NewsBits for December 9, 2004 ************************************************************ Chinese cybercops 'nailing virus writers' A Chinese police force that is dedicated to fighting virus writers is getting results, according to Russian antivirus company Kaspersky Labs. The Chinese antivirus police team will visit the Kaspersky Labs offices in Moscow next week to discuss virus development.,39020369,39180202,00.htm Antivirus firm says organized crime growing online Almost all of the malicious software circulating the Internet is written by organized criminals looking for financial gain, and the problem is set to get worse, Kaspersky Labs is warning. The Russian antivirus company said Thursday that criminals are behind 90 percent of malicious code, leaving teenagers and script kiddies responsible for only a small fraction of the rest. Malware authors mixing a lethal cocktail,39020375,39180203,00.htm - - - - - - - - - - Federal Trial Set In Child Porn Case A Gore man accused of creating an Internet child pornography group and distributing sexual images of three children now has a federal trial date. Samuel Lewis Baker Jr., 28, of 275 Fletcher Road, will stand trial for the alleged crimes on Jan. 24 in U.S. District Court for the Western District of Virginia in Harrisonburg. - - - - - - - - - - Playgirl virus attacks Chechen rebel sites An email virus that poses as pictures of a nude glamour model actually contains malicious code designed to launch denial-of-service attacks on websites run by Chechen separatists. The Maslan-C worm spreads via email with the subject line '123' and an attached file called 'Playgirls2.exe'. It also spreads across network shares. Running the infected attachment further spreads the email worm as well as turning infected PCs into participants in a distributed denial-of-service attacks. - - - - - - - - - - The strange death of the mass mailing virus Mass mailing viruses will go the way of macro viruses and become much rarer next year. Viruses such as Sober and MyDoom are simply not as effective as they used to be, Kevin Hogan, a Symantec Europe manager, notes. "People know it's risky to double click on viruses. For virus writers there's no technical kudos. - - - - - - - - - - Vulnerability allows scammers to hijack pop-ups Security researchers warned this week of a vulnerability in most Web browsers that could allow scammers to launch phishing attacks from pop-up windows on trusted Web sites.,10801,98141,00.html - - - - - - - - - - Multi-platform phishing exploit uncovered A function built into all major browsers could be co-opted by attackers to fool Web site visitors into surrendering sensitive information, a security firm warned on Wednesday.,39020369,39179938,00.htm Digital PhishNet launched to combat phishing scams,10801,98153,00.html Probably the simplest phishing trick in the world Ex-U.S. cyber security chief sees curb on phishing - - - - - - - - - - Bills to Thwart Piracy Falter In a blow to Hollywood and the major record companies, Congress adjourned for the year Wednesday without beefing up penalties for movie bootlegging and online piracy. Lawmakers had seemed ready earlier in the year to grant the entertainment industry several items on its wish list, including measures that would make it easier to prosecute people who record films in theaters or share songs or movies online before their official release. (LA Times story, free registration required),1,7963250.story - - - - - - - - - - New bill targets some peeping-Toms Camera phones may make great Christmas gifts, but people better not use them for peeping-Tom photos on federal property. In one of its last moves of the year, Congress passed a bill that would levy heavy fines and prison time for anyone who sneaks photos or videos of people in various stages of undress, a problem lawmakers and activists called the new frontier of stalking. - - - - - - - - - - Tech groups praise parts of intelligence bill Technology trade groups cheered parts of a comprehensive intelligence reform bill that passed the U.S. Congress yesterday, including a provision that could speed up the federal government's security clearance process for IT vendors and contractors. But the bill, passed by the U.S. House of Representatives on Tuesday and by the Senate yesterday, was stripped of language that would have elevated the lead cybersecurity position at the U.S. Department of Homeland Security from a director-level position to an assistant secretary.,10801,98154,00.html The American way of spying gets a makeover Security amendment approved US, UK work on anti-terror R&D Congress passes E911 bill - - - - - - - - - - EU Telecoms Council Promotes Safer Internet Use Safer Internet Plus, the four-year program proposed by the European Commission in March, will have a budget of $60 million to combat illegal and harmful Web content. Its focus is on end users: parents, educators and children. - - - - - - - - - - School's out to shun IE In a notice sent to students on Wednesday, Pennsylvania State University's Information Technology Services department recommended that students download other browsers to reduce attacks through vulnerabilities in the Microsoft software. - - - - - - - - - - E-commerce hit hard by fear of fraud Two thirds of UK consumers questioned in a recent study do not buy products online for fear of credit card fraud. The research found that, although 53 per cent of homes have an internet connection, 66 per cent of users refused to book holidays online, for example, preferring to visit a travel agent personally. - - - - - - - - - - Carders by Phone Credit cards number thieves phone the victims and feign Visa staff and ask to specify information on the credit card with the alleged purpose of checking doubtful transaction. At that, fraudsters do not ask confidential data (PIN-code or number of account) this would alert most victimized card holders. As is known, fraudsters ask CVV-codes at the bottom of credit card. It turned out few of cardholders knew that these codes are often used for approving on-line transactions. - - - - - - - - - - RSS: Show Me the Money Lately there has been a lot of discussion on the net about how to make money off RSS, which, depending on whom you ask, stands for Really Simple Syndication or Rich Site Summary, but which many publishers and bloggers hope will turn into a Really Sweet (revenue) Stream.,1284,65971,00.html - - - - - - - - - - Password imperfect People tend to choose easy-to-remember passwords--which means they're easy to crack. Even complex passwords can be stolen. They've moved from a security measure to a security risk, says Microsoft Chair Bill Gates, who for the past year has been publicly urging customers to stop relying on passwords. - - - - - - - - - - The pros and cons of MSSPs Part 1: 10 reasons to outsource security. More companies are outsourcing part of their security infrastructure, including firewalls, intrusion- detection systems and virtual private networks, to managed security service providers (MSSP). There are many reasons why outsourcing may be a cheaper and better way to go. Note that I said "may be" because everything depends on your requirements.,,98093,00.html - - - - - - - - - - Who says safe computing is a pipe dream? Commentary--I am regularly asked what average Internet users can do to ensure their security. My first answer is usually, "Nothing--you're screwed." But that's not true, and the reality is more complicated. You're screwed if you do nothing to protect yourself, but there are many things you can do to increase your security on the Internet. - - - - - - - - - - TSA widens test of biometric IDs The U.S. government is spending $20 million this fiscal year to road test a universal secure identity card loaded with biometric and personal data and tied to government "watch lists." Though the program is aimed at simplifying the security checks that airport personnel and other transportation workers must go through, privacy experts are warning of unintended consequences. - - - - - - - - - - Marine Corps deploys Fallujah biometric ID scheme US forces in Iraq are attempting to tame Fallujah with biometric ID, according to an NBC news report broadcast last week. The returning population of up to 250,000, reporter Peter Engel said on Tom Brokaw's last Nightly News, is to be allowed back in gradually, a few thousand at a time. "They'll be finger printed, given a retina scan and then an ID card, which will only allow them to travel around their homes or to nearby aid centers, which are now being built. - - - - - - - - - - Indiana school cameras reach police, firefighters Video cameras placed throughout the public schools in Merillville, Indiana will soon be linked directly to the town's police and fire dispatch center, providing streaming video during emergencies. - - - - - - - - - - GPS used to track teens' driving Retired Gen. Tommy Franks has signed on to be the spokesman for a company that uses global positioning system technology in teens' cell phones to let parents know how fast they're driving. The Teen Arrive Alive service lets parents view information on their teen's trips via the Web or their cell phones. Courtesy Franks will be the official face of Teen Arrive Alive. *********************************************************** Search the Archive at: *********************************************************** The source material may be copyrighted and all rights are retained by the original author/publisher. The information is provided to you for non-profit research and educational purposes. Reproduction of this text is encouraged; however copies may not be sold, and NewsBits ( should be cited as the source of the information. Copyright 2000-2004,, Campbell, CA.