NewsBits for February 10, 2005 ************************************************************ Phishing season opens in Japan; 8 lose total of 1.5M Japan may be the next happy hunting ground for online swindlers employing sophisticated cyber- tricks to steal personal information for forging credit and cash cards, police and financial institutions warn. Eight customers of UFJ Card Co. lost a total of 1.5 million yen to swindlers using forged cards to make illegal withdrawals, the company reported Monday. In a new twist, the cash was not withdrawn in Japan, but through cash dispensers in Romania. Scammers build 'sucker lists' of victims - - - - - - - - - - Vigilantes launch attack on scam sites The 419 Flash Mob, supported by Artists Against 419, has declared war on criminals who host fake bank Web sites in the hope of luring victims to deposit money there. The attacks began Wednesday. According to Artists Against 419's Web site, "This flash mob is in celebration of Chinese New Year...Our aim is to shut down eight fake bank web sites in less than 48 hours!" - - - - - - - - - - Flaw in mail-list software leaks passwords A previously unknown vulnerability in Mailman, a popular open-source program for managing mailing lists, has led to the theft of the password file for a well-known security discussion group. The theft, discovered this week and reported in an announcement to the Full Disclosure security mailing list on Wednesday, casts uncertainty on the security of other discussion groups that use the open- source Mailman package. - - - - - - - - - - Microsoft probes anti-spyware Trojan threat Microsoft is investigating reports of a Trojan which attempts to disable its AntiSpyware beta product. The Troj/BankAsh-A Trojan, discovered yesterday, is designed to steal passwords and online banking details. - - - - - - - - - - Symantec flaw putting users at risk A vulnerability in one of Symantec's antivirus libraries has put users of a much of the company's software at risk of attack. Symantec has issued a patch for a flaw in its scanning software that could cause a virus to execute, rather than catch it.,39020375,39187413,00.htm - - - - - - - - - - Gartner urges caution before downloading Firefox Companies should think twice before jumping on the Firefox bandwagon, according to research firm Gartner Inc. The open-source browser has been gaining market share steadily over the past few months, helped by industry support and user enthusiasm, but Firefox isn't the unstoppable juggernaut it might seem.,10801,99685,00.html - - - - - - - - - - Court: Hollywood gets P2P giant's server logs A Dallas federal court has ordered file-swapping site to shut down and provide Hollywood lawyers with access to its full server logs, including data that could expose hundreds of thousands of people to copyright lawsuits. - - - - - - - - - - Microsoft, Pfizer Join to Battle Online Drugstores Politics, it seems, is not the only thing that spawns unusual couples. E-mail spam is having a similar effect. Yesterday, corporate giants Microsoft Corp. and Pfizer Inc. filed a total of 17 lawsuits in courts in New York and Washington state targeting various alleged spammers and Web- site operators that peddle fraudulent versions of drugs, particularly the sexual-performance drug Viagra. - - - - - - - - - - Tech execs ask Bush for cybersecurity commission Technology executives from the largest U.S. software companies have called on President Bush to create a high-level commission to address cybercrime and identity theft. During a meeting with administration officials Thursday, chief technology officers from more than a dozen companies said the threat of malicious Internet incidents has become so great that a high-profile governmental response is necessary. - - - - - - - - - - Cyberterror threats dismissed Experts have been queuing up to dismiss the latest calls for a crackdown on cyberterror, dismissing the term as marketing speak, hyperbole, or in one case simply 'barmy' A controversial UK security vendor is calling for the creation of a World Security Organisation (WSO) to crack down on 'cyberterror' as well as real world threats by air, land, sea and space.,39020375,39187414,00.htm,39024677,39127738,00.htm - - - - - - - - - - Privacy-Assurance Seal Yanked Off Web Site TRUSTe, the business community's guarantor of Internet privacy, abruptly ended on Wednesday its relationship with the company operating and other Web sites, alleging unspecified violations of privacy promises to consumers. TRUSTe said Gratis Internet LLC of Washington no longer could display on any of its Internet properties the industry's broadly recognized seal intended to assure consumers that a Web site complies with privacy-protection guidelines. - - - - - - - - - - UK manufacturers drowning in spam The UK manufacturing sector is being particularly severely hit by the rising global tide of unsolicited spam emails, research has claimed. According to figures released by managed email firm MessageLabs, more than four out of every five emails received by manufacturing firms over the past year were spam. Users choke on mobile spam - - - - - - - - - - Hand scan could limit kids' Net access Future PCs may bar children from Internet sites by using an ultrasound device to gauge their from a hand bone. The technology, known as Age-Group Recognition (AGR), is the brainchild of Israeli company i-Mature. The company has teamed with security technology firm RSA to develop the technology for the consumer PC market. - - - - - - - - - - School RFID Plan Gets an F Parents of elementary and middle school students in a small California town are protesting a tracking program their school recently launched, which requires students to wear identification badges embedded with radio frequency, or RFID, chips. School superintendents struck a deal with a local maker of the technology last year to test the system to track attendance and weed out trespassers.,1848,66554,00.html - - - - - - - - - - Application security testing in black and white In today's business environment, companies large and small are looking for ways to secure the applications they create. Most start by reviewing their internally developed software, but many don't realize that underlying operating systems and other third-party components must also be validated to ensure application security.,10801,99655,00.html - - - - - - - - - - BlackBerry maker gets NIST nod National Institute of Standards and Technology officials named Research in Motion, the Canadian maker of the wireless BlackBerry, as the recipient today of NIST's 500th cryptographic module certification. Since 1995, NIST-approved laboratories have tested and validated hundreds of cryptographic hardware and software modules. - - - - - - - - - - Shady Web of Affiliate Marketing The biggest annoyance on the internet is not the guy trying to sell you a knockoff watch or prescription painkillers, it's the marketing scheme that rewards spammers who drive customers to his site. Affiliate marketing, a system in which a business pays a commission to those who drive paying purchasers to its website, is responsible for much of the spam that clogs inboxes, search results contaminated with useless pages selling ring tones, and a never-ending barrage of pings and fake TrackBacks that have driven many bloggers to shut down comments on their sites.,1848,66556,00.html - - - - - - - - - - Engelbert Humperdinck a spy? Is Engelbert Humperdinck, the pop-singer icon once described in his liner notes as "kind of like James Bond, only with more chest hair," quietly exchanging e-mails with the super- secret National Security Agency? *********************************************************** Search the Archive at: *********************************************************** The source material may be copyrighted and all rights are retained by the original author/publisher. The information is provided to you for non-profit research and educational purposes. Reproduction of this text is encouraged; however copies may not be sold, and NewsBits ( should be cited as the source of the information. Copyright 2000-2005,, Campbell, CA.