<![CDATA[
NewsBits for July 13, 2004
************************************************************
Man Accused of Infiltrating Computer at Verizon
Westchester County man illegally infiltrated an
internal computer at Verizon more than 100 times
this year, forcing the telecommunications company
to spend at least $120,000 to retool its security
system, prosecutors charged in a federal indictment
yesterday. The man, William Quinn, 27, of Eastchester,
obtained many passwords to a central computer that
Verizon technicians use in repairing telephone lines,
according to the indictment, filed in the Southern
District of New York in Manhattan.
http://www.nytimes.com/2004/07/13/nyregion/13hacker.html
http://www.wnbc.com/news/3523972/detail.html
- - - - - - - - - -
Conn. Porn Producer Who Involved Kids In Sex Acts Sentenced
A Norwalk man charged with producing child pornography
and posting it on the Internet has been sentenced to
ten years in prison. Brent Reilly, 27, was sentenced
Monday, almost a year after being charged with more
than a dozen counts of possession and dissemination
of child pornography.
http://www.wnbc.com/news/3523689/detail.html
- - - - - - - - - -
Worm sleeps to avoid detection
The latest mass-mailing worm, Atak, hides by going
to sleep when it suspects that antivirus software
is trying to detect it. Atak was first discovered
Monday. Although antivirus companies do not expect
it to cause much damage, they say it will be
a nuisance because it can generate a large amount
of spam. Graham Cluley, senior technology consultant
for antivirus company Sophos, said authors of
malicious software generally try to make the job
of antivirus researchers as difficult as possible
by adding confusing code and using evasion
techniques.
http://zdnet.com.com/2100-1105_2-5267258.html
- - - - - - - - - -
Companies warn of mass Trojan distribution
Antivirus and e-mail security companies sent out
warnings today about a new Trojan horse program
that they claim is being mass distributed on the
Internet using unsolicited commercial e-mail, or
spam. The program, called Backdoor-CGT, is a new
form of a Trojan horse installed after e-mail
recipients using Microsoft Corp.'s Outlook e-mail
program follow a Web link embedded in an e-mail
message. The Trojan horse is believed to have
infected thousands of systems on the Internet
since appearing early today, even though antivirus
software and up-to-date versions of Outlook are
immune to attack, according to Maksym Schipka,
senior antivirus researcher at MessageLabs Ltd.
in the U.K.
http://computerworld.com/securitytopics/security/story/0,10801,94515,00.html
- - - - - - - - - -
Banks to block illegal website payments
British banks have been advised not to do business
with legally or ethically dubious websites. The
Association for Payment Clearing Services (Apacs),
the banking trade body, has updated its guidelines
for members dealing with online traders. The guidelines
advise banks that can accept card payments on behalf
of websites not to conduct business with sites that
deal in racist, sexually violent, paedophilic or
terrorist material.
http://www.vnunet.com/news/1156629
- - - - - - - - - -
Microsoft issues seven security patches, two critical
Microsoft Corp. today released seven security
patches covering a wide array of the company's
products. Two of those patches fix holes that
Microsoft deemed "critical" and warned could
allow remote attackers to take control of
vulnerable Windows systems. The software
updates include fixes for previously unknown
holes in the Windows operating system, including
critical holes in the Windows Task Manager
and HTML help features.
http://computerworld.com/securitytopics/security/holes/story/0,10801,94516,00.html
http://zdnet.com.com/2100-1104_2-5268295.html
http://news.zdnet.co.uk/0,39020330,39160285,00.htm
IE may share Mozilla 'shell:' flaw
http://news.zdnet.co.uk/internet/security/0,39020375,39160391,00.htm
- - - - - - - - - -
Microsoft Releases Virus Removal Tool
Microsoft Corp. released a tool on Tuesday for
removing a particularly pesky computer virus -
but was not yet able to offer a software patch
to prevent the infection from spreading. Stephen
Toulouse, a security program manager with Microsoft,
could not say when the patch to thwart the virus,
called "download.ject," might be completed. The
virus was discovered in late June and exploits
a vulnerability in Microsoft's Internet Explorer
browser.
http://www.siliconvalley.com/mld/siliconvalley/news/editorial/9143097.htm
- - - - - - - - - -
Chinese hackers advertise made-to-order virus service
Rising, one of China's leading anti-virus software
firms, recently discovered that Chinese hackers
had opened a new website offering a made-to-order
virus service, Rising PR official Lu Lan told
Interfax. Although it is not uncommon for hackers
to custom make viruses for a price, such services
have never before been advertised so openly. This
newly discovered website contains a scrolling
advertisement that offers to create a new virus
capable of bypassing security systems for
RMB 100-200 (USD 12.08-24.15).
http://www.crime-research.org/news/13.07.2004/487/
- - - - - - - - - -
UK military bans iPods
The Ministry of Defence has added the music player
to its list of banned equipment, citing the danger
to networks of USB devices. Music fans, beware:
the Ministry of Defence has become the latest
organisation to add the iPod to its list of
high-tech security risks.
http://news.zdnet.co.uk/hardware/mobile/0,39020360,39160284,00.htm
http://www.cnn.com/2004/TECH/internet/07/13/britain.mod.reut/index.html
http://www.theregister.co.uk/2004/07/13/mod_bans_ipods/
- - - - - - - - - -
Companies adapt to a zero day world
Financial institutions with critical systems and cash
on the line are reorganizing to deal with the closing
gap between the hole and the patch. Zero day exploits
are upon us. Case in point, the June 25th Russian
attacks that turned IIS servers into delivery platforms
for identity-thieving Trojan keystroke loggers.
The attacks relied on two vulnerabilities in Internet
Explorer that security researchers discovered for
the first time weeks earlier on a malicious adware-
implanting website.
http://www.securityfocus.com/news/9100no
- - - - - - - - - -
Mississippi invests in secure county systems
Of Mississippis 82 counties, only 45 have
e-mail capability. But the state is aiming
to turn this around with a cybersecurity
assessment of its counties that will serve
as the foundation for a secure enterprisewide
system and provide connectivity with state,
local and federal government. Mississippi
officials announced yesterday that they had
secured $820,000 from the Homeland Security
Departments Office of Domestic Preparedness
to do a county-by-county cybersecurity
assessment.
http://www.gcn.com/vol1_no1/daily-updates/26564-1.html
- - - - - - - - - -
The network is the security
Remember computing in the 1980s? This was an era
when stand-alone IBM mainframes and VAX minicomputers
dominated the computing landscape. Each system ran
an application or two for a specific constituency.
Application and data integration was so cumbersome
that few companies had the skills, budgets or stomachs
to attempt it. Mainframes and minicomputers were
truly data-processing islands.
http://news.com.com/The+network+is+the+security/2010-7347_3-5265714.html
- - - - - - - - - -
SMS spoofing - new lingo in cybercrime
'You have flunked'. The SMS was enough to unnerve
not only Ram, an engineering student, but also
his entire family. But the panic was soon found
to be unfounded as, within minutes, Ram came to
know it was a spoof when his reply to the message
bounced back. It was only a prank played by one
of his IT-savvy friends and Ram realised he had
fallen victim to 'mobile spoofing'.
http://www.crime-research.org/news/13.07.2004/488/
- - - - - - - - - -
Officials discuss efforts to network crime, terrorism data
The Homeland Security Department is working to
connect its nationwide information network to
existing law enforcement databases, an official
told lawmakers Tuesday. The department is working
with the Justice Department to make the systems
"fully compatible in the short term and [is]
developing a common system for the future,"
Patrick Hughes, Homeland Security's assistant
secretary for information analysis, told a House
Government Reform subcommittee.
http://www.govexec.com/dailyfed/0704/071304tdpm1.htm
- - - - - - - - - -
Long Arm of the Law Has Become Bionic
Mexico has required some prosecutors to have tiny
computer chips implanted in their skin as a security
measure for access to the Attorney General's Office
National Information Center, authorities announced.
Atty. Gen. Rafael Macedo de la Concha said his
chip, implanted in his arm, also could be used
"tolocate me wherever I am." The information center
is part of a new anti-crime effort to combat
kidnappings, armed robberies and drug trafficking.
http://www.cnn.com/2004/WORLD/americas/07/13/mexico.chip.reut/index.html
http://www.latimes.com/technology/la-fg-briefs13.4jul13,1,546162.story
http://www.wired.com/news/technology/0,1282,64194,00.html
***********************************************************
Search the NewsBits.net Archive at:
http://www.newsbits.net/search.html
***********************************************************
The source material may be copyrighted and all rights are
retained by the original author/publisher. The information
is provided to you for non-profit research and educational
purposes. Reproduction of this text is encouraged; however
copies may not be sold, and NewsBits (www.newsbits.net)
should be cited as the source of the information.
Copyright 2000-2004, NewsBits.net, Campbell, CA.
]]>