NewsBits for January 8, 2004 sponsored by, Southeast Cybercrime Institute - www.cybercrime.kennesaw.edu ************************************************************ Calif. Man Pleads Guilty To Hacking Charge A 22-year-old California man pleaded guilty Thursday to hacking into the New York Times Co. computer network and entering a database containing personal information about Op-Ed page contributors. http://www.washingtonpost.com/wp-dyn/articles/A667-2004Jan8.html http://computerworld.com/securitytopics/security/hacking/story/0,10801,88904,00.html - - - - - - - - - - FTC obtains judgments against alleged ID thieves Two defendants from Chicago have been barred from participating in Internet auctions and may face jail time after being accused by the U.S. Federal Trade Commission of using stolen personal identification to offer nonexistent merchandise for sale online. http://computerworld.com/governmenttopics/government/legalissues/story/0,10801,88909,00.html - - - - - - - - - - Flight Sim enquiry raises terror alert A mother's enquiry about buying Microsoft Flight Simulator for her ten-year-old son prompted a night-time visit to her home from a state trooper. Julie Olearcek, a USAF Reserve pilot made the enquiry at a Staples store in Massachusetts, home to an earlier bout of hysteria, during the Salem witch trials. http://www.theregister.co.uk/content/28/34776.html - - - - - - - - - - U.S. accuses S. Korea of failing to halt piracy The Bush administration on Thursday accused South Korea of failing to halt the piracy of American movies and music that it said was costing U.S. companies millions of dollars in lost revenue. The administration announced that South Korea was being added to a priority list of countries that are subject to special monitoring and consultations aimed at making sure the foreign government acts to address the copyright piracy issues that have been uncovered. http://www.siliconvalley.com/mld/siliconvalley/news/editorial/7662679.htm - - - - - - - - - - Feds seek wiretap access via VoIP The FBI and the Justice Department have renewed their efforts to wiretap voice conversations carried across the Internet. The agencies have asked the Federal Communications Commission to order companies offering voice over Internet Protocol (VoIP) service to rewire their networks to guarantee police the ability to eavesdrop on subscribers' conversations. http://zdnet.com.com/2100-1105_2-5137344.html - - - - - - - - - - Govt unveils Web kids safety campaign A hard-hitting ad campaign warning about the dangers of paedophiles 'grooming' young victims online has been launched by the Government. It's hoped the public awareness campaign will encourage youngsters to think twice about who they're chatting to online. This PS700,000 campaign, featured on the radio, in cinemas and online, will also provide practical advice to help them stay safe on the Net and while using mobile phones. http://www.theregister.co.uk/content/6/34762.html - - - - - - - - - - 2004 to be year of the 'superworm' 2004 will be characterised by a dramatic rise in malicious hacking, the birth of 'superworms', and the creation of sinister underground peer-to-peer (P2P) virus creation networks, a security company has predicted. http://www.vnunet.com/News/1151887 - - - - - - - - - - SQL security flaw persists in many web sites Businesses are still failing to make basic security checks on their web sites and are leaving themselves wide open to digital attack, warn experts. http://www.vnunet.com/News/1151878 - - - - - - - - - - Microsoft admits Word not hacker-proof Microsoft has hit back at critics of Word's password protect feature, which the company has admitted is not safe from hackers. The tool is intended to make collaboration easier, Microsoft said, explaining that users should invest in digital signatures or an Adobe Acrobat-type application if they want security. http://www.silicon.com/hardware/desktops/0,39024645,39117660,00.htm - - - - - - - - - - Staff are 'biggest cyber-criminals' IT security specialist Cyber Protect (CP) says more than half of UK companies were victims of cyber crime in 2003, and more are likely to be targeted this year. But, surprisingly, the group says that a firm's own employees are most likely to hack into its systems and that - even more shockingly - senior managers are the biggest culprits. http://www.businesseurope.com/cmn/viewdoc.jsp?cat=all&docid=BEP1_News_0000060883 - - - - - - - - - - Computer Crime Typology Experts consider that computer crimes today represent more serious danger for our country than 5 years ago. According to Economic Crime Unit of the Ministry of Internal Affairs of Ukraine official statistics for 4 months of 2001 year, 7 crimes, in 2002 25, for 6 months of 2003 - 51 crimes have been revealed. http://www.crime-research.org/library/Golubev1203.html - - - - - - - - - - Treasury breaks word on e-mail anonymity The U.S. Treasury Department plans to publish nearly 10,000 e-mail addresses on the Web, violating its privacy promise to Americans who used e-mail to comment on a government proceeding. In March 2003, the Treasury Department's Alcohol and Tobacco Tax and Trade Bureau (TTB) asked for e-mail comments about a proposal that could raise the price of malt beverages like Bacardi Breezer and Smirnoff Ice. At the time, the department said that the text of comments would be made public--but assured people that e-mail addresses, home addresses and other personal information of individuals would be removed first. http://news.com.com/2100-1028_3-5137488.html - - - - - - - - - - HCC breaks ground with new tech security degree Howard Community College wants to arm a future wave of information security professionals with the tools they will need to protect business networks. The Columbia school is the first community college in Maryland to offer an information security degree program, according to state higher education officials. http://baltimore.bizjournals.com/baltimore/stories/2004/01/05/story4.html - - - - - - - - - - MS launches two new security certifications Microsoft has announced the availability of two new security certification specialisations to enable Indian IT professionals with IT security management skills. The new certifications -- MCSA Security and MCSE Security -- are targeted at systems engineers and administrators and will help validate specific technical skills around critical IT security functions in an organisation, a company release said. http://www1.timesofindia.indiatimes.com/articleshow/411496.cms - - - - - - - - - - From Anti-Spam to Anti-Spyware EarthLink spokesman Jerry Grasso says consumers want two things from an Internet service provider: secure connections and tools to that cut through the clutter. As the nation's largest consumer ISPs -- America Online, the Microsoft Network (MSN) and EarthLink -- scramble to grab new customers, reduce churn and differentiate their offerings in an increasingly similar world marked only by pricing, promotion of "safety and security" tools is the current hot marketing ticket. http://www.internetnews.com/xSP/article.php/3296851 - - - - - - - - - - Deepening the Firewall: Exclusive Interview with NetScreen Executive Officer David Flynn. "Historically, the two primary competitors we see are Cisco and Check Point Software, but as this new smarter firewall comes along, we're seeing some of the antivirus companies, like Symantec and Network Associates, trying to move in this direction," NetScreen's David Flynn told the E-Commerce Times. http://www.ecommercetimes.com/perl/story/32533.html - - - - - - - - - - IIS Lockdown and Urlscan The security posture of a web application can be severely undermined if the underlying web server software is vulnerable. The web server software is the most visible and easy to exploit part of a web application. Even if the web application itself is impregnable it can be subject to serious security breaches if the underlying web server platform is insecure. http://www.securityfocus.com/infocus/1755 - - - - - - - - - - Nasty e-mails raise blood pressure Managers who send threatening e-mails to their staff could be doing more harm than good, according to a new study. Researchers at Buckinghamshire Chilterns University College have found evidence that a worker's blood pressure can shoot up if they receive an aggressive e-mail from their boss. http://zdnet.com.com/2100-1105_2-5137734.html http://www.theregister.co.uk/content/6/34760.html - - - - - - - - - - Privacy Progress at Homeland Security On Jan. 5, the Homeland Security Dept. launched the U.S. VISIT Program, which will take digital fingerprints and photographs of foreign nationals entering and exiting the country at 115 airports and popular seaports. Pundits' reactions ranged from alarm to scorn: Terrorism experts argued, correctly, that the program would do little to prevent terrorists from entering the country, mostly because of 27 visa-waiver countries -- Western Europe plus a few other choice nations -- that are exempt from the profiling. http://www.businessweek.com/technology/content/jan2004/tc2004018_3753_tc073.htm *********************************************************** Computer Forensics Training - Online. An intense, 150 hour, instructor lead program that teaches you computer forensics and helps prepare you for the Certified Computer Examiner exam. For more information see; www.cybercrime.kennesaw.edu *********************************************************** Search the NewsBits.net Archive at: http://www.newsbits.net/search.html *********************************************************** The source material may be copyrighted and all rights are retained by the original author/publisher. The information is provided to you for non-profit research and educational purposes. Reproduction of this text is encouraged; however copies may not be sold, and NewsBits (www.newsbits.net) should be cited as the source of the information. Copyright 2000-2004, NewsBits.net, Campbell, CA.