SANS NewsBites is a semiweekly high-level executive summary of the most important news articles that have been published on computer security during the last week. Each news item is very briefly summarized and includes a reference on the web for detailed information, if possible.
Spend five minutes per week to keep up with the high-level perspective of all the latest security news. New issues are delivered free every Tuesday and Friday.
Volume IV - Issue #53
December 30, 2002
TOP OF THE NEWS
24 December 2002 Stolen DoD Contractor Computer Equipment Contains Personal Data21 & 23 December 2002 Internet Monitoring Center Won't Spy on Citizens
THE REST OF THE WEEK'S NEWS
27 December 2002 ID Thief Turns Extortionist26 December 2002 Kroger Co. is Testing Fingerprint Payment System
26 December 2002 CMU Researchers Developing Software to Weed Out Bot e-Mail Accts
26 December 2002 South Carolina Computer Crime Center Established
24 December 2002 TSA Documents' Protection Easily Circumvented
23 December 2002 Microsoft Auto Update Proves Frustrating
23 December 2002 Securing e-Mail in Outlook
TRAINING QUOTE OF THE WEEK
******** This Issue Sponsored by VeriSign - The Value of Trust ********
FREE E-COMMERCE SECURITY GUIDE
Is your e-business built on a strong, secure foundation? Find out
with VeriSign's FREE White Paper, "Building an E-Commerce Trust
Infrastructure." Learn how to authenticate your site to customers,
secure your web servers with 128-Bit SSL encryption, and accept secure
payments online.
Click here: http://www.verisign.com/cgi-bin/go.cgi?a=n20390113340057000
***********************************************************************
TOP OF THE NEWS
nb" [readonly] 222L, 9032C update system.
-http://www.nyq.eweek.com/article2/0,6071,801273,00.asp
[Editor's Note (Shpantzer): Updates for the Office suite are sometimes impossible without the physical CD's, which many users have not retained or never owned (pirated software or legitimate software on second-hand hardware). This leaves millions of systems out of the update process and puts the rest of us downrange from their unpatched applications. (Schultz): I've never been very enthusiastic about Microsoft Auto Update. Too often users who rely on this feature find out later that patches they thought had been automatically installed were not installed at all. If you look at Microsoft's web site, you'll see many postings about types of update failures that occur and a variety of solutions, all of which are bound to confuse the average user. (Murray): Even rocket science can be mastered. If AOL can do it routinely without even evoking comment, then Microsoft can learn. ]
23 December 2002 Securing e-Mail in Outlook
The second of two articles about securing Microsoft Outlook focuses on securing e-mail, including blocking unsafe files, changing system settings and turning on file extensions.-http://online.securityfocus.com/infocus/1652
===end===
NewsBites Editorial Board:
Kathy Bradford, Roland Grefer, Bill Murray, Stephen Northcutt, Alan
Paller, Marcus Ranum, Eugene Schultz and Gal Shpantzer
Please feel free to share this with interested parties via email,
but no posting is allowed on web sites. For a free subscription,
(and for free posters) e-mail sans@sans.org with the subject:
Subscribe NewsBites