NewsBits for August 26, 2004 ************************************************************ FBI Seizes File-Sharing Devices in Piracy Raid The U.S. launches an undercover probe as major record firms sue 744 people for alleged copyright infringement. The Justice Department joined the entertainment industry's fight against illegal file-sharing Wednesday, saying it had launched an undercover criminal probe of a members-only group that allegedly traded movies, songs, games and software over the Internet. http://www.latimes.com/technology/la-fi-piracy26aug26,1,3172227.story http://news.zdnet.co.uk/business/legal/0,39020651,39164621,00.htm http://www.msnbc.msn.com/id/5819566/ http://www.sfgate.com/cgi-bin/article.cgi?file=/chronicle/archive/2004/08/26/BUGII8E8VK1.DTL http://www.mercurynews.com/mld/mercurynews/business/technology/9505113.htm Feds Wrap Up Online-Crime Dragnet http://www.wired.com/news/infostructure/0,1377,64732,00.html U.S. Making Arrests in Spam, Fraud Sweep http://www.latimes.com/technology/la-fi-spam26aug26,1,6415596.story Japanese music companies raided in ringtone case http://www.siliconvalley.com/mld/siliconvalley/news/editorial/9504131.htm - - - - - - - - - - Hackers target French ISP's site A hacker compromised the corporate Web site of France Telecom SA's Internet service provider subsidiary, Wanadoo, on Monday, causing the site to try to install a malicious software program on visitors' computers, the company said yesterday. The site, www.wanadoo.com, had been altered to use two common software exploits that redirect visitors' Web browsers from Wanadoo.com to Web sites that attempted to download a Trojan horse program onto their computers. http://computerworld.com/securitytopics/security/hacking/story/0,10801,95492,00.html - - - - - - - - - - Civil servants sacked over Net porn More than 200 civil servants in the Department of Work and Pensions (DWP) have been disciplined for surfing the Web for porn during office hours. In the last eight months the staff accessed over two million pornographic images, including 18,000 involving child abuse. The Sun newspaper reports that some of the sites touted images purported to be of kids as young as 13. So far, 16 workers have been sacked as a result of the sting operation, which began in December last year. One worker has been convicted on 32 counts of possessing child pornography, and two others are under investigation. http://www.theregister.co.uk/2004/08/26/civil_servant_porn/ - - - - - - - - - - Chinese finger 'exam cheat' virus In brief A computer virus specifically designed to steal files with names such as "exam" or "test questions" has reportedly been discovered by a Chinese Internet security firm. The "exam theft" virus is capable of infecting Microsoft Word and Excel files and uploading targeted documents onto the Net, the Shanghai Daily News reports. http://www.theregister.co.uk/2004/08/26/exam_virus/ - - - - - - - - - - First AMD 64-bit virus debuts Anti-virus researchers have discovered of the first virus capable of infecting 64-bit AMD systems. The Shruggle virus is only capable of infecting AMD64 Windows Portable Executable (PE) files on the same machine. The virus will not run natively on 32-bit Windows platforms. Even on 64-bit AMD boxes, Shruggle is incapable of spreading by itself from machine to machine. The virus is noteworthy only in demonstrating that malicious code is capable of infecting 64-bit AMD systems even before the widespread availability of systems next year. http://www.theregister.co.uk/2004/08/26/virus64bit_redux/ - - - - - - - - - - Viruses as tools of data theft Every virus-writer with high self esteem often tampers with stealing personal data. The perpetrator infects the computer with a virus installing a trojan, a program sending data to the owner. If you store data on your accounts on the computer, the criminal can withdraw money from your bank accounts and use your credit cards in your name. http://www.crime-research.org/news/26.08.2004/590/ - - - - - - - - - - Secret Service and CERT analyze insider threats It doesnt take a techie to abuse an IT system from the inside, and inside attackers do not fit any common profile. Those are among the findings of the Secret Service and the CERT Coordination Center in a study of insider attacks against financial organizations. Damage to the victimized institutions ranged from a few hundred dollars to hundreds of millions of dollars. The report, Illicit Cyber Activity in the Banking and Finance Sector, is the first in a series of Insider Threat Studies in critical infrastructure sectors. http://www.gcn.com/vol1_no1/daily-updates/27074-1.html 'Electronic Jihad' fails to materialise http://www.theregister.co.uk/2004/08/26/cyberfud/ - - - - - - - - - - Latest spam scams use Google, Olympics Scammers are constantly using new techniques, according to SurfControl. Using new techniques to trick users into opening misleading, fraudulent and potentially harmful messages, spammers have recently targeted Google, the Olympic games and US Bank, according to SurfControl PLC, a vendor of Web and e-mail filtering software. "There is greater awareness of the risks associated with spam and e-mail, so spammers must continually create new techniques to trick end users," Susan Larson, vice president of global content at Scotts Valley, Calif.-based SurfControl, said in a statement. "Companies should be on the lookout for these new techniques and others as they emerge." http://computerworld.com/securitytopics/security/cybercrime/story/0,10801,95496,00.html - - - - - - - - - - Cisco reports access control server flaws Cisco on Wednesday posted an advisory warning about four vulnerabilities in its Secure Access Control Server (ACS). The first flaw causes the Web interface of the ACS to stop answering requests when it's flooded with TCP connections. The second error crashes systems using Cisco's remote access authentication protocol, http://zdnet.com.com/2110-1105_2-5325170.html http://computerworld.com/securitytopics/security/holes/story/0,10801,95514,00.html - - - - - - - - - - SP2: To install or not to install After a series of delays, Microsoft has unveiled its security-minded update to Windows XP, known as Service Pack 2. But for some in the business world, the response is "not so fast," as the software giant moves to iron out some kinks. Various holes, flaws and compatibility concerns are topping the list of reasons not to put SP2 installation on the to-do list--at least not yet. http://news.com.com/Editors%27+Picks%3A+SP2%3A+To+install+or+not+to+install/2009-1025_3-5322562.html - - - - - - - - - - Will New Security Fears Drag E-Commerce Down? Most identity-theft crimes occur when employees steal records from employers, not when consumers type credit-card numbers on a secure Web site. That is why this type of crime is just as likely to affect victims who never shop online as those who do. It sounds like an update of an old Aborigine tale. In the original, a person's soul is stolen by the flash of a camera; in the adaptation, one's identity is captured by a flicker of computer wizardry. http://crm-daily.newsfactor.com/story.xhtml?story_title=Will-New-Security-Fears-Drag-E-Commerce-Down-&story_id=26573 - - - - - - - - - - Security worries back to 2001 levels The severity and number of exploits and vulnerabilities in computer systems are causing greater concern for IT directors. In the wake of a report by outsourcing company Synstar, concerns over security are back to 2001 levels with nearly 90% of respondents more concerned about flaws and attacks than other IT issues. Fran Howarth, practice leader of security at Bloor Research said there were many reasons behind the finding, most prominent of those were the ever-increasing number and complexity of exploits and flaws being unearthed. http://www.scmagazine.com/news/index.cfm?fuseaction=newsDetails&newsUID=d178206e-5106-46f1-a96c-7e1906a6c30b&newsType=Latest - - - - - - - - - - Special handling for critical information COMMENTARY--On a daily basis, managers retrieve and manipulate vast amounts of enterprise information, which is protected using standard enterprise security technologies, such as the perimeter security infrastructure, authentication mechanisms and access control systems. However, a small part of this information is considered to be absolutely critical. http://zdnet.com.com/2100-1107-5323924.html - - - - - - - - - - A checklist for buying a security event management system To better protect themselves against the proliferation and wide range of network security threats, organizations are building more complex, device-laden security networks. Today's network attacks are becoming more sophisticated, and it's increasingly difficult to distinguish actual attacks from normal traffic. Best practices dictate that event logs should be periodically reviewed in-depth, looking for anomalous events indicative of an attack or compromise, rather than waiting for it to become apparent in a catastrophic system failure. http://computerworld.com/softwaretopics/software/story/0,10801,95465,00.html - - - - - - - - - - TSA unveils new passenger prescreening program The Transportation Security Administration today took the wraps off the Secure Flight passenger prescreening program, which it seeks to build as a replacement for the Computer Assisted Passenger Prescreening Program that airlines use to keep suspect travelers off planes. Secure Flight follows hard on the heels of the agencys defunct CAPPS II program, and TSA took pains to distinguish the new program from its discredited predecessor. http://www.gcn.com/vol1_no1/daily-updates/27077-1.html http://computerworld.com/securitytopics/security/story/0,10801,95493,00.html NewsBits for August 26, 2004 ************************************************************ FBI Seizes File-Sharing Devices in Piracy Raid The U.S. launches an undercover probe as major record firms sue 744 people for alleged copyright infringement. The Justice Department joined the entertainment industry's fight against illegal file-sharing Wednesday, saying it had launched an undercover criminal probe of a members-only group that allegedly traded movies, songs, games and software over the Internet. http://www.latimes.com/technology/la-fi-piracy26aug26,1,3172227.story http://news.zdnet.co.uk/business/legal/0,39020651,39164621,00.htm http://www.msnbc.msn.com/id/5819566/ http://www.sfgate.com/cgi-bin/article.cgi?file=/chronicle/archive/2004/08/26/BUGII8E8VK1.DTL http://www.mercurynews.com/mld/mercurynews/business/technology/9505113.htm Feds Wrap Up Online-Crime Dragnet http://www.wired.com/news/infostructure/0,1377,64732,00.html U.S. Making Arrests in Spam, Fraud Sweep http://www.latimes.com/technology/la-fi-spam26aug26,1,6415596.story Japanese music companies raided in ringtone case http://www.siliconvalley.com/mld/siliconvalley/news/editorial/9504131.htm - - - - - - - - - - Hackers target French ISP's site A hacker compromised the corporate Web site of France Telecom SA's Internet service provider subsidiary, Wanadoo, on Monday, causing the site to try to install a malicious software program on visitors' computers, the company said yesterday. The site, www.wanadoo.com, had been altered to use two common software exploits that redirect visitors' Web browsers from Wanadoo.com to Web sites that attempted to download a Trojan horse program onto their computers. http://computerworld.com/securitytopics/security/hacking/story/0,10801,95492,00.html - - - - - - - - - - Civil servants sacked over Net porn More than 200 civil servants in the Department of Work and Pensions (DWP) have been disciplined for surfing the Web for porn during office hours. In the last eight months the staff accessed over two million pornographic images, including 18,000 involving child abuse. The Sun newspaper reports that some of the sites touted images purported to be of kids as young as 13. So far, 16 workers have been sacked as a result of the sting operation, which began in December last year. One worker has been convicted on 32 counts of possessing child pornography, and two others are under investigation. http://www.theregister.co.uk/2004/08/26/civil_servant_porn/ - - - - - - - - - - Chinese finger 'exam cheat' virus In brief A computer virus specifically designed to steal files with names such as "exam" or "test questions" has reportedly been discovered by a Chinese Internet security firm. The "exam theft" virus is capable of infecting Microsoft Word and Excel files and uploading targeted documents onto the Net, the Shanghai Daily News reports. http://www.theregister.co.uk/2004/08/26/exam_virus/ - - - - - - - - - - First AMD 64-bit virus debuts Anti-virus researchers have discovered of the first virus capable of infecting 64-bit AMD systems. The Shruggle virus is only capable of infecting AMD64 Windows Portable Executable (PE) files on the same machine. The virus will not run natively on 32-bit Windows platforms. Even on 64-bit AMD boxes, Shruggle is incapable of spreading by itself from machine to machine. The virus is noteworthy only in demonstrating that malicious code is capable of infecting 64-bit AMD systems even before the widespread availability of systems next year. http://www.theregister.co.uk/2004/08/26/virus64bit_redux/ - - - - - - - - - - Viruses as tools of data theft Every virus-writer with high self esteem often tampers with stealing personal data. The perpetrator infects the computer with a virus installing a trojan, a program sending data to the owner. If you store data on your accounts on the computer, the criminal can withdraw money from your bank accounts and use your credit cards in your name. http://www.crime-research.org/news/26.08.2004/590/ - - - - - - - - - - Secret Service and CERT analyze insider threats It doesnt take a techie to abuse an IT system from the inside, and inside attackers do not fit any common profile. Those are among the findings of the Secret Service and the CERT Coordination Center in a study of insider attacks against financial organizations. Damage to the victimized institutions ranged from a few hundred dollars to hundreds of millions of dollars. The report, Illicit Cyber Activity in the Banking and Finance Sector, is the first in a series of Insider Threat Studies in critical infrastructure sectors. http://www.gcn.com/vol1_no1/daily-updates/27074-1.html 'Electronic Jihad' fails to materialise http://www.theregister.co.uk/2004/08/26/cyberfud/ - - - - - - - - - - Latest spam scams use Google, Olympics Scammers are constantly using new techniques, according to SurfControl. Using new techniques to trick users into opening misleading, fraudulent and potentially harmful messages, spammers have recently targeted Google, the Olympic games and US Bank, according to SurfControl PLC, a vendor of Web and e-mail filtering software. "There is greater awareness of the risks associated with spam and e-mail, so spammers must continually create new techniques to trick end users," Susan Larson, vice president of global content at Scotts Valley, Calif.-based SurfControl, said in a statement. "Companies should be on the lookout for these new techniques and others as they emerge." http://computerworld.com/securitytopics/security/cybercrime/story/0,10801,95496,00.html - - - - - - - - - - Cisco reports access control server flaws Cisco on Wednesday posted an advisory warning about four vulnerabilities in its Secure Access Control Server (ACS). The first flaw causes the Web interface of the ACS to stop answering requests when it's flooded with TCP connections. The second error crashes systems using Cisco's remote access authentication protocol, http://zdnet.com.com/2110-1105_2-5325170.html http://computerworld.com/securitytopics/security/holes/story/0,10801,95514,00.html - - - - - - - - - - SP2: To install or not to install After a series of delays, Microsoft has unveiled its security-minded update to Windows XP, known as Service Pack 2. But for some in the business world, the response is "not so fast," as the software giant moves to iron out some kinks. Various holes, flaws and compatibility concerns are topping the list of reasons not to put SP2 installation on the to-do list--at least not yet. http://news.com.com/Editors%27+Picks%3A+SP2%3A+To+install+or+not+to+install/2009-1025_3-5322562.html - - - - - - - - - - Will New Security Fears Drag E-Commerce Down? Most identity-theft crimes occur when employees steal records from employers, not when consumers type credit-card numbers on a secure Web site. That is why this type of crime is just as likely to affect victims who never shop online as those who do. It sounds like an update of an old Aborigine tale. In the original, a person's soul is stolen by the flash of a camera; in the adaptation, one's identity is captured by a flicker of computer wizardry. http://crm-daily.newsfactor.com/story.xhtml?story_title=Will-New-Security-Fears-Drag-E-Commerce-Down-&story_id=26573 - - - - - - - - - - Security worries back to 2001 levels The severity and number of exploits and vulnerabilities in computer systems are causing greater concern for IT directors. In the wake of a report by outsourcing company Synstar, concerns over security are back to 2001 levels with nearly 90% of respondents more concerned about flaws and attacks than other IT issues. Fran Howarth, practice leader of security at Bloor Research said there were many reasons behind the finding, most prominent of those were the ever-increasing number and complexity of exploits and flaws being unearthed. http://www.scmagazine.com/news/index.cfm?fuseaction=newsDetails&newsUID=d178206e-5106-46f1-a96c-7e1906a6c30b&newsType=Latest - - - - - - - - - - Special handling for critical information COMMENTARY--On a daily basis, managers retrieve and manipulate vast amounts of enterprise information, which is protected using standard enterprise security technologies, such as the perimeter security infrastructure, authentication mechanisms and access control systems. However, a small part of this information is considered to be absolutely critical. http://zdnet.com.com/2100-1107-5323924.html - - - - - - - - - - A checklist for buying a security event management system To better protect themselves against the proliferation and wide range of network security threats, organizations are building more complex, device-laden security networks. Today's network attacks are becoming more sophisticated, and it's increasingly difficult to distinguish actual attacks from normal traffic. Best practices dictate that event logs should be periodically reviewed in-depth, looking for anomalous events indicative of an attack or compromise, rather than waiting for it to become apparent in a catastrophic system failure. http://computerworld.com/softwaretopics/software/story/0,10801,95465,00.html - - - - - - - - - - TSA unveils new passenger prescreening program The Transportation Security Administration today took the wraps off the Secure Flight passenger prescreening program, which it seeks to build as a replacement for the Computer Assisted Passenger Prescreening Program that airlines use to keep suspect travelers off planes. Secure Flight follows hard on the heels of the agencys defunct CAPPS II program, and TSA took pains to distinguish the new program from its discredited predecessor. http://www.gcn.com/vol1_no1/daily-updates/27077-1.html http://computerworld.com/securitytopics/security/story/0,10801,95493,00.html *********************************************************** Search the NewsBits.net Archive at: http://www.newsbits.net/search.html *********************************************************** The source material may be copyrighted and all rights are retained by the original author/publisher. The information is provided to you for non-profit research and educational purposes. Reproduction of this text is encouraged; however copies may not be sold, and NewsBits (www.newsbits.net) should be cited as the source of the information. Copyright 2000-2004, NewsBits.net, Campbell, CA.