NewsBits for May 11, 2004 ************************************************************ Sasser copycats get busy Copycat virus authors have released a pair of worms targeted at the same vulnerability in Microsoft's operating system exploited by the infamous Sasser worm. Undeterred by the arrest of Swen Jaschan in Germany last Friday, coders have released a new Sasser variant (Sasser-F) and the first worm in a new strain, Cycle-A. Both worms exploit a hole in Window's Local Security Authority Subsystem Service (LSASS) component. Neither is spreading particularly widely and most AV vendors place them low on the peril index. http://www.theregister.co.uk/2004/05/11/sasser_saga_continues/ New Sasser variant indicates copycat script kiddie http://news.zdnet.co.uk/internet/security/0,39020375,39154424,00.htm http://computerworld.com/securitytopics/security/virus/story/0,10801,93071,00.html Experts: Timing of new Sasser worm raises questions http://security.itworld.com/4340/040511sassertiming/page_1.html Sasser shows network flaws http://www.usatoday.com/tech/news/computersecurity/2004-05-10-sasser_x.htm Fifth Sasser 'released before arrest' http://news.zdnet.co.uk/internet/security/0,39020375,39154256,00.htm Sasser Author Comes Clean http://www.newsfactor.com/story.xhtml?story_title=Sasser-Author-Comes-Clean&story_id=23993 - - - - - - - - - - Microsoft: Separate trail led to second virus writer Microsoft confirmed on Monday that German authorities had arrested a man suspected of writing and releasing a program widely used to compromise and surreptitiously control computers on the Internet. The program, known as Agobot, has caused concern among many security experts because it allows a single individual to control a vast network of computers, potentially as a means to attack Internet sites. The coder was captured Friday, the same day that an 18-year-old man, also a resident of Germany, was arrested for creating all five versions of the Sasser worm. http://zdnet.com.com/2100-1105_2-5209681.html Second German arrest 'unrelated to Sasser' http://news.zdnet.co.uk/internet/security/0,39020375,39154260,00.htm - - - - - - - - - - Man Gets 11 Years for Huge Credit Card Scam A Malibu man who defrauded hundreds of thousands of credit card holders out of $37 million by falsely billing them for access to pornographic websites was sentenced Monday to 11 1/4 years in federal prison. Prosecutors said the scam perpetrated by Kenneth Taves is the largest Internet fraud to date that has resulted in a conviction. http://www.latimes.com/technology/la-me-taves11_may11,1,6322551.story http://www.siliconvalley.com/mld/siliconvalley/news/editorial/8641274.htm http://www.theregister.co.uk/2004/05/11/porn_scam/ - - - - - - - - - - Student Held in Grade Fixing Scheme Police say a 17-year-old hacked into Corona del Mar High's computer system. Other students are under investigation. A Newport Beach high school student was taken into custody Monday and accused of a felony for allegedly hacking into a school computer system and altering grades, police said. Detectives led the 17-year-old, whom police would not identify because of his age, from Corona del Mar High School on Monday morning. (LA Times article, free registration required) http://www.latimes.com/technology/la-me-hackers11may11,1,6240950.story - - - - - - - - - - 3 Detroit students charged after school computers hacked and grades changed Three Lincoln Park High School students were charged Monday with hacking into the school's computer system to change their grades and attendance records. Police said two of them also created a Web site informing other students that the school's computer system had been hacked and giving steps on how to change grades. http://www.snpx.com/cgi-bin/securitynews.cgi?database=JanEE&id=18 - - - - - - - - - - Turkish hackers strike De Anza Web site Turkish hackers attacked De Anza College's teacher review Web site last Wednesday, erasing all of its content and replacing it with a hooded skull. "It was a nice, welcome office-warming surprise," said James Nguyen sarcastically, who was appointed to the position of vice president of technology last week by the De Anza Student Body. http://www.lavozdeanza.com/vnews/display.v/ART/2004/05/10/40a0057ce3ca6 - - - - - - - - - - Judge ties antispammer's hands A Northern California District Court judge issued a temporary restraining order to prevent SpamCop, an antispam operation, from interfering with messages sent by alleged junk e-mailer OptInRealBig.com. The court granted the restraining order last Tuesday, and it is scheduled to reconvene May 20. E-mail server company IronPort Systems, owner of SpamCop, filed an appeal Monday asking the judge to dissolve the order before the hearing date, on the grounds that it breaches first amendment rights and damages the company's operations. http://news.com.com/2100-1024_3-5210518.html - - - - - - - - - - DHS and UK ID card biometric vendor in false ID lawsuit At San Jose Superior Court today biometrics company Identix will seek to have a product liability and slander lawsuit against it and the States of California and Oregon dismissed. Plaintiffs Roger Benson and Miguel Espinoza are seeking restitution for the damage inflicted on them by duplication in police records which gave them other people's criminal records. http://www.theregister.co.uk/2004/05/11/identix_false_id_suit/ - - - - - - - - - - Congress Targets Cell Phone Cameras Cell phone cameras are useful for the unusual moment that demands a picture, like when a congressional aide pulled one out of a pocket to get a snapshot of Michael Jackson strolling the halls of Congress. Some people, however, are using them for nefarious purposes, such as taking pictures beneath women's skirts and posting them on the Internet. Lawmakers want to make taking such surreptitious photos and other illicit uses of video technology a federal crime punishable by up to a year in jail. http://www.washingtonpost.com/wp-dyn/articles/A16827-2004May11.html http://msnbc.msn.com/id/4952325/ - - - - - - - - - - Microsoft patches new Windows flaw Microsoft on Tuesday detailed a new vulnerability in Windows XP and Windows Server 2003 that could enable an attacker to remotely execute malicious code. The software maker described the problem as "important," its second-highest rating for such problems. Antivirus software maker Symantec, meanwhile, characterized the vulnerability as "high risk," citing the impact that there could be if the vulnerability was successfully exploited. http://news.com.com/2100-1002_3-5210513.html http://msnbc.msn.com/id/4955493/ - - - - - - - - - - E-Legal: Fighting Internet Crime According to most experts, today Internet Crimes poses greater cyber security threat than 5 years ago.In spite of law enforcement and special services efforts directed to fighting Internet crimes, their quantity, unfortunately, is not reducing, and vice versa their social danger is constantly growing. http://www.crime-research.org/news/11.05.2004/261 - - - - - - - - - - Lottery scams new flavour of the month Lottery scam emails are increasing at an alarming rate, according to Fraudwatch International, the Australian website that protects consumers from identify theft. Last month FraudWatch International received over 1000 variations, double the number of phishing email scams http://www.theregister.co.uk/2004/05/11/lottery_scams/ - - - - - - - - - - Browser Hijackers Ruining Lives Browser hijackers are doing more than just changing homepages. They are also changing some peoples' lives for the worse. Browser hijackers are malicious programs that change browser settings, usually altering designated default start and search pages. But some, such as CWS, also produce pop-up ads for pornography, add dozens of bookmarks -- some for extremely hard-core pornography websites -- to Internet Explorer's Favorites folder, and can redirect users to porn websites when they mistype URLs. http://www.wired.com/news/infostructure/0,1377,63391,00.html - - - - - - - - - - Symantec stops frustrating virus-notification alerts Symantec has shown the way for other antivirus firms to finally end the proliferation of false user email notifications, which wrongly identity the source of a virus and add to the general email deluge swamping users' inboxes. http://software.silicon.com/security/0,39024655,39120602,00.htm Tech Players Push for Anti-Virus Spec http://www.internetnews.com/dev-news/article.php/3352271 - - - - - - - - - - MS spells it out: pirates can, can't install WinXP Sp2 Fresh from killing off, then swiftly reviving, NGSCB/Palladium, Microsoft appears to be going for the double with an about-face on WinXP SP2 for pirates. Last week the company seemed to be giving the impression that altruism had triumphed over righteous indignation, today, it is denying it.But not, as far as we can see, strongly denying it. The reports are not 'entirely untrue' - they are "not entirely true". Um, right. http://www.theregister.co.uk/2004/05/11/xpsp2_pirate_blocking/ http://zdnet.com.com/2100-1105_2-5209896.html http://news.zdnet.co.uk/software/windows/0,39020396,39154267,00.htm - - - - - - - - - - Talking capacitors could blab to code breakers Crypto Boffins - led by Adi Shamir of RSA fame - are investigating whether it might be possible to gain valuable clues about private encryption keys simply by listening to a targeted computer. The sounds made by capacitors on motherboards might, in theory, give attackers code-breaking clues in much the same way electro-magnetic leakage or power fluctuations can be used in so-called "side-channel" attacks on secure systems. http://www.theregister.co.uk/2004/05/11/sounds_yield_crypto_clues/ - - - - - - - - - - Bluetooth group downplays security risks The Bluetooth Special Interest Group (SIG) is dismissing security fears about the technology, saying any flaws in it are limited to a small number of mobile phonesalthough it has detailed measures that concerned users can take to secure a wide range of Bluetooth devices. http://computerworld.com/mobiletopics/mobile/technology/story/0,10801,93066,00.html AirDefense sniffs out Bank of America Bluetooth-based ID system http://computerworld.com/mobiletopics/mobile/technology/story/0,10801,93063,00.html - - - - - - - - - - Security comes from the top Companies will struggle to maintain effective IT security if senior managers are not seen to take the topic seriously. Imagine a perfect situation, in which you work for a large company with a lot of information security measures in place. There is antivirus software on every desktop, updated automatically; there are firewalls and intrusion detection systems protecting the perimeter of the network; and host-based sensors scattered strategically throughout the system. http://www.itweek.co.uk/Comment/1155064 Devil's Advocate: Why computer security's so primitive http://comment.silicon.com/0,39024711,39120567,00.htm - - - - - - - - - - Bad laws, bad code, bad behavior A congressional hearing on Internet porn last week illustrates what happens when politicians try to ban technology they don't like or understand. The topic of Thursday's meeting of the House of Representatives' consumer protection subcommittee was a bill intended to require that programs like Kazaa and Grokster obtain parental consent before installation. Peer-to-peer software is starting "to lure our children from the perceived safety of the family living room out into the dangers of the Internet wilderness," subcommittee chairman Cliff Stearns, R-Fla., warned. http://zdnet.com.com/2100-1107-5209869.html - - - - - - - - - - Holy security wars What is with the technology industry's propensity for fighting religious wars over products and technologies? It seems that there are always new battles being fought, as fanatics unfurl their banners to declare that Linux will overtake Windows, that asynchronous transfer mode is dead or that the world is moving to Internet Protocol telephony. These debates stir passion and serve as fodder for lively conversations at trade shows. http://news.com.com/2010-7355_3-5209637.html - - - - - - - - - - The Google Terrrorist It was the lead item on the government's daily threat matrix one day last April. Don Emilio Fulci described by an FBI tipster as a reclusive but evil millionaire, had formed a terrorist group that was planning chemical attacks against London and Washington, D.C. That day even FBI director Robert Mueller was briefed on the Fulci matter. But as the day went on without incident, a White House staffer had a brainstorm: He Googled Fulci. His findings: Fulci is the crime boss in the popular video game Headhunter. "Stand down," came the order from embarrassed national security types. http://www.usnews.com/usnews/issue/040517/whispers/17whisplead_2.htm - - - - - - - - - - Study Says U.S. Should Reopen Some Web Sites Federal officials should consider reopening public access to about three dozen Web sites withdrawn from the Internet after the Sept. 11, 2001, terrorist attacks, a government-financed study says, because the sites pose little or no risk to homeland security. http://www.washingtonpost.com/wp-dyn/articles/A15750-2004May10.html *********************************************************** Search the NewsBits.net Archive at: http://www.newsbits.net/search.html *********************************************************** The source material may be copyrighted and all rights are retained by the original author/publisher. The information is provided to you for non-profit research and educational purposes. Reproduction of this text is encouraged; however copies may not be sold, and NewsBits (www.newsbits.net) should be cited as the source of the information. Copyright 2000-2004, NewsBits.net, Campbell, CA.