July 2, 2002 Police swoop on Net paedophile ring Fifty premises across Europe were raided early this morning in an operation coordinated by Britain's National High Tech Crime Unit. Six of the arrests were in the UK. European police have swooped on a suspected Internet child pornography gang in dawn raids in Britain and six other countries, seizing suspects, computers, videos and CDs, the European Union's police agency Europol said. http://news.zdnet.co.uk/story/0,,t269-s2118351,00.html http://www.msnbc.com/news/775326.asp http://www.vnunet.com/News/1133162 http://www.theregister.co.uk/content/6/25991.html - - - - - - - - Pirated dish television sales alleged The Sacramento Valley Hi-Tech Task Force arrested a Modesto man Friday on charges that he sold pirated satellite TV systems. Manuel Angel Salcedo, 29, who lives in the 500 block of Roselawn Avenue, was booked at Stanislaus County Jail on 88 felony counts of unauthorized access to a satellite signal, and 24 felony counts of reprogramming or modifying satellite signal cards. Bail was set at $15,000. http://www.modbee.com/local/story/3389040p-4418474c.html - - - - - - - - Police network walls off attacks In the past three months, the Santa Barbara, Calif., Police Department saw a dramatic increase in the number of Internet attacks, said David Straede, systems analyst for the department. "We believe most of these are random attacks and not terrorist-related," Straede said. "Hackers search for vulnerable systems throughout the world. When they find a system that's easily compromised, they use that one to open up other systems. We're seeing about one attack a day." http://www.gcn.com/21_16/statelocal/19024-1.html - - - - - - - - Court Sees Appeal in Sex.com Case One year after winning a $65 million judgment from the man accused of stealing the domain name sex.com, Gary Kremen is awaiting a new hearing that threatens to reverse the still elusive windfall. The U.S. Court of Appeals for the Ninth Circuit (the same body that came under fire last week for a ruling prohibiting the Pledge of Allegiance) is planning in August to hold oral hearings in one of the best-known cases of domain thievery. http://www.wired.com/news/business/0,1367,53588,00.html - - - - - - - - Alliance Proposes Cybersecurity Agency A cybersecurity agency should be created in the proposed Department of Homeland Security, the Business Software Alliance said. The cybersecurity agency would ensure that significant attention and resources are focused on protecting the nation's public and private information infrastructures, the alliance said in a June 28 letter to Rep. Tom Davis, R-Va., chairman of the House Government Reform subcommittee on technology and procurement policy. http://www.washingtonpost.com/wp-dyn/articles/A9558-2002Jul1.html - - - - - - - - Cybersecurity's Leaky Dikes While interest is rising in protecting computer networks, too often the tools aren't powerful enough to keep hackers out. As head of the National Infrastructure Protection Center's office in Pittsburgh, FBI supervisory agent Dan Larkin mans a sentinel post on the front lines of the war against cybercrime. Rather than M-16s, his soldiers tote powerful computers, which they use to unmask hackers who break into networks and steal valuable information. They also try to intercept so-called script kiddies, who launch damaging denial-of-service attacks that flood Web servers with bogus queries and freeze company online operations. http://www.businessweek.com/technology/content/jul2002/tc2002072_9216.htm - - - - - - - - Modems in danger of hackers gaining entry Owners of Jetstream modems are being urged to conduct basic checks to ensure they are not vulnerable to hackers, who can use them as relays for spam emails or to conceal where data is going. "Strictly speaking they are not modems but routers connected to the internet as long as they are plugged in and powered up," said Unitec networking student Alan Birch. http://www.nzherald.co.nz/storydisplay.cfm?storyID=2049684 - - - - - - - - New IE spy progie exploits DCOM A group of Japanese security enthusiasts has developed a little tool called IE'en which exposes traffic between an IE user and any server he's contacting, including logins and passwords over HTTPS. The group, SecurityFriday, has made the tool available for download here. To use the tool it's necessary to log in as a current user on a Win-NT or 2K system. Of course if someone can log into your account they already have a great deal of your life in their hands and this is only going to give them a little bit more. http://online.securityfocus.com/news/508 http://www.theregister.co.uk/content/4/25977.html - - - - - - - - DNS flaw puts users in Bind Resolver Library vulnerability is threat to Unix. The discovery of a vulnerability in the DNS (Domain Name System) Resolver Library last week has been labelled a "serious threat" to a variety of Unix-flavoured systems. An advisory issued by the Computer Emergency Response Team (Cert) warns of a buffer overflow vulnerability recently discovered in multiple implementations of Unix-based DNS Resolver Libraries. A remote attacker could send malicious DNS responses that could potentially exploit this vulnerability to execute arbitrary code or cause a denial-of- service attack. http://www.vnunet.com/News/1133177 http://www.theregister.co.uk/content/55/26002.html - - - - - - - - Court freezes lawscot.co.uk, owner claims unfair trial The Law Society of Scotland is attempting to reverse hijack the domain www.lawscot.co.uk, claiming that its current owner, Mr Tommy Butler, is "passing off" and wrongly receiving private and confidential emails. Mr Butler and the UK domain arbitrator Nominet have both been served with a 10-page court order, suspending the domain until the court has reached a decision. http://www.theregister.co.uk/content/6/25996.html - - - - - - - - Microsoft spent $100M on .Net security Microsoft's much-publicized security push has cost real money--$100 million of person-hours went into the two-month hiatus in development of .Net server, according to David Thompson, vice president of Microsoft's Windows server products group. Close to 5000 people in the development team spent all of February and March learning security, Thompson told the Microsoft Tech Ed conference in Barcelona. This alone cost Microsoft $100 million, as well as putting back product schedules. http://zdnet.com.com/2100-1104-941159.html - - - - - - - - Internet Bodyguards: Don't Go Online Without One Perhaps the biggest advance in personal firewalls is the addition of intrusion detection, which brings to personal computers the ability to log and identify attacks. Faced with ever more complex and devious threats on the Internet, consumers are benefiting from improvements in firewalls that are bringing corporate-style security and scanning to home PCs. Experts say that just as in the corporate setting, firewalls for home- or home office-based PCs are a basic and necessary component in securing systems and data from intruders. http://www.newsfactor.com/perl/story/18459.html - - - - - - - - Self-serving security alerts and ineffective patches Last week, Internet Security Systems announced that it had found a security hole in the open source Web server Apache. That wasn't a huge surprise. Claims of such problems appear from time to time, and usually the announcement parallels a cooperative effort with the product's creators to fix the vulnerability. Not this time. http://zdnet.com.com/2100-1107-941146.html - - - - - - - - Why we can't trust Microsoft's 'trustworthy' OS Stung by criticism of its current offerings, Microsoft seems to be pinning its hopes for a truly "trustworthy" operating system on a future version of Windows, code-named Palladium. Don't expect to see that OS anytime soon. Palladium is a long-term project that requires not only a new operating system, but new computers as well. How long Microsoft won't say. I'm thinking 2006 or later. http://zdnet.com.com/2100-1107-941111.html EU warns Microsoft over 'interoperability' of security product http://www.nandotimes.com/technology/story/454054p-3634658c.html - - - - - - - - Internet privacy campaigner to become MS privacy officer Caspar Bowden, who resigned as director of the Foundation for Internet Policy Research to 'return to industry' earlier this year, is due to pop up at Microsoft this week, our sources inform us. Bowden was involved in establishing the FIPR as a campaigning think tank on Internet and privacy issues, and was heavily involved in the fight against the Regulation of Investigatory Powers Act, so his new role as privacy and security manager for EMEA at Microsoft promises to be interesting. http://www.theregister.co.uk/content/6/25997.html - - - - - - - - INS launches Web site to track international students The Immigration and Naturalization Service has launched the Internet Web site that the nation's universities will soon use to register foreign students - the first step in the government's plan to track the movements of all those with temporary visas, according to INS officials. Schools that have received INS permission to accept foreign students for three years can begin using the Web site system immediately, the agency announced Tuesday. http://www.nandotimes.com/technology/story/454363p-3636328c.html *********************************************************** Search the NewsBits.net Archive at: http://www.newsbits.net/search.html *********************************************************** The source material may be copyrighted and all rights are retained by the original author/publisher. The information is provided to you for non-profit research and educational purposes. Reproduction of this text is encouraged; however copies may not be sold, and NewsBits (www.newsbits.net) should be cited as the source of the information. Copyright 2000-2002, NewsBits.net, Campbell, CA.