NewsBits for August 9, 2004
************************************************************
Price not right on Bagle variant
A prolific new variant of the mass-mailing Bagle
worm began flooding e-mail accounts Monday with
bogus price quotes. Like previous versions of Bagle,
the new Bagle.AQ worm spreads by sending out messages
with an infected attachment compressed under the
common Zip format. Both the name of the attachment
and the body of the message are a variant on "price"
or "new price." Unlike earlier Bagles, the new version
also packs in a 3-year-old piece of JavaScript code
that, once executed, attempts to send the infected
PC to various Web sites to pick up more Bagle code,
said Vincent Gullotto, vice president of the antivirus
emergency response team for security specialist McAfee.
http://zdnet.com.com/2100-1105_2-5302722.html
http://www.msnbc.msn.com/id/5652313/
- - - - - - - - - -
Man Charged With Sex Assault Of Girl He Met On Net
A 27-year-old West Paterson man was charged with
sexually assaulting a teen girl at a Bergen County
motel after arranging a meeting with her on the
Internet, officials said Monday. The 13-year-old
girl was in the front seat of Jose Casallas' car
when he was arrested Sunday, police said. He was
being held Monday in the Bergen County Jail on
$250,000 bail. The girl's mother reported her
missing Saturday night and police found an Internet
conversation with Casallas on her home computer,
authorities said.
http://www.wnbc.com/news/3633407/detail.html
- - - - - - - - - -
Teenager facing child pornography charges
Alexander Charles Whitaker was being held in the
Broward County Jail Friday on $300,000 bond. Police
found hundreds of child pornography images stored
on his computer. Many of the images showed children
having sexual contact with other children or adults.
http://www.miami.com/mld/miamiherald/news/local/states/florida/counties/broward_county/9341591.htm
- - - - - - - - - -
Russia: Department K against Udmurt hackers
According to Valeri Korznikov, Deputy Chief of
the Department K (unit fighting high tech crimes)
in Udmurt Republic, hackers expanded heavy activities
so that the topic of counteraction to computer crimes
reached even the government. More than 400 cases of
unauthorized intrusion into someone else's computers
were registered only for the last year in Udmurtia.
Special devices equipped by Department K allow to
reveal hackers but only on condition that the
victim appealed to police himself.
http://www.crime-research.org/news/07.08.2004/550/
- - - - - - - - - -
FBI probes beheading hoax on Web
A San Francisco computer expert duped international
media on Saturday into believing Islamist kidnappers
had executed an American hostage in Iraq by staging
his own mock beheading on the Internet. The FBI
questioned Benjamin Vanderford, 22, shortly after
the hoax became public. "We will pursue any and all
legal avenues for prosecution," said FBI special
agent LaRae Quy of the bureau's San Francisco office.
"At this point the matter is still under investigation."
http://zdnet.com.com/2100-1105-5301633.html
- - - - - - - - - -
Video Game Theft Cited in Six Beating Deaths
Former convict Troy Victorino, who blamed
a young woman for taking his Xbox video game
system, recruited three teenagers to stab and
beat her and five others to death, investigators
said. The 22-year-old woman was singled out for
an attack so vicious that dental records were
useless in trying to identify her. Some of
the victims were attacked in their sleep,
authorities said.
http://www.theregister.co.uk/2004/08/08/xbox_murder_florida/
http://www.latimes.com/technology/la-na-briefs9aug09,1,3244662.story
- - - - - - - - - -
Windows XP SP2 may stop the worms
Service Pack 2, the long-awaited upgrade to Windows
XP, will prevent the rapid spread of worms such as
Sasser, according to a security company that has
reverse-engineered some of the code. Windows XP SP2,
which has finally been released for manufacturing,
is designed to make the Windows operating more secure
by offering a host of new features and functionality.
Part of that increased security is protection against
buffer overflows, which are a vulnerability that has
been exploited to great effect by high-profile worm
attacks such as Sasser, Slammer, and Blaster.
http://news.zdnet.co.uk/0,39020330,39162970,00.htm
Windows SP2 rolls out
http://www.fcw.com/fcw/articles/2004/0809/web-xppatch-08-09-04.asp
http://www.msnbc.msn.com/id/5610539/
http://www.vnunet.com/news/1157187
http://www.newsfactor.com/story.xhtml?story_title=XP-SP--Finally-Rolled-Out-to-Manufacturers&story_id=26214
SP2's new firewall: Better than nothing, but not good enough
http://zdnet.com.com/2100-1105_2-5301625.html
IBM stalls on XP upgrade
http://news.zdnet.co.uk/software/windows/0,39020396,39162997,00.htm
- - - - - - - - - -
AOL IM 'Away' message flaw deemed critical
All known versions of AIM for Microsoft Windows
are affected. Computer security companies are
warning users of America Online Inc.'s AOL
Instant Messenger (AIM) software that a serious
security hole in the product could allow remote
attackers to execute malicious code on computers
that run the popular instant messaging software.
http://computerworld.com/securitytopics/security/holes/story/0,10801,95137,00.html
- - - - - - - - - -
Big-time ID theft symptom of database culture
BJ's Wholesale Club Inc. attracts shoppers to its
stores by putting thousands of discounted products
under one roof. It wasn't hard to attract cyberthieves
either, with databases that amass credit card numbers
in huge numbers. The theft earlier this year of
thousands of credit card records from the nation's
third-largest warehouse club illustrates the potential
for massive-scale identity theft whenever so much
purchase-enabling information is stored in one place.
It also illustrates how difficult the cleanup can be.
http://www.siliconvalley.com/mld/siliconvalley/news/editorial/9357645.htm
- - - - - - - - - -
Cybersecurity research gets $7 million
The Office of Naval Research has granted the
National Center for Advanced Secure Systems
Research (NCASSR) an additional $7 million
in funding to conduct research on, among other
topics, technology for deducing suspicious
patterns in data and on ways to allow sensors
to communicate in a secure fashion. The group
will also examine methods of preventing
unauthorized intrusion into energy grid
systems and other highly sensitive networks.
http://news.com.com/Briefly%3A+Cybersecurity+research+gets+%247+million/2009-1014_3-5219580.html
- - - - - - - - - -
AMD says its chips can boost PC security
Advanced Micro Devices says it has one-upped
rival Intel in computer security by moving more
quickly to embrace new features provided by
an update to Microsoft's Windows PC operating
system. AMD on Monday trumpeted a chip feature
called Enhanced Virus Protection, which works
with an update of Microsoft's Windows XP
operating system to thwart some viruses and
worms--malicious software that devours data
or clogs up e-mail servers.
http://zdnet.com.com/2100-1103-5302628.html
- - - - - - - - - -
Is Sharing Wi-Fi Illegal? Answer Hazy; Try Again Later, Lawyer Says
Borrowing a neighbor's unsecured Wi-Fi signal
could be against the law. Or it might be legal.
The law is unclear, said cyberlawyer Mark Rasch.
"We have new technology and an old law. The law
neither expressly prohibits it, nor expressly
permits it," Rasch said.
http://www.internetweek.com/allStories/showArticle.jhtml?articleID=26805988
- - - - - - - - - -
Security: It's 'wise up' or 'sack all your staff' time
Which is it going to be? The latter is impractical...
but why should the former be proving so tricky?
Many small companies in the UK are despairing at
the part their employees are playing in security
breaches - yet too few are taking appropriate
action to stop them. Among small to medium-sized
enterprises (SMEs), end-user error is still perceived
as the highest risk to the business and while many
have policies in place to crack down on this threat
too few are enforcing them, according to research
conducted by the IOD with its members.
http://software.silicon.com/security/0,39024655,39123001,00.htm
- - - - - - - - - -
Fahrenheit FBI
A new U.S. government decision extending wiretapping
regulations to the Internet raises far more questions
than it answers. The Federal Communications Commission
voted 5-0 last week to prohibit businesses from offering
broadband or Internet phone service unless they provide
police with back doors for wiretapping access. Formal
regulations are expected by early next year.
http://zdnet.com.com/2100-1107-5302080.html
- - - - - - - - - -
Unprecedented electronic security net covers Olympics
If you're planning on attending this month's Olympic
Games, you'd best be careful what you say and do
in public. Software will be watching and listening.
Recent leaps in technology have paired highly
sophisticated software with street surveillance
cameras to create digital security guards with
intelligence-gathering skills.
http://www.siliconvalley.com/mld/siliconvalley/news/editorial/9357302.htm
http://www.usatoday.com/tech/news/surveillance/2004-08-09-security-software_x.htm
- - - - - - - - - -
Brits banned from smiling in passport photos
British passport holders have no reason to be
cheerful in their photos - an open-mouthed smile
is no longer allowed. The fight against terrorism
has wiped the smile off the face of British passport
holders. The UK Passport Service said on Friday it
will forbid open-mouthed smiles on passport pictures,
one of several rules introduced to comply with strict
new US standards. Smiles are forbidden -- along
with sunglasses and hair slanting across the eyes --
because they may confuse security cameras used
to scan faces and to verify the passport is authentic.
http://news.zdnet.co.uk/hardware/chips/0,39020354,39162962,00.htm
- - - - - - - - - -
N.M. courthouse, Calif. city pushing Wi-Fi networks
City and county governments are embracing
Wi-Fi technology to provide high-speed data
service to public safety agencies and Internet
access to citizens, and now Bernalillo County,
N.M., has adopted the technology to support
Internet access for judges, lawyers and jurors
in its courthouse. The service, the first phase
of which went into operation in February, also
provides wireless voice-over-IP (VoIP) phone
service for security personnel.
http://computerworld.com/mobiletopics/mobile/wifi/story/0,10801,95139,00.html
***********************************************************
Search the NewsBits.net Archive at:
http://www.newsbits.net/search.html
***********************************************************
The source material may be copyrighted and all rights are
retained by the original author/publisher. The information
is provided to you for non-profit research and educational
purposes. Reproduction of this text is encouraged; however
copies may not be sold, and NewsBits (www.newsbits.net)
should be cited as the source of the information.
Copyright 2000-2004, NewsBits.net, Campbell, CA.