabotage Case
Claude R. Carpenter II, a former IRS subcontractor employee, was fined $109,000 and sentenced to 15 months in prison for intentionally damaging an IRS computer. http://www.gcn.com/vol1_no1/daily-updates/17454-1.html

31 October 2001 - The Human Element of Security
John Dickinson reminds readers that people are an important line of defense in computer security: don't open attachments if you don't know what they are, who they're from or weren't expecting them, be wary of attachments with certain extensions, including .exe, .vbs, and .dll, and adjust program security settings.
- web stories removed by source -

26 October 2001 - Man Sentenced in Software Pirating Case
Paul Stamatis received a two-year prison sentence and must pay Microsoft half a million dollars in restitution for distributing pirated software.
http://news.cnet.com/news/0-1003-200-7672673.html?tag=prntfr

25 October 2001 - Bank Intruders Most Likely Employees
The U.S. Treasury says 60 percent of the computer intrusions reported by banks and other financial institutions in the first four months of 2001 were committed by insiders. The findings were included in the department's semiannual Financial Crimes Enforcement Network report, released Monday. This is the first time computer intrusions are being included in the regular review. The report also concludes that the number of confirmed identity thefts is likely to more than double this year, based on earlier figures. U.S. banks reported 332 cases of identity theft between Jan. 1 and April 30, compared to 637 cases for all of 2000. "That amounts to a 50 percent increase from the same period a year ago," according to the review.

25 October 2001 - Antset Virus
The Antset virus arrives as an attachment that claims to be a Trojan horse scanner; instead, it sends itself out via Outlook and to any e- mail addresses it finds in PHP, HTM, SHTM, CGI and PL files. http://www.zdnet.com/zdnn/stories/news/0,4586,2820285,00.html?chkpt=zdhpnews01

22 October 2001 - Security Manager's Journal: Security Review
The events of September 11th compelled the security manager to conduct a review of security practices at his company. He reviewed access permissions and examined physical security by wandering through various offices looking for poorly hidden passwords and unsecured areas. He also plans to review the company's disaster preparedness and business continuity plans and to test hiring practices with an eye to keeping out those who are trolling for company security information. http://www.computerworld.com/cwi/community/story/0,3201,NAV65-663_STO64933,00.html

19 October 2001 - Red Cross Says Trojan Could Steal Personal Data
The American Red Cross has issued a warning about the Septer.Trojan that appears to be an e-mail donation form. When the bogus form is filled out, the information is sent to a web site that is not affiliated with the Red Cross. The program does not self-replicate; the e-mails with the infected attachments must be sent out manually. http://www.computerworld.com/storyba/0,4125,NAV47_STO64948,00.html

16 October 2001 - Passwords Still Too Easy to Crack
A book written by risk management consultants says that users still choose passwords that are very easy to crack. Some people choose easy to guess passwords like names of family members; others use the same password for a variety of systems. The book points out that while a four-character password that uses only letters can be broken within minutes, a seven-character password that incorporates digits significantly increases the cracking time.
- web stories removed by source -

16 October 2001 - Anthrax Virus Shows Depravity Of Virus Writers
A new virus, with subject line "Antrax Info." offers to show a photo of anthrax side effects.
- web stories removed by source -

15 October 2001 - Review Internal Security, Say Experts
In the wake of the September 11 attacks, cybersecurity experts are encouraging businesses to reexamine their security policies with special attention paid to internal threats and physical security. No scenario is too improbable to consider. This article also includes a list of suggested security measures.
http://www.computerworld.com/storyba/0,4125,NAV47_STO64774,00.html

27 September 2001 - Physical Security Counts
A network administrator's boss denied his request to house a server for a new application in a secure location; several weeks later, the administrator found that someone had reinstalled DOS on the machine and loaded a game. http://www.computerworld.com/cwi/stories/0,1199,NAV47_STO64267,00.html

26 September 2001 - Schneier: Security is Getting Worse
Speaking at the Information Security Solutions Europe (ISSE) conference in London, Bruce Schneier voiced the opinion that security cannot keep pace with the growing complexity of the Internet. Schneier also spoke out in favor of collaboration, pointing out that hackers combine forces while businesses isolate themselves. - web stories removed by source -

21 September 2001 - Employees are Key to Security
Security software and hardware cannot do their jobs effectively without employees who are well-trained in good security practices. http://searchsecurity.techtarget.com/originalContent/0,289142,sid14_gci771517,00.html

28 August 2001 - Home Users Need Firewalls
Home users are beginning to understand that everyone who connects to the Internet should use a firewall as evidenced by the surge in firewall sales that followed the Code Red and SirCam infestations. However, a recent CERT/CC summary indicates that many home users are still not current with software patches and anti-virus software, and are not careful about attachments. http://news.cnet.com/news/0-1006-200-6994590.html?tag=prntfr

22 August 2001 - VA Tightens Security for Managers and Employees
In a move to improve security at the Department of Veterans Affairs (VA), program managers will have to sign contracts certifying that they have installed security measures to protect information in all projects under their leadership. The VA will also publish a new telecommuting policy for employees.
http://www.fcw.com/fcw/articles/2001/0820/web-va-08-22-01.asp

20 August 2001 - Used Computers Still Hold Company Files
In the chaos that ensues when dot-coms go under, some company machines are sold at auction before they've been wiped clean of sensitive data. There are programs available that will clear hard drives. - web stories removed by source -

20 August 2001 - HTML Form Protocol Attack
A German computer programmer has written a paper describing how crackers could manipulate HTML technology to trick browsers into sending commands through firewalls. - web stories removed by source -

23 July 2001 - Financial Institutions Need Stronger Information Safeguards
Some major financial institutions are not using passwords or codes to ensure customer account security; instead, they are relying on the old standbys of such readily available information as Social Security numbers (SSNs) and mothers' maiden names as identifiers. As a result, the banks can easily fall prey to social engineering ploys and release sensitive data to identity thieves.
http://www.washingtonpost.com/wp-dyn/articles/A27475-2001Jul20.html

23 July 2001 - FBI's Missing Laptops
The FBI began tracking its laptops only last year. In the last 11 years, 184 of 13,000 laptops have disappeared; at least 13 were stolen and three contained sensitive or classified data. Legislators are unhappy, and Attorney General John Ashcroft has requested an inventory of Bureau laptops and other items. http://www.fcw.com/fcw/articles/2001/0723/news-fbibx-07-23-01.asp

20 July 2001 - CERT/CC Advisory for Home Users
CERT/CC has issued a security alert urging home users to protect their computers with antivirus software, firewalls, and good practices.
http://www.cert.org/advisories/CA-2001-20.html

20 July 2001 - Privacy and Security Require Change from the Inside Out
At a panel discussion at the University of Chicago Law School the consensus was that privacy and security will become manageable not through "quick fixes," but through change from within the company culture itself. [Note from SAI: this can only occur through security awareness efforts] Ontario's Information and Privacy Commissioner said that "legislation can't work without self-regulation." One CIO said that companies should make security requirements a part of contracts between businesses.
http://www.computerworld.com/storyba/0,4125,NAV47_STO62411,00.html

9 July 2001 - Easing the Security Headache for Users
Because security measures are generally tacked on after computer systems are designed, users often find them cumbersome and develop methods for bypassing permissions, virus filters, digital certificates and the like. Unfortunately, passwords on post-its and disabled filters undermine security.
http://www.computerworld.com/cwi/stories/0,1199,NAV47_STO62041,00.html

6 July 2001 - One Third Of On-Line Workers Monitored Constantly
The Privacy Foundation reported that employers are monitoring email and/or web surfing activities of 30 to 40 per cent of all US workers who have an Internet connection. The story includes a very useful question and answer feature about how much monitoring is legal and what type of communication is private.
- web stories removed by source -

25 June 2001 - Termination Policies for Good Security
Security analysts warn that layoffs could present security problems for companies unless explicit termination policies are established and followed. The security concern @Stake recommends logging perimeter connections so holes can be closed upon an employee's departure, and disabling passwords and accounts - remembering to check for any unofficial accounts that may have been set up.
http://www.computerworld.com/cwi/stories/0,1199,NAV47_STO61663,00.html

18 June 2001 Elements of a Good Security Awareness Program
A good security awareness program will address social engineering, passwords, insider threats, and cyber ethics. - web stories removed by source -

21 June 2001 - Phone Phreaking Bill Dispute
Crackers took advantage of a Georgia realty firm's 800 number to makenearly $90,000 in overseas calls; as no culprits have been caught, the small company disagrees with AT&T about who should foot the bill. Businesses can protect themselves from such attacks by using arcane passwords, changing them habitually, keeping passwords secret, and blocking international phone service if it is never used.
http://www.accessatlanta.com/partners/ajc/epaper/editions/thursday
/business_b3130921445570660025.html

1 June 2001 - Gartner Analysts Point to Complacency as Root of Increased Infections
Gartner analysts say the rise in e-mail worm infestations is due to complacency, and advise IS organizations to continuously educate users about guarding against e-mail-borne infections, to establish and enforce strong security policies, and to strip .vbs files from messages.
http://news.cnet.com/news/0-1003-201-6157094-0.html?tag=prntfr

31 May 2001 - SULFNBK.EXE Worm Hoax
A hoax e-mail may have convinced many people to delete SULFNBK.EXE, a Windows utility, from their hard drives. While the e-mail may have begun with good intentions - there have been reports of e-mails containing copies of the file infected with W32.Magistr.24876@mm - the hoax e-mail uses social engineering to get people to do the work of a malicious worm.
A Symantec site offers information about the hoax e-mail and instructions for restoring the deleted file.
http://www.symantec.com/avcenter/venc/data/sulfnbk.exe.warning.html

31 May 2001 - Former Employees Hack for Revenge
Federal investigators say the incidence of unhappy former employees attacking companies' computer systems is increasing. One man altered customer accounts and deleted databases in his former employer's system; another sent phony e-mails that appeared to come from the management at
the company where he had worked as a contract employee. An FBI computer intrusion squad agent points out that it is important to be aware of who has been fired because computer access is not always cut off when employment is terminated.
http://www.usatoday.com/life/cyber/tech/2001-05-31-revenge-hacking.htm

29 May 2001 - The Costs of CyberCrime
In 1999 businesses spent over $7 billion to protect themselves from cybercrimes; last year, computer attacks cost businesses over $17 billion, up from more than $12 billion in 1999. Experts say that security risks can be decreased with the use of stringent security measures and internal policies, and of course, vigilant monitoring. http://detnews.com/2001/technews/0105/29/b01-229644.htm

29 May 2001 - Researcher Says Education is Key to Halting Viruses
Sarah Gordon, a researcher studying virus writers and hackers, uses her skills not to track down criminals, but to develop cybercrime deterrents. She believes that education is the key to stemming the tide of malicious cyber activity because there is a "fundamental disconnect" between people's on-line and off-line behavior. http://www.wired.com/news/culture/0,1284,43839,00.html

24 May 2001 - Trojans are Stealthy, Damaging and Tenacious
Trojan horse programs can be used by malicious hackers to spy on and stalk people, manipulate data and computers, steal money from bank
accounts, and launch denial of service attacks. Trojans often slip into a computer while hidden in screensavers, games, e-mail messages or web
pages, and they can be hard to detect and remove. The best methods may be reverting to a clean back-up or re-installing clean copies of software.
http://www.wired.com/news/technology/0,1282,43981,00.html

24 May 2001 - Software Piracy Cost Industry $11.8 Billion Last Year
The Business Software Alliance estimates that piracy cost software companies $11.8 billion in lost sales each year. The BSA has made an impact through their vigilant efforts to address the problem. One in 4 software programs is an unauthorized copy, down from 1 in 3 five to seven years ago.
- web stories removed by source -

23 May 2001 - Social Security Numbers and Identity Theft
Social security numbers can be purchased on line and used to steal people's identities and fraudulently obtain credit. Legislation has been introduced which, if passed, would restrict requests for social security numbers as identifiers and would ban their sale and display on public documents. One legislator wants the government to issue all citizens new social security numbers that will be kept secret.
http://www.usatoday.com/life/cyber/tech/2001-05-23-id-theft-solutions.htm

21 May 2001 - Security Practices and Liability
Companies need to show "due diligence" in protecting their IT assets or they may find themselves facing liability suits for security breaches involving their machines, cautioned security experts. Companies would be well advised to employ security technology such as firewalls, intrusion detection systems and VPNs as well as establish consistent policies, procedures, and awareness training.
http://www.computerworld.com/cwi/stories/0,1199,NAV47_STO60729,00.html

14 May 2001 - FBI Security Review
In the wake of the Hanssen spy case, the FBI is conducting a review of its computer security practices, policies, and procedures.
http://www.fcw.com/fcw/articles/2001/0514/web-secure-05-14-01.asp

7 May 2001 - The Changing Role of the Security Professional
As companies come to realize the potential dollar costs of security lapses and the importance of IT security, the role of security professionals is expanding. This article profiles one such director of information security who says that along with solidtechnical skills, strong communication and business skills are important. http://www.computerworld.com/cwi/story/0,1199,NAV47_STO60207,00.html

25 April 2001 - DISA Official Urges User Accountability for Security
Personnel who neglect security protocol should be held accountable, said the Defense Information Systems Agency (DISA) Vice Commander Maj. Gen. Dave Bryan who was speaking at a technology symposium. He noted that of the 245 successful attacks against Defense Department systems last year, 96% could have been prevented if personnel had adhered to protocol. http://www.gcn.com/vol1_no1/daily-updates/4028-1.html

30 March 2001 - Internet Explorer Security Hole
A vulnerability in Microsoft's Internet Explorer 5.01 and 5.5 could lead to automatic execution of attachments arriving with MIME-encoded HTML e-mail. Crackers could exploit the vulnerability to alter files or reformat the hard drive on targeted computers. A patch for the security hole is available, and the problem is addressed by IE 5.0 Service Pack 2. Users can also protect themselves by disabling downloads in IE's "Security Zone." http://www.computerworld.com/cwi/stories/0,1199,NAV47_STO59121,00.html

30 March 2001 - VeriSign Victim of Social Engineering
VeriSign's mistaken issuing of two digital certificates to someone posing as a Microsoft employee underscores the threat of human error in the chain of security. Security procedures can sometimes contain vague elements; for example, it may be unclear who within an organization is responsible for employee identity verification. http://www.computerworld.com/cwi/stories/0,1199,NAV47_STO59099,00.html

13 & 15 March 2001 - New Version of SubSeven More Dangerous
A new version of the SubSeven backdoor program has emerged. The program allows crackers to perform a variety of activities on targeted computers, including retrieving saved passwords, uploading, downloading and altering files, and modifying the registry so the program runs whenever Windows is rebooted. http://www.vnunet.com/News/1119001
http://news.cnet.com/news/0-1003-200-5147606.html?tag=prntfr

12 March 2001 - Securing the Home Office
Working at home presents special security concerns. In order to protect machines from intruders, the InfoWorld Test Center recommends that home office users install personal firewalls and SOHO (small office/home office) routers, and that users identify and change all default passwords. http://www.infoworld.com/articles/tc/xml/01/03/12/010312tcsoho.xml

1 March 2001 - Twelve Keys to Security
While 100% security is not a reality, experts offer twelve security essentials, which include applying appropriately differing levels of security to different assets, spending carefully, approaching security as risk management instead of threat avoidance, and educating employees. http://www.cio.com/archive/030101/keys.html

16 February 2001 - Credit Card Info Stolen from Brazilian Internet Users
A malicious e-mail tricked more than 10,000 ISP customers into revealing their credit card number and expiration dates. The information was sent to ISPs in the US and Brazil; Brazilian police are investigating the incident. http://www.thestandard.com/article/display/0,1151,22287,00.html

1 February 2001 - New Virus Methods
Viruses are becoming more cunning in their methods of infection. The Davinia virus sends out a link to a web site that contains a Word document containing a macro virus. - web stories removed by source -

3 January 2001 - Virus infection rates soar
The number of email viruses soared last year to the point where one in 700 emails was infected. 2001 will prove as dire a year for infection as 2000 unless users learn that opening an attachment they are not expecting means running a high risk of infection.
http://www.theregister.co.uk/content/4/15751.html

5 November 2000 - Laptop Security
Though laptop thieves may be interested in selling a machine, victims of laptop theft lose valuable data. Nothing beats vigilant physical security when it comes to protecting your laptop. http://www.washingtonpost.com/wp-dyn/articles/A9633-2000Nov3.html

7 November 2000 - Mobile phone virus hoax makes the rounds
Sophos, one of the world's leading anti-virus developers, has issued an advisory today about a hoax virus message which is being distributed via email. A number of media organisations have written about the threat, believing it to be true.
http://www.sophos.com/virusinfo/articles/unavailable.html

18 Octobert 2000 - Business spy threat is real, former CIA chief says
Threats to the security of business information are numerous and they come from all directions, including organized crime syndicates, terrorists and government-sponsored espionage.
http://www.infoworld.com/articles/hn/xml/00/10/17/001017hnspy.xml

30 August 2000 - Don't Store Passwords on PCs
Anti-virus vendors caution against storing banking PINs and passwords on your PC in light of the recent password-stealing ILOVEYOU worm variant that hit United Bank of Switzerland customers. http://vnunet.com/News/1109796

29 August 2000 - Grading Government Information Security
The US House Subcommittee on Government Management, Information and Technology last year graded agencies for Y2K compliance. Now it plans to issue report cards on agencies' information security. An information security executive feels the time and money would be better spent providing the agencies with tools and best practices information. http://www.computerworld.com/cwi/story/0,1199,NAV47_STO49211,00.html

24 August 2000 - Pokemon Worm Targets Children
The Pokey virus, which targets children wanting to view a picture of the Pokemon character Pikachu, can wipe out Windows and Windows\system directories on computers running Outlook. Users must open the e-mail attachment to activate the worm, which replicates by sending itself to the entire e-mail address book of the infected machine. - - web stories removed by source -

17 August 2000 - The Next Wave of Viruses: Handhelds
Anti-virus experts are predicting that a new wave of viruses will target handheld devices. Wireless Application Protocol (WAP) devices appear to be immune to viruses, because the action takes place on the server to which the devices connect. - web stories removed by source -

13 August 2000 - UK Safeway Customers Receive E-Mail Hoax
A cracker apparently accessed a UK Safeway database and sent hoax e- mails to many customers, announcing price hikes and advising them to shop elsewhere. A Safeway spokesperson says the company is trying to track down the origin of the security breach. http://news.cnet.com/news/0-1005-200-2511703.html

10 August 2000 - White House Staff Downloaders Disciplined
Some White House staffers were reprimanded or suspended after a review of server logs revealed unauthorized downloads. Computer security measures at the White House include a "no personal use" policy, a click-through screen acknowledging that policy, and firewalls blocking access to certain sites. Sending photos of any sort is strictly forbidden; the firewall deletes all attachments. A White House spokesperson acknowledged that cyber security is an evolving process. http://www.zdnet.com/zdnn/stories/news/0,4586,2614219,00.html

29 June 2000 - Intel Employee Pleads Guilty
Former Intel employee has pleaded guilty to computer fraud; when he was fired from his job three years ago, he logged on to the company's internal system from his home computer and deleted files which slowed the company's chip manufacturing process for several hours. http://news.cnet.com/news/0-1003-200-2174535.html

28 June 2000 - Companies Monitor Employees' Electronic Habits at Work
Some companies are monitoring employees' e-mail and web surfing habits at work in order to protect themselves in the event of lawsuits. Workplace electronic communications policies should be made clear to employees and should be consistently enforced if they are to be effective. - web stories removed by source -

24 June 2000 - Sophos Warns of Cell Phone Virus Hoax
Sophos, the anti-virus software company, says a bogus mobile phone virus warning has been making the rounds. Hoaxes can cause trouble when people forward warnings to everyone they know, thereby tying up e-mail servers. http://www.computeruser.com/news/00/06/24/news5.html

23 June 2000 - Viruses Make Use of the Expected and the Unexpected
Recent viruses have used the ruses of appearing to come from a trusted source and changing subject lines. And while blocking some files may work to keep viruses out, it can also prevent legitimate e-mail from reaching its destination. - web stories removed by source -

29 April 2000 - Racy emails get 26 employees suspended
26 employees at the Southwest Florida Water Management District have been suspended, some without pay, for sending personal emails and distributing email containing jokes. Due to the number of staff involved, suspensions will have to be staggered so they do not go short-handed.

22 April 2000 - State Department Loses Computer to Theft
The U.S. State Department is missing a PC that holds highly classified information regarding U.S. intelligence gathering. Lax physical security practices were cited. http://www.washingtonpost.com/wp-dyn/articles/A59527-2000Apr21.html

7 April 2000 - Surveillance Features Copyright Protected
The Digital Millennium Copyright Act (DMCA) may prohibit users from disabling software surveillance properties. http://www.wired.com/news/print/0,1294,35498,00.html

30 March 2000 - Former Intel Employee Indicted
A federal grand jury in San Jose, CA has indicted a man who used to work for Intel, charging him with stealing proprietary information about the company's Itanium microprocessor, which has been in development for the past six years. He is being charged under the Economic Espionage Act of 1996, which makes stealing trade secrets a federal crime. - web stories removed by source -

8 March 2000 - Surfing at Work Cost Companies $5.3 Billion in 1999
Computer Economics estimates that companies lost $5.3 billion to recreational Web surfing in 1999. Online shopping, stock trading, car buying, looking for a new house, and even visiting porn sites have become daily practices for about 25 percent of the workers in U.S.

8 March 2000 - The Cost of Viruses
A report from Computer Economics says that virus attacks cost organizations around the world $12.1 billion in 1999. The report concludes that, over the last three years, a major programming shift has occurred with viruses becoming far more malicious, being specifically designed for destruction and damage.

5 March 2000 - Intel Notebook Security
Intel plans to use a variety of authentication methods, including biometrics, as security measures to render stolen notebook PCs "as useful as bricks."
- web stories removed by source -

3 March 2000 - University Pays to Settle Piracy Claims
Temple University has paid $100,000 in a piracy claims settlement, according to the Business Software Alliance.
- web stories removed by source -

2 March 2000 - Mitnick Offers Advice to Legislators
Kevin Mitnick, recently released from prison, testified before the Senate Government Affairs Committee, offering advice of keeping computer systems safe from crackers. Mitnick spoke of his success with "social engineering" methods: convincing people at various companies he was someone to be trusted, and duping them into revealing passwords. http://www.zdnet.com/zdnn/stories/news/0,4586,2454737,00.html

4 Feb 2000 - The Human Element in Information Security
Both ex-CIA director John Deutch and Energy Department scientist Wen Ho Lee placed classified information on unsecured computers. Government officials say this is a human problem, not a technological problem. http://www.wired.com/news/print/0,1294,34105,00.html
http://www.fcw.com/fcw/articles/2000/0131/web-security-02-04-00.asp

3 Feb 2000 - Security of Home PCs
The recent revelation that the former CIA director's home computer contained highly classified material and was used to access the internet, raises the question of the security of home computers.
http://cnn.com/2000/TECH/computing/02/04/pc.security/index.html

 
Return to top
 
© 1999-2016 Security Awareness, Inc. All Rights Reserved  :  Privacy Statement
Contact Us     Site Map