NewsBits for February 23, 2005 ************************************************************ FBI Issues Warning About Computer Virus The FBI warned Tuesday that a computer virus is being spread through unsolicited e-mails that purport to come from the FBI. The e-mails appear to come from an address. They tell recipients that they have accessed illegal Web sites and that their Internet use has been monitored by the FBI's "Internet Fraud Complaint Center," the FBI said.,10801,99957,00.html Spate of fake e-mails spook gov't agencies - - - - - - - - - - Payroll site closes on security worries Online payroll service provider PayMaxx shuttered its automated W-2 site on Wednesday after a researcher claimed that two security holes had exposed data on more than 25,000 people. A description of the problem posted on Think Computer's Web site by Aaron Greenspan, president of the software start-up, said the security issues could allow anyone to view the W-2 forms generated for employees of PayMaxx's clients for the last five years. - - - - - - - - - - ChoicePoint hit with ID theft lawsuit A California woman has sued ChoicePoint for fraud and negligence after criminals gained access to a database of personal records compiled by the company. The suit, which seeks class-action status, was filed Friday in Los Angeles Superior Court and claims that for at least five months, the company failed to adequately protect people's financial records and confidential information. ChoicePoint's error sparks talk of ID theft law The company reportedly has data on virtually every adult in the U.S. The revelation last week that data collector ChoicePoint Inc. has mistakenly given private information on up to 145,000 U.S. residents to identity thieves has led to renewed calls in Washington for a national data privacy law.,10801,99977,00.html ChoicePoint Victims Have Work Ahead A few days ago, most people probably had not heard of data-collection warehouse ChoicePoint Inc., let alone knew that the firm sold personal information to companies about potential customers, tenants or employees. Today, though, many consumers may be wondering whether their personal and financial data were included in 145,000 reports the company inadvertently sold to criminals involved in an identity theft scheme. - - - - - - - - - - Paris Hilton worm spreads An e-mail worm promising explicit pictures of hotel heiress Paris Hilton is spreading widely, antivirus experts warned on Wednesday. The mass-mailing worm, Sober.K, is currently the third most commonly encountered virus, making up 10 percent of all viruses detected in the last 24 hours, Sophos reported. "This latest variant of the Sober worm may catch out the unwary as they open their e-mail in-box," said Graham Cluley, senior technology consultant at Sophos. - - - - - - - - - - Spyware infiltrates blogs Hackers are using blogs to infect computers with spyware, exposing serious security flaws in self- publishing tools used by millions of people on the Web. The problem involves the use of JavaScript and ActiveX, two common methods used to launch programs on a Web page. Security experts said malicious programmers can use JavaScript and ActiveX to automatically deliver spyware from a blog to people who visit the site with a vulnerable Web browser. - - - - - - - - - - New 0871 rogue dialler scam spotted Operators of rogue dialler services that rack up large bills for unwary net users are changing the way they rip off consumers. Instead of using premium rate numbers that charge up to PS1.50 a minute to defraud innocent punters, they're now turning to international numbers to ring up profits and dodge detection. - - - - - - - - - - Spammers Seeking Out Instant Messengers, Survey Shows Seventeen million Americans who use services like America Online's Instant Messenger and Microsoft's MSN Messenger have received unsolicited commercial messages through the services at least once, according to a survey released today by the Pew Internet & American Life Project. That amounts to one third of the 52 million adults who use the Internet communications software, according to Pew Internet Executive Director Lee Rainie. - - - - - - - - - - Singapore unveils cybersecurity Masterplan The Singaporean government unveiled a S$38m (PS12.3 million) initiative on Tuesday to build a secure ICT environment to better withstand attacks in cyberspace. Dubbed the Infocomm Security Masterplan, the programme will focus on developing the manpower capabilities to manage the increasing number of online threats and establishing an early-warning system for cyberattacks.,39020375,39188947,00.htm - - - - - - - - - - Cyber security boot camp' approved by ROTC A cyber security boot camp course here was approved as professional development training for Air Force ROTC. The advanced course in engineering is one of 10 such programs in the country to carry this designation, and the only program with a formal academic component, officials said. It is associated with Syracuse University. - - - - - - - - - - Lawmaker wants to prevent cyberbullying Stephanie Gallardo doesn't spend much time on the computer since someone hijacked her instant- message screen name and sent out mean messages. "The person was pretending it was me, and using it to call people names," the 14-year-old Seattle student said. "I never found out who it was." - - - - - - - - - - Court Debates Anti-Piracy TV Technology A U.S. appeals panel on Tuesday challenged new federal rules requiring certain video devices to have technology to prevent copying digital television programs and distributing them over the Internet. U.S. Circuit Judge Harry T. Edwards told the Federal Communications Commission it "crossed the line" requiring the new anti-piracy technology in next-generation television devices. But another appeals judge on the panel questioned whether consumers can challenge the FCC's rules in the courtroom. - - - - - - - - - - Fighting computer crooks the Las Vegas way RSA 2005 Computing techniques used to identify cheaters in Las Vegas are being applied to wider computer security and fraud detection problems. SRD, a Las Vegas software developer which was acquired by IBM last month, is taking its identity resolution software from the gaming tables into corporate boardrooms. - - - - - - - - - - DHS names privacy committee The Homeland Security Department (DHS) announced the appointments of 20 members to the Data Privacy and Integrity Advisory Committee that will advise the department's secretary and chief privacy officer on issues that affect privacy, data integrity, and data interoperability. Adware maker joins federal privacy board The Department of Homeland Security has named Claria, an adware maker that online publishers once dubbed a "parasite," to a federal privacy advisory board. An executive from Claria, formerly called Gator, will be one of 20 members of the committee, the department said Wednesday. - - - - - - - - - - Companies demand IT security assurances More than half of UK organisations are now required by their customers or suppliers to provide formal assurances on IT security, according to exclusive Computing research. And 49 per cent of the survey respondents say they actively promote the strengths of their IT security to build relationships with clients. Compliance 'alphabet soup' will broaden role of security experts - - - - - - - - - - Finding a replacement for passwords As online scams get more sophisticated, passwords are becoming hopelessly outmoded-- as passe as floppy disks. Yet many businesses and nearly all consumers still rely on passwords as the primary means of verifying who they say they are. At last week's RSA security conference, Microsoft Chairman Bill Gates sounded once again his well-worn call for an end to passwords, while on the show floor, companies touted gadgets to help verify identity. - - - - - - - - - - Administration readies new ID standard for employees The Bush administration is on the verge of releasing new standards for federal smart cards and employee credentialing systems, officials said Wednesday. Commerce Department Secretary Carlos Gutierrez is expected to approve the new standards, which apply to federal employees and contractors, this Friday. - - - - - - - - - - U.K. store expands RFID trial U.K. retailer Marks & Spencer PLC (M&S) will extend its ongoing trial of radio frequency identification (RFID) technology for the management of its clothing stock from nine of its stores to 53 in the second quarter of next year. "The feedback so far from our staff has been very positive in that the RFID tags have clearly improved our stock-taking process. What takes up to eight hours a week to do manually can be done with RFID tags in about an hour," M&S spokeswoman Olivia Ross said today. "Plus the staff have said that they find the technology easy to use -- simply waving a scanner over a rack of clothes.",10801,99979,00.html - - - - - - - - - - Changing the Notification Process Developers have the opportunity to offer better vendor security procedures and notifications in an open-source world. Apple bundles open-source, Sun Solaris is becoming open-source, Novell bought into open-source, and BSD has always been open- source. In the Unix and Unix-like world, it seems that open-source is everywhere. If Unix and open- source continue to converge, Unix security and open-source security become harder to differentiate. - - - - - - - - - - Bloggers rally for jailed Iranians An online protest Tuesday of Iran's crackdown against bloggers made an impact--even on Iranian officials. So says a leader of the Committee to Protect Bloggers, the group that organized the effort to decry the jailings of Iranian bloggers Arash Sigarchi and Mojtaba Saminejad. *********************************************************** Search the Archive at: *********************************************************** The source material may be copyrighted and all rights are retained by the original author/publisher. The information is provided to you for non-profit research and educational purposes. Reproduction of this text is encouraged; however copies may not be sold, and NewsBits ( should be cited as the source of the information. Copyright 2000-2005,, Campbell, CA.