NewsBits for May 5, 2004 ************************************************************ 12 arrested for laundering phished funds Brief: Twelve people from Estonia, Latvia, Lithuania, Russia and the Ukraine have been arrested on suspicion of money laundering funds procured through phishing attacks. The National High-tech Crime Unit (NHTCU) arrested six men and six women, with help from the National Crime Squad, the FBI and the US Secret Service. http://news.zdnet.co.uk/internet/security/0,39020375,39153687,00.htm http://www.vnunet.com/News/1154938 http://www.theregister.co.uk/2004/05/05/phishing_mules_arrested/ US hit by 92m phishing attacks in one year http://news.zdnet.co.uk/internet/security/0,39020375,39153695,00.htm Fear of phishing hits e-commerce http://www.theregister.co.uk/2004/05/05/phishing_fears_survey/ - - - - - - - - - - Sasser Worm Rips Through Internet The rapidly evolving "Sasser" computer worm tore across the Internet on Tuesday, claiming new victims among corporate and home computer users as others scrambled to fortify their machines against attack. First detected over the weekend, the worm has already infected, by some estimates, more than 1 million PCs running on Microsoft Corp.'s Windows 2000, NT and XP operating systems. http://msnbc.msn.com/id/4890780/ http://www.latimes.com/technology/la-fi-rup5.5may05,1,4131003.story http://www.gcn.com/vol1_no1/daily-updates/25838-1.html http://www.wired.com/news/infostructure/0,1377,63325,00.html http://www.newsfactor.com/story.xhtml?story_title=Sasser_Fizzles_Out_as_Search_for_Culprits_Heats_Up&story_id=23942 Patches Could Have Lessened Latest Worm Far fewer computers would have been disabled by the latest Internet worm had their owners configured them to automatically get the latest security fixes. Sasser's spread began to stabilize Tuesday, but not after infecting hundreds of thousands of computers since Friday by exploiting a known Windows flaw for which Microsoft Corp. issued a software patch three weeks ago. http://www.washingtonpost.com/wp-dyn/articles/A1828-2004May4.html http://www.usatoday.com/tech/news/computersecurity/2004-05-05-patch-chiding_x.htm Microsoft: Almost 1.5M download Sasser cleanup tool http://computerworld.com/securitytopics/security/virus/story/0,10801,92912,00.html Speed Limits Could Slow Viruses http://www.technologyreview.com/articles/rnb_050504.asp Hunt on for Sasser worm culprit http://www.cnn.com/2004/TECH/internet/05/05/sasser.worm.reut/index.html http://computerworld.com/securitytopics/security/virus/story/0,10801,92923,00.html Sasser creates European pandemonium http://www.theregister.co.uk/2004/05/05/sasser_continental_europe/ Chinese government is bracing for attack by Sasser worm http://www.iht.com/articles/518438.html Home users bear brunt of new virus http://www.ananova.com/news/story/sm_944796.html Home users learn virus lessons Home computer users were better prepared for the Sasser worm outbreak than businesses, according to anti-virus company Sophos. Sasser is an internet worm and does not need to be opened in an email to infect computers. http://www.vnunet.com/News/1154930 - - - - - - - - - - Cyber-crime fight may need new laws Unclear legislation and a lack of resources may be holding back the fight against cyber-crime, according to experts. The All Party Internet Group is holding an inquiry into the 14-year-old Computer Misuse Act (CMA), to feed into a Home Officereview of the legislation. http://www.vnunet.com/News/1154917 - - - - - - - - - - Doctors seeing surge in addicts supplied via Internet Drug addicts looking for their next fix are finding it more easily these days with the simple click of a computer mouse. Drug addiction specialists say they are seeing a surge of patients over the past several months who have gotten controlled substances over the Internet without prescriptions. http://www.siliconvalley.com/mld/siliconvalley/news/editorial/8596146.htm - - - - - - - - - - Student hacks iTunes for compatibility According to the Australian researcher who cracked the authentication used by Apple's iTunes software, current-generation Digital Rights Management (DRM) will never work. David Hammerton, a 20-year-old Arts-Science student, reverse-engineered iTunes' authentication measures last week, allowing non- iTunes clients to connect to Apple's servers. It was the second time he had managed to crack the authentication, however this time it took him just eight hours to break the brand-new iTunes 4.5, which had been patched against his previous research. http://www.securityfocus.com/news/8561 - - - - - - - - - - Viruses target IM When it comes to viruses and worms, e-mail gets all the attention, but now that instant messaging has infiltrated both home and office, it too has become an attractive and easy target for virus writers. From 2002 to 2003, worms and viruses that spreadvia IM and peer-to-peer networks increased 400%, according to Symantec Corp.'s Internet Security Threat Report. Already this year, we've seen the Jitux.A and Bizex worms targeting MSN Messenger and ICQ, respectively. http://computerworld.com/securitytopics/security/story/0,10801,92913,00.html - - - - - - - - - - Gates Promises Longhorn Beta In 2005 Despite Security Concerns Microsoft has recommitted to releasing Longhorn, its next-generation Windows client and server, into beta testing in 2005 even though its chairman acknowledged that security concerns threaten his dream of enabling seamless connectivity and Web services. http://www.crn.com/sections/BreakingNews/dailyarchives.asp?ArticleID=49935 Security breaches drive customers away http://news.zdnet.co.uk/internet/security/0,39020375,39153693,00.htm WinHEC: Microsoft looks ahead http://zdnet.com.com/2251-1110-5206298.htmls http://news.com.com/2100-7355_3-5206677.html Microsoft to sign anti-spam agreement http://news.zdnet.co.uk/software/windows/0,39020396,39153420,00.htm http://money.cnn.com/2004/05/05/technology/msft_spam.reut/index.htm - - - - - - - - - - Officials trade arguments over electronic voting Will system overhauls close security gaps or cause chaos? Scientists told a federal panel Wednesday that electronic voting isnt completely reliable and suggested that a backup paper system might be the only way to avoid another disputed presidential election in November. http://msnbc.msn.com/id/4907477/ http://www.cnn.com/2004/TECH/05/05/electronicvoting.ap/index.html E-Voting: 1 County Sues State http://www.latimes.com/technology/la-me-machines5may05,1,1569551.story - - - - - - - - - - CIO jury: Compliance no IT project Trojan horse silicon.com's latest CIO Jury of 12 individuals hasreturned eight answers of 'No' and four of 'Yes' to the question Have compliance projects (addressing Sarbanes-Oxley, Basle II, IAS and so on) allowed you to roll out additional technology, including that for which it would have been hard to get separate sign-off? http://zdnet.com.com/2100-1104_2-5206341.html Worms part of IT diet http://zdnet.com.com/2100-1107_2-5206111.html - - - - - - - - - - The new nasties Each week vnunet.com asks a different expert to give their views on recent virus and security issues, with advice, warnings and information on the latest threats. This week Luis Corrons, head of PandaLabs, warns of the added workload that IT departments face from new forms of malware. http://www.vnunet.com/News/1154939 - - - - - - - - - - What is hacking? Hacking is unauthorized use of computer and network resources. (The term "hacker" originally meant a very gifted programmer. In recent years though, with easier access to multiple systems, it now has negative implications.) Hacking is a felony in the United States and most other countries. When it is done by request and under a contract between an ethical hacker and an organization, it's OK. The key difference is that the ethical hacker has authorization to probe the target. http://www.crime-research.org/news/05.05.2004/241 - - - - - - - - - - Internet shop 'til you drop -- but stay cautious On the Internet, car shoppers can gather information available from dealers but without the pressure of eyeball-to-eyeball negotiations. But Web browsers should beware. The same basic rule that applied pre-Internet is still valid: Don't assume one source of information has all the right answers. (LA Times article, free registration required) http://www.latimes.com/technology/la-hy-web5may05,1,7675782.story - - - - - - - - - - 419ers crack cold fusion Since they already have a man in space, it should come as no surprise that our old mates from Lagos have pulled off an even more impressive feat - cold fusion. Well, it was actually the brilliant Nigerian physicist Koffi Abacha, who sadly died in the obligatory mysterious plane crash. However, his work looks promising, and for just $10,000 you can buy yourself into the energy revolution. http://www.theregister.co.uk/2004/05/05/419_cold_fusion/ *********************************************************** Search the NewsBits.net Archive at: http://www.newsbits.net/search.html *********************************************************** The source material may be copyrighted and all rights are retained by the original author/publisher. The information is provided to you for non-profit research and educational purposes. Reproduction of this text is encouraged; however copies may not be sold, and NewsBits (www.newsbits.net) should be cited as the source of the information. Copyright 2000-2004, NewsBits.net, Campbell, CA.