NewsBits for December 1, 2004 ************************************************************ Police cuff 28 in PS10m counterfeit haul Scottish police have arrested 28 in a five-day operation which netted an estimated PS10m in counterfeit goods. The dragnet has been hailed as the most successful in Scottish history. - - - - - - - - - - Former Bush campaign official indicted A former Republican Party bigwig in New England has been indicted on charges of orchestrating a low-tech version of a denial-of-service attack. Internet DoS attacks, which overload a Web site's servers and cause them to be temporarily inaccessible, have targeted everything from to the SCO Group and eBay. - - - - - - - - - - Police question man over Slammer worm Czech police have questioned a former member of the 29A virus writers club over the Internet worm Slammer. According to Czech tech security Web site, police interviewed 22 year-old "Benny" who lives in Brno and confiscated computers from his home on Thursday. - - - - - - - - - - Hackers knobble Lycos anti-spam plan Lycos vigilante attack on spammers has been hit by a vigilante attack. Spammers are suspected. Lycos was offering a screensaver which, once downloaded, would launch a Distributed Denial of Service attack against spam websites. A DDS attack makes constant requests to a specific part of a website until it gets overloaded and falls over. Such attacks are illegal in most countries. Lycos Europe denies attack on zombie army - - - - - - - - - - Abbey named in security breach A number of credit card providers, including high-street bank Abbey, have had to issue a credit-card recall after Visa warned that details of associated accounts may have been compromised. The security scare came to light when the card merchant notified the card providers whose customers were affected. - - - - - - - - - - Ohio legislation would send spammers to jail Ohio legislators on Tuesday sent an antispam bill to Gov. Bob Taft, with the aim of joining other states that have laws that put spammers behind bars. The bill, first introduced in January and already approved by the state Senate, on Tuesday overwhelmingly passed the Ohio House of Representatives, said an aide to Rep. Kathleen Walcher, who co-sponsored the bill. - - - - - - - - - - P&G privacy plan tackles data laws Consumer products giant Procter & Gamble (P&G) plans to introduce privacy monitoring software worldwide to deal with varying information laws. The manufacturer of products such as Pampers, Olay and Sunny D, has installed the online monitoring tools in the US, and plans to introduce similar software in the UK, Europe and rest of the world shortly. - - - - - - - - - - Payday lenders use Internet to avoid law Short-term "payday" lenders are increasingly using the Internet to circumvent state laws, charging annual interest rates as high as 780% and automatically debiting late fees and other charges from customer bank accounts, according to a new study. The study released Tuesday by the Consumer Federation of America shows a spike in abuses among payday lenders that have moved their operations online. - - - - - - - - - - Two thirds of all PCs infected with spyware The global spyware plague has reached epidemic proportions, with the cost to global PC users set to rocket by 2,400 per cent over the next four years. According to newly published research from IDC, the need to identify and eradicate these parasitic programs will drive anti-spyware software revenues from $12m in 2003 to $305m in 2008. - - - - - - - - - - Report: Cost of phishing not so high Monetary losses from "phishing" fraud may not be as high as some analysts have estimated, a financial consultancy firm is contending. In a report released Wednesday, TowerGroup said phishing attacks this year will account for less than $150 million in consumer losses worldwide. The finding puts TowerGroup at odds with other researchers, who have put damages as high as $500 million. - - - - - - - - - - Microsoft releases Internet Explorer fix Microsoft published a patch for Internet Explorer on Wednesday, aiming to close a month-old hole that has been used by viruses to spread and by an ad banner attack to compromise PCs. The vulnerability, dubbed the Internet Explorer Elements flaw by Microsoft, had previously been called the iFrame vulnerability. The issue--which does not affect Microsoft's major Windows XP security update, Service Pack 2--could allow an attacker to take control of a victim's PC, if the user is logged on as an administrator. Most home users tend to log onto Windows as administrators. New browser sniffs out phishy sites - - - - - - - - - - Virus top 10: Sober makes an unwelcome return After a few months of relative calm from malware writers, two new viruses have broken into the top 10 of malware infections for last month - although they have yet to topple Netsky from the top spot. Netsky.P retained the number one position, where it has been for two months, vying for the number one position with Zafi.B, first released in June. While Netksy.P is still the most reported virus for the month of November, according to antivirus firm Sophos, with just over 24 per cent of reported infections.,3800003100,39126223,00.htm - - - - - - - - - - Deputy geek, reporting for duty British IT professionals could soon be asked to volunteer their services to police the Internet. The European Information Society Group (EURIM) is calling on the U.K. government to recruit information technology workers as special constables, or volunteers who work with police officers. "I think we should be using special constables," said Brian White, chairman of EURIM. "IT managers could be given special powers. If they were trained in evidence gathering, they crime scenes and give records to court, for example.",39020330,39175660,00.htm - - - - - - - - - - The battle against cyberterror The arsenal of modern weapons that terrorists might someday use to disrupt power grids, gas lines and other parts of the nation's critical infrastructure includes conventional weapons as well as bits and bytes -- in other words cyberterror attacks. The cyberthreat to the electricity we use and the water we drink is real, experts say, but there's no need to panic -- at least not yet.,10801,97953,00.html Tenet warns of terrorists combining physical, telecommunications attacks - - - - - - - - - - Spam fight to hinge on consumers As technology executives hunker down for a prolonged battle against spammers and virus writers, they caution that their products can only go so far to protect consumers against the proliferation of "phishing" scams and virus- spreading e-mails. Instead, they say, some of the responsibility for spam prevention is on the shoulders of Internet users. - - - - - - - - - - Safer Web browsing Despite the overwhelming use of Web browsers in the workplace, many organizations don't regulate or properly secure outbound access to public Web sites. Browsing a favorite Web site during lunch isn't often considered a significant threat to corporate security.,10801,97662,00.html Cyber crime: Everyone is self responsible - - - - - - - - - - HP touts software to slow computer worms Engineers at Hewlett-Packard are working on "virus-throttling" software that they say could slow the spread of Internet-borne viruses and worms. Researchers for the Palo Alto, Calif.-based computer giant said Tuesday that the new software wouldn't destroy threats such as the "Blaster" worm, which crippled more than a million computers last summer. - - - - - - - - - - Thales secures broadband access for government Thales has launched a hardware-based encryption device for broadband connections. The new IP version of its SafeDial+ encryptor PC card is certified by GCHQ to protect information up to the CONFIDENTIAL level. It will enable UK government employees to use broadband out of the office to access sensitive information. - - - - - - - - - - Patch Management: No more "patch and pray" An unpatched Windows PC connected to the Internet will last for only an average of 20 minutes before it's compromised by malware, according to The SANS Institute's Internet Storm Center. That startling fact underscores the importance of patches. But successful patch management is more than just plugging holes and hoping for the best. It's a continual and systematic process.,10801,97957,00.html - - - - - - - - - - 'Dial 9' email (still) a hoax, says watchdog Net users are being urged to bin an email doing the rounds (yet again) warning them of a premium- rate phone scam. Telephone watchdog, ICSTIS, says its received dozens of calls in the last few days from people concerned that they could be ripped off if they fall for the con. - - - - - - - - - - Phishers target the network Each week asks a different expert to give their views on recent virus and security issues, with advice, warnings and information on the latest threats. This week Mark Murtagh, technical director at Websense, warns of the dangers to company networks when employees fall victim to phishing scams. - - - - - - - - - - Populace asked: Do you like ID cards? David Blunkett has written to around half a million British voters, canvassing their opinions on the introduction of a national identity card . Well, sort of. He's certainly written to the voters, but we're not sure he's actually trying to find out what people think. It looks more like another attempt to get some nice stats to back up his claims that the majority of the population supports the introduction of an identity document. Home Office defends ID card plans (again) Talks consider use of ID cards for business - - - - - - - - - - Retired cops to monitor surveillance cameras Retired officers will monitor 50 new Chicago Police Department surveillance cameras equipped with listening devices that can detect the sound of gunfire and help pinpoint its location, officials announced Tuesday. The former officers will work at the city's 911 center and monitor images from the cameras and data on gunshot location. Police response will be dispatched from the center, said First Deputy Supt. Dana Starks.,1,1472569.story - - - - - - - - - - Mass. boasts first electronic fingerprinting for gun licensing With a quick electronic scan of a fingerprint, gun shop owners in Massachusetts will know immediately if a customer is eligible to buy a weapon, using a system that officials say is the first of its kind in the nation. *********************************************************** Search the Archive at: *********************************************************** The source material may be copyrighted and all rights are retained by the original author/publisher. The information is provided to you for non-profit research and educational purposes. Reproduction of this text is encouraged; however copies may not be sold, and NewsBits ( should be cited as the source of the information. Copyright 2000-2004,, Campbell, CA.