NewsBits for July 28, 2004 ************************************************************ LAPD Arrests 3 in Raid on Alleged DVD Piracy Lab Los Angeles police continued their crackdown on bootleg movie operations Tuesday, arresting three men for allegedly making counterfeit DVDs in a Los Angeles apartment. The alleged lab was housed on the second floor of a building on 18th Street near Venice Boulevard and La Brea Avenue. Inside, police and investigators from the Motion Picture Assn. of America said they found two DVD towers, each containing seven disc burners. (LA Times article, free registration required) http://www.latimes.com/technology/la-fi-piracybust28jul28,1,1545511.story - - - - - - - - - - Cyber bandits 'cost British bookies 60.5m' Russian police have broken up an internet hacker ring that extorted money from British bookmakers, inflicting millions of pounds in losses on their websites in a series of attacks. The suspects flooded online betting sites with false requests for information in so-called denial of service attacks. They would then send e-mails demanding money for stopping the attacks, said Yevgeny Yakimovich, the chief of the Russian Interior Ministrys Department K for fighting cyber-crimes. Yakimovich said the gang had caused about PS40m (60.5m) in damages to British bookmakers. http://breakingnews.iol.ie/news/story.asp?j=59503026&p=595x34xx&n=59503497 - - - - - - - - - - Zindos worm relies on its pal MyDoom The Zindos worm, which has launched a DDoS attack on Microsoft.com, seems to be written by the author of the MyDoom worm, as they share some intimate secrets. The latest variant of the MyDoom worm appears to form the first part of a two-pronged attack by preparing the path for a new type of worm that, in this case, is designed to assault Microsoft.com. http://news.zdnet.co.uk/business/legal/0,39020651,39161911,00.htm http://www.newsfactor.com/story.xhtml?story_title=Virus-Possibly-Set-To-Target-Microsoft&story_id=26056 MyDoom piggyback virus targets Microsoft http://www.vnunet.com/news/1156935 http://www.theregister.co.uk/2004/07/28/ms_worm_uses_mydoom/ Web worm abating, leaving systems exposed http://www.cnn.com/2004/TECH/internet/07/28/internet.worm.reut/index.html DoubleClick Blasted in Latest DoS Attack http://www.newsfactor.com/story.xhtml?story_title=DoubleClick-Blasted-in-Latest-DoS-Attack&story_id=26071 http://www.theregister.co.uk/2004/07/28/ddosers_attack_doubleclick/ http://computerworld.com/securitytopics/security/story/0,10801,94837,00.html - - - - - - - - - - Bank issues warning of internet fraud scam Internet banking customers were warned tonight about a fraudulent scheme to steal their credit card details. Allied Irish Bank said two of its clients had complained about mysterious pop-up screens which requested credit card numbers, expiry dates and PIN numbers. The screens appeared yesterday after the clients had logged into the credit card section of their accounts on AIB's 24-hour banking website. http://breakingnews.iol.ie/news/story.asp?j=91569600&p=9y57xy76&n=91570187 - - - - - - - - - - Nominet warns of .co.uk 'invoicing scam' If you have received what appears to be an invoice for a .co.uk domain name from an organisation called Domain Registry Services, watch out. It could be a scam, warns Nominet. Nominet, the organisation that runs the .co.uk top-level domain, has issued a warning about a company called Domain Registry Services. Nominet says the company has been sending out documents resembling invoices to owners of .co.uk domain names. http://news.zdnet.co.uk/internet/0,39020369,39161910,00.htm - - - - - - - - - - One virus writer 'responsible for 70 percent of infections' Netsky and Sasser author Sven Jaschan, who was arrested in Germany earlier this year, is responsible for 70 percent of all virus infections so far this year, according to Sophos. Sven Jaschan, self-confessed author of the Netsky and Sasser viruses, is responsible for 70 percent of virus infections in 2004, according to a six-month malware round-up published by antivirus firm Sophos on Wednesday. http://news.zdnet.co.uk/0,39020330,39162036,00.htm - - - - - - - - - - Cisco, Huawei settle intellectual property lawsuit Networking giant Cisco Systems Inc. agreed Wednesday to settle its lawsuit that claimed Chinese rival Huawei Technologies Co. copied Cisco code and documentation for its routers and switches without permission. Under the deal, which finalizes a tentative agreement reached in October, Huawei will revise its command-line interface, user manuals, help screens and some source code to address Cisco's concerns. http://www.siliconvalley.com/mld/siliconvalley/news/editorial/9264483.htm http://news.zdnet.co.uk/business/legal/0,39020651,39162029,00.htm - - - - - - - - - - GAO finds information security compliance is sporadic Agency compliance with federal information security standards is irregular and the process that measures compliance is unreliable, the Government Accountability Office said in a report released Wednesday. A GAO survey of 24 federal agencies found that 63 percent of information systems met security guidelines issued by the National Institute of Standards and Technology, including the minimum security controls mandated by the 2002 Federal Information Security Management Act. The GAO report determined, however, that compliance and accreditation varied greatly. http://www.govexec.com/dailyfed/0704/072804d1.htm - - - - - - - - - - Police Say Russian Hackers Are Increasing Threat Young, smart Russian hackers are posing an increasing threat to global business, police said on Wednesday following last week's arrest of an online extortion ring that cost British companies up to $70 million. Russia, with its highly educated workforce and inefficient police, has become infamous for computer piracy and crime. http://www.usatoday.com/tech/news/internetprivacy/2004-07-28-russian-hackers_x.htm - - - - - - - - - - Better tools let hackers strike more quickly Increasingly, attackers are using better tools to find vulnerabilities quickly, exploit flaws and hide their attacks. While some security experts point to zero-day exploits--code that takes advantage of previously unknown vulnerabilities--as a growing threat, a greater number are stressing the danger of online attackers' ability to quickly turn around attack code by analyzing the patch issued to fix the problem. http://zdnet.com.com/2100-1105_2-5287333.html - - - - - - - - - - French Internet providers join piracy crackdown French Internet service providers agreed Wednesday to cooperate in a crackdown against Web surfers who illegally download music online. In a government- backed charter also signed by record labels and musicians' groups, France's leading Internet companies agreed to pull the plug on pirates and step up cooperation with copyright prosecutions. http://www.siliconvalley.com/mld/siliconvalley/news/editorial/9264498.htm - - - - - - - - - - Online music providers offering sharing, legally Free-for-all music sharing online has drawn the ire of the recording industry, but some commercial online music providers and even a few recording artists are opting to allow music fans to share the songs they've bought. The latest to do so is San Diego-based MusicMatch. The company on Tuesday launched a revamped version of its digital music service with a new feature that enables subscribers to send e-mails embedded with Internet links for songs they want to share. http://www.usatoday.com/tech/webguide/music/2004-07-28-sharing-more-music_x.htm - - - - - - - - - - Details of Microsoft antivirus software leak out An executive of Microsoft in France divulged on Wednesday some of the software maker's plans for its highly anticipated entry into the antivirus software market. A standalone antivirus product will be built from tools the company inherited through its 2003 acquisitions of GeCad and Pelican Software, according to a report published in CNET News.com's sister publication, ZDNet France, citing the technical head of Microsoft's security project in that country, Nicolas Mirail. http://zdnet.com.com/2100-1105-5287496.html - - - - - - - - - - New tool demonstrates hacks against RFID tags Smart-tag technology using radio frequency ID is being developed without security in mind, raising concerns about consumer privacy and risks to security of the organizations using the tags. Some of these risks were demonstrated today at the Black Hat Briefings security conference using a new hacker tool that lets users read and write to the tags. http://www.gcn.com/vol1_no1/daily-updates/26759-1.html - - - - - - - - - - 78% of Linux users never been hacked A SURVEY released by Evans Data reveals that 92% of respondents have never had their Linux systems infected with a virus. The survey, titled Summer 2004 Linux Development Survey, also reports that 78% of Linux developers have never had their systems hacked. Additionally, a mere seven per cent had been hacked three or more times. http://www.theinquirer.net/?article=17504 - - - - - - - - - - Fears rise of UK data mountain The government has announced two huge database projects - and leaks have revealed that a third holding children's details may be far more extensive than originally envisaged. The plans are raising further concerns about the exponential rise in collection of citizen data. http://www.vnunet.com/news/1156941 - - - - - - - - - - Fight Virus With Virus That's the only way to stop MyDoom. On Monday, Web surfers faced the unthinkable: a day without Google. MyDoom.O, the latest version of the fast- spreading worm, used infected PCs to flood Google's servers in what's called a denial-of-service attack. With the MyDoom virus trolling for e-mail addresses so it could send itself to new victims, human users were pushed out of the way for a couple of hours. It only seemed like the world was ending. http://slate.msn.com/id/2104432/ - - - - - - - - - - Thugs turn to corporate e-blackmail If current trends continue, physical crime rates should plunge drastically. But it's not all good news. Criminals have taken industrial espionage and blackmail to new heights. A dangerous potion of corporate over-dependence on technology, weak computer systems, lack of security knowledge and policy enforcement has aggravated the situation. Ask yourself. Which is more widespread? Hacking and phishing scams or bank hold-ups? http://zdnet.com.com/2100-1107_2-5286999.html - - - - - - - - - - US fingerprinting plan earns Big Brother's wrath Privacy International has named this year's winners of its Big Brother awards, and the US VISIT scheme has been labelled as a Lifetime Menace. A scheme that forces all visitors to America to be fingerprinted upon arrival has won this year's Lifetime Menace award from Privacy International. The US VISIT scheme has been honoured in this way, according to PI, because of the "almost total silence" in the US over this programme. http://news.zdnet.co.uk/internet/security/0,39020375,39162039,00.htm - - - - - - - - - - Surveillance cameras key to convention security efforts Hundreds of surveillance cameras are eyeing people's every move at the Democratic National Convention at Boston's FleetCenter and throughout the city, helping law enforcement keep an eye on things, but also raising privacy concerns. http://www.govexec.com/dailyfed/0704/072804con1.htm *********************************************************** Search the NewsBits.net Archive at: http://www.newsbits.net/search.html *********************************************************** The source material may be copyrighted and all rights are retained by the original author/publisher. The information is provided to you for non-profit research and educational purposes. Reproduction of this text is encouraged; however copies may not be sold, and NewsBits (www.newsbits.net) should be cited as the source of the information. Copyright 2000-2004, NewsBits.net, Campbell, CA.