NewsBits for April 12, 2004 sponsored by, Southeast Cybercrime Institute - ************************************************************ Worm Triggers Attacks on File-Trading Services The latest variant of the Netsky worm is directing infected computers to launch Web-based attacks against music- and file-trading Web services such as Kazaa, taking down at least one company's Web sites in the process. - - - - - - - - - - Virus makers' war bombs businesses Matt Brown reacted instinctively when a deluge of virus-infected e-mail threatened to swamp ExecuScribe, a medical transcription firm in Rochester, N.Y. The tech manager disconnected all 20 computers from the firm's internal network, stopping the Bagel.Q virus in its tracks. But he also cut access to clients and isolated the 125 subcontractors who feed ExecuScribe work product across the Internet. - - - - - - - - - - Biometric ID card bill on its way 'in a month' David Blunkett last night said that he was pushing on with plan for an ID card, with a draft bill to hit Parliament within months. The ID cards will contain biometrics and may be in the wallets of UK citizens by 2007 at the earliest.,3800002220,39119896,00.htm - - - - - - - - - - A Need for Greater Cybersecurity Chief executives of U.S. corporations and their boards of directors should assume direct responsibility for securing their computer networks from worms, viruses and other attacks, an industry task force working with the federal government said. Group suggests corporate auditors for cybersecurity - - - - - - - - - - RIAA Singing the Same Old Song Online file-sharing and other digital piracy persist, but a gradual turnaround in U.S. music sales that began last fall picked up in the first quarter of this year, resulting in the industry's best domestic salesin years. Overall U.S. music sales -- CDs, legal downloads, DVDs, etc. -- rose 9.1 percent in the first three months of the year over the same period in 2003, according to Nielsen SoundScan.,1412,63026,00.html - - - - - - - - - - Concern grows over browser security Browser-based security threats are on the rise and may pose the next significant risk to information technology operations, according to a technology trade association. The Computing Technology Industry Association (CompTIA) on Monday released its second annual report on IT security and the work force. ISPs Have to Step Up on Security,10801,92057,00.html - - - - - - - - - - Progress in War Against Spam Hit or Miss While progress has been made through wider use of anti-spam filters and new laws meant to crack down on spammers, most of the evidence shows the deluge is spreading, with more than half of all e-mail traffic spam. Happy spamiversary N. Carolina woman joins brother as 'spam' defendant Pump'n'dump spam? Hooray! - - - - - - - - - - Russia: Insult in the Internet In Kazan, Tatarstan, Russia, a first criminal proceeding was initiated against a senior pupil of a local school for he allegedly insulted his schoolmistress through the Internet, informs "Interfax-Povolzhye", a Russian news agency. Early in the year, a teenager on behalf of his schoolmistress placed a webpage in the Net offering intimate services. Potential clients began to phone her and she turned to the Department on Fighting Hich Tech Crimes of the regional Office of Internal Affairs. - - - - - - - - - - Intel unveils processor with hard-wired security The next generation of Intel Corp. microprocessors for cell phones and handheld computers will, for the first time, include hard-wired security features that can enforce copy protection and help prevent hackers from wreaking havoc on wireless networks. - - - - - - - - - - More security woes for Cisco CISCO HAS ADMITTED that there are holes in its wireless LAN products. The admission comes only a week after a bunch of hackers publisheda toolkit to take apart its ordinary LAN products.The latest glitch is within CiscoWorks WLSE management tool and the Cisco Hosting Solution Engine. According to the advisory published on its website, the software versions at risk include 2.0, 2.0.2, and 2.5. The Hosting Solution Engine-vulnerable software versions include 1.7, 1.7.1, 1.7.2, and 1.7.3. - - - - - - - - - - Chat, Copy, Paste, Prison When a New Hampshire judge threw out chat-log evidence against an accused pedophile, he illustrated just how jumbled and confused Internet privacy law can be. - - - - - - - - - - Sun's Solaris Takes Security Mainstream A little less than a year ago, I remarked in this space that seat belts weren't always standard equipment in cars but that we expect them today as a basic safety feature. It's nice to be able to notethat the same sort of transition is finally gaining momentum in mainstream IT, with crucial platform security and reliability features expanding beyond formerly specialized domains to merge into mass-market platforms. - - - - - - - - - - Forensic Analysis of a Live Linux System, Part Two Last month in the first part of this article series, we discussed some of the preparation and steps that must be taking when analyzing a live Linux system that has been compromised. Now we'll continue our analysis by looking for malicious code on the running system, and then discuss some of the searches that can be done with the data once it has been transferred to our remote host. - - - - - - - - - - American Released Passenger Data American Airlines became the third U.S. airline to acknowledge giving passenger records to the government, sparking denunciations from privacy advocates. The world's largest airline said late Friday that in June 2002 it shared approximately 1.2 million passenger itineraries with the Transportation Security Administration and, inadvertently, four research companies vying for contracts with the agency.,1848,63018,00.html - - - - - - - - - - Lie detectors are likely lying themselves I learn a lot watching television. That is, I learn a lot by watching television and thinking, "That can't be right!" then doing the research to find the full story. Television butchers technology. It has to. There's no time in your average crime drama, say, to go into the details of tracking a cell phone or running someone's DNA; what takes seconds on TV often takes hours in the real world. *********************************************************** Computer Forensics Training - Online. An intense, 150 hour, instructor lead program that teaches you computer forensics and helps prepare you for the Certified Computer Examiner exam. For more information see; *********************************************************** Search the Archive at: *********************************************************** The source material may be copyrighted and all rights are retained by the original author/publisher. The information is provided to you for non-profit research and educational purposes. Reproduction of this text is encouraged; however copies may not be sold, and NewsBits ( should be cited as the source of the information. Copyright 2000-2004,, Campbell, CA.