June 28, 2002 Four Bay Area cities reported suspicious traffic on Web sites Four Bay Area cities received enough hits on their Web sites from Middle East countries last fall that some were shut down and cleansed of potentially sensitive information, the Mercury News has learned. The discoveries took on new urgency in January when computers linked to Al-Qaida hide- outs in Kabul, Afghanistan, were discovered to have been used to visit Web sites with information on digital switches controlling key elements of U.S. infrastructure, such as electrical grids, water systems and communication networks. http://www.siliconvalley.com/mld/siliconvalley/3560320.htm Tip from Mtn. View sparked online terror probe http://www.siliconvalley.com/mld/siliconvalley/3554398.htm Related Documents and Resources On The Web http://www.washingtonpost.com/wp-dyn/articles/A50712-2002Jun26.html - - - - - - - - Soon al-Qaeda will kill you on the Internet The Business Software Alliance (BSA), known for kicking doors with dogs and brownshirts to sniff out expired licenses and for extorting vast sums of cash from non-compliant victims even more frightened of a visit from that federal Copyright -911 force also known as the FBI, has taken it upon itself to cobble up a survey which, in the addled minds of the mainstream press, indicates that al-Qaeda has obtained the weapons of mass, digital destruction, and is poised to use them. Western Europe and North America will be razed by a holy onslaught of SYN floods and VB worms and buffer overflows. All Christendom will be laid waste. http://www.theregister.co.uk/content/6/25938.html - - - - - - - - FBI nets broadband hackers Police swoop on $200,000 bandwidth thieves. FBI agents and US police have raided several homes in Toledo and seized computer equipment believed to belong to part of a hacker ring. Houses in Sylvania Township, Perrysburg and Oregon were searched following a four-month investigation into the alleged $200,000 theft of broadband access from the Buckeye Cablesystem network. Police maintain that the hackers altered the cable firm's equipment, giving them enhanced access to its Buckeye Express broadband service. http://www.vnunet.com/News/1133080 - - - - - - - - GamesSpy and KaZaA infected by viruses Nimda has found its way onto online gaming site GameSpy.com. In an email to users, GameSpy admitted that its GameSpy Arcade Installer had become infected with the Nimda-E virus. It has now replaced the infected file with a virus-free version of the installer. Nimda found it way on GameSpy.com servers to infect the installer program, which was downloaded an estimated 3,100 times on Tuesday and Wednesday this week, Cnet reports. http://online.securityfocus.com/news/506 http://news.zdnet.co.uk/story/0,,t269-s2118120,00.html http://www.vnunet.com/News/1133084 - - - - - - - - Hacking fears delay tax email service Taxpayers left with snail mail option only. The Inland Revenue has stalled plans to introduce an email service for taxpayers because of security fears. The department had planned a national email service, and has already installed more than PS200m worth of computers. But, according to an inter- office memo, the taxman fears that hackers could intercept emails or infiltrate the network and masquerade as Nick Montagu, the department's chairman, for the purposes of reading and sending emails. http://www.vnunet.com/News/1133056 - - - - - - - - Music industry swamps swap networks with phony files Major record labels have launched an aggressive new guerrilla assault on the underground music networks, flooding online swapping services with bogus copies of popular songs. The online music sites know they're under attack. Darrell Smith, chief technical officer of StreamCast Networks, parent of the popular file-swapping service Morpheus, said he first noticed the practice about a year ago, but chalked it up to ``rogue teenage hackers just being obnoxious. http://www.siliconvalley.com/mld/siliconvalley/3560365.htm - - - - - - - - eBay still a victim of fraud Joseph D'Amelio thought he'd found a great deal on eBay: a 2000 Porsche 911 for $50,000. After talking to the seller and getting a copy the car's title sent to him in advance, he wired the money to an escrow company--and fell victim to an elaborate scam. But the seller had actually hijacked a legitimate eBay member's account and set up a fake escrow service. Out the money and angry at eBay, the Atlanta resident is vowing to never shop there again: "This wasn't $50. This was $50,000. But there was no help," said D'Amelio, who said he got form letters back from eBay when he alerted them to the fraud. "They're useless in a bad situation. I tell everybody to stay away from eBay." http://zdnet.com.com/2100-1106-940445.html http://news.com.com/2100-1001-940585.html - - - - - - - - Spain's new e-commerce law worries privacy advocates Campaign against the Law on Services for the Information Society. Opponents of Spain's new e-commerce law - which requires Internet service providers to keep tabs on users - vowed Friday to challenge it in court as a violation of constitutional rights. But the head of a national Internet users association applauded the protections it offers for online consumers. The Law on Services for the Information Society is one of the first to comply with a European Union directive on regulating the Internet in the 15 member countries. http://www.nandotimes.com/technology/story/450481p-3603787c.html - - - - - - - - China targets unlicensed cyber-cafes China has threatened the operators of unlicensed Internet bars with criminal prosecution as part of a safety crackdown launched after a fire at an Internet cafe in Beijing killed 25 customers, state media reported Saturday. From July 1 to August 31, unlicensed cyber cafes will be shut down and the owners prosecuted, Xinhua News Agency quoting Ministry of Culture official Liu Yuzhu as saying. No new Internet bars will be allowed to open during that period, the report added. http://www.nandotimes.com/technology/story/451372p-3611890c.html - - - - - - - - Watch out for new Apache worm Security experts are rushing to decode a worm program that exploits a 2-week-old flaw to infect computers running vulnerable versions of the popular open-source Apache Web server application. The worm is thought to be capable of spreading only to Web servers running the FreeBSD operating system, an open-source variant of Unix, that haven't had a patch applied for the recent flaw. Although few people have reported the worm, it is thought to be infecting vulnerable Web servers worldwide. http://zdnet.com.com/2100-1105-940601.html http://news.com.com/2100-1001-940585.html - - - - - - - - Web services security standards off the starting blocks Oasis addresses Soap proposal. A long-awaited web services security specification is to be submitted to the Organisation for the Advancement of Structured Information Standards (Oasis) technology authority. The WS-Security proposal defines a set of simple object access protocol (Soap) message header extensions that implement integrity and confidentiality. http://www.vnunet.com/News/1133110 - - - - - - - - Ballmer to China: 'Steal all the software you want, so long as it's ours' Microsoft CEO Steve Ballmer has signed a memorandum of understanding with China's State Development Planning Commission (SDPC) worth $750 million over three years, involving both software and services, Reuters reports. "We want the Chinese industry to grow. The success of Microsoft in every market, including China's, is highly dependent upon the growth of local industry. What's good for the local industry in every country is good for Microsoft," the wire service quotes him as saying. http://www.theregister.co.uk/content/4/25932.html - - - - - - - - Tech giants developing Web transaction security Sun Microsystems said Thursday it will join rivals Microsoft and IBM in developing a technical standard to make sure Web services transactions are secure. Sun made the decision to join them on the WS-Security Web Services specification after getting assurances from them that they would not charge other companies to license any technology associated with the specification, said Bill Smith, director of Liberty Alliance technology for Sun. http://www.usatoday.com/life/cyber/tech/2002/06/28/web-security.htm - - - - - - - - MS Media Player gives up your box If there's one thing that occasionally tempts me to miss Windows, it's the mediocre multimedia support in Linux. But then again, my media player doesn't allow remote attackers to own my box. It's a trade-off, I'll allow. Yesterday MS 'fessed up to three new holes in WMP, the most serious of which allows remote evildoers to run arbitrary code on your priceless Windoze machine. However, and we'll quote Redmond directly, the remaining two are hardly benign. We have: "A privilege- elevation vulnerability that could enable an attacker who can physically logon locally to a Windows 2000 machine and run a program to obtain the same rights as the operating system." http://online.securityfocus.com/news/505 http://www.vnunet.com/News/1133109 - - - - - - - - Copy protection takes stealth approach Consumers may think they are successfully burning a CD protected by Smarte Solutions, but may discover otherwise when they try to play it. Software makers have tried all sorts of heavy- handed measures to prevent illegal copying of their programs, but an Austin, Texas-based start- up thinks stealth is better. Privately held Smarte Solutions is working with software publishers to incorporate its SmarteCD technology into their wares. Unlike existing copy-protection schemes, which prevent CD burners from copying a disk, SmarteCD allows the user to burn a copy of the disc, explained company president Bala Vishwanath. http://news.zdnet.co.uk/story/0,,t269-s2118144,00.html - - - - - - - - Agriculture begins to issue digital certificates Although a full-scale public-key infrastructure is not yet in place, the Agriculture Department has begun issuing its first 300 digital certificates for conducting online transactions with the department. Agriculture chose a non-PKI solution, said Chris Niedermayer, an e-government executive and assistant to the deputy administrator for farm programs. The product is SiteMinder, a secure sign-on application from Netegrity Inc. of Waltham, Mass. http://www.gcn.com/vol1_no1/daily-updates/19177-1.html - - - - - - - - Should bosses read our email? EU asks citizens 'What's he on about?' we wondered when EDS Chief Security and Privacy exec Paul Clark lashed out over European privacy legislation in a release on Wednesday. "EDS welcomes the recognition that privacy is a business as well as a legislative issue," he'd apparently told a meeting of privacy officers in Stuttgart last week: "However, political bodies should not use the business community as its 'foot soldiers' to impose their views on privacy standards on the rest of the world. Any involvement in commercial contracts potentially could increase the bureaucracy and complexity of compliance." http://www.theregister.co.uk/content/6/25944.html - - - - - - - - In-Q-Tel, Investing In Intrigue CIA Unit Scours Country For Useful Technologies Like "Q," the gadget-maker who keeps James Bond perpetually ensconced in the latest high-tech gear, Gilman Louie is looking for technologies and ideas to give American spies an edge. Louie is the founding chief executive of In-Q-Tel, the venture capital unit of the CIA that -- no kidding -- named itself after the movie character. The group, created in 1999, has made about a dozen investments in technologies that could potentially be used in information gathering and analysis of America's enemies. http://www.washingtonpost.com/wp-dyn/articles/A5577-2002Jun30.html *********************************************************** Search the NewsBits.net Archive at: http://www.newsbits.net/search.html *********************************************************** The source material may be copyrighted and all rights are retained by the original author/publisher. The information is provided to you for non-profit research and educational purposes. Reproduction of this text is encouraged; however copies may not be sold, and NewsBits (www.newsbits.net) should be cited as the source of the information. Copyright 2000-2002, NewsBits.net, Campbell, CA.