NewsBits for June 26, 2003 sponsored by, Southeast Cybercrime Institute - www.cybercrime.kennesaw.edu ************************************************************ N.J. man pleads guilty to posting `Hulk' bootleg A New Jersey man pleaded guilty Wednesday to making a bootleg copy of the action film ``The Hulk'' and posting it on the Internet before the movie was released in theaters. Kerry Gonzalez, 24, of Hamilton, N.J., faces six months to a year in prison when he is sentenced Sept. 26. He pleaded guilty to a single count of copyright infringement. Officials at Universal Studios, which produced the film, alerted the FBI in early June when the pirated copy of the movie began circulating online. http://www.siliconvalley.com/mld/siliconvalley/news/editorial/6174630.htm http://zdnet.com.com/2100-1105_2-1021005.html http://www.cnn.com/2003/SHOWBIZ/Movies/06/26/film.hulk.copyright.reut/index.html http://www.usatoday.com/tech/news/2003-06-26-hulk-bootleg_x.htm - - - - - - - - - - Alleged peeping Tom hid cam in shoe Fusing age-old lust with the kind of technology that made Silicon Valley famous, a Californian allegedly rigged up a tiny camera on his shoe to look up women's dresses -- until he was nabbed by police. "It's kind of like a modern version of the guy with a mirror on his shoe," Palo Alto detective Jim Coffman said on Wednesday. "It was a pinhole camera -- it is something that we use for surveillance purposes." http://www.cnn.com/2003/TECH/ptech/06/26/offbeat.peeping.tom.reut/index.html http://www.theregister.co.uk/content/28/31443.html - - - - - - - - - - Sobig Worm Crawls Again in New Version Annoying Sobig.E travels by e-mail attachment, antivirus vendors warn. The latest version of the Sobig worm is making its way through computer networks around the world, apparently causing no direct damage but hogging bandwidth and IT resources in its path. The new worm, called W32.Sobig.E@MM, has been showing up around the globe since yesterday, according to Graham Cluley, senior technical consultant for antivirus software vendor Sophos in Oxford, England. So far, it's only annoying, but it could be a precursor to more serious and damaging attacks, he says. http://www.pcworld.com/news/article/0,aid,111343,00.asp http://www.computerworld.com/securitytopics/security/virus/story/0,10801,82512,00.html http://www.vnunet.com/News/1141876 http://zdnet.com.com/2100-1105_2-1021475.html http://news.com.com/2100-1002_3-1021475.html http://www.msnbc.com/news/931205.asp Re: Sobig.e--description and prevention http://zdnet.com.com/2100-1105_2-1021238.html http://news.zdnet.co.uk/story/0,,t269-s2136630,00.html Security firm links virus with spammers http://www.electricnews.net/news.html?code=9365127 http://news.zdnet.co.uk/story/0,,t269-s2136611,00.html - - - - - - - - - - Microsoft has the wrong man, says accused spammer A British man accused by Microsoft Corp. of sending offensive spam e-mails to its customers said Wednesday it is a case of mistaken identity. Simon Grainger, of Merseyside, northern England, said he is one of those named in 15 lawsuits Microsoft filed last week accusing defendants of collectively flooding its systems and customers with more than 2 billion deceptive unsolicited e-mail messages. http://www.siliconvalley.com/mld/siliconvalley/news/editorial/6174656.htm http://www.usatoday.com/tech/news/2003-06-26-bad-spam-collar_x.htm - - - - - - - - - - Michigan Senate joins antispam crusade Modeling itself on a federal bill that would create a national spam opt-out list, the Michigan state Senate passed what a member described as the nation's toughest antispam bill. Michigan S.B. 357, as amended by the state senate before its unanimous passage Tuesday, would establish a statewide registry for people who do not wish to receive unsolicited commercial e-mail. Businesses that spam members on that list would face steep fines. http://zdnet.com.com/2100-1105_2-1021169.html - - - - - - - - - - Recording Industry To Begin Collecting Evidence Starting tomorrow, the Recording Industry Association of America (RIAA) will begin gathering evidence and preparing lawsuits against individual computer users who are illegally offering to "share" substantial amounts of copyrighted music over peer-to-peer networks. In making the announcement, the music industry cited its multi-year effort to educate the public about the illegality of unauthorized downloading, and underscored the fact that major music companies have made vast catalogues of music available to dozens of services to help create legitimate, high quality and inexpensive alternatives to online piracy. http://www.riaa.com/news/newsletter/062503.asp http://www.wired.com/news/digiwood/0,1412,59392,00.html Taking action against pirates (series of stories) http://news.com.com/2009-1025_3-1021283.html Music labels plan Web dragnet http://www.siliconvalley.com/mld/siliconvalley/6173973.htm http://www.latimes.com/technology/la-fi-riaa26jun26000420,1,3516937.story Industry ad snipes at music swappers http://www.cnn.com/2003/TECH/internet/06/26/ad.music.reut/index.html - - - - - - - - - - Police probe domain renewal firm Companies and consumers with .biz domain names have been warned to check carefully any unsolicited emails they receive asking them to renew the address. The emails, sent by a company called Dot Biz Domain Renewal, warn businesses that their .biz domains are due for renewal, and give details of how to pay by credit card on its website at www.domain-renewal.biz. http://www.vnunet.com/News/1141851 - - - - - - - - - - Site Snafu: Pageant of the Masters Tangled in Web of Porn Laguna Beach's annual arts show falls prey to a cyber- hijacking ploy after losing its Internet address through a registration error. Fans of Orange County's venerable Pageant of the Masters and Festival of Arts looking for information or tickets on the Internet may instead be ushered into a series of sites touting "hot lingerie photos," "100% Free Porn" and other adult unmentionables. http://www.latimes.com/technology/la-me-pageant26jun26,1,3346958.story - - - - - - - - - - ITAA wants industry coalition to fight online scams The Information Technology Association of America (ITAA) announced today that it is exploring the possibility of creating an industry coalition to combat the problem of Internet fraud. The idea for the coalition was brought about, in part, by last week's online scam targeting Best Buy customers, according to the Arlington, Va.- based organization. That scam involved an unauthorized and deceptive e-mail that asked Best Buy customers for personal information, including their Social Security and credit card numbers. The Minneapolis-based retailer said the e-mail, which had the words "Fraud Alert" in the subject line, claimed to be from the BestBuy.com fraud department but was not. http://computerworld.com/securitytopics/security/cybercrime/story/0,10801,82536,00.html - - - - - - - - - - Critics pan Microsoft's antispam recipe Microsoft recently launched a high-profile campaign against spammers, but some critics say the company should be more introspective if it is serious about reducing the scourge of unwanted e-mail. Microsoft and some of its competitors that provide Internet service and Web-based e-mail are outdoing one another with highly publicized antispam campaigns. These have ranged from lawsuits to technology and policy initiatives. http://zdnet.com.com/2100-1105_2-1021166.html http://news.zdnet.co.uk/story/0,,t269-s2136652,00.html http://news.com.com/2100-1032_3-1021166.html - - - - - - - - - - Gates pushes for coordinated computer security measures Technology that keeps hackers out and lets government investigators share sensitive terrorism can also protect the privacy of citizens, Microsoft Corp. Chairman Bill Gates said Wednesday. Gates said technology can ``prevent the nightmare vision of George Orwell.'' He spoke at a technology conference in Washington on the 100th anniversary of the birth of the author who imagined a repressive society dominated by Big Brother. http://www.siliconvalley.com/mld/siliconvalley/news/editorial/6174722.htm http://zdnet.com.com/2100-1105_2-1021158.html http://www.usatoday.com/tech/news/internetprivacy/2003-06-26-gates-no-orwell_x.htm http://computerworld.com/securitytopics/security/story/0,10801,82532,00.html Staying on Top of Windows Security http://thewhir.com/features/windows-security.cfm - - - - - - - - - - Microsoft patches two media flaws Microsoft released fixes on Wednesday for security risks that could make Windows 2000 Server and Windows Media Player 9 vulnerable to attack. A flaw in Windows Media Services for Windows 2000 Server could allow an attacker to release a malicious program onto a server running the software. Another flaw threatens to reveal the music library data on any PC running Windows Media Player 9. http://zdnet.com.com/2100-1105_2-1021120.html http://zdnet.com.com/2100-1104_2-1021295.html http://news.zdnet.co.uk/story/0,,t269-s2136610,00.html Explorer flaw creates 'critical' worm-hole http://news.zdnet.co.uk/story/0,,t269-s2136619,00.html - - - - - - - - - - The new threats to firewalls Over the past several years, enterprise firewalls have become staples of network security architectures. Designed primarily to provide access control to network resources, firewalls have been successfully deployed in the large majority of networks. A major reason for firewall success is that when used to enforce a properly defined security policy, firewalls defeat more than 90% of network attacks. However, while most firewalls provide effective access control, many aren't designed to detect and thwart application-level attacks. Evolving threat environment http://computerworld.com/securitytopics/security/firewall/story/0,10801,82527,00.html - - - - - - - - - - Report: Many Companies Lack Wi-Fi Security In a rush to improve productivity, many enterprises have overlooked the need to secure the flow of data over their wireless local area networks (define), according to new research from Jupitermedia's research arm. The study, released here today at 802.11 Planet Conference & Expo, finds that only 28 percent of enterprises are using point-to-point virtual private networks (define). Meanwhile, the next Wi-Fi standard, which includes security measures, is yet unratified. http://boston.internet.com/news/article.php/2228131 - - - - - - - - - - How to secure your company There's no one thing a company can do to be secure. First, every company is unique; what works well for one might not work for another. Second, there's no such thing as 100% security; companies can do things to reduce and manage risk, but they can never eliminate it. Third, companies are constantly changing; just because a company is secure today doesn't mean it will be secure tomorrow. http://computerworld.com/securitytopics/security/story/0,10801,82515,00.html - - - - - - - - - - Chinese Work Around Net Blocking State censorship of the Net and the draconian prison sentences handed down to alleged cyber dissidents might capture the imagination outside China, but the vast majority of surfers inside the country worry about more mundane matters. Like whether they can access Google. Sure, it doesn't escape the notice of Chinese newshounds that their attempts to enter CNN and BBC sites more often than not result in a direct collision with the notorious Great Firewall of China. http://www.wired.com/news/politics/0,1283,59172,00.html - - - - - - - - - - Legendary con artist warns: Hackers play mind games The biggest danger of hackers comes not from massive coding assaults but smiles and conversations. Take it from Frank Abagnale Jr., the scheming boy wonder turned FBI instructor whose life of deception spawned a book and Steven Spielberg movie, ``Catch Me if You Can.'' Between the ages of 16 and 21, Abagnale who benefited from a fountain of charm, a photographic memory, prematurely gray hair and a 140 IQ masqueraded as a Pan Am pilot, supervising resident doctor, Louisiana lawyer and college sociology professor. In that time, he also managed to cash more than $2.5 million in bogus checks. http://www.siliconvalley.com/mld/siliconvalley/news/editorial/6175257.htm - - - - - - - - - - Smart cards set for takeoff Smart card experts have predicted the imminent popularity of chip-carrying plastic cards so many times that it has become an in-joke among industry cognoscenti. Although these so-called smart cards-- and their less technology-laden brethren, chip cards --have been relatively well-received overseas, the reception in the United States remains frosty. But efforts under way in the United States to better protect its borders and increase company security may finally give the smart card its day. http://zdnet.com.com/2100-1103_2-1021445.html - - - - - - - - - - RFID Chips Are Here RFID chips are being embedded in everything from jeans to paper money, and your privacy is at stake. Bar codes are something most of us never think about. We go to the grocery store to buy dog food, the checkout person runs our selection over the scanner, there's an audible beep or boop, and then we're told how much money we owe. Bar codes in that sense are an invisible technology that we see all the time, but without thinking about what's in front of our eyes. http://www.securityfocus.com/columnists/169 - - - - - - - - - - Airport screeners may get X-ray vision A scanner the government is testing for airport screening reveals much more than meets the eye to be comfortable for most passengers. Susan Hallowell, director of the Transportation Security Administration's security laboratory, sacrificed a large measure of her own modesty Wednesday to demonstrate the problem. http://www.siliconvalley.com/mld/siliconvalley/news/editorial/6174610.htm http://www.cnn.com/2003/TECH/ptech/06/26/seethru.security.ap/index.html http://www.wired.com/news/technology/0,1282,59401,00.html Airports eye Iris scans by July 2004 http://www.vnunet.com/News/1141849 - - - - - - - - - - Henderson to buy laptops for police cruisers Henderson police cruisers will soon be equipped with laptop computers to better exchange law-enforcement information. The city commission Tuesday approved nearly $810,000 for 40 laptops and a wireless network to connect cruisers to the National Crime Information Center, which provides information such as outstanding warrants and stolen vehicles. The money comes from a federal grant. The system also will allow officers to file their reports directly from their cruisers, Chief Ed Brady said. http://www.usatoday.com/tech/news/2003-06-26-ky-cop-cars_x.htm *********************************************************** Computer Forensics Training - Online. An intense, 150 hour, instructor lead program that teaches you computer forensics and helps prepare you for the Certified Computer Examiner exam. For more information see; www.cybercrime.kennesaw.edu *********************************************************** Search the NewsBits.net Archive at: http://www.newsbits.net/search.html *********************************************************** The source material may be copyrighted and all rights are retained by the original author/publisher. The information is provided to you for non-profit research and educational purposes. Reproduction of this text is encouraged; however copies may not be sold, and NewsBits (www.newsbits.net) should be cited as the source of the information. Copyright 2000-2003, NewsBits.net, Campbell, CA.